cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
940
Views
0
Helpful
3
Replies

Basic VLan routing on 861-W

thomasmcleod
Level 1
Level 1

Hello,

I have a new 861-W, whose WAN port on 65.19.88.211/27 is connected to the LAN side of an 831 on 65.19.88.193/27. I setup static ip 207.136.203.109/30 on VLan2 on the 861-W and assigned port FA3 to VLan2. I connected a notebook to FA3 with static ip 207.136.203.110/30. I'm just trying to ping from the notebook to the 831, but can't (I can ping to 65.19.88.211). This shouldn't be rocket science. Here' the config:

pa-router#sh running-conf

Building configuration...

Current configuration : 1433 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname pa-router

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

!

no aaa new-model

!

!

no ip source-route

!

!

ip cef

!

!

!

!

username Thomas privilege 15 secret 5 $1$nJ10$jwjN8ByuuJYvRjfd8EIRo0

!

!

!

archive

log config

hidekeys

!

!

!

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

switchport access vlan 2

no cdp enable

!

interface FastEthernet4

ip address 65.19.88.211 255.255.255.224

ip access-group WAN_IN in

ip access-group WAN_OUT out

duplex auto

speed auto

!

interface wlan-ap0

description Service module interface to manage the embedded AP

no ip address

shutdown

arp timeout 0

!

interface Wlan-GigabitEthernet0

description Internal switch interface connecting to the embedded AP

!

interface Vlan1

no ip address

!

interface Vlan2

ip address 207.136.203.109 255.255.255.252

!

interface Vlan3

no ip address

!

ip default-network 0.0.0.0

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 65.19.88.193 permanent

no ip http server

no ip http secure-server

!

!

no cdp run

!

control-plane

!

!

line con 0

no modem enable

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

line vty 0 4

password xxxxxxxx

login

!

scheduler max-task-time 5000

end

1 Accepted Solution

Accepted Solutions

lamav
Level 8
Level 8

Hi:

1) Why the access group commands on the WAN interface with no ACLs configured?

2. Get rid of the default network command.

3.) Does the 831 have a route back to your VLAN?

HTH

Victor

View solution in original post

3 Replies 3

lamav
Level 8
Level 8

Hi:

1) Why the access group commands on the WAN interface with no ACLs configured?

2. Get rid of the default network command.

3.) Does the 831 have a route back to your VLAN?

HTH

Victor

Victor, you're the man.

I thought I could ping off the 831 LAN interface without setting up an internal route. In other words, I assumed the 831 would know to send the ICMP packet back the same way it came.

Thomas

LOL..you're welcome. Glad it worked and thanks for the rating...

Victor

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco