Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
863
Views
0
Helpful
2
Replies

SG300 InterVLAN - Routing help!

pilotx39
Level 1
Level 1

‎10-28-2013 03:24 PM

Hi all, I have this network:

Drawing4.jpg                  

I have created the VLAN 1 and VLAN 2 in the SG300 and I can do a TELNET ping between them. The two routes 10.1.2.0 -> 0.0.0.0 and 10.1.100.1 -> 0.0.0.0 show up in the routing table. PCs connected to port 2 through 52 obviously are fine connecting to the Internet through the TMG firewall with a 10.1.2.1 gateway. I pointed the devices on VLAN2 to a gateway of 10.1.100.1 and no internet on VLAN2.

I'm stuck at this point. I know its a routing issue. I need the devices on the Netgear switch to connect to the internet and I also need interVLAN routing and connectivity. Thanks.

1 person had this problem
Labels:
0 Helpful
2 Replies 2

Tom Watts
VIP Alumni
VIP Alumni

‎10-31-2013 07:34 AM

Hi Mark, if I had to make a guess, the TMG is missing a static route pointing to the SVI of the SG300.

Read this topic for some input-

https://supportforums.cisco.com/thread/2123434

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

Vladimer Burtchuladze
Level 1
Level 1
In response to Tom Watts

‎11-07-2013 11:54 AM

Hello

I really need help with Inter vlan routing via Kerio Controll 7.4.1.

I have several SF300-24P switches (IOS 1.3.0.62) and i have created a several VLAN's.

Vlans: Vlan 10, 100, 200 and interface vlan 213 (for management).

I can ping hosts in the same Vlan via this switches. From switch to host, port is in access mode and between switches ports is in Trunk mode

(also i had a problem here, trunk wasn't working untill i used command: switchport trunk allowed vlan add all).

Also port is in Trunk mode between KERIO and SW1 (switch). interface is in TRUNK mode from switch's side because i don't know how configure interface TRUNK mode on kerio.

On kerio i have configed one physical interface with IP - 172.16.0.1 255.255.255.0 and on the same interface i have created

VLAN 10, VLAN 100 and VLAN 200.

static IP's for this interfaces:

10.0.0.1 255.255.255.0 VLAN 10

192.168.100.1 255.255.255.0 VLAN 100

192.168.200.1 255.255.255.0 VLAN 200

On KERIO i have created DHCP Lease for each VLAN, but i cannot get IP's from DHCP. So i assigned static IP's  to computers

(for example for VLAN100 PC, VLAN 200 PC and so on) but they cannot ping each other when they are in different vlans, so inter vlan routing itsnot working. but with static IP on the PC, i can ping every VLAN's IP address on KERIO.

so pls tell me how i must configure inter vlan routing on kerio, is it possible?

or what must i do? where is my mistake? maybe when i put IP on pysical interface?

here is my configs and pls help and give me config example.

----------------------------------------------------------------------

config-file-header

SW1

v1.3.0.62 / R750_NIK_1_3_647_260

CLI v1.0

set system mode switch

file SSD indicator plaintext

@

vlan database

vlan 10,100,200,213

exit

voice vlan oui-table add 0001e3 Siemens_AG_phone________

voice vlan oui-table add 00036b Cisco_phone_____________

voice vlan oui-table add 00096e Avaya___________________

voice vlan oui-table add 000fe2 H3C_Aolynk______________

voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone

voice vlan oui-table add 00d01e Pingtel_phone___________

voice vlan oui-table add 00e075 Polycom/Veritel_phone___

voice vlan oui-table add 00e0bb 3Com_phone______________

hostname SW1

username administrator password encrypted 7fc3774d79570c81cda124d5dcf80b8ae0fcdd6c privilege 15

username cisco password encrypted 1defefd1f4a214009775b2c2b6b961a77da384b5 privilege 15

!

interface vlan 10

name Staff

!

interface vlan 100

name Cards

!

interface vlan 200

name AP's

!

interface vlan 213

name Management

ip address 172.16.213.1 255.255.255.0

no ip address dhcp

!

interface fastethernet1

description MANAGEMENT-VLAN

spanning-tree disable

switchport mode access

switchport access vlan 213

!

interface fastethernet2

spanning-tree disable

switchport mode general

switchport general acceptable-frame-type untagged-only

!

interface fastethernet3

spanning-tree disable

switchport mode general

switchport general acceptable-frame-type untagged-only

!

interface fastethernet4

spanning-tree disable

switchport mode access

switchport access vlan 200

!

interface fastethernet5

spanning-tree disable

switchport mode access

switchport access vlan 200

!

interface fastethernet6

spanning-tree disable

switchport mode access

switchport access vlan 100

!

interface fastethernet7

spanning-tree disable

switchport mode access

switchport access vlan 100

!

interface gigabitethernet1

description Direction-To-SW2      <--- This port is Trunk, but its not showing here for some reason.

spanning-tree disable

!

interface gigabitethernet2

description Direction-To-KERIO  <--- This port is Trunk also.  i used: switchport mode trunk on both interfaces

spanning-tree disable

exit

banner login 

SW1

-----------------------------------------------------------------------------------------------------------

config-file-header

SW2

v1.3.0.62 / R750_NIK_1_3_647_260

CLI v1.0

set system mode switch

file SSD indicator encrypted

@

ssd-control-start

ssd config

ssd file passphrase control unrestricted

no ssd file integrity control

ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0

!

vlan database

vlan 10,100,200,213

exit

voice vlan oui-table add 0001e3 Siemens_AG_phone________

voice vlan oui-table add 00036b Cisco_phone_____________

voice vlan oui-table add 00096e Avaya___________________

voice vlan oui-table add 000fe2 H3C_Aolynk______________

voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone

voice vlan oui-table add 00d01e Pingtel_phone___________

voice vlan oui-table add 00e075 Polycom/Veritel_phone___

voice vlan oui-table add 00e0bb 3Com_phone______________

hostname SW2

username administrator password encrypted 7fc3774d79570c81cda124d5dcf80b8ae0fcdd6c privilege 15

username cisco password encrypted 1defefd1f4a214009775b2c2b6b961a77da384b5 privilege 15

!

interface vlan 10

name Staff

!

interface vlan 100

name Cards

!

interface vlan 200

name AP's

!

interface vlan 213

name Management

ip address 172.16.213.2 255.255.255.0

no ip address dhcp

!

interface fastethernet1

description MANAGEMENT-VLAN

spanning-tree disable

switchport mode access

switchport access vlan 213

!

interface fastethernet2

spanning-tree disable

switchport mode general

switchport general acceptable-frame-type untagged-only

!

interface fastethernet3

spanning-tree disable

switchport mode general

switchport general acceptable-frame-type untagged-only

!

interface fastethernet4

spanning-tree disable

switchport mode access

switchport access vlan 200

!

interface fastethernet5

spanning-tree disable

switchport mode access

switchport access vlan 200

!

interface fastethernet6

spanning-tree disable

switchport mode access

switchport access vlan 100

!

interface fastethernet7

spanning-tree disable

switchport mode access

switchport access vlan 100

!

interface fastethernet8

spanning-tree disable

switchport mode access

switchport access vlan 100

!

interface gigabitethernet1

description Direction-To-SW1    <--- This port is Trunk also.  i used: switchport mode trunk

!

exit

banner login 

SW2

i have excluded many interfaces because hey have same configs.

0 Helpful
Customers Also Viewed These Support Documents