Hi everyone, Can anyone help me please.
I have a following setup.
Cisco WLC 2504
Interface name – guest Interface ip address – 10.10.10.2/24
Interface name - management Interface ip address 10.1.1.2/24
WLC2504’s port 1 is connected to port 24 of cisco 3750.
On Cisco 3750 I have a following config.
Int vlan 2 - ip address 10.1.1.1 /24
Ports 1 to 20 on cisco switch are set to access vlan 2.
Int vlan 10 – ip address 10.10.10.1/24
Int g22 - no switchport - ip address 192.168.0.2/24
Int g24 is set as trunk link to port 1 of WLC and it carries vlans 2 and 10.
Ip route 0.0.0.0 0.0.0.0 192.168.0.1
For internet connection clients have purchased virgin media broadband and I have been supplied with a virgin media superhub (unfortunately due to firmware issue I am not able to convert this superhub to modem only mode. I will check with tech support what my options are). But as it stands this superhub has lan IP of 192.168.0.1 . Basically this superhub has 4 port switch built in. so I have connected one of the port to int g22 of cisco 3750.
If I connect a laptop to one of this ports on superhub I can get onto internet without any problem. If I connect a Cisco switch to the lan port I can ping google, bbc.co.uk etc if provide the dns server settings on the switch. So Cisco switch is able to connect to outside world via this superhub.
As I have a dhcp scope configured on cisco switch for vlan 2 and vlan 10 ranges, if I connect my laptop into one of the ports on cisco switch, I am getting IP address in 10.1.1.0 range from DHCP server.
Now my problem is… From my laptop I can ping 192.168.0.2 (int g22 ip address) on cisco switch. I can also ping other SVI ip addresses but I simply can not ping 192.168.0.1 (ip address of lan interface of superhub).
I just can’t work out why I can’t reach beyond Cisco Switch.
My access points do receive IP address from 10.1.1.0 range when connected to ports 1 to 20 on Cisco switch. My wireless devices are able to connect to ssid guest without any problem and wireless clients receive ip address from data vlan 10 ( 10.10.10.0 range) .. But these client can’t ping wireless controller IP addresses 10.10.10.2 or 10.1.1.2 . At times I have been able to ping 10.1.1.2 but more often then not it doesn’t work.. however before I try and diagnose this wireless issue I am stuck with Lan connection problem described above.
I hope all that makes sense and someone is able to suggest some sort of solution.
Solved! Go to Solution.
Wait a second ... You've got multiple VLANs. This means you need IP routing enabled on a Layer 3 device. Where is your config there?
Thank you Leo.. Its 3750 with ipbase image so its capable of routing and I have a routing enabled.. In fact just to make sure I manually typed "IP routing" as well. When I type show IP route I can see the routes to all the networks..ie.. 10.10.10.0 , 10.1.1.0 and 192.168.0.0 show as connected and th gateway of last resort set as 192.168.0.1. I don't have config right now as I am not at work but I will post the config when I get to site again.
Thanks Christos. That sort of makes sense. I will that a go tomorrow. Why am I able to ping external websites if I send pings from the switch itself? Is it because superhub sees pings coming from 192.168.0.2 and replies without any problem...
When you ping external websites from the switch,the source address is 192.168.0.2 which is in the same subnet with your superhub.
I have had a go at adding static routes but it seems like firmware on superhub is problematic.. It won't allow me to add any static routes. Screen goes blank when I click on save and then it does not save any static routes. I am trying to liaise with the Virginmedia tech support to see what they can suggest.
However now I have another problem. Now I when I connect wirelessly I can't ping anything..not even its default gateway. Yet I always receive the IP address from DHCP server without any problem.
DHCP server is setup on the switch itself and the pool is...
Pool one is for data vlan (vlan for wireless clients) 10.10.10.0 /24 with default gateway of 10.10.10.1 (which is interface vlan 10 IP address on the switch.
Pool two is for management vlan (vlan that corresponds to management vlan on the WLC. ) and has a range of 10.1.1.0/24 with gateway 10.1.1.1 (int vlan 2 ip address on the switch)
As mentioned in one of my earlier posts – WLC has following ip addresses.
Guest ssid interface vlan 10 - ip 10.10.10.2 /24
Management int vlan 2 ip - 10.1.1.11/24
Virtual port – 22.214.171.124
So when I connect wireless client to my guest ssid I can get the ip address from 10.10.10. 0/24 range without any problem. Default gateway shows up as 10.10.10.1 but I can’t ping anything from this wireless client..not even default gateway.
I will try and post my configs later on today but I am not entirely sure what I need to do to resolve this issue.
Try to open superhub gui with different browser.
Maybe it's a compatibility issue or bug.
What security mode do you use for the guest wlan?
If you have enabled web authentication then you can't access anywhere until you pass the web authentication.
Try to setup an "open" wlan and test it again.
I assume that switch port connection to wlc is in trunk mode.
Hi Christos, I did try superhub GUI with all 3 browsers but had no joy. Virginmedia tech support will call me at some point to discuss.
Switch port connection to WLC is a trunk with vlans 2 and 10 allowed.
I did use a web authentication and when I set it up on my desk it was all working. I could get to webauthentication page without any problem. Now that its in a rack I am not able to ping even a gateway or management ip address 10.1.1.1 from wireless clients. So I can't get to web authentication page IP 10.1.1.11 either. I will try it without web authentication next.
Web page IP is the virtual 126.96.36.199,not the management ip.
That ip you should type in order to be redirected to the web page.
After successful auth you should be able to ping the dg and the rest network .
Yes. you are correct Christos. I think whilst making changes I have messed things up.. in my original design I had 188.8.131.52 as a virtual port and 10.1.1.11 as a management ip on the controller. I need to check all that and get the configs so that I can post it here. I just haven't had a chance to visit the site for 2 days. Thanks. Regards.
Hi Christos, Yes you were absolutely correct.. Whilst trying to diagnose the superhub problem I managed to get myself into quite a tangle.
I have been able to authenticate from wireless clients using the web authentication page. It seems like as I don't have internal DNS server and I am get out via superhub I have to type https://184.108.40.206/login.html (all of that) before I can load the web auth page.
Is that also the reason why I am not redirected to "web auth" page automatically?
Thank you for all your help so far Christos. Much appreciated. Thanks. Regards
Hi Christos, All working now. I am running RIP between Superhub and my switch and that fixed the routing issue. Everything is working fine now. Thank you for all your help. Regards.