cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1352
Views
0
Helpful
18
Replies

routing between vlans - switchport trunk/access

jessica jestol
Level 1
Level 1

so.... I have a computer connected to a 2960 on F0/7 - IP 10.70.64.151 - VLAN 1. The 2960 is connected to a 3750 on ports g1/0/11-12. The 3750 is connected to another computer on G1/0/7 - IP 10.30.0.2 - VLAN2. I have two vlans on each. I can ping from switch to switch on both vlans. I have a trunk setup between the two switches. I can ping both computers from the switches. I can't ping the computers from each other. ip routing is enabled on the 3750. I'm not sure what I'm missing but I could sure use some help. Please see below configs. I snipped a little bit but most ports are configured identically so I removed a bunch to save space. Thanks!

3750x

hostname 3750-sw01
!
boot-start-marker
boot-end-marker
!
enable password 7 1234567890
!
aaa new-model
!
!
aaa authentication login default enable
!
!
!
aaa session-id common
clock timezone PST -8 0
clock summer-time PDT recurring
system mtu routing 1500
ip routing
!
!
no ip domain-lookup
ip domain-name test.net
ip multicast-routing distributed
ip igmp snooping querier
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!

vlan internal allocation policy ascending
!
lldp timer 5
lldp run
!
!
!
!
!
interface Port-channel1
 description 2960-sw01
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
!
interface FastEthernet0
 no ip address
 no ip route-cache cef
 no ip route-cache
 shutdown
!
!
interface GigabitEthernet1/0/6
 switchport mode access
!
interface GigabitEthernet1/0/7
 description ucrypt management
 switchport access vlan 2
 switchport mode access
!
interface GigabitEthernet1/0/8
 switchport mode access
!
interface GigabitEthernet1/0/9
 switchport mode access
!
interface GigabitEthernet1/0/10
 switchport mode access
!
interface GigabitEthernet1/0/11
 switchport mode access
!
interface GigabitEthernet1/0/12
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet1/0/13
 description port-channel1
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
!
interface GigabitEthernet1/0/14
 description port-channel1
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
!
!
interface Vlan1
 ip address 10.70.64.31 255.255.255.0
 ip helper-address 10.70.64.11
!
interface Vlan2
 ip address 10.30.0.1 255.255.255.0
!
no ip http server
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.70.64.1
!
logging esm config
!
!
!
alias exec sib show ip int brief
alias exec sal sh access-list
alias exec sir sh ip route
!
line con 0
 privilege level 15
line vty 0 4
 privilege level 15
 password 7 12345467890
 length 0
line vty 5 15
 privilege level 15
 password 7 12345467890
!
ntp server 129.6.15.28
end

2960

hostname 2960-sw01
!
boot-start-marker
boot-end-marker
!
enable password 7 1234567890
!
aaa new-model
!
!
aaa authentication login default enable
!
!
!
aaa session-id common
clock timezone CST -6 0
clock summer-time CDT recurring
system mtu routing 1500
!
!
no ip domain-lookup
ip domain-name test.net
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
lldp timer 5
lldp run
!
!
!
interface Port-channel1
 description uplink to MDF
 switchport mode trunk
!
interface FastEthernet0/1
 switchport mode access
 spanning-tree portfast
 ip igmp max-groups 2
 ip igmp max-groups action replace
!
interface FastEthernet0/2
 switchport mode access
 spanning-tree portfast
 ip igmp max-groups 2
 ip igmp max-groups action replace
!
interface FastEthernet0/3
 switchport mode access
 spanning-tree portfast
 ip igmp max-groups 2
 ip igmp max-groups action replace
!
interface FastEthernet0/4
 switchport mode access
 spanning-tree portfast
 ip igmp max-groups 2
 ip igmp max-groups action replace
!
interface FastEthernet0/5
 switchport mode access
 spanning-tree portfast
 ip igmp max-groups 2
 ip igmp max-groups action replace
!
interface FastEthernet0/6
 switchport mode access
 spanning-tree portfast
 ip igmp max-groups 2
 ip igmp max-groups action replace
!
interface FastEthernet0/7
 switchport mode access
 spanning-tree portfast
 ip igmp max-groups 2
 ip igmp max-groups action replace
!
!
interface GigabitEthernet0/1
 description port-channel1 uplink
 switchport mode trunk
 channel-group 1 mode on
!
interface GigabitEthernet0/2
 description port-channel1 uplink
 switchport mode trunk
 channel-group 1 mode on
!
interface Vlan1
 ip address 10.70.64.48 255.255.252.0
!
interface Vlan2
 ip address 10.30.0.6 255.255.255.0
!
ip default-gateway 10.70.64.1
no ip http server
ip http secure-server
!
!
!
!
line con 0
line vty 0 4
 privilege level 15
 password 7 1234567890
line vty 5 15
 privilege level 15
 password 7 1234567890
!
ntp server 129.6.15.28
end

 

18 Replies 18

I don't want to mess with the ASA if at all possible.

Can you try adding a host route to the PC you RDP into eg. -

"route add -host 10.0.30.2 netmask 255.255.255.255 gw 10.70.64.31 dev eth0"

note it will be something like that but you may need to lookup the exact syntax.

This shouldn't stop your remote connectivity working, it should hopefully just send traffic for the server to the 3750 as it's default gateway and then it can route to the server.

Jon

will try that now. I think the problem boils down to the fact that the 5505s are layer 2 and that's where I'm running into problems.

So it didn't work ?

Jon

Sorry, just got in the office. It totally worked. I got the IP changed back and everything's fine now. Thanks for all the help.