10-21-2016 02:55 PM - edited 03-08-2019 07:52 AM
Hi everyone, I have an SG300 52 ports PoE but when I'm trying to enable IP ROUTING via CLI, the command down's appear, and by this mean, all the inter-vlan communication is being blocked, do you know what am I doing wrong?
10-21-2016 03:03 PM
You have to change the system mode to router. Go to the command line and type:
Router#set system mode router
10-21-2016 03:05 PM
Thank you for your answer, it is already done, in fact, was the first thing we did, but still can't reach any VLAN, I can add static routes, but inter-vlan traffic is being blocked, what else could it be? We also upgrade the firmware to the latest version and still doesn't work.
10-21-2016 03:33 PM
Thank you again, but I also did that already, let me attach my sh run:
config-file-header
CORECA
v1.4.0.88 / R800_NIK_1_4_194_194
CLI v1.0
set system mode router
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 10-13,40
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
CORECA(config)#set syste
% Unrecognized command
CORECA(config)#
CORECA#set sys
mode Ip Routing support
CORECA#set sys mo
router System will run as a IP router
switch System will run as a switch
CORECA#set sys mo router
<CR>
CORECA#set sys mo router
CORECA#ip routing
% Unrecognized command
CORECA#config t
CORECA(config)#ip routing
% Unrecognized command
CORECA(config)#do sh run
config-file-header
CORECA
v1.4.0.88 / R800_NIK_1_4_194_194
CLI v1.0
set system mode router
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 10-13,40
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
CORECA(config)#enable
password Assign the privileged level password.
CORECA(config)#enable ip
% Unrecognized command
CORECA(config)#ip
access-list This command creates an ACL, which perform
classification on layer 3 fields and enters ip-access
configuration mode.
arp ARP configuration commands
default-gateway Specify default gateway
dhcp IP DHCP client commands
domain IP Domain Naming System
helper-address Specify a destination address for UDP broadcasts
host To define static host name-to-address mapping in the
host cache
http Specify the HTTP server configuration
https HTTPS server configuration
igmp IGMP interface commands
name-server To set the available name servers, use the ip
name-server global configuration command.
route Establish static routes
source-guard IP source-guard configuration
ssh Global Secure Shell protocol configuration subcommands
ssh-client secure shell client.
telnet Telnet server configuration
CORECA(config)#
CORECA#sh ver
SW version 1.4.0.88 ( date 06-Aug-2014 time 16:55:55 )
Boot version 1.3.5.06 ( date 21-Jul-2013 time 15:12:10 )
HW version V03
CORECA#sh har
% Unrecognized command
CORECA#sh
access-lists Display not empty access control lists (ACLs)
configured on the switch
accounting Display information accounting
arp Display the entries in the ARP table.
authentication Show authentication configuration
banner Show the configuration of banners
bonjour Shows bonjour advertisement status
boot Shows the status of IP DHCP auto update or auto config
process
bootvar Show boot attributes
bridge Bridging information
cable-diagnostics Copper ports diagnostics
cdp CDP information
class-map Display QoS class maps, which
define the match criteria to classify traffic
clock Display the time and date from the system clock
cpu Displays information about the system CPU utilization.
crypto Global cryptographic features configuration subcommands
default-vlan-membership default VLAN membership
dot1x 802.1x information
eee Energy Efficient Ethernet
environment Show system environment information
errdisable Show errdisable state.
CORECA#sh ver
SW version 1.4.0.88 ( date 06-Aug-2014 time 16:55:55 )
Boot version 1.3.5.06 ( date 21-Jul-2013 time 15:12:10 )
HW version V03
CORECA#sh ver
SW version 1.4.0.88 ( date 06-Aug-2014 time 16:55:55 )
Boot version 1.3.5.06 ( date 21-Jul-2013 time 15:12:10 )
HW version V03
CORECA# onfig t
% Unrecognized command
CORECA#config t
CORECA(config)#ip rou=
CORECA(config)#ip rou
route Establish static routes
CORECA(config)#ip rou15-Aug-2014 15:51:11 %AAA-I-DISCONNECT: http connection for user cisco, source 192.168.1.64 destination 192.168.1.1 TERMINATED
15-Aug-2014 15:52:03 %AAA-I-DISCONNECT: http connection for user cisco, source 192.168.1.62 destination 192.168.1.1 TERMINATED
% missing mandatory parameter
CORECA(config)#
CORECA(config)#
CORECA(config)#
CORECA(config)#15-Aug-2014 15:52:20 %HTTP_HTTPS-E-GOHDFIELDSIZE: GOAHEADG: Received illegal length (704) for field (cookie) in HTTP request.
15-Aug-2014 15:52:26 %AAA-W-REJECT: New http connection for user cisco, source 192.168.1.62 destination 192.168.1.1 REJECTED
15-Aug-2014 15:52:32 %AAA-I-CONNECT: New http connection for user cisco, source 192.168.1.62 destination 192.168.1.1 ACCEPTED
CORECA(config)#
CORECA(config)#
CORECA(config)#
CORECA(config)#15-Aug-2014 15:55:06 %COPY-I-FILECPY: Files Copy - source URL HTTP://192.168.1.62/ destination URL flash://image
15-Aug-2014 15:57:06 %COPY-N-TRAP: The copy operation was completed successfully
CORECA(config)#
CORECA(config)#
CORECA(config)#
CORECA(config)#
CORECA#sh run
config-file-header
CORECA
v1.4.0.88 / R800_NIK_1_4_194_194
CLI v1.0
set system mode router
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 10-13,40
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
ip dhcp relay address 192.168.1.101
ip dhcp relay enable
bonjour interface range vlan 1
hostname CORECA
username cisco password encrypted eee3835a2234978e22f8f55c151f558f0c4f7d9e privilege 15
ip ssh server
snmp-server location Mexico
ip domain polling-interval 8
ip telnet server
!
interface vlan 1
ip address 10.10.1.10 255.255.255.0
no ip address dhcp
!
interface vlan 10
name Pixel
ip address 192.168.1.1 255.255.255.0
ip dhcp relay enable
!
interface vlan 11
name PixelTPV
ip address 192.168.2.1 255.255.255.0
ip dhcp relay enable
!
interface vlan 12
name PixelWebStore
ip address 192.168.3.1 255.255.255.0
ip dhcp relay enable
!
interface vlan 13
name Clientes
ip address 192.168.4.1 255.255.255.0
ip dhcp relay enable
!
interface vlan 40
ip address 192.168.15.100 255.255.255.0
!
interface gigabitethernet1
switchport mode access
switchport access vlan 10
!
interface gigabitethernet2
switchport mode access
switchport access vlan 10
!
interface gigabitethernet3
switchport mode access
switchport access vlan 10
!
interface gigabitethernet4
switchport mode access
switchport access vlan 10
!
interface gigabitethernet5
switchport mode access
switchport access vlan 10
!
interface gigabitethernet6
switchport mode access
switchport access vlan 10
!
interface gigabitethernet7
switchport mode access
switchport access vlan 10
!
interface gigabitethernet8
switchport mode access
switchport access vlan 10
!
interface gigabitethernet9
switchport mode access
switchport access vlan 10
!
interface gigabitethernet10
switchport mode access
switchport access vlan 10
!
interface gigabitethernet11
switchport mode access
switchport access vlan 10
!
interface gigabitethernet12
switchport mode access
switchport access vlan 10
!
interface gigabitethernet13
switchport mode access
switchport access vlan 10
!
interface gigabitethernet14
switchport mode access
switchport access vlan 10
!
interface gigabitethernet15
switchport mode access
switchport access vlan 10
!
interface gigabitethernet16
switchport mode access
switchport access vlan 10
!
interface gigabitethernet17
switchport mode access
switchport access vlan 10
!
interface gigabitethernet18
switchport mode access
switchport access vlan 10
!
interface gigabitethernet19
switchport mode access
switchport access vlan 10
!
interface gigabitethernet20
switchport mode access
switchport access vlan 10
!
interface gigabitethernet21
switchport mode access
switchport access vlan 10
!
interface gigabitethernet22
switchport mode access
switchport access vlan 10
!
interface gigabitethernet23
switchport mode access
switchport access vlan 10
!
interface gigabitethernet24
description Internet
switchport mode access
switchport access vlan 10
!
interface gigabitethernet25
switchport mode access
switchport access vlan 10
!
interface gigabitethernet26
switchport mode access
switchport access vlan 10
!
interface gigabitethernet27
switchport mode access
switchport access vlan 10
!
interface gigabitethernet28
switchport mode access
switchport access vlan 10
!
interface gigabitethernet29
switchport mode access
switchport access vlan 10
!
interface gigabitethernet30
switchport mode access
switchport access vlan 10
!
interface gigabitethernet31
switchport mode access
switchport access vlan 10
!
interface gigabitethernet32
switchport mode access
switchport access vlan 10
!
interface gigabitethernet33
switchport mode access
switchport access vlan 10
!
interface gigabitethernet34
switchport mode access
switchport access vlan 10
!
interface gigabitethernet35
switchport mode access
switchport access vlan 10
!
interface gigabitethernet36
switchport mode access
switchport access vlan 10
!
interface gigabitethernet37
switchport mode access
switchport access vlan 10
!
interface gigabitethernet38
switchport mode access
switchport access vlan 10
!
interface gigabitethernet39
switchport mode access
switchport access vlan 10
!
interface gigabitethernet40
switchport mode access
switchport access vlan 10
!
interface gigabitethernet41
switchport mode access
switchport access vlan 10
!
interface gigabitethernet42
switchport mode access
switchport access vlan 10
!
interface gigabitethernet43
description AP-1
switchport trunk allowed vlan add 11-13
switchport trunk native vlan 10
!
interface gigabitethernet44
description AP-2
switchport trunk allowed vlan add 11-13
switchport trunk native vlan 10
!
interface gigabitethernet45
description AP-3
switchport trunk allowed vlan add 11-13
switchport trunk native vlan 10
!
interface gigabitethernet46
switchport trunk allowed vlan add 11-13
switchport trunk native vlan 10
!
interface gigabitethernet47
switchport mode access
!
interface gigabitethernet48
switchport trunk allowed vlan add 10-13
!
interface gigabitethernet49
switchport mode access
switchport access vlan 10
!
interface gigabitethernet50
switchport mode access
switchport access vlan 10
!
exit
ip default-gateway 192.168.1.254
CORECA#
Attach my sh ver
10-21-2016 04:08 PM
Can you do a 'sh ip route' and post the output ?
10-21-2016 04:12 PM
10-21-2016 04:22 PM
In the output of 'sh ip route' does it say that IP Forwarding is enabled ? Try to ping your laptop (or whatever is connected to the switch) from the command line:
Switch#ping x.x.x.x
10-21-2016 04:24 PM
10-22-2016 12:10 AM
The switch creates default static routes for VLANs automatically only after you plug in a device into the port that belongs to that VLAN. So if you want to communicate between let's say VLAN 10 and VLAN 13, you need to first plug a device into the ports on your switch that are assigned to VLAN 10 and 13 respectively.
10-22-2016 12:14 AM
Yes, right now there are no ports on the other VLANS, but when the switch was on a productional environment there was ports on the other VLANS and the result was the traffic inter-vlan blocked, and still ip routing command, was unable to set it.
10-22-2016 07:58 PM
Any ideas? Maybe the software version, of the model, what else should I try?
10-23-2016 12:51 AM
Hello,
at this point, I would reset the entire switch and start from scratch. The 'ip routing' command is not available on the SG300. By setting the system mode to router, ip routing is automatically enabled.
So, my suggestion is:
CORECA(config)#set system mode switch
This will reload the switch and delete the startup configuration. Once the switch comes back up, set the system mode to router:
CORECA(config)#set system mode router
This will reload the switch again, when it comes back up, ip routing is enable. Then create your VLANs etc.
10-21-2016 03:13 PM
Take a look at this thread, the user had the same problem.
https://supportforums.cisco.com/discussion/13067106/inter-vlan-routing-cisco-sg300
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide