Cisco 3560 connected to Linksys WRT54G

Answered Question
Aug 8th, 2010
User Badges:

Hello All,


I have a question regarding connecting a 3560 switch I have to a Linksys WRT54G router.  Since the 3560 doesn't have NAT, what I would like to do is use the Linksys as my NAT router and then have a different subnet on my 3560 to separate it from the wireless traffic.  I'm currently a little stumped.  What I have done is:


1) Created a 192.168.2.0 subnet on the 3560 by assigning an IP to VLAN 1 of 192.168.2.10

2) The subnet on my Linksys is 192.168.1.0

3) Added the 192.168.2.0 subnet to the routing table in the Linksys router with the gateway of 192.168.1.2

4) Entered no switchport command on fa 0/3 on the 3560

5) Assigned fa 0/3 the IP address 192.168.1.2

6) Entered the IP route ex. 68.34.25.0 (ISP IP address) 255.255.255.0 192.168.1.1 (gateway of Linksys router)


I am able to ping all PCs connected to both subnets, so all traffic between the subnets seems to communicate fine.  I cannot reach the internet from the 192.168.2.0 subnet, however.  I can ping the ip address that is assigned to my Linksys router   ex. 68.34.25.20 from my 3560, but I'm still not getting internet traffic.  When I look at the routing table of my Linksys, there is an entry for the gateway 68.34.25.21, but I cannot ping that from my 3560.  Is there a way I can add an IP route directly to that address?  Any other thoughts?  Perhaps the steps I have taken so far aren't the best way to do this as is.  Thanks for any help.

Correct Answer by Nagaraja Thanthry about 6 years 8 months ago

Hello,


Please try the following setup:


LAN hosts (192.168.2.2 - 2.126/24) -- VLAN 1 (192.168.2.1/25) ---

FastEthernet 0/3 (192.168.2.129/25) --- Linksys (192.168.2.254/24)


So, essentially, from Linksys perspective, it is one single subnet (both LAN

and Wireless clients will be on 192.168.2.x) where as the 3560 sees them on

two different subnets i.e. 192.168.2.0/25 and 192.168.2.128/25.


Steps to follow:


-- On Linksys, remove 192.168.1.x subnet completely.

-- On Linksys, configure 192.168.2.x subnet for router IP, DHCP (for

Wireless)

-- On Switch, configure the Router IP as the default route (If the Router IP

on Linksys is 192.168.2.254, then "ip route 0.0.0.0 0.0.0.0 192.168.2.254"

-- Make sure that all the LAN clients have IP within 192.168.2.2 - 2.126

range and their default gateway is 192.168.2.1


If this is still not working, please post a screenshot of the Linksys

configuration page.


Regards,


NT

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (5 ratings)
Loading.
Nagaraja Thanthry Sun, 08/08/2010 - 00:59
User Badges:
  • Cisco Employee,

Hello,


Can you add default route on the 3560 and also turn on "ip routing"?


Switch(config)#ip routing

Switch(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1


Hope this helps.


Regards,


NT

Andrew Lutz Sun, 08/08/2010 - 09:47
User Badges:

Thanks for the response.  Unfortunately, that did not work.  Here is my running config:


sh running-config
Building configuration...

Current configuration : 2271 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname KC
!
enable secret 5 $1$VOzH$1Lh/3duKSu8jQAN6MshrU/


!
no aaa new-model
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
--More--                           spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
no switchport
ip address 192.168.1.14 255.255.255.0
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
--More--                           interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
--More--                           !
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface FastEthernet0/25
!
interface FastEthernet0/26
!
interface FastEthernet0/27
!
interface FastEthernet0/28
!
interface FastEthernet0/29
!
interface FastEthernet0/30
!
interface FastEthernet0/31
!
--More--                           interface FastEthernet0/32
!
interface FastEthernet0/33
!
interface FastEthernet0/34
!
interface FastEthernet0/35
!
interface FastEthernet0/36
!
interface FastEthernet0/37
!
interface FastEthernet0/38
!
interface FastEthernet0/39
!
interface FastEthernet0/40
!
interface FastEthernet0/41
!
interface FastEthernet0/42
!
interface FastEthernet0/43
--More--                           !
interface FastEthernet0/44
!
interface FastEthernet0/45
!
interface FastEthernet0/46
!
interface FastEthernet0/47
!
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
ip address 192.168.2.10 255.255.255.0
!
interface Vlan20
--More--                            no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
password
no login
line vty 5 15
password no login


end

KC#


Here is the routing table on the Linksys.  The IP address on the router is 68.94.164.39.



Routing Table Entry List
Destination LAN IPSubnet MaskGatewayHop CountInterface
192.168.2.0255.255.255.0192.168.1.140LAN & Wireless
192.168.1.0255.255.255.00.0.0.00LAN & Wireless
68.94.164.0255.255.255.00.0.0.00WAN (Internet)
0.0.0.00.0.0.068.94.164.400WAN (Internet)

Any other thoughts? Thanks.

Nagaraja Thanthry Sun, 08/08/2010 - 10:24
User Badges:
  • Cisco Employee,

Hello,


The issue seems to be with Linksys not able to NAT your internal subnet. If

possible, let us try the following (Assuming that you do not have more than

128 clients in your internal LAN and wireless networks individually):


On the switch:


ip classless


interface vlan 1

ip address 192.168.2.1 255.255.255.128

exit


interface fastethernet 0/3

ip address 192.168.2.129 255.255.255.128

ip proxy-arp

exit


no ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip route 0.0.0.0 0.0.0.0 192.168.2.254


On the Linksys:


Change the inside subnet to 192.168.2.0 with inside IP of 192.168.2.254.

Change the dhcp scope of the Linksys to 192.168.2.128/25 (starting address

of 192.168.2.129 and the last address being 192.168.2.253).


This should fix the issue.


Regards,


NT

Andrew Lutz Sun, 08/08/2010 - 11:00
User Badges:

Thanks for your reply.  Upon trying to enter the commands:


interface vlan 1

ip address 192.168.2.1 255.255.255.128

exit


interface fastethernet 0/3

ip address 192.168.2.129 255.255.255.128

ip proxy-arp

exit


I receive the message "192.168.2.0 overlaps with Vlan1" when trying to assign the ip address to fa 0/3


Also, when I change the subnet in the Linksys routing table to 192.168.2.0 with a gateway of 192.168.2.254 after changing the gateway of last resort on the 3560, it doesn't accept it in the routing table.  But perhaps that has to do with not being able to set fa 0/3.


Thanks for your help

Nagaraja Thanthry Sun, 08/08/2010 - 11:07
User Badges:
  • Cisco Employee,

Hello,


Can you please post the output of "show ip interface brief | exc unas" and

"show run interface vlan 1" commands from the switch?


Regards,


NT

Andrew Lutz Sun, 08/08/2010 - 11:33
User Badges:

I made a typo as it turns out and as you said I was able to assign what you suggested regarding vlan 1 and fa 0/3.  I still cannot make an entry in the Linksys routing table for 192.168.2.0 with a gateway 192.168.2.254.  Thanks.


KC#sh ip int brief | exc unas
Interface              IP-Address      OK? Method Status                Protocol

Vlan1                  192.168.2.1     YES manual up                    up

FastEthernet0/3        192.168.2.129   YES manual up                    up


KC#sh run int vlan 1
Building configuration...

Current configuration : 63 bytes
!
interface Vlan1
ip address 192.168.2.1 255.255.255.128
end

Jon Marshall Sun, 08/08/2010 - 11:42
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Andrew


Within the configuration web page(s) on the linsys is there anywhere you can configure NAT and if so what does it allow you to do ?


Jon

Andrew Lutz Sun, 08/08/2010 - 11:55
User Badges:

Hi Jon,


It doesn't look like there really are any choices for NAT configuration.  I'm starting to think that perhaps NAT is limited to the local subnet and that is the issue.  Thanks for your reply

Nagaraja Thanthry Sun, 08/08/2010 - 13:59
User Badges:
  • Cisco Employee,

Hello,


Are you using the Linksys device for Wireless? If you are, then when you

change the IP on the Linksys, the wireless clients will automatically get

new IP addresses in 192.168.2.128/25 range.


Hope this helps.


Regards,


NT

Nagaraja Thanthry Sun, 08/08/2010 - 11:44
User Badges:
  • Cisco Employee,

Hello,


You do not need to make any other change on the Linksys. Just change the IP address (Router IP) to 192.168.2.254 with a mask of 255.255.255.0. As shown in the picture, just change the Router IP and also change the DHCP range (192.168.2.129 should be the starting IP with number of users being 125). You do not need any route statement in the Linksys. It already knows the 192.168.2.0 subnet as being part of its internal subnet.


Hope this helps.


Regards,


NT

Attachment: 
Andrew Lutz Sun, 08/08/2010 - 11:52
User Badges:

Thanks a lot for your help.  If I change the router information and DHCP info to 192.168.2.0 subnet won't I then lose my current subnet of 192.168.1.0 that I'm using for wireless?  I think perhaps my Linksys may be the problem.  Perhaps it isn't capable of NATing for any subnet other than it's local subnet?  It is a consumer grade router.

Is the internet from linksys only , or you have another connection ? if yes go down

3560:

remove all configuration

ip routing

interface vlan 1

ip address 192.168.1.1 255.255.255.0

interface vlan 2

ip address 192.168.2.1 255.255.255.0

ip route 0.0.0.0 0.0.0.0 192.168.1.(Linksys IP)

default gateway for all users is 3560 vlans IP

,,,,,,,,

Linksys:

Just route 192.168.2.0 255.255.255.0 (3560 IP address VLAN1)

Andrew Lutz Sun, 08/08/2010 - 19:33
User Badges:

Thanks for your reply.  I did what you suggested, but unfortunately am in the same situation as before.  Both subnets can communicate with each other fine, but I cannot reach the internet from the 192.168.2.0 subnet.  You didn't mention how I should go about connecting the Linksys to the the 3560.  I currently have the 3560 connected to the router and on the 3560 the port is in switchport access mode and connected to a port in vlan 1.  Any other thoughts?  Thanks for your help.

Correct Answer
Nagaraja Thanthry Sun, 08/08/2010 - 19:53
User Badges:
  • Cisco Employee,

Hello,


Please try the following setup:


LAN hosts (192.168.2.2 - 2.126/24) -- VLAN 1 (192.168.2.1/25) ---

FastEthernet 0/3 (192.168.2.129/25) --- Linksys (192.168.2.254/24)


So, essentially, from Linksys perspective, it is one single subnet (both LAN

and Wireless clients will be on 192.168.2.x) where as the 3560 sees them on

two different subnets i.e. 192.168.2.0/25 and 192.168.2.128/25.


Steps to follow:


-- On Linksys, remove 192.168.1.x subnet completely.

-- On Linksys, configure 192.168.2.x subnet for router IP, DHCP (for

Wireless)

-- On Switch, configure the Router IP as the default route (If the Router IP

on Linksys is 192.168.2.254, then "ip route 0.0.0.0 0.0.0.0 192.168.2.254"

-- Make sure that all the LAN clients have IP within 192.168.2.2 - 2.126

range and their default gateway is 192.168.2.1


If this is still not working, please post a screenshot of the Linksys

configuration page.


Regards,


NT

Andrew Lutz Mon, 08/09/2010 - 13:19
User Badges:

Thanks for your help.  I will give it a try tonight and see.

Andrew Lutz Tue, 08/10/2010 - 09:20
User Badges:

It worked out like you suggested.  Thanks for your help, I really appreciate it.

Andrew Lutz Mon, 08/09/2010 - 13:17
User Badges:

Yes, if I ping the IP address of the Linksys from vlan 2 it does reply.  DNS is set as the IP of the Linksys too.  Thanks.

Actions

This Discussion