Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1759
Views
14
Helpful
11
Replies

vlan routing issue

dave dave
Level 1
Level 1

‎08-24-2011 07:42 AM - edited ‎03-07-2019 01:52 AM

hi! I tried to configure a router  on the stick kind of setup. Refer to the config below. I set my pc nic with the correspond vlan IP and gw, i noticed that i can only ping its own vlan gw but not other vlan's gw. I think this shd be a straightforward setup, but somehow it doesn't work in this case. Anything that i missed out? Thanks.

SW Config

----------------

spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 48
name SvrMgt
!
vlan 49
name Data
!
vlan 50
name Voice
!
vlan 51
!

!
interface GigabitEthernet0/1
switchport access vlan 49
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/2
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/3
switchport access vlan 48
switchport mode access
spanning-tree portfast

!

interface GigabitEthernet0/47

description Connect to router
switchport trunk encapsulation dot1q
switchport trunk native vlan 48
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan48
ip address 10.200.1.2 255.255.255.192
!
ip default-gateway 10.200.1.1
ip classless
ip http server
ip http secure-server
!
!
control-plane
!
!
line con 0
line vty 5 15
!
end

Router Config

----------------------


version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname abc
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
!
!
ip cef
!

interface FastEthernet0
no ip address
duplex auto
speed auto
!
interface FastEthernet0.10
encapsulation dot1Q 48 native
ip address 10.200.1.1 255.255.255.192
no snmp trap link-status
!
interface FastEthernet0.20
encapsulation dot1Q 49
ip address 10.200.1.65 255.255.255.192
no snmp trap link-status
!
interface FastEthernet0.30
encapsulation dot1Q 50
ip address 10.200.1.129 255.255.255.192
no snmp trap link-status
!
interface FastEthernet0.40
encapsulation dot1Q 51
ip address 10.200.1.193 255.255.255.192
no snmp trap link-status
!
interface BRI0
no ip address
encapsulation hdlc
shutdown

!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface Vlan1
no ip address
shutdown
!
router ospf 8
log-adjacency-changes
network 10.200.1.0 0.0.1.255 area 0
network 10.280.14.222 0.0.0.0 area 0

Labels:
0 Helpful
11 Replies 11

cadet alain
VIP Alumni
VIP Alumni

‎08-24-2011 07:50 AM

Hi,

Have you specified ip address of router subinterface for that vlan as default gateway ?

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

dave dave
Level 1
Level 1
In response to cadet alain

‎08-24-2011 07:57 AM

hi! Yes, i did. I tried for all the avail vlans. Everytime i changed, i can only ping my own vlan's GW.

0 Helpful

raschlosser
Level 1
Level 1

‎08-24-2011 07:50 AM

Hi Dave Dave,

can you please post the routing table from your router?

Thanks

Ralf

0 Helpful

JohnTylerPearce
Level 7
Level 7

‎08-24-2011 01:10 PM

It looks like your setup is as follows.

Router -----> Switch -----> Hosts

You don't really need the vlan interface on the switch since you already have a L3 interface on your router.

You don't really need the gateway as well since you can just use L2 untill you need to hit the router.

Those networks should be directly connected off of that router so they will already have a directly connected

route so I don't think you will really need the OSPF configuration in there unless you have something else going on.

Basically your hosts will be communication via L2 until they need to talk to someone out of their broadcast

domain (L2 domain if you will). That L2 frame will go towards it's default gateway which will be whatever the

interface is on your router. (Vlan 48 - 10.200.1.1) (Vlan 49 - 10.200.1.65) (Vlan 50 - 10.200.1.129) (Vlan 51 - 10.200.1.193)

0 Helpful

glen.grant
VIP Alumni
VIP Alumni
In response to JohnTylerPearce

‎08-24-2011 05:15 PM

    The switch has an address to manage it , the default gateway on the switch is there because ip routing is turned off on the switch so you use a default gateway statement so it can be managed from any subnet.  .   Do you have your fw turned off on your pc ?    Verify the gateway on your pc is correct before pinging with the ipconfig /all  from the dos prompt. .

dave dave
Level 1
Level 1
In response to glen.grant

‎08-24-2011 11:21 PM

hi! thanks all for the reply. i think the sw and router config is correct. The issue is with my laptop wireless connection, once i turned on my wireless connection (which connect to the live env) i can't seems to ping any gateway (within the test env) by itself? any idea why is that so?

Another question is that, I've the following config. I can ping any gateway within my test env without any issue if my laptop is configured as vlan 49's IP statically. If i configure my laptop with vlan50 IPs i can't seems to ping any gateway. Is it because it's a must to configure dhcp in the voice vlan? or the switch will detect that the pc is not a phone/voice equipment, thus it doesn't allow it to go anyway? Thanks.

interface GigabitEthernet0/1

switchport access vlan 49

switchport mode access

switchport voice vlan 50

no mdix auto

spanning-tree portfast

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to dave dave

‎08-25-2011 02:02 AM

hi,

if you configure pc in vlan 50 subnet frames coming from it are untagged so considered to be part of vlan 49.

Because your config is telling the switch to advertise via cdp the vlan id the phone must use to tag its frames.

For your wireless, is it configured in same subnet as the ethernet?

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

dave dave
Level 1
Level 1
In response to cadet alain

‎08-25-2011 04:54 AM

Hi sorry, I don't quite understand the first paragraph. I think basically you meant it's norm that I can't reach any gw if a pc configured with avoice vlan ip is connected to port configured with voice + data vlan? No the wireless networks is different segment from my test env.

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to dave dave

‎08-25-2011 05:00 AM

Yes because this access-port is in fact a mini-trunk port and as you pc doesn't tag frames they are considered belonging to vlan 49 no vlan 50.

Regards.

Alain.

Don't forget to rate helpful posts.

Fabio Francisco
Level 1
Level 1

‎08-24-2011 02:39 PM

Hey mate,

I think your problem is the wildcard set up in OSPF

Try this:

router ospf 8

log-adjacency-changes

network 10.200.1.0 0.0.0.255 area 0

network 10.280.14.222 0.0.0.0 area 0

Cheers,

Fabio

0 Helpful

acampbell
VIP Alumni
VIP Alumni
In response to Fabio Francisco

‎08-25-2011 01:58 AM

Hi,

The configs look good to me too

I dont see anything wrong with the OSPF as it is.

!

network 10.200.1.0 0.0.1.255 area 0

! ## This will match IP addresses in the range 10.200.0.1 - 10.200.1.254 all your addresses are in this range

But anyway the connected interfaces are AD = 1 where as OSPF would AD=110. Connected routes would be used.

If you use the switch console to ping istead of a PC

Switch/Console will use 10.200.1.2 with its d/gway 10.200.1.1

Ping 10.200.1.2  result = ? - (Just to make sure IP stack is working)

Ping 10.200.1.1  result = ?

Ping 10.200.1.65  result = ?

Ping 10.200.1.129  result = ?

Ping 10.200.1.193  result = ?

If the results are good then the issue mut be with your test PC, perhaps internal firewall etc.

HTH

Alex

Regards, Alex. Please rate useful posts.
Customers Also Viewed These Support Documents