03-15-2007 06:19 PM - edited 03-05-2019 02:56 PM
I am trying to setup a VLAN between a 2860 switch and a 3640 router.
Attached are samples of my config. I am unable to pass traffic across the VLANs. I think I am missing a command, but I haven't found my problem yet.. I have been staring at the config for hours and need a new set of eyes on it..
I have backed out most of my changes to the 2960. I am thinking the issue is with the 3640 side..
The 3640 is running 12.2(13a)
The 2960 is running 12.2(25r)FX
Any help would be appreciated.. Thanks
03-15-2007 10:56 PM
Hi Friend,
Are the machines in respective vlans able to ping their gateway?
Also can you paste the output of "sh ip route" from your router?
Regards,
Ankur
03-16-2007 04:05 AM
The output of sh ip route shows that the IP addresses of the different VLANs are directly connected, as it should.
The machines can't ping their gateways.
03-16-2007 01:42 AM
On the router try this .
interface FastEthernet1/0.11
description Switch Management VLAN
encapsulation dot1Q 11 native
ip address 10.40.1.1 255.255.255.0
Also not sure what you are doing with this entry , router can be managed with any active address on the box.
interface FastEthernet1/0.10
description Router Management VLAN
encapsulation dot1Q 10
ip address 10.40.0.1 255.255.255.0
-----------------------------------------------
On the switch side get rid of "all" the layer 3 SVI's you have in there , they are not needed except one . "no interface vlan 12, no interface vlan 10 etc.... You won't be able to get rid of interface vlan 1 , just make sure it is shutdown. . Leave interface vlan 11 .do not get rid of the layer 2 vlan definitions .
Put the switch in vlan 11 as this appears to be your management vlan .
interface Vlan11
ip address 10.x.x.17 255.255.255.0
no ip route-cache
no shut
on the uplink add
switchport trunk native vlan 11
03-16-2007 04:03 AM
Thanks, I will try that. I created a few management VLANs and wanted to use Private IP addresses and only allow connections to the routers, switches and power strips via the internal network only.
03-16-2007 04:57 AM
That didn't work..
Here is what I am trying to do.. maybe this will make it easier..
I will have the following VLANs
VLAN <99 internal and management VLANs
VLAN 100 windows shared hosting VLAN
VLAN 300 linux shared hosting VLAN
VLAN 500-699 windows dedicated hosting VLAN 1 vlan per client
VLAN 700-899 linux dedicated hosting VLAN 1 vlan per client
Each VLAN will most likely have more than 1 port on the switch assigned to it. Currently it looks like this..
Fa0/1 no vlan at the moment (mail firewall)
Fa0/2 - Fa0/7 VLAN 300
Fa0/9 - Fa0/14 VLAN 100
Int Gi0/1 is the uplink to router 1 on Fa1/0, Gi0/2 will go to router 2 at a later time for redundancy.
Temporarily, on the switch Fa0/21 has a feed to our upstream provider in the colo, and Fa0/22 goes to Router 1 on Fa0/0. This will be removed once the switch is up with VLANs configured.
03-16-2007 05:14 AM
I think I just figured out why it wasn't working..
I moved the IP on the router to Fa0/0 as a secondary IP. I removed the VLAN from the switch port and now I can get thru. It appears that the cable from Fa1/0 isn't correct, it shows a link but no traffic crosses it. It was a shot in the dark test, but removes the cable from the equation. Time to go to the DC with some new cables.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: