Re: No communication b/w VLANS

athar_iqbal · ‎05-30-2008

Hi All I am having trouble with VLans on Cisco 3550. I am using this switch as standalone device. All the end points and hubs and dumb switches are connected to it. I do have a linksys router which is acting as a gateway.

Here is the configuaration

Ip routing

Fastethernet port 1 - 20 Vlan 1

Fastethernet port 21 - 24 Vlan 2

Int vlan 1

Ip address 192.168.70.2 255.255.255.0

ip access-group 101 in

ip access-group 101 out

no ip directed-broadcast

no ip redirects

int vlan 2

ip address 192.168.74.1 255.255.255.0

ip access-group 101 in

ip access-group 101 out

ip helper-address 192.168.70.255

ip helper-address 192.168.70.8

ip forward-protocol UDP 4011

no ip directed-broadcast

no ip redircts

access-list 101 permit ip 192.168.70.1 0.0.0.255 any

access-list 101 permit ip 192.168.74.1 0.0.0.255 any

network 192.168.70.1

network 192.168.74.1

ip route 0.0.0.0 0.0.0.0 192.168.70.1

I really appreciate any help.

mahmoodmkl · ‎05-30-2008

HI

Can u change u r access-list to

access-list 101 permit ip 192.168.70.0 0.0.0.255 any

access-list 101 permit ip 192.168.74.0 0.0.0.255 any

btw y r u using the access-list.

there is not need for the access-list if u just want intervlan routing.

Thanks

Mahmood

athar_iqbal · ‎05-30-2008

Sure I will apply that. I am using access list to explicitly allow communications because intervlan communication was not working. and Also I am new to Cisco so I am trying to get the best I can do

mahmoodmkl · ‎05-30-2008

Hi

Have u created the vlans.What is default-gateway for u r clients.Seeing u r config there is no need for access-list if u just intend to have intervlan routing.

Thanks

Mahmood

Thotsaphon Lueangwattanaphong · ‎05-30-2008

Hi Athar,

Hopes you already added "Switchport mode accees vlan 2" to all ports of vlan2. Did you?

Please do "sh vlan" and "sh ip route" commands.

HTH

Thot

athar_iqbal · ‎05-30-2008

Yep I did added all the port to Vlan 2 and Sh ip Route does show

192.168.74.0 C

192.168.70.0 C

athar_iqbal · ‎05-30-2008

Hi Mahmood,

All the client default gateway for Vlan 2 is 192.168.74.1 Which is the Vlan Ip address. All the clients on the Vlan 1 has the default gateway set to 192.168.70.1 which is the address of the Link sys router. Vlan address of the switch is 192.168.70.2 I have DHCP which is in Vlan 1. I am trying to get the dhcp address for all the clients in VLAN2 from Vlan 1. Microsoft DHCP server is already configured with the DHCP scope

Thotsaphon Lueangwattanaphong · ‎05-30-2008

OK that's a good explanation.

LinkSys should know about vlan2 network.

Does Linksys has "ip route 192.168.74.0/24 192.168.70.2?

One more thing : It's not a good idea to add your ACls into vlan2 if you want all vlan2 PCs to get dhcp.

It will not work unless you allow bootpc and bootps.

access-l 101 per udp any any bootpc

access-l 101 per udp any any bootps

HTH

Thot

mahmoodmkl · ‎05-30-2008

Hi

U need to have the default-gateway for u r clients in vlan 1 as the vlan ip address of the switch,becoz u have created the svi for that vlan on the switch it means it going to do intervlan routing.Under u r vlan interfaces on the switch use

ip helper-address (ip address of the dhcp server)

U cannot get the ip address from the vlanw from vlan1 as they are different broadcast domains.

Thanks

Mahmood

Wilson Samuel · ‎05-30-2008

Hi,

Have you enabled IP Routing on the switch?

Regards

athar_iqbal · ‎05-30-2008

Yep I did, I am going to test the switch on monday. for Mahmood I already switched my gateway ip and make Vlan address default gateway and I am able to get the IP from the other vlan through IP helper command. It seems to start working. I will try to enhance furthure