Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Correctness check? 3560 Switch with interVLAN Routing

Hi,

I am trying to avoid using subinterfaces on my 2811 Router for the routing between my 3 VLANS (Voice, Data, Infrastructure). Would enabling ip routing on the 3560 Switch allow me to do this? Here is my proposed configuration (Can you check to make sure my static routes are configured correctly also?):

3560 switch (vlans are configured for each port and have 1 port as trunk to router):

...

ip routing

...

interface Vlan10

description Data

ip address 10.1.1.1 255.255.255.0

!

interface Vlan20

description Voice

ip address 10.1.2.1 255.255.255.0

!

interface Vlan30

description Infrastructure

ip address 10.1.3.1 255.255.255.0

!

ip route 0.0.0.0 0.0.0.0 10.1.2.2

Ony my 2811 Router:

interface FA0/0

description Connection to Switch

ip address 10.1.2.2 255.255.255.0

duplex auto

speed auto

!

ip route 10.1.0.0 255.255.255.0 10.1.2.1

Would these statements take care of the routing between VLANS and also for the connection to/from the internet? Thanks again for the critique!

4 REPLIES
Hall of Fame Super Blue

Re: Correctness check? 3560 Switch with interVLAN Routing

Hi

Change the following

ip route 10.1.0.0 255.255.255.0 10.1.2.1

to

ip route 10.1.1.0 255.255.0.0 10.1.2.1

and the rest is fine.

Edit - your port that connects to the router should not be a trunk port. It should be in vlan 20

HTH

Jon

New Member

Re: Correctness check? 3560 Switch with interVLAN Routing

Thanks Jon,

I changed the port for the router connection to :

interface FastEthernet0/24

description ***Interface to Router***

switchport access vlan 20

I am able to ping the devices in vlan 20, however am unable to ping any other devices. Never tried routing on a switch before...is there a static route that I am missing?

Re: Correctness check? 3560 Switch with interVLAN Routing

Almost correct. I assume the proposed static was a typo? Should be something like:

ip route 10.1.0.0 255.255.252.0 10.1.2.1

To enable NAT, add networks 10.1.1 - 10.1.3 to the access-list that defines what should be natted.

regards,

Leo

New Member

Re: Correctness check? 3560 Switch with interVLAN Routing

Thanks Leo! Yes, the static route is something that I am still figuring out.

If I have an IPSEC VPN tunnel to another 2811 router at a remote site with the same setup (their IP ranges are 10.2.0.0 255.255.255.0 with the same VLAN structure), would the ip route command be:

This current 2811:

ip route 10.2.0.0 255.255.255.0 10.2.2.1

Remote 2811:

ip route 10.1.0.0 255.255.255.0 10.1.2.1

Appreciate the help and thank you for the patience!

217
Views
5
Helpful
4
Replies