Hi Guys,

I have encountered a weird fix to a problem that I would like to get some clarity on. Basically, we have a Cisco 1600 AP, connecting directly to a Layer 3 switch. The data VLAN (and therefore the VLAN the AP's are in) are VLAN 4. There is a Voice VLAN of 5 and a Transit VLAN of 255.

The problem I was encountering is that I can only access the AP from VLAN 5 and no other VLAN. Now my first thoughts would be the default gateway, but as you can see in the config it is correct. A Ping from VLAN 5 on the switch works but from VLAN 4 doesn't. Other connectivity like from the AP to the DC, doesn't reach the default gateway and connectivity from the DC to the AP only reaches the switch.

SW-01#ping 172.16.34.11 source vlan 5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.34.10, timeout is 2 seconds:

Packet sent with a source address of 172.16.68.1

.....                                                                                //UNSUCCESSFUL

Success rate is 0 percent (0/5)

SW-01#ping 172.16.34.11 sou vlan 4

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.34.11, timeout is 2 seconds:

Packet sent with a source address of 172.16.34.1

!!!!!                                                                                     //SUCCESSFUL

Success rate is 100 percent (5/5),

When I trace to the default-way it reaches there in one hop. But when I trace to a point beyond the default-gateway it doesn't even reach the first hop i.e. the default-gateway.

NOW THE FIX:

The command that fixed this is:

ip route 0.0.0.0 0.0.0.0 172.16.34.1

PLEASE explain why this would of fixed the problem. I don't see why I would need to add a route on a Layer 2 device. Surely, the default-gateway command allows it to find its way out of the network.

I have attached the configuration of the switch and AP.

Thanks

Grant