cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1056
Views
10
Helpful
15
Replies

Intervlan routing Question

jconnacher
Level 1
Level 1

I am new to Cisco devices and am working on getting a 4507 Calalyst set up as the core switch for our building. I set up 4 vlans and configured each with an appropriate ranged IP address. I then assigned specified ports on the switch to the appropriate vlan but traffic will not cross the subnets. What am I missing? Any thoughts or ideas? This also happens when I connect any of my 3560 switches over a trunk port if they're on one of the other vlans also. Almost seems like the Catalyst isn't doing the layer 3 routing that it's supposed to?

1 Accepted Solution

Accepted Solutions

The default gateway statement does not provided routing capability. You need to create a static default route for this to happen:

ip route 0.0.0.0 0.0.0.0 164.156.24.1

However, if you are unable to ping work station to workstation that are connected to ports directly on the switch then there is another problem.

With the workstations connected are you able to ping the respective Vlan interfaces associated with these devices?

If you do a "show IP interface brief" do the VLAN interfaces indicate they are up?

Are the workstations connected to ports in the appropriate VLAN and are these interfaces up and do they have the proper default gateway (VLAN IP) configured?

All things to check at this point, and then proceed form there.

View solution in original post

15 Replies 15

chrihussey
VIP Alumni
VIP Alumni

Check the configuration....do you see "no ip routing" in the configuration? If so, then it needs to be changed to "ip routing".

When doing a show run. I don't see either listed anywhere. I just typed that command at the standard config t location, as well as getting into the interface vlans and trying it there. Did a write first, but I see nothing about routing anywhere when I do another show run.

Can you send a config and include "sh vtp status" and "sh version" output?

Here you go. I captured the session to a text file.

Edison Ortiz
Hall of Fame
Hall of Fame

CAT4507 has L3 capabilities and your config looks fine. One thing I want to see in addition to the config you posted, is the 'show ip route' command.

Are you testing the inter-vlan connection from/to a workstation at each vlan ? if so, did you verify the workstation on each vlan has a valid ip address for that vlan and the correct default gateway ?

Yes, that's correct. Testing from a laptop to laptop with IP configuration designated correctly for each subnet range. Might it matter that this is not yet on a live network and the default gateway is not yet coming into play? Eg. I don't have it connected to our firewalls yet which actually contain the default gateway as an internal address. Here's the cap of the IP route.

If you assigned the switchports to the correct VLAN, created VLANs in the switch and configured SVIs for the VLANs then it should work just fine.

Can you make sure the laptops aren't blocking ICMP traffic. If the laptop is running Windows try disabling the firewall and test.

HTH

Sundar

Not sure what you mean by SVI, but I'm not hitting the firewall yet. Just trying to go laptop to laptop through two ports on the switch. From the 21_0 laptop, I can ping the 21 vlan interface on the switch. From the 24_0 laptop, I can hit the 24 vlan on the switch. I just can't cross through them and the laptops aren't blocking ping.

SVI (switched virtual intefaces) are nothing but vlan interfaces which you already have configured on your switch as indicated by the show ip route output you posted.

Did you set the default gateway of the laptop to be the IP address of the VLAN interface you've configured on your switch? Both laptops have to use the default gateway address of their respective VLAN interfaces configured on the switch.

HTH

Sundar

The default gateway statement does not provided routing capability. You need to create a static default route for this to happen:

ip route 0.0.0.0 0.0.0.0 164.156.24.1

However, if you are unable to ping work station to workstation that are connected to ports directly on the switch then there is another problem.

With the workstations connected are you able to ping the respective Vlan interfaces associated with these devices?

If you do a "show IP interface brief" do the VLAN interfaces indicate they are up?

Are the workstations connected to ports in the appropriate VLAN and are these interfaces up and do they have the proper default gateway (VLAN IP) configured?

All things to check at this point, and then proceed form there.

OK...Thanks for everything. I have added the static route and will begin looking at these other issues. One last question though, are you saying that the interfaces themselves need to be configured with a gateway to the respective vlan IP?

The workstations need to have their default gateway be the VLAN interfaces on the 4500. This way they send any packets that are not on their local subnet to the 4500 to be routed accordingly.

Here's a sample configuration.

int vlan 210

ip add 164.156.21.1 255.255.255.128

Laptop;

ip 164.156.21.2

subnet mask: 255.255.255.128

default gateway: 164.156.21.1 --> This is the IP address of int vlan 210 configured on the switch.

HTH

Sundar

Thanks everyone. I modified the gateway on my laptops and everything started working.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco