04-16-2010 12:34 PM - edited 03-06-2019 10:39 AM
Hi all,
I have home newtorl of 2 routes 3 layer 2 and 1 layer 3 switch.
Right now they all are in 1 network --means same subnet.
how can i create different subnets and make inter vlan routing any ideas
thanks
mahesh
Solved! Go to Solution.
04-18-2010 01:17 PM
Hi Jon,
Thanks for reply.
so right no i am doing 1 step at time as below
i connected my layer 3 switch with router
3550SMI#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.5.1 to network 0.0.0.0
C 192.168.30.0/24 is directly connected, Vlan30
C 192.168.10.0/24 is directly connected, Vlan10
C 192.168.20.0/24 is directly connected, Vlan20
192.168.5.0/30 is subnetted, 1 subnets
C 192.168.5.0 is directly connected, FastEthernet0/11
S* 0.0.0.0/0 [1/0] via 192.168.5.1
3550SMI#sh run int fa0/11
Building configuration...
Current configuration : 166 bytes
!
interface FastEthernet0/11
description Lan connection to 2650XM Router
no switchport
ip address 192.168.5.2 255.255.255.252
spanning-tree bpduguard enable
end
i am able to ping the router ip as below but can not ping the internet and also not getting ip address from layer 3 switch
3550SMI#ping 192.168.5.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
3550SMI#ping 4.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
3550SMI#
DHCP config
ip routing
ip dhcp excluded-address 192.168.10.1
ip dhcp excluded-address 192.168.20.1
ip dhcp excluded-address 192.168.30.1
ip dhcp excluded-address 192.168.5.2
ip dhcp excluded-address 192.168.5.1
!
ip dhcp pool Cisco
import all
network 192.168.1.0 255.255.255.0
!
!
thanks
mahesh
04-18-2010 01:20 PM
Hi jon
here is router config
2650xm#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
192.168.5.0/30 is subnetted, 1 subnets
C 192.168.5.0 is directly connected, FastEthernet1/0
2650xm#ping 192.168.5.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
2650xm#ping 192.168.5.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
2650xm#
04-18-2010 01:31 PM
mahesh18 wrote:
3550SMI#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static routeGateway of last resort is 192.168.5.1 to network 0.0.0.0
C 192.168.30.0/24 is directly connected, Vlan30
C 192.168.10.0/24 is directly connected, Vlan10
C 192.168.20.0/24 is directly connected, Vlan20
192.168.5.0/30 is subnetted, 1 subnets
C 192.168.5.0 is directly connected, FastEthernet0/11
S* 0.0.0.0/0 [1/0] via 192.168.5.13550SMI#sh run int fa0/11
Building configuration...Current configuration : 166 bytes
!
interface FastEthernet0/11
description Lan connection to 2650XM Router
no switchport
ip address 192.168.5.2 255.255.255.252
spanning-tree bpduguard enable
endi am able to ping the router ip as below but can not ping the internet and also not getting ip address from layer 3 switch
3550SMI#ping 192.168.5.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
3550SMI#ping 4.2.2.2Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
3550SMI#
Mahesh
You will need to make sure the router is setup correctly. You will need to setup NAT on the router for your private addressing. Also you need a default-route on your router pointing to the next-hop for the internet. Can you ping an internet address from the router ?
Jon
04-18-2010 01:48 PM
Ho jon
'
fro router i can ping the internet
2650xm#ping 4.2.2.2****************************************************************************ping to internet IP
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/49/52 ms
2650xm#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
S 192.168.30.0/24 [1/0] via 192.168.5.2
S 192.168.10.0/24 [1/0] via 192.168.5.2
S 192.168.20.0/24 [1/0] via 192.168.5.2
192.168.5.0/30 is subnetted, 1 subnets
C 192.168.5.0 is directly connected, FastEthernet1/0
2650xm#'
problem is
1> from switch no ping to internet
3550SMI#ping 4.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
3550SMI#ping 192.168.5.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
3550SMI#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.5.1 to network 0.0.0.0
C 192.168.30.0/24 is directly connected, Vlan30
C 192.168.10.0/24 is directly connected, Vlan10
C 192.168.20.0/24 is directly connected, Vlan20
192.168.5.0/30 is subnetted, 1 subnets
C 192.168.5.0 is directly connected, FastEthernet0/11
S* 0.0.0.0/0 [1/0] via 192.168.5.1
3550SMI#
2>>>>>>>from layer 3 switch no ip is assigned to PC so not working as dhcp
here is nat on router config
interface FastEthernet0/0
description WAN Connection to ISP modem
ip address dhcp
ip access-group 102 in
no ip redirects
ip accounting output-packets
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface FastEthernet1/0
ip address 192.168.5.1 255.255.255.252
ip access-group 103 out
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
ip nat inside source list 101 interface FastEthernet0/0 overload
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 deny icmp any any echo log
access-list 102 permit ip any any
!
Let me know how we can solve these 2 issues for time being
many thanks jon
04-18-2010 02:14 PM
Mahesh
You only have one DHCP pool configured on the 3550 switch -
ip dhcp pool Cisco
import all
network 192.168.1.0 255.255.255.0
!
you need one for each vlan subnet so you will need a pool for -
192.168.10.0/24
192.168.20.0/24
192.168.30.0/24
also you don't need this -
ip dhcp excluded-address 192.168.5.2
ip dhcp excluded-address 192.168.5.1
because you are not handing out any IPs from the 192.168.5.0 pool.
In addition for each pool you need to add a default router so your config should look like -
ip dhcp pool vlan10
import all
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
ip dhcp pool vlan20
import all
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
and one for vlan 30 as well.
If you are not allocating any end devices eg. PCs etc. into vlan 1 then you don't need the Cisco DHCP pool. You only need pools for the vlans you are allocating end devices into.
Your NAT -
You currently have this -
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
you will need to add extra lines for each new address range eg.
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 101 permit ip 192.168.5.0 0.0.0.3 any
access-list 101 permit ip 192.168.10.0 0.0.0.255 any
etc..
Jon
04-18-2010 03:04 PM
Hi Jon,
thanks for great reply
i did exactly as you mentioned for ip dhcp pool for 3 vlans
but for access -list i did 192.168.0.0 0.0.255.255
after this i am able to ping the internet from switch and pc but not able to open web sites.
many thanks
mahesh
04-18-2010 04:24 PM
Hi Jon,
I am able to ping internet sites from switch router and pc but unable to open internet sites.
also when i do ipconfig /all on pc it do not show ip address
from switch and router i am able to ping the internet sites with www.yahoo.com but not from pc.
i also try to add the isp dns servers with command
ip name server in switch still same thing?
any thoughts
mahesh
04-18-2010 09:02 PM
Hi Jon,
Now internet is working fine on all pcs.I can access the websites.
this is what is did under each Vlan 10,20, and 30 in layer 3 switch i add the command
dns-server 64.59.135.143
Now when i do ipconfig on pc i see DNS server as 64.59.135.143.
Many Many thanks for all your help during this all work.
I learned lot of stuff from you still lot to learn!!.
Best regards
Mahesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide