05-20-2021 04:38 AM
i have setup the routing as well and the VPN tunneling too. Vlans has been configured in switches with vtp server and client but still is not working.
05-20-2021 04:54 AM
post all router configuration show run.
what is the PC IP you trying to ping ? from what source IP address ?
05-20-2021 06:48 AM
05-20-2021 06:38 PM
you can attach PT file here but it must be in a zip format; it will be easier and faster to spot issue
Regards, ML
**Please Rate All Helpful Responses **
05-21-2021 04:13 AM
05-21-2021 05:27 PM - edited 05-21-2021 05:56 PM
Here are issues I found so far:
PCs in vlan 10 will not be able communicate with PCs in vlan 20 unless you do routing either on L3 switch or router via so called router-on-a-stick, ROAS. You do not have ROAS set up nor L3 switch. How will you router traffic between vlans?
VPN tunnel is not working; it set up wrong; I think source interface is wrong. Change those and ping 172.16.1.x to see if VPN is up.
There is Native vlan mismatch on right side switches. Keep trunking between switches but put PC0 into vlan 10 and Sydney router as well so that you can ping PC0 to Sydney. you can use vlan 20 on Right side as long as PC7 can ping its default gateway router. Then once VPN is fixed, PC0 should ping PC7. Once you have this ping OK, you can implement ROAS or L3 switch and inter-vlan routing.
Regards, ML
**Please Rate All Helpful Responses **
05-21-2021 05:30 PM
05-21-2021 06:11 PM
05-21-2021 05:50 PM
05-22-2021 03:04 AM
Hi,
I have tried a lot but could not fix it. Can you fix the issue and send the pkt file back to me please
05-22-2021 07:11 PM
Hi martin,
can you please have a look at this pkt. I can ping PC0 and Sydney if I put the interface connecting the router to VLAN10 as switch RS vlan which are similar. however, I am not able to ping other pcs to the router. i have enabled the port connecting to the router as a trunk to let data pass. still is not working. can you please help me fix this which allows all the pcs ping to the router sydney.
05-24-2021 06:54 AM - edited 05-28-2021 12:32 PM
if link between router and switch must be trunk (per ROAS) then you need to make router as trunk sub-interlaces with vlan id; For vlan 10: you must have sub- interface
GigabitEthernet0/1.10
encapsulation dot1Q 10
ip address 192.160.1.1 255.255.255.0
for any other vlans, you just add another sub-interfaces changing dot1Q vlan id and different IP address
PT comes with samples of configs; you can take look and check IPSec tunnel configs as well. ACL looks incorrect.
Regards, ML
**Please Rate All Helpful Responses **
05-24-2021 10:59 PM
I figured out the problem why the pcs were not able to ping their specific router. it was because the interface fa0/1 from the client switch connected to the server switch was trunked. I changed it to access with their specific VLANs and are good now. however, I cant still ping the two networks. if you could have a look whats wrong that would be great.
05-25-2021 01:39 AM
Hello,
in order to be able to use Vlans, you need to configure subinterfaces on the routers. Your PCs are in different Vlans but in the same subnet, that does not work.
I changed your network addressing; also, the ports between the switches and the routers all need to be trunk ports. I also configured Vlan 1 as management Vlan. I addition, I configured the routers as DHCP servers, which makes it easier to assign IP addresses to the PCs.
Review the attached file...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide