Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Facing intervlan routing problem.

We have the n/w of 10.70.0.0/16 at place 'A' and having n/w of 172.16.30.0/24 at place 'B'. we have move some PCs from place 'B' to place 'A', the IP of the shifted PC would remain unchanged i.e. 172.16.30.x/24. I have created VLAN for 172.16.30.x/24 on sperate Cisco 3560G switch which is connected to firewall's trust ethernet and the friewall's untrust ethernet is connected to core switch (Ciso 4503) on which all vlans for 10.70.0.0/16 are configured.Problem is that I am able to ping all the pcs with 10.70.0.0/16 n/w from and to the pc wchich is in the 172.16.30.x/24 which is shifted from place 'B' but I am not able to ping the PC with the IP 172.16.30.x /24 at place 'B'.

4 REPLIES
Silver

Re: Facing intervlan routing problem.

If you ping the same subnet IP (i.e. 172.16.30.x/24), it will ping it locally at place "A". But however, the PC is located at place "B", it does not work.

There are two workaroud.

1) Change the shifed PC to 10.70.0.x/16 or other subnet and change the firewall, router, gateway address too;

2) To separate the 172.16.30.x/24 to two /25 subnet that place "B" use the 172.16.30.0/25 and place "A" use the 172.16.30.128/25.

I prefer to use option 1, please advise the reason to not changet the IP ? The effort to change the IP is much lower than troubleshoot this problem or assign new IP subnet in equipment.

Hope this helps.

New Member

Re: Facing intervlan routing problem.

Reason for not to change the IP is that we bought the softwares linceses which is bonded to perticulerly that IPs.

Bronze

Re: Facing intervlan routing problem.

Hi

Few things need to be check

1) Do a traceroute from 172.16.30.0/24 from 10.70.0.0/16, check where exactly stuck, put forwarding route

2) You need to create policy from Trust to untrust ( indsie to outside),normally by default it is allow but still you check that things.

i hope this will solve your problem ,please rate this post

New Member

Re: Facing intervlan routing problem.

I have created trust to untrust and untrus to trust policies on firewall, so that I am able to ping from 172.16.30.x at palce 'A' to 10.70.0.x n/w and from 10.70.0.x n/w to 172.16.30.x at palce 'A'. Even I am able to ping 172.16.30.x at palce 'B' from 10.70.0.x n/w.

When I traceroute from 172.16.30.x at palce 'A' I am not even going out from the switch which on the 172.16.30.x at palce 'A' is connected.

200
Views
0
Helpful
4
Replies