Solved: Re: Why can't I ping this from host on VLAN 2? (config attached)

news2010a · ‎11-07-2007

Hi folks, I am just goofing on this. I forgot how to solve this. Please see attached configuration for router and layer 2 switch:

If I setup a workstation1,IP=161.59.241.72,MASK=255.255.255.192,DEFAULT_GATEWAY=161.59.241.68 I have connectivity OK, I can ping the router, etc.

Now I want a machine connected to switch- VLAN2 to be able to communicate as well.

Then On port 6, set for VLAN2, I put a machine with IP=161.59.241.131,MASK=255.255.255.192,DEFAULT GATEWAY=161.59.241.130. I have no connectivity.

I noticed that the VLAN2 in the switch remains administratively shutdown, even if I do no shut.

What I am missing here? How should I setup my switch and which default gateway information should I use in my client machine on vlan2 to make this intervlan routable?

Edison Ortiz · ‎11-08-2007

Devices on Vlan1 must have default gateway set to 161.59.241.65.

Devices on Vlan2 must have default gateway set to 161.59.241.129.

If that does not work, can you ping from this router to devices on both segments ?

View solution in original post

Edison Ortiz · ‎11-07-2007

You can't perform inter-vlan routing with a layer2 switch. You need a layer3 switch or a router connected to this layer2 switch (trunked) performing this task.

As the reason why Vlan2 remains shutdown, well with Layer2 switches, you are only allowed to have one SVI up at the time and this SVI is only used for management. It won't route between segments.

news2010a · ‎11-07-2007

Sorry if I was not clear:the router is doing routing. The switch is cat cat 2960XL and can't do routing.

I defined both dot1q for vlan 1 and vlan 2 on the router:

interface FastEthernet0.1

encapsulation dot1Q 1 native

ip address 161.59.241.65 255.255.255.192

!

interface FastEthernet0.2

encapsulation dot1Q 2

ip address 161.59.241.129 255.255.255.192

Then on the switch I specified the router is being the default-gateway 161.59.241.65.

Then on the workstation on VLAN2, Port 6, in reality I should set defaul gateway for the workstation=161.59.241.129, right?

intelide3 · ‎11-07-2007

hi,

from your config - looks like that was an L2 - 2900 series switch. just like edison said - you need an L3 device (router or an L3 switch such as 3750) to route. you dont need to create another vlan interface (SVI) and add ip address for your vlan in that switch - except management ip (vlan1)and a default gateway (your router). you can create it - but it has no function.

dont forget to no shut the trunk interface :)

HTH

pls rate :)

Jon Marshall · ‎11-07-2007

Hi

Yes correct, you need to use the fa0.2 interface ip address 161.59.241.129 as the default-gateway and not the vlan 2 interface on the switch because as others have pointed out your switch is a layer 2 switch only.

By the way even for a PC on vlan 1 you should set the default-gateway to be the fa0.1 interface and not the vlan 1 interface on the switch.

HTH

Jon

Edison Ortiz · ‎11-08-2007

Devices on Vlan1 must have default gateway set to 161.59.241.65.

Devices on Vlan2 must have default gateway set to 161.59.241.129.

If that does not work, can you ping from this router to devices on both segments ?

news2010a · ‎11-08-2007

Darn. I did 'clear arp' on the switch and things are working now.

Thanks much guys!