Router On a Stick Troubleshooting

markringrose · ‎12-07-2013

I have configured a 2950 switch and a 1721 Router with 2 Windows 7 PCs in a Router on A Stick (ROAS) test.

The test that everything is working is if PC1 can ping PC2 and vice versa.

However, this does not work - the pings time out on both PCs. However, from each PC I can ping both its own default gateway IP on the router and the default gateway IP of the other PC. And from the Router I can ping each PC!

I really cannot figure out why this doesn't work - I set up an identical Packet Tracer test and it worked.

Apologies for the lengthy configuration below - maybe you can spot a problem? Thank you in advance.

----SET-UP-----

PC1 -> Switch Fa0/1, VLAN 20, IP 192.168.20.3/24, Def G/W IP 192.168.20.1

PC2 -> Switch Fa9/1, VLAN 10, IP 192.168.10.3/24, Def G/W IP 192.168.10.1

Router -> Switch Fa1/5

Router has sub-interfaces set up for each VLAN with encapsulation dot1q

Switch has trunk port set to allow VLAN 10 and 20

---SWITCH AND ROUTER CONFIGURATION-----

This is the detail from Switch running-config for the ports in question all other ports are inactive (its a 24-port switch)

!

interface FastEthernet0/1

switchport access vlan 20

switchport mode access

!

interface FastEthernet0/2

!

interface FastEthernet0/3

!

interface FastEthernet0/4

!

interface FastEthernet0/5

switchport trunk allowed vlan 10,20

switchport mode trunk

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

switchport access vlan 10

switchport mode access

!

This is the output from the Switch# sh vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/2, Fa0/4, Fa0/6, Fa0/7

Fa0/8, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

Gi0/1, Gi0/2

10 VLAN0010 active Fa0/9

20 VLAN0020 active Fa0/1, Fa0/3

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

Router# running-config

!

interface FastEthernet0

no ip address

speed auto

!

interface FastEthernet0.10

encapsulation dot1Q 10

ip address 192.168.10.1 255.255.255.0

!

interface FastEthernet0.20

encapsulation dot1Q 20

ip address 192.168.20.1 255.255.255.0

!

Router# sh ip route

R1#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C 192.168.10.0/24 is directly connected, FastEthernet0.10

C 192.168.20.0/24 is directly connected, FastEthernet0.20

glen.grant · ‎12-08-2013

To me it looks ok. You have to keep in mind that packettracer tends to be very buggy .

Sandeep Choudhary · ‎12-08-2013

HI Mark,

Here is the my config:

Create sub-interfaces, set 802.1Q trunking protocol and ip address on each sub-interface

Router(config)#interface f0/0

Router(config-if)#no shutdown

(Note: The main interface f0/0 doesn’t need an IP address but it must be turned on)

Router(config)#interface f0/0.10

Router(config-subif)#encapsulation dot1q 10

Router(config-subif)#ip address 192.168.10.1 255.255.255.0

Router(config-subif)#interface f0/0.20

Router(config-subif)#encapsulation dot11 20

Router(config-subif)#ip address 192.168.20.1 255.255.255.0

(Note: In the “encapsulation dot1q 10″ command, 10 is the VLAN ID this interface operates in)

Configure VLAN

Switch(config)#vlan 10

Switch(config-vlan)#name SALES

Switch(config-vlan)#vlan 20

Switch(config-vlan)#name TECH

Set ports to access mode & assign ports to VLAN

Switch(config)#interface range fa0/1

Switch(config-if)#no shutdown

Switch(config-if)# switchport mode access

Switch(config-if)# switchport access vlan 15

Switch(config-if)#interface range fa0/3

Switch(config-if)#no shutdown

Switch(config-if)#switchport mode access

Switch(config-if)# switchport access vlan 20

Switch(config-if)#interface range fa0/5

Switch(config-if)#no shutdown

Switch(config-if)#switchport mode trunk

-----------------------------------------------------------------------------

1. Please check all your port are up.

2. Check the config once again.

3. Make sure the swicth and router connection port configured as trunk and it should be up.

This config is working for me,

Regards

Dont forget to rate helpful posts.

mahmoodmkl · ‎12-08-2013

Hi
Can u add spanning-tree portfast under the switch ports where the pc are connected

Sent from Cisco Technical Support Android App

Drew Browning · ‎12-08-2013

Try this on the switch uplink interface

Switch(config)#interface fa0/5

Switch(config-if)#switchport trunk encapsulation dot1q

Switch(config-if)#switchport mode trunk

Switch(config-if)#no shut

cadet alain · ‎12-08-2013

Hi,

If you have tested many times it is not spanning-tree anymore because it should be in forwarding state now but configuring Portfast should be done anyway so that if you disconnect/reconnect a host you don't have to wait for the port to go into forwarding state anymore.

You should disable software firewall on both PCs and test again.

As long as you can ping the other vlan IP on the router from a machine in a specific vlan it means that inter vlan is working and that your machines have got the correct default gateways.

Regards.

Alain

Don't forget to rate helpful posts.

modlaminf · ‎11-26-2014

Had the same problem and Alain saved me. It was the firewall. Thanks

Ghodratsaify · ‎06-23-2015

Hi,

I have the same problem and I am using 3750 SW. Can the problem be with the 3750?

Why the firewall can be an issue?can you explain?