cisco 3560 vlan routing

Answered Question
Jul 24th, 2010

hi,

i have cisco switch 3560 with 2 different vlan

VLAN 177 and VLAN 193

vlan 177 have ip address : 100.1.0.177 255.255.255.240

vlan 193 have ip address : 100.1.0.193 255.255.255.240

Default route 0.0.0.0 0.0.0.0 100.1.0.254

i configured the router and working fine but my problem is some devices dosen't have gateway and without gateway i can't ping the devices.

Gateway for vlan 177 is : 100.1.0.190 and gateway for vlan 193 is : 100.1.0.206

Please can you look in my configuration and see if something missing.

Thanks,

My Configuration:

show run
Building configuration...

Current configuration : 3887 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CiscoL3
!
enable secret 5 ************
enable password ***********
!
username ****** privilege 15 secret 5 *************
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
--More--                           no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/2
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/3
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/4
switchport access vlan 177
--More--                            switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/5
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/6
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/7
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/8
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
--More--                           interface GigabitEthernet0/9
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/10
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/11
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/12
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/13
switchport access vlan 193
switchport mode access
--More--                            spanning-tree portfast trunk
!
interface GigabitEthernet0/14
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/15
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/16
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/17
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/18
--More--                            switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/19
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/20
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/21
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/22
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
--More--                           !
interface GigabitEthernet0/23
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/24
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/25
spanning-tree portfast trunk
!
interface GigabitEthernet0/26
spanning-tree portfast trunk
!
interface GigabitEthernet0/27
spanning-tree portfast trunk
!
interface GigabitEthernet0/28
spanning-tree portfast trunk
!
--More--                           interface Vlan1
no ip address
!
interface Vlan177
ip address 100.1.0.190 255.255.255.240
!
interface Vlan193
ip address 100.1.0.206 255.255.255.240
!
ip classless
ip route 0.0.0.0 0.0.0.0 100.1.0.254
ip http server
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
password **************
login
line vty 0 4
password *****************
--More--                            login
line vty 5 15
password ************
login
!
end

I have this problem too.
0 votes
Correct Answer by Nagaraja Thanthry about 3 years 9 months ago

Hello,

If communication between the PC's in different VLANs is the only requirement, then please do the following:

  • On all the PC's, change the mask to 255.255.255.0 instead of 255.255.255.240.
  • Leave the switch IP's as it is i.e. 100.1.0.177 255.255.255.240 and 100.1.0.193 255.255.255.240.
  • Turn on Proxy-arp on the switch interfaces

interface vlan 177

ip proxy-arp

exit

interface vlan 193

ip proxy-arp

exit

Now, you will be able to communicate between the hosts on VLAN 177 and 193. However, this will not help those PC's in going to internet.

Hope this helps.

Regards,

NT

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (1 ratings)
Reza Sharifi Sat, 07/24/2010 - 12:59

Hi,

There is an issue with your 192 subnet

100.1.0.192 255.255.255.240 the range for this subnet is from 193 to 206

Your default route is pointing to 254 which is incorrect

HTH

Reza

rabih_saleh Sat, 07/24/2010 - 13:18

hi,

yes correct the range for subnet 100.1.0.192 255.255.255.240 is : 100.1.0.193 to 100.1.0.206 [VLAN193]

and for                                     100.1.0.176 255.255.255.240 is : 100.1.0.177 to 100.1.0.190 [VLAN177]

but i didn't get you where is the problem ? and what about default route ?

the pc1 have this ip: 100.1.0.177 255.255.255.240 gateway 100.1.0.190 can ping pc2 have ip : 100.1.0.193 255.255.255.240 gateway 100.1.0.206

my problem is i don't know if the fefault router correct because i have devices connected to my network dosen't have gateway [and i can't ping the device] and some pc's have 2 ethernet card each one connected to different network and have different gateway if i enable the ethernet card 1 the second ethernet can't ping the second network !

how to configure vlan on 3560 without putting gateway on the pc's with the existing ip's.

and thanks for your help

Regards,

Reza Sharifi Sat, 07/24/2010 - 13:30

Hi,

In your config, you have below statement that basically says to get to any destination go to 100.1.0.254, which should be the next hop ip address in the same subnet as 100.1.0.192.  The last useable IP in this range is 206 which you have assigned to your vlan (100.1.0.206) with a mask of 255.255.255.240

so, as you can see 100.1.0.254 does not fall in 192 range.

Default route 0.0.0.0 0.0.0.0 100.1.0.254

What is the IP address of the service provide you need to point to?

HTH

Reza

rabih_saleh Sat, 07/24/2010 - 21:34

Many thanks for your support.

i have 2 departments each department on different subnet, the department A have ip range from 100.1.0.193 to 100.1.0.206 255.255.255.240 and the second department have ip range from 100.1.0.177 to 100.1.0.190 255.255.255.240 just i want to do vlan and route between 2 departments and i don't want to put gateway in the pc's [if possible] because i have devices doesn't have facility to put gateway ip address.

please your help.

Thanks

ch_sajid_hussain Sun, 07/25/2010 - 01:10

in this case where you want only connectivity bewtween two subnet, add route in cisco 3560 for both network

for example in your case add this route

ip route 100.1.0.192 255.255.255.240 100.1.0.176

response plz if you got the solution

rabih_saleh Sun, 07/25/2010 - 01:26

hi,

i can ping group B from Group A and from Group A i can ping Group B

Group A [pc have this ip]

ip 100.1.0.177 255.255.255.240 gateway 100.1.0.190

Group B [pc have this ip]

ip 100.1.0.193 255.255.255.240 gateway 100.1.0.206

but if i remove the gateway from pc on group A i can't ping the pc on group B, why i'm testing like this because i have devices doesn't have gateway.

Thanks for your help

my configuration now is :

show run
Building configuration...

Current configuration : 3887 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CiscoL3
!
enable secret 5 ************
enable password ***********
!
username ****** privilege 15 secret 5 *************
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
--More--                           no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/2
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/3
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/4
switchport access vlan 177
--More--                            switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/5
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/6
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/7
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/8
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
--More--                           interface GigabitEthernet0/9
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/10
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/11
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/12
switchport access vlan 177
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/13
switchport access vlan 193
switchport mode access
--More--                            spanning-tree portfast trunk
!
interface GigabitEthernet0/14
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/15
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/16
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/17
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/18
--More--                            switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/19
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/20
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/21
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/22
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
--More--                           !
interface GigabitEthernet0/23
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/24
switchport access vlan 193
switchport mode access
spanning-tree portfast trunk
!
interface GigabitEthernet0/25
spanning-tree portfast trunk
!
interface GigabitEthernet0/26
spanning-tree portfast trunk
!
interface GigabitEthernet0/27
spanning-tree portfast trunk
!
interface GigabitEthernet0/28
spanning-tree portfast trunk
!
--More--                           interface Vlan1
no ip address
!
interface Vlan177
ip address 100.1.0.190 255.255.255.240
!
interface Vlan193
ip address 100.1.0.206 255.255.255.240
!
ip classless
ip route 100.1.0.192 255.255.255.240 100.1.0.176
ip http server
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
password **************
login
line vty 0 4
password *****************
--More--                            login
line vty 5 15
password ************
login
!
end

rabih_saleh Sun, 07/25/2010 - 07:01

i change the ip's and working fine

OLD IPS:

Vlan 177 : 100.1.0.177 to 100.1.0.190 255.255.255.240

Vlan 193 : 100.1.0.193 to 100.1.0.206 255.255.255.240

i changed the ips to :

NEW IPS:

Vlan 177 : 10.162.177.254 255.255.255.0

Vlan 193 : 10.162.193.254 255.255.255.0

and without any route.

All devices and pcs working fine without gateway.

My Question is: when i'm using the old ip's is not working fine i can't ping the devices which doesn't have gateway, but my problem i have to use the old ip's.

Please help.

Correct Answer
Nagaraja Thanthry Sun, 07/25/2010 - 09:55

Hello,

If communication between the PC's in different VLANs is the only requirement, then please do the following:

  • On all the PC's, change the mask to 255.255.255.0 instead of 255.255.255.240.
  • Leave the switch IP's as it is i.e. 100.1.0.177 255.255.255.240 and 100.1.0.193 255.255.255.240.
  • Turn on Proxy-arp on the switch interfaces

interface vlan 177

ip proxy-arp

exit

interface vlan 193

ip proxy-arp

exit

Now, you will be able to communicate between the hosts on VLAN 177 and 193. However, this will not help those PC's in going to internet.

Hope this helps.

Regards,

NT

rabih_saleh Sun, 07/25/2010 - 11:00

Dear Mr. Nagaraja,

waaawwwwwww many many many many thanks , really you are professional my problem solved .

Thanks and many thanks for you.

My best regards,

Rabih

Actions

Login or Register to take actions

This Discussion

Posted July 24, 2010 at 12:37 PM
Stats:
Replies:9 Avg. Rating:5
Views:2577 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard

Rank Username Points
1 15,007
2 8,155
3 7,730
4 7,083
5 6,742
Rank Username Points
140
72
69
65
45