06-15-2010 11:36 AM - edited 03-04-2019 08:47 AM
PROBLEM:
I have a switch and router hooked up via ethernet and would like to create 4 vlans that go to different ip addresses. Ports 1-8 of the switch are trunk ports. I have configured the router and switch but cannot to get any of them to ping. The dsl modem has 4 ports and ethernet will be connected to the port 1 of the modem to access the internet. Can u please tell me what I'm doing wrong??
hostname lab
!
no logging console
!
ip subnet-zero
no ip domain-lookup
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/5
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/8
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/9
switchport access vlan 100
!
interface FastEthernet0/10
switchport access vlan 100
!
interface FastEthernet0/11
switchport access vlan 100
!
interface FastEthernet0/12
switchport access vlan 100
!
interface FastEthernet0/13
switchport access vlan 100
!
interface FastEthernet0/14
switchport access vlan 100
!
interface FastEthernet0/15
switchport access vlan 100
!
interface FastEthernet0/16
switchport access vlan 100
!
interface FastEthernet0/17
switchport access vlan 101
!
interface FastEthernet0/18
switchport access vlan 101
!
interface FastEthernet0/19
switchport access vlan 101
!
interface FastEthernet0/20
switchport access vlan 101
!
interface FastEthernet0/21
switchport access vlan 101
!
interface FastEthernet0/22
switchport access vlan 101
!
interface FastEthernet0/23
switchport access vlan 101
!
interface FastEthernet0/24
switchport access vlan 101
!
interface FastEthernet0/25
switchport access vlan 102
!
interface FastEthernet0/26
switchport access vlan 102
!
interface FastEthernet0/27
switchport access vlan 102
!
interface FastEthernet0/28
switchport access vlan 102
!
interface FastEthernet0/29
switchport access vlan 102
!
interface FastEthernet0/30
switchport access vlan 102
!
interface FastEthernet0/31
switchport access vlan 102
!
interface FastEthernet0/32
switchport access vlan 102
!
interface FastEthernet0/33
switchport access vlan 102
!
interface FastEthernet0/34
switchport access vlan 102
!
interface FastEthernet0/35
switchport access vlan 102
!
interface FastEthernet0/36
switchport access vlan 102
!
interface FastEthernet0/37
switchport access vlan 103
!
interface FastEthernet0/38
switchport access vlan 103
!
interface FastEthernet0/39
switchport access vlan 103
!
interface FastEthernet0/40
switchport access vlan 103
!
interface FastEthernet0/41
switchport access vlan 103
!
interface FastEthernet0/42
switchport access vlan 103
!
interface FastEthernet0/43
switchport access vlan 103
!
interface FastEthernet0/44
switchport access vlan 103
!
interface FastEthernet0/45
!
interface FastEthernet0/46
!
interface FastEthernet0/47
!
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface VLAN1
no ip directed-broadcast
no ip route-cache
!
interface VLAN10
no ip directed-broadcast
no ip route-cache
shutdown
!
interface VLAN100
ip address 10.100.0.50 255.255.0.0
no ip directed-broadcast
no ip route-cache
shutdown
!
interface VLAN101
ip address 10.101.0.50 255.255.0.0
no ip directed-broadcast
no ip route-cache
shutdown
!
interface VLAN102
ip address 172.100.0.50 255.255.0.0
no ip directed-broadcast
no ip route-cache
shutdown
!
interface VLAN103
ip address 172.101.0.50 255.255.0.0
no ip directed-broadcast
no ip route-cache
shutdown
!
!
line con 0
transport input none
stopbits 1
line vty 0 4
login
line vty 5 15
login
!
End
hostname HQLAB_R1
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.100.0.1 10.100.0.10
ip dhcp excluded-address 10.101.0.1 10.101.0.10
ip dhcp excluded-address 172.101.0.1 172.101.0.10
ip dhcp excluded-address 172.100.0.1 172.100.0.10
!
ip dhcp pool 10.100.0.1
network 10.100.0.0 255.255.0.0
default-router 10.100.0.1
dns-server 10.100.0.1
!
ip dhcp pool 10.101.0.0
network 10.101.0.0 255.255.0.0
default-router 10.101.0.1
dns-server 10.101.0.1
!
ip dhcp pool 172.101.0.0
network 172.101.0.0 255.255.0.0
default-router 172.101.0.1
dns-server 172.101.0.1
!
ip dhcp pool 172.100.0.0
network 172.100.0.0 255.255.0.0
default-router 172.100.0.1
dns-server 172.100.0.1
!
!
no ip domain lookup
ip multicast-routing
!
interface Ethernet0/0
ip address 192.168.15.100 255.255.255.0
ip nat outside
half-duplex
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip address 10.100.0.1 255.255.0.0
ip nat inside
!
interface FastEthernet0/0.101
encapsulation dot1Q 101
ip address 10.101.0.1 255.255.0.0
ip nat inside
!
interface FastEthernet0/0.102
encapsulation dot1Q 102
ip address 172.100.0.1 255.255.0.0
ip nat inside
!
interface FastEthernet0/0.103
encapsulation dot1Q 103
ip address 172.101.0.1 255.255.0.0
ip nat inside
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.15.1
!
no ip http server
no ip http secure-server
ip nat inside source list NAT interface Ethernet0/0 overload
!
ip access-list extended NAT
permit ip 10.100.0.0 0.0.255.255 any
permit ip 10.101.0.0 0.0.255.255 any
permit ip 172.101.0.0 0.0.255.255 any
permit ip 172.100.0.0 0.0.255.255 any
!
!
control-plane
!
line con 0
stopbits 1
line aux 0
line vty 0 4
login
line vty 5 15
login
!
end
06-15-2010 11:42 AM
Have you configured the vlans in the vlan database on the switch? For example in global config mode:
vlan 100
vlan 101
vlan 102
vlan 103
If you execute a 'show vlan' are these vlans in the output?
Chris
06-15-2010 11:49 AM
I did a show vlan and got
what i configured on the switch:
Port 1-8: For Trunking
Port 9-16: For VLAN 100
Port 17-24: For VLAN 101
Port 25-36: For VLAN 102
Port 37-44: For VLAN 103
status is active, also when I no shutdown on the vlan interfaces it won't work, it keeps going back to shutdown (??)
06-15-2010 11:52 AM
What kind of switch? It sounds like a L2.
06-15-2010 12:00 PM
its a catalyst 3500 xl, the router is a 1700
gerry
06-15-2010 12:10 PM
That's a L2 switch. The only thing you can do is create your L2 vlans and
trunk the port that you want to connect your router to. The L2 will only
have one active vlan for management. You'll use your router to route
between vlans. You'll need to create your vlans on the router to, but it
depends on what router you have as to how many vlans you can create. Do a
sh vlan-switch on your router to see what vlans it has.
John
06-15-2010 12:20 PM
I did a show vlan-switch on the router but none of the vlans I configured are showing up
(100,101,102,103). its showing vlan 1, 1002,1003,etc. ???
gerry
06-15-2010 12:55 PM
You'll need to create your vlans. From the router# prompt, type "vlan database" and hit enter. Then create your vlans by doing vlan 100
HTH,
John
06-15-2010 01:07 PM
Oh, I misread your last post. You have a 1700.
I noticed that your FA0/0 is shut. You'll need to unshut that to enable your other subinterfaces to come up, but you don't have to create vlans on that router...in fact, you can't.
John
06-15-2010 01:52 PM
what I meant was I created subinterfaces that will link to vlans on the switch.
However, I still cannot get a connection. I suppose I need to configure a default gateway on the switch to route but the ip addressing is what I am not sure of.
06-15-2010 01:59 PM
Gerry,
Did you unshut your interface on your router?
int fa0/0
no shut
06-15-2010 11:48 AM
In addition to what Christopher asked, your vlan interfaces are shut on the switch. You'll need to open those before anything will pass. You also need to enable ip routing by using the "ip routing" command.
HTH,
John
06-15-2010 12:13 PM
ok I shut down vlan1 since only one vlan can be active at a time. Then did a no shutdown on vlan100 to bring the status up. Tried pinging the gateway but no luck. Any ideas would be greatly appreciated!!
06-15-2010 01:18 PM
Hi Gerry,
As John mentioned you would want the router to route between vlans since you have a layer 2 switch.
You can follow this example for router on a stick configuration.
Tim
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: