Solved: can you add this command ip

Navindar Singh · ‎04-29-2015

Hello Guys,

I am configuring a cisco 4507 catalyst switch and have managed to create a few vlans for testing and i also have connectivity between the vlans and also the access switches. I have internet on the cisco 4507 and am able to ping outside too, but when i connect to a particular vlan, i am able to ping the vlan gateway and also all other vlans but i do not get internet. Hope someone can assist me in this. Attached is the configs.

Regards.

Navin

Andre Neethling · ‎05-04-2015

Hi. Your router does not have a route back to your plans. Add the following route to your router.

ip route 10.0.0.0 255.255.0.0 10.2.5.55

Or you can just enable EIGRP to share routes between your router and core switch by adding the following to your router

router eigrp 1
network 10.2.5.1 0.0.0.255

no auto-summary

and also add no auto-summary to your core switch.

View solution in original post

Charles Hill · ‎04-29-2015

Where are the configs...

Navindar Singh · ‎04-29-2015

Hello charles, thanks for your response, i have uploaded the configs.

Navindar Singh · ‎04-29-2015

sorry for the confusion, attached is the config

eng.taher_gabr · ‎04-29-2015

HI Navin ,

kindly can you make tracert 8.8.8.8 from the host and send the results !!!!!

Navindar Singh · ‎04-30-2015

tracert just falls at the gateway of the vlan. What i assume is that we need natting to be done, so i put a router in the middle and connected it to the core switch. I am getting internet on the core switch but still not on the vlans. Attached is the internet router configs and the tracert results.

mfurnival · ‎04-30-2015

What we really need is some detail of what is next up in the chain (i.e. your internet gateway). It may well be that gateway device does not have a route back to your separate VLANs..

Andre Neethling · ‎04-30-2015

Good day. Where are you doing NAT for the network? And what type of device is it?

Navindar Singh · ‎04-30-2015

Hello Andre thanks for your response. I have connected a internet router before the switch and i assume i need to do some natting on it to get internet to all vlans. Attached is the router config, hope you can assist. The internet router is a cisco 1841.

Andre Neethling · ‎04-30-2015

Hi. You need to add all your VLAN subnets to the NAT acl. Permit any will not work. what are you vlan subnets. You could add the entire 10.x.x.x to your NAT acl. I see you are using the 10 private subnet range. You could try access-list 1 permit 10.0.0.0 0.255.255.255

mfurnival · ‎05-01-2015

You also need to sort out your routing between the core and the router. From what you have posted regarding your router config it has no way of learning the subnets that sit on the core switch. So even if traffic from the core reaches the gateway the return traffic would be dropped because the router does not know where to send it.

Is the core connected directly to this router? Your LAN interface on the router is 10.2.5.1 and the core switch has no interface in this subnet.

Navindar Singh · ‎05-03-2015

Thank your for your response, yes the core is connected directly to the router. The core switch does have an interface on that subnet and it is working fine.

interface GigabitEthernet5/48
no switchport
ip address 10.2.5.55 255.255.255.0

I have also added an access list on the router and still i cannot get internet on any vlans.

access-list 1 permit 10.0.0.0 0.255.255.255

Andre Neethling · ‎05-03-2015

Hi. Van you please post both current configs? What are you using for dhcp? What are your clients' default gateway?

Navindar Singh · ‎05-04-2015

Hi Andre, attached are the current configs of both the core switch and the router. I am not using the dhcp service yet, ips are manually assigned, dhcp will come later on. Clients default gateway is the ip of the interface vlan created.

eng.taher_gabr · ‎05-03-2015

can you add this command

ip nat pool ANYNAME X.X.X.X X.X.X.X prefix-length 30

And send us simple network diagram

thanks

No internet access on any VLAN on cisco 4507 switch