Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
274
Views
0
Helpful
4
Replies

Routing issue

Anand Narayana
Level 6
Level 6

‎04-05-2006 01:41 PM - edited ‎03-03-2019 02:40 AM

please find the file attached

Labels:
Preview file
3 KB
0 Helpful
4 Replies 4

Harold Ritter
Cisco Employee
Cisco Employee

‎04-05-2006 02:12 PM

Anand,

I do not think the issue is ACL related.

Did you configure static(s) route(s) on the Linux machine used as a router to reach the IP subnets configured on VLAN 2, 5, 199 and 200.

Hope this helps

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Anand Narayana
Level 6
Level 6
In response to Harold Ritter

‎04-05-2006 09:40 PM

sorry hritter, my earlier question little bit wrong, here is the exact.

find the configuration below

interface Vlan199

ip address 192.168.3.251 255.255.255.0

ip access-group 101 in

ip access-group 103 out

interface Vlan200

ip address 192.168.2.251 255.255.255.0

ip access-group 102 in

ip access-group 104 out

interface Vlan2

ip address 10.2.1.251 255.255.255.0

interface vlan5

ip address 10.2.9.251 255.255.255.0

interface vlan6

ip address 10.2.10.251 255.255.255.0

i have put an access list

access-list 101 permit ip 192.168.3.0 0.0.0.255 10.2.9.0 0.0.0.255

access-list 101 permit ip 192.168.3.0 0.0.0.255 10.2.1.0 0.0.0.255

access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.16.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 10.2.9.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 10.2.1.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 192.168.16.0 0.0.0.255

access-list 103 permit ip 10.2.9.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 103 permit ip 10.2.1.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 103 permit ip 192.168.3.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 103 permit ip 192.168.2.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 103 permit ip 192.168.16.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 104 permit ip 10.2.9.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 104 permit ip 10.2.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 104 permit ip 192.168.2.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 104 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 104 permit ip 192.168.16.0 0.0.0.255 192.168.2.0 0.0.0.255

now except vlan6, all the remaining vlan's can able to speak to vlan199 & vlan200, 192.168.16.x is residing on the otherside of the vlan200. i.e 1 NIC ip is 192.168.2.1/24 & other NIC is 192.168.16.1/24, 192.168.16.1 is connected to 192.168.16.2 via cross cable, i made 192.168.16.1 as router(linux)default gateway in this pc is 192.168.2.251, i had put "ip route 192.168.16.0 255.255.255.0 192.168.2.1" on the switch, actually 192.168.16.2 should ping others networks also(valn199,200,2,5), but it is not pining, also it is not pinging vice versa, what could be the problem, is my access-list is correct or do i need to make changes in that? this is very urgent as i failed on my 1st attempt.

Note:192.168.16.2 can ping up to 192.168.2.1 & not beyond that.

0 Helpful

pkhatri
Level 11
Level 11
In response to Anand Narayana

‎04-06-2006 02:12 AM

Can you change ACLs 102 and 104 to read like the following:

access-list 102 permit ip 192.168.2.0 0.0.0.255 10.2.9.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 10.2.1.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 192.168.16.0 0.0.0.255

access-list 102 permit ip 192.168.16.0 0.0.0.255 10.2.9.0 0.0.0.255

access-list 102 permit ip 192.168.16.0 0.0.0.255 10.2.1.0 0.0.0.255

access-list 102 permit ip 192.168.16.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 102 permit ip 192.168.16.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 102 permit ip 192.168.16.0 0.0.0.255 192.168.16.0 0.0.0.255

!

access-list 104 permit ip 10.2.9.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 104 permit ip 10.2.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 104 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 104 permit ip 192.168.16.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 104 permit ip 10.2.9.0 0.0.0.255 192.168.16.0 0.0.0.255

access-list 104 permit ip 10.2.1.0 0.0.0.255 192.168.16.0 0.0.0.255

access-list 104 permit ip 192.168.2.0 0.0.0.255 192.168.16.0 0.0.0.255

access-list 104 permit ip 192.168.3.0 0.0.0.255 192.168.16.0 0.0.0.255

Pls do remember to rate posts.

Paresh

0 Helpful

imranmohd
Level 1
Level 1

‎04-07-2006 04:21 AM

Hi Anand,

Try putting this

access-list 101 permit ip 192.168.3.0 0.0.0.255 10.2.10.0 0.0.0.255

access-list 102 permit ip 192.168.2.0 0.0.0.255 10.2.10.0 0.0.0.255

access-list 103 permit ip 10.2.10.0 0.0.0.255 192.168.3.0 0.0.0.255

access-list 104 permit ip 10.2.10.0 0.0.0.255 192.168.2.0 0.0.0.255

Pls do rate if it works

0 Helpful
Customers Also Viewed These Support Documents