Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Unable to route between vlans

Hi

configured to vlan (vlan1 and vlan4) both vlans have "inter vlan route" enabled.

Vlan 1 is configured on port 1 running in "access mode" with 1 as pvid, vlan4 is configured on port 4 with 4 av pvid, running in "access mode".

vlan 1: 192.168.75.0/24 gw:192.168.75.1 vlan 4: 192.168.4.0/24 GW: 192.168.4.1

My main computer is connectod to port 1 with IP 192.168.75.100, I can ping gateway for vlan1 and vlan4, but not the host on vlan 4 (192.168.4.2).

On the host on vlan 4 I'm able to ping gateway for vlan4 and vlan1 both  not the host on vlan1 (192.168.75.100).

I'm running firmware 1.1.42

my routing table:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
127.0.0.1        localhost       255.255.255.255 UGH   1      0        0 lo
192.168.4.0     *                  255.255.255.0   U     0      0        0 bdg4
192.168.4.0    192.168.4.1    255.255.255.0   UG    1      0        0 bdg4
172.16.2.0      *                   255.255.255.0   U     0      0        0 eth0.4094
192.168.75.0   *                  255.255.255.0   U     0      0        0 bdg1
192.168.75.0   Cisco           255.255.255.0   UG    1      0        0 bdg1
Not Disclosed  *                  255.255.240.0   U     0      0        0 eth1
default         Not disclosed.   0.0.0.0         UG    0      0        0 eth1

/Andy

Everyone's tags (2)
9 REPLIES

Re: Unable to route between vlans

Hi

configured to vlan (vlan1 and vlan4) both vlans have "inter vlan route" enabled.

Vlan 1 is configured on port 1 running in "access mode" with 1 as pvid, vlan4 is configured on port 4 with 4 av pvid, running in "access mode".

vlan 1: 192.168.75.0/24 gw:192.168.75.1 vlan 4: 192.168.4.0/24 GW: 192.168.4.1

My main computer is connectod to port 1 with IP 192.168.75.100, I can ping gateway for vlan1 and vlan4, but not the host on vlan 4 (192.168.4.2).

On the host on vlan 4 I'm able to ping gateway for vlan4 and vlan1 both  not the host on vlan1 (192.168.75.100).

I'm running firmware 1.1.42

my routing table:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
127.0.0.1        localhost       255.255.255.255 UGH   1      0        0 lo
192.168.4.0     *                  255.255.255.0   U     0      0        0 bdg4
192.168.4.0    192.168.4.1    255.255.255.0   UG    1      0        0 bdg4
172.16.2.0      *                   255.255.255.0   U     0      0        0 eth0.4094
192.168.75.0   *                  255.255.255.0   U     0      0        0 bdg1
192.168.75.0   Cisco           255.255.255.0   UG    1      0        0 bdg1
Not Disclosed  *                  255.255.240.0   U     0      0        0 eth1
default         Not disclosed.   0.0.0.0         UG    0      0        0 eth1

/Andy

What is the device model  and have checked any firewall is enabled on desktop ?

Hope to help !!

Ganesh.H

New Member

Re: Unable to route between vlans

The device is a SA-520.

The computer on vlan1 is a Windows 7 desktop computer, and the computer on vlan4 is a VMWare ESXi box that I try to connect to via http, so no firewall on either.

Thanks for your reply

/Andy

Re: Unable to route between vlans

The device is a SA-520.

The computer on vlan1 is a Windows 7 desktop computer, and the computer on vlan4 is a VMWare ESXi box that I try to connect to via http, so no firewall on either.

Thanks for your reply

/Andy

Andy,

Check out the below thread it is similar issue :-

https://supportforums.cisco.com/thread/2018755

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

New Member

Re: Unable to route between vlans

Yeah, I've that post, but the problem is not resolved there either.

I noticed that they think this *might* be a bug in the firmware.

Thanks

/Andy

New Member

Re: Unable to route between vlans

Hi Andy,

With the information you have provided, we are unable to re-produce the issue. Can you provide more details like your network topology and configuration file.

You can send a private message if you dont want to post on the support community forum.

Thanks,

Nitin Manglik

nmanglik@cisco.com

New Member

Re: Unable to route between vlans

Hi,

I don't know if it can help you but we experienced a similar problem.

SA520 with 2 vlans (data and voip) and inter-vlan routing enabled. 1 vlan on port 1 (access), the other on port 2 (access). The 2 ports were connected on the same switch (HP !) (each 2 ports in access mode for 1 vlan). The other switch ports were configured in trunk mode (native: data) to connect a voip phone and a pc behind the phone.

Phones and PCs received their ip config from the sa520 correctly in the correct vlan but no inter-vlan routing.

We finally find the the sa520 considers the 4 ports as a single switch and runs only 1 instance of spanning-tree on it and therefore, a loop were created.

What I don't understand is why the dhcp was still working....

We have resolved the problem by the use of only 1 port in trunk mode between the sa520 and the switch.

Now we have another problem: everything is working fine for about 20-30 minutes and after that, the, internet access falls (ping response time to the inside address of the sa520 are good) and become available after 2-3 minutes.


The sa520 is configured to use 2 isp with load balancing and protocol bindings. It seems the sa520 detects 1 internet link down and transfers all on the other (for that it restarts its network services which takes about 2 min !!!).

When I connect a computer directly on one modem or the other, there is no problem.  I know the sa520 checks the provider's dns to see if the connection is still working so I changed these addresses with others (very good ones) but the problem still exist.

If someone have an idea, it would be very appreciated

Xavier

New Member

Re: Unable to route between vlans

Hi Xavier,

This is regarding your posting to support forums. Your observation is correct, SA500 does not support spanning tree and will not detect loops, so there should be one trunk to one switch.

In our recent experience with some other customers, it appears that sometimes DNS servers do not respond back to DNS queries. In that case failover detection mechanism can be changed to ping or to none.

Also if the problem still exists we would like to capture some logs on the WAN side of SA500 to see the reason that triggered the failover.

Thanks,

Nitin.

New Member

Re: Unable to route between vlans

Hi.

We recently purchaced a new SA520 to use in our new office.

The current setup is:

SA520-Port1 - Trunk: 1,11,12,13 -> Switch -> APs and desktops.

So we basically have VLAN 11 for our internal wireless, 12 for guest wireless and 13 for everything connected with a cable.

At this very moment running 2.1.18/1.1.65.

And all the InterVLAN boxes are checked.  But we still cannot connect from
VLAN11 to VLAN13 (Printer eg.)

Any ideas?

Cisco Employee

Unable to route between vlans

Hi Emil,

Could you please PM me your configuration ? Also, at meanwhile, could

you upgrade your image to the latest image ? Please follow the link below

to obtain the latest image.

https://supportforums.cisco.com/docs/DOC-16365

Regards,

Wei

2357
Views
0
Helpful
9
Replies
CreatePlease to create content