Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

intervlan vlan 1 gateway

Hi,

question, i have setup 3 vlans on my network..

servers are configured on vlan 1...

routers are also configured on vlan 1..

problem is i cant ping vlan 1 using vlan 2 or 3 source.. but I can ping directly on vlan 1..

any idea..

Everyone's tags (5)
10 REPLIES
VIP Super Bronze

Re: intervlan vlan 1 gateway

Hi,

Can you post your config?

Also, what type of routers and switches are you using?

Vlan 1 may need a default route.

New Member

Re: intervlan vlan 1 gateway

no aaa new-model

switch 1 provision ws-c3750g-24ts

system mtu routing 1500

ip subnet-zero

ip routing

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

!

!

interface GigabitEthernet1/0/1

switchport trunk encapsulation dot1q

switchport mode trunk

switchport nonegotiate

!

interface GigabitEthernet1/0/2

!

interface GigabitEthernet1/0/3

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/4

!

interface GigabitEthernet1/0/5

!

interface GigabitEthernet1/0/11

!

interface GigabitEthernet1/0/12

!

interface GigabitEthernet1/0/13

switchport access vlan 5

spanning-tree portfast

!

interface GigabitEthernet1/0/14

switchport access vlan 3

spanning-tree portfast

!

interface GigabitEthernet1/0/15

spanning-tree portfast

!

interface Vlan1

ip address 10.0.0.2 255.255.0.0

!

interface Vlan3

ip address 10.3.0.1 255.255.0.0

!

interface Vlan4

ip address 10.4.0.1 255.255.0.0

!

interface Vlan5

ip address 10.5.0.1 255.255.0.0

ip helper-address 10.0.0.4

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.254.137

ip http server

ip http secure-server

!

!

!

control-plane

!

!

line con 0

line vty 5 15

!

end

where can i put the default route on VLAN 1

VIP Purple

intervlan vlan 1 gateway

can you show your layout please here ??

Purple

intervlan vlan 1 gateway

Hi,

you need to plug a device into your vlan access ports otherwise your vlan interface may  not be UP/UP and so your pings with the source vlans won't work.

Can you post sh ip int br | i Vlan

Regards.

Alain.

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

intervlan vlan 1 gateway

Mark June Almosara wrote:

no aaa new-model

switch 1 provision ws-c3750g-24ts

system mtu routing 1500

ip subnet-zero

ip routing

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

!

!

interface GigabitEthernet1/0/1

switchport trunk encapsulation dot1q

switchport mode trunk

switchport nonegotiate

!

interface GigabitEthernet1/0/2

!

interface GigabitEthernet1/0/3

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/4

!

interface GigabitEthernet1/0/5

!

interface GigabitEthernet1/0/11

!

interface GigabitEthernet1/0/12

!

interface GigabitEthernet1/0/13

switchport access vlan 5

spanning-tree portfast

!

interface GigabitEthernet1/0/14

switchport access vlan 3

spanning-tree portfast

!

interface GigabitEthernet1/0/15

spanning-tree portfast

!

interface Vlan1

ip address 10.0.0.2 255.255.0.0

!

interface Vlan3

ip address 10.3.0.1 255.255.0.0

!

interface Vlan4

ip address 10.4.0.1 255.255.0.0

!

interface Vlan5

ip address 10.5.0.1 255.255.0.0

ip helper-address 10.0.0.4

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.254.137

ip http server

ip http secure-server

!

!

!

control-plane

!

!

line con 0

line vty 5 15

!

end

where can i put the default route on VLAN 1


Hello ,

The default route will be pointing towards the external world , if your segment wants to talk to other subnet extrnl to segment...

Ganeshh Iyer

Cisco Employee

intervlan vlan 1 gateway

Hi Mark,

As said by Cadet, you have to make sure that all the SVI interfaces are UP. If you are not able ping even though they are up, you have to check the default gateway configured on the machine that you are trying to reach. A default route is not required here as all the three vlan's are in the same device and hence, they should be in directly connected state.

Regards,

Hari

New Member

intervlan vlan 1 gateway

yup all my SVI's are up

l

Vlan1                  10.0.0.2        YES manual up                    up

Vlan3                  10.3.0.1        YES manual up                    up

Vlan4                  10.4.0.1        YES manual up                    up

Vlan5                  10.5.0.1        YES manual up                    up

if im on vlan 1 i can ping all SVIs.. but if Im on Vlan 3-5.. i cant ping all members on vlan1..

intervlan vlan 1 gateway

Hi Mark.

You said "i cant ping all members on vlan1" , I would check couple things :-

1> Local Firewall like Windows Firewall or linux IPtables on those devices filtering ICMP.

2> Check port assignment for those for correct VLAN & switchport Mode.

Thanks

Manish

New Member

Re: intervlan vlan 1 gateway

anyway i can ping all host on VLAN 1 I set their default gateway to 10.0.0.2...

my problem now is my router connected to VLAN 1.. cant ping the router thru vlan 3-5..

U think i need to add routing table to my router or on my Firewall.. any suggestion?

here is my diagram..

          Cisco Router

                 |

                 |

          SSG 20 (firewall)

                 |

                 |

          Catalyst 3750 (L3)

Re: intervlan vlan 1 gateway

Depends upon the way you have configured your firewall. If the firewall is configured in routed mode than yes you will need default from your L3 switch to firewall , than from firewall to router. similarly you will need routes at the router & firewall to have routes for your internal network.

for example :-

router ----------------------------------------------------------- Firewall ------------------------------------------------------------------MLS ----|

192.168.10.1/30                      192.168.10.2/30           192.168.20.1/30                        192.168.20.2/30         |

                                                                                                                                                               |

                                                                                                                                                         10.10.10.0/24

                                                                                                                                                         10.10.20.0/24

MLS : default route 0.0.0.0 0.0.0.0 192.168.20.1

Firewall : Default route 0.0.0.0 0.0.0.0 192.168.10.1

              static routes 10.10.10.0/24 points to 192.168.20.2

              static routes 10.10.20.0/24 points to 192.168.20.2

Router : default 0.0.0.0 0.0.0.0 ISP-Next-Hop

             static routes 10.10.10.0/24 points to 192.168.10.2

             static routes 10.10.20.0/24 points to 192.168.10.2

If your firewall is not routed than you you can skip the routes parts on the firewall and adjust next hops as needed.

Manish

862
Views
0
Helpful
10
Replies
CreatePlease login to create content