07-12-2007 07:40 AM - edited 03-05-2019 05:15 PM
I am new to Cisco devices and am working on getting a 4507 Calalyst set up as the core switch for our building. I set up 4 vlans and configured each with an appropriate ranged IP address. I then assigned specified ports on the switch to the appropriate vlan but traffic will not cross the subnets. What am I missing? Any thoughts or ideas? This also happens when I connect any of my 3560 switches over a trunk port if they're on one of the other vlans also. Almost seems like the Catalyst isn't doing the layer 3 routing that it's supposed to?
Solved! Go to Solution.
07-12-2007 09:51 AM
The default gateway statement does not provided routing capability. You need to create a static default route for this to happen:
ip route 0.0.0.0 0.0.0.0 164.156.24.1
However, if you are unable to ping work station to workstation that are connected to ports directly on the switch then there is another problem.
With the workstations connected are you able to ping the respective Vlan interfaces associated with these devices?
If you do a "show IP interface brief" do the VLAN interfaces indicate they are up?
Are the workstations connected to ports in the appropriate VLAN and are these interfaces up and do they have the proper default gateway (VLAN IP) configured?
All things to check at this point, and then proceed form there.
07-12-2007 08:25 AM
Check the configuration....do you see "no ip routing" in the configuration? If so, then it needs to be changed to "ip routing".
07-12-2007 08:37 AM
When doing a show run. I don't see either listed anywhere. I just typed that command at the standard config t location, as well as getting into the interface vlans and trying it there. Did a write first, but I see nothing about routing anywhere when I do another show run.
07-12-2007 08:50 AM
Can you send a config and include "sh vtp status" and "sh version" output?
07-12-2007 09:04 AM
07-12-2007 09:23 AM
CAT4507 has L3 capabilities and your config looks fine. One thing I want to see in addition to the config you posted, is the 'show ip route' command.
Are you testing the inter-vlan connection from/to a workstation at each vlan ? if so, did you verify the workstation on each vlan has a valid ip address for that vlan and the correct default gateway ?
07-12-2007 09:33 AM
Yes, that's correct. Testing from a laptop to laptop with IP configuration designated correctly for each subnet range. Might it matter that this is not yet on a live network and the default gateway is not yet coming into play? Eg. I don't have it connected to our firewalls yet which actually contain the default gateway as an internal address. Here's the cap of the IP route.
07-12-2007 09:49 AM
If you assigned the switchports to the correct VLAN, created VLANs in the switch and configured SVIs for the VLANs then it should work just fine.
Can you make sure the laptops aren't blocking ICMP traffic. If the laptop is running Windows try disabling the firewall and test.
HTH
Sundar
07-12-2007 09:53 AM
Not sure what you mean by SVI, but I'm not hitting the firewall yet. Just trying to go laptop to laptop through two ports on the switch. From the 21_0 laptop, I can ping the 21 vlan interface on the switch. From the 24_0 laptop, I can hit the 24 vlan on the switch. I just can't cross through them and the laptops aren't blocking ping.
07-12-2007 10:00 AM
SVI (switched virtual intefaces) are nothing but vlan interfaces which you already have configured on your switch as indicated by the show ip route output you posted.
Did you set the default gateway of the laptop to be the IP address of the VLAN interface you've configured on your switch? Both laptops have to use the default gateway address of their respective VLAN interfaces configured on the switch.
HTH
Sundar
07-12-2007 09:51 AM
The default gateway statement does not provided routing capability. You need to create a static default route for this to happen:
ip route 0.0.0.0 0.0.0.0 164.156.24.1
However, if you are unable to ping work station to workstation that are connected to ports directly on the switch then there is another problem.
With the workstations connected are you able to ping the respective Vlan interfaces associated with these devices?
If you do a "show IP interface brief" do the VLAN interfaces indicate they are up?
Are the workstations connected to ports in the appropriate VLAN and are these interfaces up and do they have the proper default gateway (VLAN IP) configured?
All things to check at this point, and then proceed form there.
07-12-2007 10:03 AM
OK...Thanks for everything. I have added the static route and will begin looking at these other issues. One last question though, are you saying that the interfaces themselves need to be configured with a gateway to the respective vlan IP?
07-12-2007 10:07 AM
The workstations need to have their default gateway be the VLAN interfaces on the 4500. This way they send any packets that are not on their local subnet to the 4500 to be routed accordingly.
07-12-2007 10:11 AM
Here's a sample configuration.
int vlan 210
ip add 164.156.21.1 255.255.255.128
Laptop;
ip 164.156.21.2
subnet mask: 255.255.255.128
default gateway: 164.156.21.1 --> This is the IP address of int vlan 210 configured on the switch.
HTH
Sundar
07-12-2007 10:22 AM
Thanks everyone. I modified the gateway on my laptops and everything started working.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide