cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1245
Views
0
Helpful
9
Replies

Problem Inter Vlan routing with L3

ciscoibtcmis
Level 1
Level 1

Dear friends,

  I would like to share my Network diagram with you. I have seven WS-C2960-24TT-L switches and oneWS-C3560G-24TS. I would like to create the VLans for 12 Department. and I have Firewall also. We are using Micorsoft Exchange server, DHCP, DNS and Active Directory. So I would like to create the VLANs for server network. But I would get the ip address for different Vlan from DHCP server.How should l configure in Layer 3 switch. and Is there any problem with Microsoft DNS server to update DHCP IP and DNS name? I would like to get the advice from you for best design..Really thanks if you help me about it..if you would like to get Network Diagram. I am welcome to give you.My main purpose..I would like to get the sutiable and best network design for my Network...

3 Accepted Solutions

Accepted Solutions

  No you should not need to put an address on port 24 ,  it is assigned to vlan 1 so that should suffice .   You say you cant get to the internet  .  I assume there is a FW between you and the internet does that device have routes in its table for all the vlans you created that you want to get to the internet .  It needs a path back into the 3560 to be routed correctly. 

View solution in original post

glen.grant
VIP Alumni
VIP Alumni

   You would have to check the FW to see if ping response is even allowed , in most cases FW's block ping .

View solution in original post

glen.grant
VIP Alumni
VIP Alumni

  you probably have a default static pointing to FW for your internet .  Unless the FW has a route pointing back it has no idea what to do with the packets for those subnets coming back .

View solution in original post

9 Replies 9

ciscoibtcmis
Level 1
Level 1

Now I am facing one problem. I can connect between different vlans but except vlan 1 , other vlans can't go to Internet..I use Firewall upon the Layaer 3 switch. How can I troubleshoot it? Pls....

!

ciscoibtcmis
Level 1
Level 1

Hello..Pls help me...above is my Layer 3 switch configuration,...Do i need to give the ip address at uplink port in layer 3 switch? ...I connect port 24 (layer3) to firewall..Do I need to give ip address for this port?

  No you should not need to put an address on port 24 ,  it is assigned to vlan 1 so that should suffice .   You say you cant get to the internet  .  I assume there is a FW between you and the internet does that device have routes in its table for all the vlans you created that you want to get to the internet .  It needs a path back into the 3560 to be routed correctly. 

Thanks you so much for your reply and solution. You mean I need to write the static route or rip at routing table of Firewall for each vlan. Yes I will also try as your advice.Next one problem..Even I can't ping to firewall IP address from other Vlans...only Vlan 1 can ping to Firewall IP address...I have attached my current Network Diagram. Please check it and can you tell me if I am wrong anything in configuration...Really thanks for your hlep..coz..I am facing problem about it..

glen.grant
VIP Alumni
VIP Alumni

   You would have to check the FW to see if ping response is even allowed , in most cases FW's block ping .

!

glen.grant
VIP Alumni
VIP Alumni

  you probably have a default static pointing to FW for your internet .  Unless the FW has a route pointing back it has no idea what to do with the packets for those subnets coming back .

Yes..I have default staic point to FW for Internet..For the packets from Vlan subnets, we need to wirte the static route for coming back the packets. Is it?

http://www.cisco.com/en/US/tech/tk389/tk815/technologies_configuration_example09186a008015f17a.shtml

In above example at cisco website, It don't show anything to configure at router..I don't know why.;..

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: