alttechnology
asked on
Cisco Routing 5505 Help Part 2
Continue question (part 2)
https://www.experts-exchange.com/questions/22025225/Cisco-Routing-5505-Help.html?qid=22025225
I currently have a CISCO 5505 with a RSM. I have 4 VLANS
100 10.10.10.1_net Ports 2/1-8
200 11.11.11.1_net Ports 2/9-16
300 12.12.12.1_net Ports 2/17-24
999 192.168.254.1_net Ports 3/1-22
My ISP router/Gateway is set for 192.168.254.254
I want to be able to have any device in any of the four Vlans route to EACH OTHER and OUT to the internet using the 192.168.254.254 of my ISP router which I can put in any port or create another vlan. Unfortunately, I don’t have clue on what I am doing. I am totally new to Cisco.
I have made great progress with others (Thanks Don!!) and I am almost there. I found a few issues
=============
CURRENT ISSUE
11/29/06
Troubleshooting
==============
Any host in the 192.168.254.x (vlan 999) can NOT access any host in any other vlan.
Host as 10.10.10.5 can access internet (192.168.254.254) and ping 192.168.254.110 and 11.11.11.5
Host as 11.11.11.5 can access internet (192.168.254.254) and ping 192.168.254.110 but not 10.10.10.5
Host as 192.168.254.110 access internet (192.168.254.254) and only ping 192.168.254.x
Host as 12.12.12.5 have not tried yet
==============
Here is what I have done
==============
On the RSM
enable
config -> terminal
Router(config)#
access-list 1 permit any
ip nat inside source list 1 interface vlan 999
int vlan 999
ip address 192.168.254.1 255.255.255.0 (the isp router gateway is 192.168.254.254)
ip nat outside
int vlan 100
ip nat inside
int vlan 200
ip nat inside
int vlan 300
ip nat inside
==============
CURRENT DUMP OF THE CONFIG
==============
sho ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.254.254 to network 0.0.0.0
1.0.0.0/29 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Vlan10
C 127.0.0.0/8 is directly connected, Vlan0
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Vlan100
11.0.0.0/24 is subnetted, 1 subnets
C 11.11.11.0 is directly connected, Vlan200
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, Vlan300
C 192.168.254.0/24 is directly connected, Vlan999
S* 0.0.0.0/0 [1/0] via 192.168.254.254
Router#sho int
Vlan10 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ** Al Route to Inet 1_1_1_1 **
Internet address is 1.1.1.1/29
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:27, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
7213 packets input, 461070 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
473 packets output, 172182 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Vlan100 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ***Internal 10.10.10.x Al Net***
Internet address is 10.10.10.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 3 packets/sec
5 minute output rate 2000 bits/sec, 3 packets/sec
16638 packets input, 1165026 bytes, 0 no buffer
Received 215 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
13720 packets output, 11770234 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Vlan200 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ***Internal 11.11.11.x Al Net***
Internet address is 11.11.11.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 1000 bits/sec, 2 packets/sec
10927 packets input, 755960 bytes, 0 no buffer
Received 34 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
4015 packets output, 660243 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Vlan300 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ***Internal 12.12.12.x Al Net***
Internet address is 12.12.12.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:09, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
6986 packets input, 419160 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
1401 packets output, 126066 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Vlan999 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ***Internal 192.168.254.Route to Inet Al***
Internet address is 192.168.254.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 4 packets/sec
5 minute output rate 1000 bits/sec, 2 packets/sec
30424 packets input, 13023344 bytes, 0 no buffer
Received 12135 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
9449 packets output, 910536 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Router#
Console> (enable) sho vlan
VLAN Name Status Mod/Ports
---- --------------------------
1 default active 1/1-2
10 Al_to_Inet_1_1_1_1 active 3/23-24
100 Al_10_10_10_1_Net active 2/1-8
200 Al_11_11_11_1_Net active 2/9-16
300 Al_12_12_12_1_Net active 2/17-24
999 Al_192_168_254_1_Net active 3/1-22
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- ------ ------
1 enet 100001 1500 - - - - 0 0
10 enet 100010 1500 - - - - 0 0
100 enet 100100 1500 - - - - 0 0
200 enet 100200 1500 - - - - 0 0
300 enet 100300 1500 - - - - 0 0
999 enet 100999 1500 - - - - 0 0
1002 fddi 101002 1500 0 0 - - 0 0
1003 tring 101003 1500 0 0 - - 0 0
1004 fdnet 101004 1500 - - 0 ieee 0 0
1005 trnet 101005 1500 - - 0 ieee 0 0
Console> (enable)
https://www.experts-exchange.com/questions/22025225/Cisco-Routing-5505-Help.html?qid=22025225
I currently have a CISCO 5505 with a RSM. I have 4 VLANS
100 10.10.10.1_net Ports 2/1-8
200 11.11.11.1_net Ports 2/9-16
300 12.12.12.1_net Ports 2/17-24
999 192.168.254.1_net Ports 3/1-22
My ISP router/Gateway is set for 192.168.254.254
I want to be able to have any device in any of the four Vlans route to EACH OTHER and OUT to the internet using the 192.168.254.254 of my ISP router which I can put in any port or create another vlan. Unfortunately, I don’t have clue on what I am doing. I am totally new to Cisco.
I have made great progress with others (Thanks Don!!) and I am almost there. I found a few issues
=============
CURRENT ISSUE
11/29/06
Troubleshooting
==============
Any host in the 192.168.254.x (vlan 999) can NOT access any host in any other vlan.
Host as 10.10.10.5 can access internet (192.168.254.254) and ping 192.168.254.110 and 11.11.11.5
Host as 11.11.11.5 can access internet (192.168.254.254) and ping 192.168.254.110 but not 10.10.10.5
Host as 192.168.254.110 access internet (192.168.254.254) and only ping 192.168.254.x
Host as 12.12.12.5 have not tried yet
==============
Here is what I have done
==============
On the RSM
enable
config -> terminal
Router(config)#
access-list 1 permit any
ip nat inside source list 1 interface vlan 999
int vlan 999
ip address 192.168.254.1 255.255.255.0 (the isp router gateway is 192.168.254.254)
ip nat outside
int vlan 100
ip nat inside
int vlan 200
ip nat inside
int vlan 300
ip nat inside
==============
CURRENT DUMP OF THE CONFIG
==============
sho ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.254.254 to network 0.0.0.0
1.0.0.0/29 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Vlan10
C 127.0.0.0/8 is directly connected, Vlan0
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Vlan100
11.0.0.0/24 is subnetted, 1 subnets
C 11.11.11.0 is directly connected, Vlan200
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, Vlan300
C 192.168.254.0/24 is directly connected, Vlan999
S* 0.0.0.0/0 [1/0] via 192.168.254.254
Router#sho int
Vlan10 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ** Al Route to Inet 1_1_1_1 **
Internet address is 1.1.1.1/29
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:27, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
7213 packets input, 461070 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
473 packets output, 172182 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Vlan100 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ***Internal 10.10.10.x Al Net***
Internet address is 10.10.10.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 3 packets/sec
5 minute output rate 2000 bits/sec, 3 packets/sec
16638 packets input, 1165026 bytes, 0 no buffer
Received 215 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
13720 packets output, 11770234 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Vlan200 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ***Internal 11.11.11.x Al Net***
Internet address is 11.11.11.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 1000 bits/sec, 2 packets/sec
10927 packets input, 755960 bytes, 0 no buffer
Received 34 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
4015 packets output, 660243 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Vlan300 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ***Internal 12.12.12.x Al Net***
Internet address is 12.12.12.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:09, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
6986 packets input, 419160 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
1401 packets output, 126066 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Vlan999 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0030.9649.d400 (bia 0030.9649.d400)
Description: ***Internal 192.168.254.Route to Inet Al***
Internet address is 192.168.254.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 4 packets/sec
5 minute output rate 1000 bits/sec, 2 packets/sec
30424 packets input, 13023344 bytes, 0 no buffer
Received 12135 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
9449 packets output, 910536 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
Router#
Console> (enable) sho vlan
VLAN Name Status Mod/Ports
---- --------------------------
1 default active 1/1-2
10 Al_to_Inet_1_1_1_1 active 3/23-24
100 Al_10_10_10_1_Net active 2/1-8
200 Al_11_11_11_1_Net active 2/9-16
300 Al_12_12_12_1_Net active 2/17-24
999 Al_192_168_254_1_Net active 3/1-22
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- ------ ------
1 enet 100001 1500 - - - - 0 0
10 enet 100010 1500 - - - - 0 0
100 enet 100100 1500 - - - - 0 0
200 enet 100200 1500 - - - - 0 0
300 enet 100300 1500 - - - - 0 0
999 enet 100999 1500 - - - - 0 0
1002 fddi 101002 1500 0 0 - - 0 0
1003 tring 101003 1500 0 0 - - 0 0
1004 fdnet 101004 1500 - - 0 ieee 0 0
1005 trnet 101005 1500 - - 0 ieee 0 0
Console> (enable)
ASKER
I was thinking it was due to the nat. Even after I did a IP NAT INSIDE on VLAN 999 I still had the same issue (could not get to the internet to be expected).
Even though I would guess vlan 999 would have issues going back and forth. What I thought was strange was Vlan 100 and 200 that are inside in the same switch.
Host as 10.10.10.5 can access internet (192.168.254.254) and ping 192.168.254.110 and 11.11.11.5
** Host as 11.11.11.5 can access internet (192.168.254.254) and ping 192.168.254.110 but not 10.10.10.5
Host as 12.12.12.5 have not tried yet
100 10.10.10.1_net Ports 2/1-8
200 11.11.11.1_net Ports 2/9-16
300 12.12.12.1_net Ports 2/17-24
999 192.168.254.1_net Ports 3/1-22
The 5505 is only in use 20-30% of the time in the lab. I was hoping to avoid creating another vlan then changing the internal IP of the ISP router when the 5505 was online. Normally there is only 192.168.254.x hosts in to a hub that goes to the ISP connection. I was hoping to keep the ISP connection up and only flip on the 5505 when needed.
Thanks Al
alttechnology @ Windows Messenger
Even though I would guess vlan 999 would have issues going back and forth. What I thought was strange was Vlan 100 and 200 that are inside in the same switch.
Host as 10.10.10.5 can access internet (192.168.254.254) and ping 192.168.254.110 and 11.11.11.5
** Host as 11.11.11.5 can access internet (192.168.254.254) and ping 192.168.254.110 but not 10.10.10.5
Host as 12.12.12.5 have not tried yet
100 10.10.10.1_net Ports 2/1-8
200 11.11.11.1_net Ports 2/9-16
300 12.12.12.1_net Ports 2/17-24
999 192.168.254.1_net Ports 3/1-22
The 5505 is only in use 20-30% of the time in the lab. I was hoping to avoid creating another vlan then changing the internal IP of the ISP router when the 5505 was online. Normally there is only 192.168.254.x hosts in to a hub that goes to the ISP connection. I was hoping to keep the ISP connection up and only flip on the 5505 when needed.
Thanks Al
alttechnology @ Windows Messenger
Can you post the config of your RSM?
ASKER
Once again thanks for your help....
Sure.. Is there an specfic command you want me to run besides sho conf
This is a lab if needed I can blow everything away and start over. I can send you the step by step I was using from creating the vlans then to the RSM if needed. I wich you could atach files here..
sho config
Using 1464 out of 126968 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
no service single-slot-reload-enable
!
hostname Router
!
enable secret 5 $1$Aq./$9XRPE4IYL7cJlD.no1
enable password bretta
!
ip subnet-zero
ip cef
!
!
!
!
interface Vlan10
description ** Al Route to Inet 1_1_1_1 **
ip address 1.1.1.1 255.255.255.248
no ip route-cache
no ip mroute-cache
!
interface Vlan100
description ***Internal 10.10.10.x Al Net***
ip address 10.10.10.1 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
!
interface Vlan200
description ***Internal 11.11.11.x Al Net***
ip address 11.11.11.1 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
!
interface Vlan300
description ***Internal 12.12.12.x Al Net***
ip address 12.12.12.1 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
!
interface Vlan999
description ***Internal 192.168.254.Route to Inet Al***
ip address 192.168.254.1 255.255.255.0
ip nat outside
no ip route-cache
no ip mroute-cache
!
router ospf 100
log-adjacency-changes
network 10.10.10.0 0.0.0.255 area 0
network 11.11.11.0 0.0.0.255 area 0
network 12.12.12.0 0.0.0.255 area 0
network 192.168.254.0 0.0.0.255 area 0
!
ip nat inside source list 1 interface Vlan999 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.254.254
no ip http server
!
access-list 1 permit any
!
line con 0
line aux 0
line vty 0 4
login
!
end
Router#sho access-lists
Standard IP access list 1
permit any (5954 matches)
Sure.. Is there an specfic command you want me to run besides sho conf
This is a lab if needed I can blow everything away and start over. I can send you the step by step I was using from creating the vlans then to the RSM if needed. I wich you could atach files here..
sho config
Using 1464 out of 126968 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
no service single-slot-reload-enable
!
hostname Router
!
enable secret 5 $1$Aq./$9XRPE4IYL7cJlD.no1
enable password bretta
!
ip subnet-zero
ip cef
!
!
!
!
interface Vlan10
description ** Al Route to Inet 1_1_1_1 **
ip address 1.1.1.1 255.255.255.248
no ip route-cache
no ip mroute-cache
!
interface Vlan100
description ***Internal 10.10.10.x Al Net***
ip address 10.10.10.1 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
!
interface Vlan200
description ***Internal 11.11.11.x Al Net***
ip address 11.11.11.1 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
!
interface Vlan300
description ***Internal 12.12.12.x Al Net***
ip address 12.12.12.1 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
!
interface Vlan999
description ***Internal 192.168.254.Route to Inet Al***
ip address 192.168.254.1 255.255.255.0
ip nat outside
no ip route-cache
no ip mroute-cache
!
router ospf 100
log-adjacency-changes
network 10.10.10.0 0.0.0.255 area 0
network 11.11.11.0 0.0.0.255 area 0
network 12.12.12.0 0.0.0.255 area 0
network 192.168.254.0 0.0.0.255 area 0
!
ip nat inside source list 1 interface Vlan999 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.254.254
no ip http server
!
access-list 1 permit any
!
line con 0
line aux 0
line vty 0 4
login
!
end
Router#sho access-lists
Standard IP access list 1
permit any (5954 matches)
With this config, all devices should be able to access VLAN 999.
However, VLAN 999 will not be able initiate communications with any other VLAN.
I would suggest creating another VLAN for the end stations currently on VLAN 999.
However, VLAN 999 will not be able initiate communications with any other VLAN.
I would suggest creating another VLAN for the end stations currently on VLAN 999.
ASKER
Don,
It looks like all the VLANS will route to each other except for Vlan 999 will not route to them (to be expected). Is there any way to make Vlan 999 inside but have all vlans use use 192.168.254.254 to get out to the internet even though 192.168.254.254 is in Vlan 999?
We use a hub for the 192.168.254.x and I was hoping to keep address range. I was trying to save the trouble of changing the vlan of the isp and then the ISP internal address (from 192.x to ??) every time we turn on the 5505 for testing. If the 5505 was on all the time yes, I would use your suggestion and readdress either the hosts or the internal ISP address.
The only other option that I am guessing when we use the 5505 is to change the internal ISP from 192.168.254.254 to (Example) 222.222.222.254 then create a vlan for 222.222.222.x and use that for the ip nat outside... Then when we are done using the 5505 flip it back.
Let me know if there is a way?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hmm.. Well the lab stuff is normally on a standalone connection (HUB) in to the back of the DSL Gateway using 192.168.254.254 as the GW. If I left the 5505 on then creating another vlan just for the ISP connection would be no issue.
Then to make vlan 999 normal I should do a
Router(config)#int vlan 999
Router(config-if)#ip nat inside
For example when I do this a hosts as 10.10.10.5 drops ping to 192.168.254.110
This should just be a normal vlan now right? The RSM should now route to it? What else would I need to change/redo?? To get this to work.
Thanks Again!
ASKER
My screwup. I had the GW wrong on the 192's
ASKER
Thanks Don you been Great!!
Can you move those devices to another (or new) VLAN?