10-18-2020 01:30 PM - edited 10-19-2020 02:04 AM
Hello.
Have problem with connecting VLANs. Devices connected via Fa3 (router) and Gi8(switch), Gi7(switch) client device.
Router config:
interface FastEthernet3 description << LAN L2 >> switchport mode trunk no ip address ! interface Vlan1 description << LAN >> ip address 192.168.8.1 255.255.255.0 ip nat inside ip virtual-reassembly in ! interface Vlan2 description << IPT >> ip address 10.10.3.1 255.255.255.0 ip virtual-reassembly in no autostate
It's ip route table:
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks S 10.0.0.0/24 is directly connected, Tunnel0 C 10.1.2.0/24 is directly connected, Tunnel0 L 10.1.2.2/32 is directly connected, Tunnel0 C 10.10.3.0/24 is directly connected, Vlan2 L 10.10.3.1/32 is directly connected, Vlan2 S 10.10.12.0/24 is directly connected, Tunnel0 172.10.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.10.10.0/24 is directly connected, Vlan100 L 172.10.10.1/32 is directly connected, Vlan100 S 192.168.5.0/24 is directly connected, Tunnel0 S 192.168.6.0/24 is directly connected, Tunnel0 S 192.168.7.0/24 is directly connected, Tunnel0 192.168.8.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.8.0/24 is directly connected, Vlan1 L 192.168.8.1/32 is directly connected, Vlan1
Switch:
Client and switch vlan2 interface are unreachable from router. Router's ARP clear from vlan2 clients
Internet 10.10.3.1 - 5ca6.2d22.6ae8 ARPA Vlan2 Internet 172.10.10.1 - 5ca6.2d22.6ae8 ARPA Vlan100 Internet 192.168.8.1 - 5ca6.2d22.6ae8 ARPA Vlan1 Internet 192.168.8.2 126 4c71.0c18.4b08 ARPA Vlan1 Internet 192.168.8.3 44 00fd.2291.2aac ARPA Vlan1 Internet 192.168.8.4 29 0014.38e3.c57d ARPA Vlan1 Internet 192.168.8.19 3 0025.ab6e.7b21 ARPA Vlan1 Internet 192.168.8.29 33 0015.6594.1618 ARPA Vlan1
Ideas?
10-18-2020 01:42 PM
Can I see the topology ?
10-18-2020 02:50 PM
10-18-2020 01:42 PM
Hello,
you need to delete the Vlan 2 interface from your switch and let the router to the inter-Vlan routing. On the switch, enable the Vlan 1 interface.
10-18-2020 02:08 PM - edited 10-18-2020 02:09 PM
vlan2 interface on the switch made just for connectivity test. It has no any impact. All interfaces enabled.
Don't know about vlan routing enabling on the router. It routes correctly. Vlan1 clients can ping 10.10.3.1, but Vlan2 clients can't ping anything. Because there is no connectivity between router vlan2 and switch vlan2
10-18-2020 02:25 PM
Did you enable Vlan 1 and disable Vlan 2 on the switch as suggested ?
10-18-2020 02:36 PM - edited 10-18-2020 02:36 PM
Vlan1 int on the switch was always enabled
10-18-2020 02:56 PM
You can only have one active Vlan interface on the switch (Vlan 1 in your case). In the screenshot you posted you have Vlan 2 enabled. Did you delete that ?
10-18-2020 03:17 PM
I can make them as many as I want
interface vlan 1 ip address 192.168.8.2 255.255.255.0 no ip address dhcp ! interface vlan 2 name IPT ip address 10.10.3.2 255.255.255.0 ! interface vlan 100 name wifiguest ip address 172.10.10.2 255.255.255.0
Yes, I did
10-18-2020 02:47 PM
Hello
Can you make the topology much clearer -
router- switch-client plus tunnels which you haven't mentioned that you show in the rtr output, if you do this I would assume it will be much easier to resolve for you.
10-18-2020 02:59 PM - edited 10-18-2020 03:02 PM
how clearer it could be? it is just router, switch and client. tunnels do not touch the switch
10-18-2020 03:44 PM - edited 10-18-2020 03:47 PM
Hello
Yes understand and that's the problem obviously its configured incorrectly, For instance what are the tunnels for ?
If its the rtr that performing all the routing ( including inter-vlan routing) then the switch should basically act as a host switch and that's it with the end host connected to it on a access-port, however the switch its showing an populated arp table?
The only L3 addressing on the switch should be the MGT vlan, in this case it seems to be vlan 2, so then you don't need any other L3 address so vlan 1 isn't required in any case that vlan 1 looks like its being used for some tunnel addressing also you have a phone connected to the switch but i don't see any voice vlan?
Lastly how is the phone obtaining ip addressing, have you manually configured it or is it from dhcp that you haven't shared?
So basically:
RTR - all L3 interfaces ( in your case svi's for data /voice and mgt) and default route to wan
Switch -single l3 interface for mgt reachability with default-gateway to the rtrs svi ip for the same vlan, plus L2 vlans created for the access ports (data/voice) but i don't see these either?
Access-ports on the switch should be assigned for the phone (data & voice)
10-18-2020 03:58 PM - edited 10-19-2020 02:05 AM
tunnels for vpn
all switch ports are in L2 mode. Vlan1 is mgt int.
Vlan2 should be the voice vlan.
Phone should obtain address from router's dhcp server.
Gi7 - access-port
10-20-2020 06:13 AM
up
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide