Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1443
Views
0
Helpful
6
Replies

Unable to route between VLANs

Go to solution
westbranchtech
Level 1
Level 1

‎06-23-2014 08:03 AM - edited ‎03-04-2019 11:12 PM

Hello,

I'm running into an issue setting up VLANs with a stack of 3750Xs.

Our setup consists of a Cisco 2821 Router -> Cisco ASA 5510 -> Bridged Web Filter -> 3750X stack -> Which goes out to Cisco 3750G Egde Switches.

We currently have a flat 10.1.0.0/16 Network and would like to break it up into multiple VLANS:

Management VLAN - 10.1.0.0/16

Tech VLAN - 10.2.0.0/16

Admin VLAN - 10.3.0.0/16 etc. etc. etc..

 

As a test, I created the VLAN 2, assigned it the ip address of 10.2.0.1/16, made sure it was set to 'no shut'. IP routing is enabled and the catch all gateway has been set.

I have a device that has been assigned to VLAN2, however I can only ping it's default gateway (10.2.0.1). I'm also unable to ping anything in VLAN 2 from VLAN 1.

I'm not sure I'm making a really stupid addressing mistake or a configuration error. Any insight would be greatly appreciated.

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
adamtodd16
Level 3
Level 3

‎06-24-2014 04:53 AM

I assume the ASA is on the VLAN1 subnet? 

If not, add the following command on the ASA:

route inside <VLAN2-SUBNET> 255.255.255.0 <VLAN1-SwitchIP> 1

Example: route inside 10.30.1.0 255.255.255.0 10.30.200.1 1

 

 

View solution in original post

0 Helpful
6 Replies 6

Go to solution
adamtodd16
Level 3
Level 3

‎06-23-2014 03:04 PM

If you do a "show ip int brief" are both VLANs showing up / up? Do you have a device plugged into VLAN1 as well or just into VLAN2? If you do a "show vlan brief" is each VLAN assigned to at least 1 port? 

0 Helpful

Go to solution
westbranchtech
Level 1
Level 1
In response to adamtodd16

‎06-24-2014 04:21 AM

Hi Adam,

I managed to get interVLAN communication working, I neglected to change the default gateway on my VLAN1 devices. However I'm still unable to access the internet with my VLAN2 devices. The next hop would be my 5510 ASA. Would I need to create static routes for each of my VLANs?

0 Helpful

Go to solution
Ganesan Palaniappan
Level 1
Level 1
In response to westbranchtech

‎07-03-2014 12:24 PM

Hi,

 

I hope you have a default route in your switch towards the Firewall for the internet access.

Then, you need to create reverse static route in the Firewall to all the VLANs.

Example:

ip route <Tech VLAN> < Subnet Mask> < VLAN 1 SVI>

ip route < Test VLAN > <SNM > < VLAN 1 SVI >

I assume VLAN 1 is the Management ip address where the Firewall inside leg is configured.

 

Please rate me if it resolved your problem.

 

Regards,

Gan

0 Helpful

Go to solution
adamtodd16
Level 3
Level 3

‎06-24-2014 04:53 AM

I assume the ASA is on the VLAN1 subnet? 

If not, add the following command on the ASA:

route inside <VLAN2-SUBNET> 255.255.255.0 <VLAN1-SwitchIP> 1

Example: route inside 10.30.1.0 255.255.255.0 10.30.200.1 1

 

 

0 Helpful

Go to solution
westbranchtech
Level 1
Level 1
In response to adamtodd16

‎06-24-2014 05:18 AM

That was it!

So I assume i just need to create a static route for each of my VLAN subnets just like that?

 

I really appreciate it, Adam!

 

0 Helpful

Go to solution
adamtodd16
Level 3
Level 3
In response to westbranchtech

‎06-24-2014 05:25 AM

You got it. All of them, except VLAN1. 

No problem at all. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card