Routing between 2 vlans

Unanswered Question
Feb 7th, 2010

Hi,

I have problem with cisco 3560 switch i set up the network for 2 vlans 100 & 200 and i have direct internet cable to G0/3, now i need the people in vlan 100 and 200 to access the internet.

i have configured g0/3 with the following;

no switchport

ip add 192.168.12.12

and i can ping 192.168.12.2 and the internet as well

now pcs in vlan 100 and vlan 200 can't ping 192.168.12.2 nor the internet, they can only reach 192.168.12.12

i was expecting to implment NAT but it is not supported in Cisco 3560 switches

Is there any way to make pcs in vlan 100 and 200 access internet with out router.

thanks

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Sun, 02/07/2010 - 02:18

alkabeer80 wrote:

Hi,

I have problem with cisco 3560 switch i set up the network for 2 vlans 100 & 200 and i have direct internet cable to G0/3, now i need the people in vlan 100 and 200 to access the internet.

i have configured g0/3 with the following;

no switchport

ip add 192.168.12.12

and i can ping 192.168.12.2 and the internet as well

now pcs in vlan 100 and vlan 200 can't ping 192.168.12.2 nor the internet, they can only reach 192.168.12.12

i was expecting to implment NAT but it is not supported in Cisco 3560 switches

Is there any way to make pcs in vlan 100 and 200 access internet with out router.

thanks

The 3560 does not support NAT but that is not your problem.

You say from the switch you can ping 192.168.12.2 and the internet. 192.168.12.x is not routable on the internet so NAT must be happening on another device further upstream.

If you can ping 192.168.12.2 from the switch but not from clients on vlans 100 & 200 then there could be 2 issues -

1) do you have a default route on your 3560 ie.

   ip route 0.0.0.0 0.0.0.0 192.168.12.2

2) the 192.168.12.2 device will need to have routes for vlans 100 & 200 pointing back to 192.168.12.12

Jon

alkabeer80 Sun, 02/07/2010 - 06:59

Hi jon,

thanks for rapid reply i did not expect u so fast

yes i have nat controlled from ISP since this is ADSL line.

and i have configured default route on the L3 switch.

how i should do this:

the 192.168.12.2 device will need to have routes for vlans 100 & 200 pointing back to 192.168.12.12

My ISP will not accept to do anything in his premiss, can i do anything else.

Thanks.

Ganesh Hariharan Sun, 02/07/2010 - 07:27

Hi jon,

thanks for rapid reply i did not expect u so fast

yes i have nat controlled from ISP since this is ADSL line.

and i have configured default route on the L3 switch.

how i should do this:

the 192.168.12.2 device will need to have routes for vlans 100 & 200 pointing back to 192.168.12.12

My ISP will not accept to do anything in his premiss, can i do anything else.

Thanks.

Hi,

If your ISP cannot drop a reverse route towards your L3 then ask your ISP to enable pat.

HTH

Ganesh.H

Jon Marshall Sun, 02/07/2010 - 11:19

ganeshh.iyer wrote:

Hi jon,

thanks for rapid reply i did not expect u so fast

yes i have nat controlled from ISP since this is ADSL line.

and i have configured default route on the L3 switch.

how i should do this:

the 192.168.12.2 device will need to have routes for vlans 100 & 200 pointing back to 192.168.12.12

My ISP will not accept to do anything in his premiss, can i do anything else.

Thanks.

Hi,

If your ISP cannot drop a reverse route towards your L3 then ask your ISP to enable pat.

HTH

Ganesh.H

Ganesh

Not sure how this will help. Even if they enable PAT they will still need to add routes for the vlans on the 3560.

Alakabeer

If your ISP will not add any routes then unfortunately yes you would need a device that can do NAT, assuming your 3560 is directly connected into the ISP device.  Perhaps if you explained to the ISP then they might add the routes.

Jon

alkabeer80 Sun, 02/07/2010 - 23:46

Hi Ganesh,

Thanks for your reply, i guess the ISP will not accept to do NAT or PAT, i have already asked them and answer is NO.

Ganesh Hariharan Sun, 02/07/2010 - 04:16

Hi,

I have problem with cisco 3560 switch i set up the network for 2 vlans 100 & 200 and i have direct internet cable to G0/3, now i need the people in vlan 100 and 200 to access the internet.

i have configured g0/3 with the following;

no switchport

ip add 192.168.12.12

and i can ping 192.168.12.2 and the internet as well

now pcs in vlan 100 and vlan 200 can't ping 192.168.12.2 nor the internet, they can only reach 192.168.12.12

i was expecting to implment NAT but it is not supported in Cisco 3560 switches

Is there any way to make pcs in vlan 100 and 200 access internet with out router.

thanks

Hi,

Jon is right cisco 3560 does not support nat functionality except 6500 series switches and if you are able to ping from switch then natting is done some where in upstream  router or modem from where yu are getting the link just ask them to drop a reverse toute for your vlan subnet and point a default route towards the upstream router or modem in 3560 switch.

Hope to help

Ganesh.H

Actions

This Discussion