Question

Locked

Vlan Internet problem

By Acer1986 ·
I have successfully got my inter vlan routing and DHCP working. I have also got access to the Internet from the 192.168.2.0 subnet. My Internet router is a netgear FVS124 with IP 192.168.2.201, this router is connected to port 1/g24. When I try to connect to the internet, or try to ping 192.168.2.201 from 192.168.20.0 or 192.168.30.0 subnets it all times out. I am sure I just have to configure my routes properly, which I thought I did but obviously not right. Here is my current config:
!Current Configuration:
!System Description "Dell 24 Port Gigabit Ethernet, 2.0.1.8, VxWorks5.5.1"
!System Software Version 2.0.1.8
!
configure
vlan database
vlan 10,20,30
vlan association subnet 192.168.1.0 255.255.255.0 1
vlan association subnet 192.168.2.0 255.255.255.0 10
vlan association subnet 192.168.20.0 255.255.255.0 20
vlan association subnet 192.168.30.0 255.255.255.0 30
exit
stack
member 1 1
exit
switch 1 priority 1
ip address 192.168.1.1 255.255.255.0
ip domain-name kris-starr.co.uk
ip name-server 192.168.2.10
ip name-server 192.168.2.30
ip routing
ip route 0.0.0.0 0.0.0.0 192.168.2.201
bootpdhcprelay enable
bootpdhcprelay serverip 192.168.2.10
bootpdhcprelay cidridoptmode
ip helper-address 192.168.2.1 192.168.2.10 37
ip helper-address 192.168.2.1 192.168.2.10 49
ip helper-address 192.168.2.1 192.168.2.10 137
ip helper-address 192.168.2.1 192.168.2.10 138
ip helper-address 192.168.20.1 192.168.2.10 37
ip helper-address 192.168.20.1 192.168.2.10 49
ip helper-address 192.168.20.1 192.168.2.10 137
ip helper-address 192.168.20.1 192.168.2.10 138
ip helper-address 192.168.30.1 192.168.2.10 37
ip helper-address 192.168.30.1 192.168.2.10 49
ip helper-address 192.168.30.1 192.168.2.10 137
ip helper-address 192.168.30.1 192.168.2.10 138
interface vlan 10
name "Servers"
routing
ip address 192.168.2.1 255.255.255.0
ip rip send version rip1
ip irdp
exit
interface vlan 20
name "Sales"
routing
ip address 192.168.20.1 255.255.255.0
ip rip send version rip1
ip irdp
exit
interface vlan 30
name "Accounts"
routing
ip address 192.168.30.1 255.255.255.0
ip netdirbcast
ip rip send version rip1
ip irdp
exit
username "michi" password 4f70cfb1451a1b0ce0b872421bee6c1c level 15 encrypted
!
interface ethernet 1/g1
switchport mode general
switchport general pvid 10
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 10,20,30
exit
!
interface ethernet 1/g3
switchport mode general
switchport general pvid 10
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 10,20,30
exit
!
interface ethernet 1/g4
switchport mode general
switchport general pvid 20
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 20
exit
!
interface ethernet 1/g5
switchport mode general
switchport general pvid 10
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 10,20,30
exit
!
interface ethernet 1/g7
switchport mode general
switchport general pvid 10
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 10
exit
!
interface ethernet 1/g8
switchport mode general
switchport general pvid 30
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 30
exit
!
interface ethernet 1/g24
switchport mode general
switchport general pvid 10
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 10,20,30
exit
exit

I have done a show IP route, here it is:
show ip route
Route Codes: R - RIP Derived, O - OSPF Derived, C - Connected, S - Static
B - BGP Derived, IA - OSPF Inter Area
E1 - OSPF External Type 1, E2 - OSPF External Type 2
N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA External Type 2

S 0.0.0.0/0 [1/0] via 192.168.2.201, vlan 10

C 192.168.2.0/24 [0/0] directly connected, vlan 10

C 192.168.20.0/24 [0/0] directly connected, vlan 20

C 192.168.30.0/24 [0/0] directly connected, vlan 30

I'm sure it's something simple.

Thanks to everyone who already helped me so far

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Your router is on another

by Dumphrey In reply to Vlan Internet problem

subnet from either vlan. You will need to create a routed port on the layer3 switch and a static default route to get traffic out the gateway.

Collapse -

Routed port

by Acer1986 In reply to Your router is on another

I thought that's what the static route does I already added, what do I need to set the port to? should it be a trunk port?

Collapse -

I really do not know how to set a routed port

by Dumphrey In reply to Routed port

I just know you need one. Atm your set up is routing between vlans because they are set up on the local switch. But no port is enabled for the third network, your router.
A trunk port would not help at all, as thats for passing and routing vlan data to a router.
Another option is to add a third vlan and put the router in that vlan, as a default route, all traffic would go that way.
I would imagine if you go to a switch port interface config and do a switchport mode ? it may show you routed...

Seems this is the magic:
Switch(config)# interface gigabitethernet0/1

Switch(config-if)# no switchport

Switch(config-if)# ip address 172.20.128.2 255.255.255.0

change ip to be on the same network as router.

Collapse -

No routes for other VLANs

by CG IT In reply to Vlan Internet problem

ip route 0.0.0.0 0.0.0.0 192.168.2.201

which is why only those on VLAN 10 can get to the internet. It's the only VLAN that has a route to the default gateway [the subnet 192.168.2.201 is VLAN 10.]

VLANs 20 and 30 don't know to use VLAN 10 to get out and the layer 3 device doesn't know to route packets from VLANs 20 and 30 to VLAN 10 to get to the default gateway.

Collapse -

Solved

by Acer1986 In reply to No routes for other VLANs

All I needed; on my Netgear router I had to add static routes:
192.168.1.0 via 192.168.2.1 metric 2
192.168.2.0 via 192.168.2.1 metric 2
192.168.20.0 via 192.168.2.1 metric 2
192.168.30.0 via 1921.168.2.1 metric 2

Thanks for all your help anyway.

Back to Networks Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums