Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VLAN inquiry

hello anyone who could assist me. I have attached my diagram and configurations as well. Just want to know if I did correct configurations for my devices? If yes, how come my colleagues who is handling the FW can not see R1(10.20.25.66) he can see VLAN2(10.20.25.65) and i can ping from the SW R1? Is there any wrong with my configurations? thanks

11 REPLIES
New Member

Re: VLAN inquiry

sorry i forgot the attachment.

Bronze

Re: VLAN inquiry

Hi Korbenda,

It looks like you don't have any routes on R1.

Try adding:

ip route 10.20.25.60 255.255.255.252 10.20.25.65

Unless this firewall is your link to the internet, in which case it should be

ip route 0.0.0.0 0.0.0.0 10.20.25.65

Hope that helps.

Please rate any posts you find useful.

New Member

Re: VLAN inquiry

hi,

I was able to ping R1 from the sw but not from the FW, and why is it ip route 10.20.25.60 255.255.255.252 10.20.25.65? R1 is part of the VLAN.

Is my configurations on SW, R1 and S1 are correct? if yes, what route are missing? thanks!

bh
New Member

Re: VLAN inquiry

HI,

From the diagram i see that you have link between your FW and SW with ip address 10.20.25.61 and 10.20.25.62

You have your VLAN configured with 10.20.25.65 255.255.255.248

so which means you have two differen subnet

so i thing you required route in the router for 10.20.25.61 (10.20.25.56/21)

and you also need back route on the FW for 10.20.25.64/21

H2H

Bhargav

New Member

Re: VLAN inquiry

Hi Bhargav,

Are my configurations correct for the SW, R1 and S1? so you are saying that it just a routing issue? Do I need to configure routing to the SW?

bh
New Member

Re: VLAN inquiry

Hi,

sorry to be late to answer ur question.

yes you need to put specific route at ROUTER and at FIREWALL

as both the devices are unaware of each other's network.

Switch is aware of both network. so no need to put route in the switch.

H2H

Bhargav

(rate if u find it helpful)

Bronze

Re: VLAN inquiry

Hi Korbenda,

As I said - you need routes on the router - else how does it know where to go to get to your firewall?

Add the following to R1:

ip route 10.20.25.60 255.255.255.252 10.20.25.65

The Firewall will also need a route into the network if it hasn't already - please copy the routing table here (Sanitise any public IP addresses) and we can have a look for you.

Nick

New Member

Re: VLAN inquiry

Hi, i have already add the route you mentioned and from FW it can already see the router. Now, the admin told me to add another route to the router so that I can access it from the internet. Do I need to add another route? is it 0.0.0.0 0.0.0.0 10.20.25.65, thanks!

bh
New Member

Re: VLAN inquiry

yes

as earlier you have put specific route then you have to put the default route and after putting the default route you can remove the specific route as both are pointing towards the same 10.20.25.65

H2H

Bhargav

Hall of Fame Super Blue

Re: VLAN inquiry

Could you post diagram as a .jpg/.png

New Member

Re: VLAN inquiry

re attaching the diagram in doc. format

138
Views
0
Helpful
11
Replies