07-07-2008 09:48 PM - edited 03-06-2019 12:03 AM
I have a 3560 catalyst 48 port with 5 Vlan's. The switch is connected to a 3825 router. The vlans work when the 3560 is not hooked up to the router and I am able to ping the world. Once connect to the router, I can't get through to the outside. Only a 10.0.10.1 network can get out through the switch. The other vlans on the switch are set to 10.0.20.1, 10.0.30.1, 10.0.40.1, and 10.0.50.1. The router seems to be dropping packets, but I can't seem to figure out why. I have spent a lot of time trying to figure this out but I and my technician can't seem to come up with the answer.
Here is my output
no ip domain lookup
ip domain name mav01.taggis.com
no vlan accounting
multilink bundle-name authenticated
!
voice-card 0
no dspfarm
!
There more lines but nothing to do with the problem I am having!
!
~~~ this interface is connected to the switch
interface GigabitEthernet0/0
ip address 10.0.10.2 255.255.255.0
duplex auto
speed auto
media-type rj45
vlan-id dot1q 2
exit-vlan-config
This interface is connected to the internal network....in reality, the router uses a satellite connection to gain access to the internet. For now I am using my office access point to configure the router.
!
interface GigabitEthernet0/1
ip address 10.0.0.1 255.255.255.0
duplex auto
speed auto
media-type rj45
no mop enabled
!
interface Serial0/1/0
no ip address
shutdown
!
interface Satellite2/0
ip address 148.x.x.154 255.255.255.252
service-module ip address 148.70.217.153 255.255.255.252
!
ip route 0.0.0.0 0.0.0.0 10.0.0.50
ip route 10.0.20.0 255.255.255.0 10.0.0.50
ip route 10.0.30.0 255.255.255.0 10.0.0.50
ip route 10.0.40.0 255.255.255.0 10.0.0.50
ip route 10.0.50.0 255.255.255.0 10.0.0.50
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip http path flash:
!
!
access-list 1 permit 0.0.0.0 255.255.255.0
access-list 1 permit any log
snmp-server community marvin RO
!
!
tftp-server flash:admin_user.html
continues on
07-11-2008 04:14 PM
Mark,
You have the static routes pointing to 10.0.0.50. Shouldn't you be pointing them to 10.0.10.x (vlan IP of switch).
HTH
Sundar
07-12-2008 10:17 AM
Hi,
You should post your switch configuration in order for us to see how they are connected but I would like to make a suggestion,
If you are going from your internal 10.0.10.x network out through the router 148.x.x.x most likely you need to create a NAT translation and apply it to the outside and inside interfaces.
HTH
07-12-2008 11:03 AM
Thanks for the reply and next time I will. I figured it and it was something stupid. I forgot to route the traffic back to the switch. It was fixed when I put ip route 10.0.0.0 255.255.0.0 10.0.10.1 which was the ip address for the native vlan. It was a rookie mistake.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide