Hi.
I have a CBS350-8FP-E-2G switch connected to a TP-Link router(192.168.1.1).
I have 2 VLANs on the switch:
Vlan1, with the gateway IP 192.168.1.171
Vlan100, with the gateway IP 192.168.100.1
I've connected a host on vlan100, with the IP 192.168.100.16.
I can ping from the .100.16 host, vlan100's gateway 192.168.100.1, and the TP-Link Gateway 192.168.1.1
I can also ping from .100.16 host other devices connected to the TP-Link router, but I can't ping 8.8.8.8.
It works if I try to ping 8.8.8.8 from the switch's console.
I've added a nat rule on the TP-link router(see image)
I have also added 2 Access Lists, it makes no difference.
This is the running config of the Cisco switch:
switch0244cc#show running-config
config-file-header
switch0244cc
v3.2.1.1 / RCBS3.2hotfix_950_377_136
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink none
unit-type-control-end
!
vlan database
vlan 100
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone
voice vlan oui-table add 00036b Cisco_phone
voice vlan oui-table add 00096e Avaya
voice vlan oui-table add 000fe2 H3C_Aolynk
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone
voice vlan oui-table add 00e075 Polycom/Veritel_phone
voice vlan oui-table add 00e0bb 3Com_phone
bonjour interface range vlan 1
ip access-list extended inter-VLAN_ACL
deny ip 192.168.100.0 0.0.0.255 192.168.0.0 0.0.0.255 ace-priority 10
deny ip 192.168.0.0 0.0.0.255 192.168.100.0 0.0.0.255 ace-priority 20
permit ip any any ace-priority 1000
exit
!
interface vlan 1
service-acl input inter-VLAN_ACL
!
interface vlan 100
name "Vlan100"
ip address 192.168.100.1 255.255.255.0
service-acl input inter-VLAN_ACL
!
interface GigabitEthernet1
switchport mode trunk
!
interface GigabitEthernet2
switchport mode trunk
switchport access vlan 100
switchport trunk native vlan 100
!
exit
Am I missing something?
Hi M02@rt37 Thanks for the reply.
Here is a diagram of the network:
I have changed both switch ports to mode access, but there is no difference.
this is the current config
switch0244cc#show running-config
config-file-header
switch0244cc
v3.2.1.1 / RCBS3.2hotfix_950_377_136
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink none
unit-type-control-end
!
vlan database
vlan 100
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone
voice vlan oui-table add 00036b Cisco_phone
voice vlan oui-table add 00096e Avaya
voice vlan oui-table add 000fe2 H3C_Aolynk
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone
voice vlan oui-table add 00e075 Polycom/Veritel_phone
voice vlan oui-table add 00e0bb 3Com_phone
bonjour interface range vlan 1
ip access-list extended inter-VLAN_ACL
deny ip 192.168.100.0 0.0.0.255 192.168.0.0 0.0.0.255 ace-priority 10
deny ip 192.168.0.0 0.0.0.255 192.168.100.0 0.0.0.255 ace-priority 20
permit ip any any ace-priority 1000
exit
interface vlan 1
service-acl input inter-VLAN_ACL
!
interface vlan 100
name "Vlan100"
ip address 192.168.100.1 255.255.255.0
service-acl input inter-VLAN_ACL
!
interface GigabitEthernet2
switchport access vlan 100
switchport trunk native vlan 100
!
exit
The TPlink router doesn't have a lot of NAT Options
I already added a route for the .100 vlan on it, but I am not 100% sure is correct.
hi @KJK99 . Thanks for the reply.
The network looks something like this:
The switch with the gear connected to it is going to be temporarily in my possession for a short period until is configured and then moved to a different location.
The Tp Link router is an AX1800 Wi-Fi 6 Router.
I want to be able to connect .100.16 host connected to Cisco switch on port 2, to the internet via vlan1, which is attached to Port1 on the cisco switch.
