Solved

vlan routing

Posted on 2008-06-10
6
1,158 Views
Last Modified: 2010-04-21
I have a 4006, with multi vlans...all working.  However when I added a new vlan  the traffic on the new vlan only permits 1 device to get to the outside world and be seen by other devices on the other vlans.  PCs on the new vlan can see each other and ping.  Trace routes from the one working device have 1 hop to the
vlan gateway then distination.  Trace routes from any other device on the new vlan time out, with no 1st hop.
any help GREATLY appreciated, thanks in advance....
MY-4006#show ip int vlan XX1(good vlan)

VlanXX1 is up, line protocol is up

  Internet address is 192.168.6.254/24

  Broadcast address is 255.255.255.255

  Address determined by non-volatile memory

  MTU is 1500 bytes

  Helper address is 192.168.1.10

  Directed broadcast forwarding is disabled

  Outgoing access list is not set

  Inbound  access list is not set

  Proxy ARP is enabled

  Local Proxy ARP is disabled

  Security level is default

  Split horizon is enabled

  ICMP redirects are never sent

  ICMP unreachables are always sent

  ICMP mask replies are never sent

  IP fast switching is enabled

  IP fast switching on the same interface is disabled

  IP Flow switching is disabled

  IP CEF switching is enabled

  IP Null turbo vector

  IP multicast fast switching is enabled

  IP multicast distributed fast switching is disabled

  IP route-cache flags are Fast, CEF

  Router Discovery is disabled

  IP output packet accounting is disabled

  IP access violation accounting is disabled

  TCP/IP header compression is disabled

  RTP/IP header compression is disabled

  Probe proxy name replies are disabled

  Policy routing is disabled

  Network address translation is disabled

  WCCP Redirect outbound is disabled

  WCCP Redirect exclude is disabled

  BGP Policy Mapping is disabled

NEW VLAN(BAD)

MY-4006#show ip int vlan XX2

VlanXX2 is up, line protocol is up

  Internet address is 172.19.30.254/24

  Broadcast address is 255.255.255.255

  Address determined by setup command

  MTU is 1500 bytes

  Helper address is 192.168.1.10

  Directed broadcast forwarding is disabled

  Outgoing access list is not set

  Inbound  access list is not set

  Proxy ARP is enabled

  Local Proxy ARP is disabled

  Security level is default

  Split horizon is enabled

  ICMP redirects are never sent

  ICMP unreachables are always sent

  ICMP mask replies are never sent

  IP fast switching is enabled

  IP fast switching on the same interface is disabled

  IP Flow switching is disabled

  IP CEF switching is enabled

  IP Null turbo vector

  IP multicast fast switching is enabled

  IP multicast distributed fast switching is disabled

  IP route-cache flags are Fast, CEF

  Router Discovery is disabled

  IP output packet accounting is disabled

  IP access violation accounting is disabled

  TCP/IP header compression is disabled

  RTP/IP header compression is disabled

  Probe proxy name replies are disabled

  Policy routing is disabled

  Network address translation is disabled

  WCCP Redirect outbound is disabled

  WCCP Redirect exclude is disabled

  BGP Policy Mapping is disabled

Open in new window

0
Comment
Question by:TriCountyIT
  • 3
  • 2
6 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 21752763
Do the non-working PC's have the proper default gateway set if you do an ipconfig?  Their default gateway should be 172.19.30.254.
0
 

Author Comment

by:TriCountyIT
ID: 21752883
The non-working PC's are all set to 172.19.30.254.  I set a range from our DHCP server to hand out all the proper info gateway...etc.  Which is surprising being that the DHCP server is on a different subnet other than the 172.19.30.0/24 and pings time out to that address from the PC's....weird?
0
 
LVL 3

Expert Comment

by:Slawomir Malinowski
ID: 21752958
172.19.30.254 its your default gateway.
You need to setup dhcp relay agent on the vlanxx2
ip helper-address x.x.x.x your dhcp ip address
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 21753030
Very strange, so obviously traffic is flowing if you are getting DHCP from the server on a different subnet.  Is the issue specific to ICMP?  Can you ping the gateway even?  Can you access a web server?  Could the Windows Firewall be blocking ICMP....
0
 

Author Comment

by:TriCountyIT
ID: 21859339
Well turns out it was a VPN client issue?!?!  Thanks for the input!  Disabled the VPN client and everything was fine.
0
 

Author Closing Comment

by:TriCountyIT
ID: 31465803
Thanks on the right track, is was the VPN client causing the headaches!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

 One of the main issues with network wires is that you never have enough.  You run plenty and plan for the worst case but you still end up needing more.  What many people do not realize is with 10BaseT and 100BaseT (but not 1000BaseT) networks you …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

28 Experts available now in Live!

Get 1:1 Help Now