Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1448
Views
2
Helpful
10
Replies

L3 Switch/ Other_Vlans_cannot_acces_internet/ Vlan1_Can_Acces_Internet

pedrolobaton
Level 1
Level 1

‎11-26-2023 04:41 AM

I have a homerouter very basic, got from ISP. So no possible to config interfaces or vlans. I connect to it my sg250-08 L3 Cisco switch....and several clients connected to the switchports.

I ve created for now only one Vlan on the switch, Vlan 56 next to the default or native Vlan1. when all devices are part of Vlan1 they can acces internet. If I put them in Vlan 56 they re not able to acces internet. Also the switch cannot ping the Vlan56..

- Home (ISP) router:           192.168.1.1

- Switch (SG250-08 L3:     192.168.1.2

- Vlans: Vlan1 is default and I created Vlan 56

- Vlan interface 1 ip: 192.168.1.2

- Vlan interface 56 ip: 192.168.56.1

- ip routing is enable pointing to isp router 192.168.1.1

Why I cannot connect to internet from vlan 56 and why the switch cannot reach vlan 56?

Labels:
0 Helpful
10 Replies 10

MHM Cisco World
VIP
VIP

‎11-26-2023 04:47 AM

Trunk between sw and router 

config trunk and allow vlan1 and vlan 56' config subinterface in router for both vlan 1 and vlan 56

Access between sw and router 

Config access vlan 1 between sw abd router and config i interface in router for vlan1' and add static route in route toward vlan1 svi in sw for subnet of vlan 56

You also need to run

Ip routing 

In sw 

And config defualt route in sw toward router ip.

Finally both trunk and access you need to config NAT in router 

 

0 Helpful

pedrolobaton
Level 1
Level 1
In response to MHM Cisco World

‎11-26-2023 04:58 AM

Hi 

Hi MHM Cisco World,

Thanks for replaying I appreciate it.

However as I already mentioned the router is a basic one received from the ISP. So it has no such configuration options..There should be a workaround on the switch itself and in the domein of IP routing....I hope...So configurations of Vlans and interfaces is only possible on the switch.

 
 
 

 

MHM Cisco World
VIP
VIP
In response to pedrolobaton

‎11-26-2023 05:03 AM

If that case then

Sw-access vlan 1-router 

Config defualt route toward router ip

Config svi for any other vlan 

Nating from these vlan to vlan1 (hope this sw support nat).

That it.

For router it see all traffic come from vlan1 since sw nating other vlan to vlan 1 ip' and so you dont need any config on router.

MHM

Richard Burts
Hall of Fame
Hall of Fame
In response to MHM Cisco World

‎11-26-2023 05:50 AM

I believe that MHM has correctly identified the most important issue - the need for NAT. I would be extremely surprised if sg250 supports NAT.

HTH

Rick
0 Helpful

pedrolobaton
Level 1
Level 1
In response to Richard Burts

‎11-26-2023 06:09 AM

Hi Richard,

Thanks for your response. So are you suggesting that Vlan 56 cannot acces internet because SG250 doesn't support Network address translation? that can be the case, however, how do you explain that Vlan1 can acces internet?

0 Helpful

MHM Cisco World
VIP
VIP
In response to pedrolobaton

‎11-26-2023 06:15 AM

Router do nat from vlan 1 (since rputer connect to sw via vlan 1)to router-isp link' that why vlan 1 can access internet.

We need nat in sw to overriding routing issue' if we add any vlan in sw we need to make router know this new subnet and add it to rib and to nating toward isp' since you can not access router then add new vlan not work.

The only solution as I mention above.

If sw not support nat then sorry only vlan1 host can access internet.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to pedrolobaton

‎11-26-2023 02:33 PM

Yes I am suggesting that Vlan 56 cannot acces internet because SG250 doesn't support Network address translation. Pretty clearly the home router you got from ISP is doing NAT for 192.168.1.0. But not for 192.168.56.0. If you put your ports on SG250 into vlan 1 they would likely work.

In reading the discussion again I notice this "why the switch cannot reach vlan 56". That could very likely be contributing to the problem with access to the Internet. In configuring vlan 56 on the SG250 did you configure a vlan interface for vlan 56?

HTH

Rick
0 Helpful

pedrolobaton
Level 1
Level 1
In response to Richard Burts

‎11-26-2023 02:57 PM

Thanks for replay,

Yes I did configured an interface vlan as wel voor vlan 56 and assigned ip 192.168.56.1
I think the issue is indeed the NAT. I will check few options: or replace the homerouter for one more capable or install a software solution and run it on vmware to take the rol of NAT and dhcp...any suggestions or advice will be great!Please type your reply above this line -##

Sent from Outlook for Android<>
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to pedrolobaton

‎11-26-2023 09:02 PM

Thanks for confirming that there was a vlan interface for vlan 56 and that it did have an IP address. Not sure how much effort you want to put into investigating that aspect or whether we should focus on Internet access. If you can replace the homerouter for one more capable that would be the preferable solution.

HTH

Rick
0 Helpful

Richard Pidcock
Level 1
Level 1

‎11-26-2023 05:32 PM

I think in this scenario you are stuck to using VLAN 1.  Does your home router from the ISP have the ability to modify the LAN subnnet.  For example, could you change it from 192.168.1.0 to 192.168.56.0.  Is your desire to avoid the use of VLAN 1 completely, or just mainly trying to avoid the use of the default subnet of 192.168.1.0/24?  

Richard W. Pidcock
0 Helpful
Customers Also Viewed These Support Documents