Can't get out from 3750 switch

Answered Question
Nov 19th, 2007
User Badges:

I have 3 Vlans - Native, 20, 30. I have one host on 20 and 30 and they can talk to each other, but they both can't access the internet. Consoled from the switch I can ping the router, both Vlans, and websites. I am using the first ethernet port to connect to another switch (trunked) which is connected to a firewall (10.2.255.2).

no service pad


service sequence-numbers


!


no aaa new-model


ip subnet-zero


ip routing


no ip domain-lookup


!


no file verify auto


spanning-tree mode pvst


spanning-tree extend system-id


!


vlan internal allocation policy ascending


!


interface GigabitEthernet1/0/1


switchport trunk encapsulation dot1q


switchport mode trunk


srr-queue bandwidth share 10 10 60 20


srr-queue bandwidth shape 10 0 0 0


queue-set 2


mls qos trust cos


macro description cisco-switch


auto qos voip trust


spanning-tree link-type point-to-point


!


interface GigabitEthernet1/0/2


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/3


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/4


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/5


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/6


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/7


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/8


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/9


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/10


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/11


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/12


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/13


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/14


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/15


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/16


switchport access vlan 20


switchport mode access


!


interface GigabitEthernet1/0/17


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/18


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/19


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/20


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/21


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/22


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/23


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/24


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/25


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/26


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/27


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/28


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/29


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/30


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/31


switchport access vlan 30


switchport mode access


!


interface GigabitEthernet1/0/32


switchport access vlan 30


switchport mode access


!


interface Vlan1


ip address 10.2.255.203 255.255.255.0


!


interface Vlan20


ip address 192.168.20.1 255.255.255.0


!


interface Vlan30


ip address 192.168.30.1 255.255.255.0


!


ip classless


ip route 0.0.0.0 0.0.0.0 10.2.255.2


ip http server


ip http secure-server


!


control-plane


!

Any help would be greatly appreciated. Thanks.


Correct Answer by allan.thomas about 9 years 8 months ago

Ensure that your Firewall has routes to 192.168.20.0/24 and 192.168.30.0/24 via 10.2.255.203.


Regards

Allan.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.
Pari Thiagasundaram Mon, 11/19/2007 - 13:04
User Badges:
  • Silver, 250 points or more

Have you configured the default gateway on the PC's?.


How does your config look like on the other switch connected to the firewall ?

meatballs90230 Mon, 11/19/2007 - 13:27
User Badges:

Yes, the PCs have the correct GW according to their subnets. As far as the other switch, it isn't configured with any Vlans other than the native one and nothing else. Basically pulled out of the box and plugged in.

Correct Answer
allan.thomas Mon, 11/19/2007 - 13:10
User Badges:
  • Blue, 1500 points or more

Ensure that your Firewall has routes to 192.168.20.0/24 and 192.168.30.0/24 via 10.2.255.203.


Regards

Allan.

Actions

This Discussion