Re: Routing access from mixed IP ranges between VLANS

robertsouthgate · ‎01-24-2013

I have the following config using a Cisco 1921. I am trying to get devices on the the native VLAN to get internet access via the gateway x.x.x.73

Anything being routed from the other Vlans 15/20/30 can get access, but nothing from an internal IP address. Is there something I am missing.

The Xs replace the same 3 octets for each interface.

In addition to this, I am trying to route from VLANs 15/20/30 to see VLAN 5. I have tried a few things, in terms of adding extra ip routes, but can't get anything to work. Each of those Vlans have another router on the other side of them, which I have also tried adding ip routes too, but nothing. One of the routers (Vlan15 is a Draytek 2830).

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address x.x.x.74 255.255.255.252

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/1.1

encapsulation dot1Q 1 native

ip address 192.168.1.1 255.255.255.0

!

interface GigabitEthernet0/1.5

encapsulation dot1Q 5

ip address 192.168.5.1 255.255.255.0

!

interface GigabitEthernet0/1.10

encapsulation dot1Q 10

ip address 192.168.10.1 255.255.255.0

no ip redirects

no ip unreachables

!

interface GigabitEthernet0/1.15

encapsulation dot1Q 15

ip address x.x.x.149 255.255.255.252

no ip redirects

no ip unreachables

!

interface GigabitEthernet0/1.20

encapsulation dot1Q 20

ip address x.x.x.153 255.255.255.248

no ip redirects

no ip unreachables

!

interface GigabitEthernet0/1.30

encapsulation dot1Q 30

ip address x.x.x.169 255.255.255.248

no ip redirects

no ip unreachables

!

ip forward-protocol nd

!

ip route 0.0.0.0 0.0.0.0 x.x.x.73

!

cadet alain · ‎01-24-2013

Hi,

Anything being routed from the other Vlans 15/20/30 can get access, but nothing from an internal IP address. Is there something I am missing.

What do you mean by that ? you mean they can get to the Internet using this gateway but can't communicate with each other ?

In addition to this, I am trying to route from VLANs 15/20/30 to see VLAN 5. I have tried a few things, in terms of adding extra ip routes, but can't get anything to work

All these Vlans are directly connected and they should communicate with each other without any static routes.

Can you provide the output of show ip route.

Regards.

Alain

Don't forget to rate helpful posts.

robertsouthgate · ‎01-24-2013

Hi, Sorry I am not being very clear.

Here is the sh ip route output.

I am trying to gain internet access via the various internal Vlans (1 and 5). All Vlans (besides 10 which I will likely be removing) need access to 5.

The other Vlans 15/20/30 currently connect to 3 other routers (one of which is a Draytek). These all work correctly in that they can connect to the internet, but they also need to connect to Vlan 5, so I assume I need an IP route on those routers as well or should they be able to see Vlan 5 anyway?

edit: I can now see vlan5 going via the draytek router, so this is fine, but still unable to get internet access via either vlan 1 or 5.

S* 0.0.0.0/0 [1/0] via x.x.x.73

x.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

C x.x.x.72/30 is directly connected, GigabitEthernet0/0

L x.x.x.74/32 is directly connected, GigabitEthernet0/0

C x.x.x.148/30 is directly connected, GigabitEthernet0/1.15

L x.x.x.149/32 is directly connected, GigabitEthernet0/1.15

C x.x.x.152/29 is directly connected, GigabitEthernet0/1.20

L x.x.x.153/32 is directly connected, GigabitEthernet0/1.20

C x.x.x.168/29 is directly connected, GigabitEthernet0/1.30

L x.x.x.169/32 is directly connected, GigabitEthernet0/1.30

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.1.0/24 is directly connected, GigabitEthernet0/1.1

L 192.168.1.1/32 is directly connected, GigabitEthernet0/1.1

192.168.5.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.5.0/24 is directly connected, GigabitEthernet0/1.5

L 192.168.5.1/32 is directly connected, GigabitEthernet0/1.5

192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.10.0/24 is directly connected, GigabitEthernet0/1.10

L 192.168.10.1/32 is directly connected, GigabitEthernet0/1.10

Thanks for your help.

Message was edited by: Robert Southgate

cadet alain · ‎01-24-2013

Hi,

if vlan 15.20.30 are already connected to another router then you must not configure them on this one but you have to configure static routes for these vlans on this router:

ip route x.x.x.148 255.255.255.252 x.x.x.x where x.x.x.x is the IP address of the other router connected to 1921

ip route x.x.x152 255.255.255.248 x.x.x.x

ip route x.x.x.168 255.255.255.248 x.x.x.x

don't forget to remove the ip addresses for these vlans on the 1921

Regards.

Alain

Don't forget to rate helpful posts.

robertsouthgate · ‎01-24-2013

Hi,

The Vlans 15/20/30 are all working as they should, so no problem there now, but I am trying to get internet access via x.x.x74 (int 0/0) from the vlans 1/5.

Do i need anything else in the config for that to be enabled?

Thanks

cadet alain · ‎01-24-2013

Hi,

yes you need NAT:

int g0/0

ip nat out

interace g0/1.1

ip nat in

int g0/1.5

ip nat in

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 1 permit ip 192.168.5.0 0.0.0.255

ip nat inside source list 1 interface g0/0

Regards.

Alain

Don't forget to rate helpful posts.