[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1222
  • Last Modified:

InterVlan Routing - Cisco 3750

Here is my problem. I am configuring inter-vlan routing on my catalyst 3750 (ip 10.0.1.6_  and all nodes on my new vlan (VLAN117 - 10.2.31.1 255.255.255.0) cannot communicate with my other data vlan (vlan100 - 10.0.0.X 255.255.0.0). I have setup the "ip helper address" command on vlan117. DHCP is not being issued (dhcp server 10.0.0.203) , even if i assign a static ip on my machine, it cannot communicate with vlan100. We are routing a little differently than you would in a traditional sense. The default gateway of my catalyst  is the firewall (pro2040 = IP 10.0.0.2) which is in turn routing traffic back to my catalyst (10.0.1.6).  Dont ask why, it was setup this way before i got here. Below is the running configuration of my switch and i have also included configuration of my sonicwall as well. Thanks in advance.

**FASTETHERNET 1/0/22 is the only one on VLAN117

**NOTE*** OBjects assigned on firewall have the following IP addresses.
**Rule1 is all we're looking at on sonicwall, under Routing Policies**
VLAN SUBNETS -10.2.31.0 255.255.255.0
VLAN ROUTING - 10.0.1.6
VLAN RANGES - 10.2.31.1-10.2.31.254
X0 interface - is LAN
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2008.11.13 16:20:37 =~=~=~=~=~=~=~=~=~=~=~=
 
 
User Access Verification
 
Password: 
TR3>enable
Password: 
TR3#show run
Building configuration...
 
Current configuration : 25645 bytes
!
! Last configuration change at 16:13:35 PST Thu Nov 13 2008
! NVRAM config last updated at 14:33:54 PST Thu Nov 13 2008
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname TR3
!
no logging buffered
logging console notifications
logging monitor notifications
enable secret 5 $1$rIc1$3onhkMQ53UcKWoWD7/KMF1
enable password 7 14141B180F0B
!
no aaa new-model
clock timezone PST -8
clock summer-time PST recurring
 --More--         switch 1 provision ws-c3750-24p
 --More--         switch 2 provision ws-c3750g-48ps
 --More--         ip subnet-zero
 --More--         ip routing
 --More--         no ip domain-lookup
 --More--         !
 --More--         !
 --More--         mls qos map cos-dscp 0 8 16 26 32 46 48 56
 --More--         mls qos srr-queue input bandwidth 90 10
 --More--         mls qos srr-queue input threshold 1 8 16
 --More--         mls qos srr-queue input threshold 2 34 66
 --More--         mls qos srr-queue input buffers 67 33 
 --More--         mls qos srr-queue input cos-map queue 1 threshold 2  1
 --More--         mls qos srr-queue input cos-map queue 1 threshold 3  0
 --More--         mls qos srr-queue input cos-map queue 2 threshold 1  2
 --More--         mls qos srr-queue input cos-map queue 2 threshold 2  4 6 7
 --More--         mls qos srr-queue input cos-map queue 2 threshold 3  3 5
 --More--         mls qos srr-queue input dscp-map queue 1 threshold 2  9 10 11 12 13 14 15
 --More--         mls qos srr-queue input dscp-map queue 1 threshold 3  0 1 2 3 4 5 6 7
 --More--         mls qos srr-queue input dscp-map queue 1 threshold 3  32
 --More--         mls qos srr-queue input dscp-map queue 2 threshold 1  16 17 18 19 20 21 22 23
 --More--         mls qos srr-queue input dscp-map queue 2 threshold 2  33 34 35 36 37 38 39 48
 --More--         mls qos srr-queue input dscp-map queue 2 threshold 2  49 50 51 52 53 54 55 56
 --More--         mls qos srr-queue input dscp-map queue 2 threshold 2  57 58 59 60 61 62 63
 --More--         mls qos srr-queue input dscp-map queue 2 threshold 3  24 25 26 27 28 29 30 31
 --More--         mls qos srr-queue input dscp-map queue 2 threshold 3  40 41 42 43 44 45 46 47
 --More--         mls qos srr-queue output cos-map queue 1 threshold 3  5
 --More--         mls qos srr-queue output cos-map queue 2 threshold 3  3 6 7
 --More--         mls qos srr-queue output cos-map queue 3 threshold 3  2 4
 --More--         mls qos srr-queue output cos-map queue 4 threshold 2  1
 --More--         mls qos srr-queue output cos-map queue 4 threshold 3  0
 --More--         mls qos srr-queue output dscp-map queue 1 threshold 3  40 41 42 43 44 45 46 47
 --More--         mls qos srr-queue output dscp-map queue 2 threshold 3  24 25 26 27 28 29 30 31
 --More--         mls qos srr-queue output dscp-map queue 2 threshold 3  48 49 50 51 52 53 54 55
 --More--         mls qos srr-queue output dscp-map queue 2 threshold 3  56 57 58 59 60 61 62 63
 --More--         mls qos srr-queue output dscp-map queue 3 threshold 3  16 17 18 19 20 21 22 23
 --More--         mls qos srr-queue output dscp-map queue 3 threshold 3  32 33 34 35 36 37 38 39
 --More--         mls qos srr-queue output dscp-map queue 4 threshold 1  8
 --More--         mls qos srr-queue output dscp-map queue 4 threshold 2  9 10 11 12 13 14 15
 --More--         mls qos srr-queue output dscp-map queue 4 threshold 3  0 1 2 3 4 5 6 7
 --More--         mls qos queue-set output 1 threshold 1 138 138 92 138
 --More--         mls qos queue-set output 1 threshold 2 138 138 92 400
 --More--         mls qos queue-set output 1 threshold 3 36 77 100 318
 --More--         mls qos queue-set output 1 threshold 4 20 50 67 400
 --More--         mls qos queue-set output 2 threshold 1 149 149 100 149
 --More--         mls qos queue-set output 2 threshold 2 118 118 100 235
 --More--         mls qos queue-set output 2 threshold 3 41 68 100 272
 --More--         mls qos queue-set output 2 threshold 4 42 72 100 242
 --More--         mls qos queue-set output 1 buffers 10 10 26 54
 --More--         mls qos queue-set output 2 buffers 16 6 17 61
 --More--         mls qos
 --More--         !
 --More--         !
 --More--         no file verify auto
 --More--         spanning-tree mode pvst
 --More--         spanning-tree extend system-id
 --More--         !
 --More--         vlan internal allocation policy ascending
 --More--         !
 --More--         interface Port-channel1
 --More--          switchport trunk encapsulation dot1q
 --More--          switchport mode trunk
 --More--         !
 --More--         interface Port-channel2
 --More--          switchport trunk encapsulation dot1q
 --More--          switchport mode trunk
 --More--         !
 --More--         interface FastEthernet1/0/1
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/2
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/3
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/4
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/5
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/6
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/7
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/8
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/9
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/10
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/11
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/12
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/13
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/14
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/15
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/16
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/17
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/18
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/19
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/20
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/21
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/22
 --More--          switchport access vlan 117
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/23
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface FastEthernet1/0/24
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet1/0/1
 --More--          description Connection to TR1 1/0/49
 --More--          switchport trunk encapsulation dot1q
 --More--          switchport mode trunk
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          channel-group 1 mode on
 --More--         !
 --More--         interface GigabitEthernet1/0/2
 --More--          description Connection to TR2 1/0/49
 
 --More--          switchport trunk encapsulation dot1q
 --More--          switchport mode trunk
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          channel-group 2 mode on
 --More--         !
 --More--         interface GigabitEthernet2/0/1
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/2
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/3
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/4
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/5
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/6
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/7
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/8
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/9
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/10
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/11
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/12
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/13
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/14
 --More--          switchport access vlan 200
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/15
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/16
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/17
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/18
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/19
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/20
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/21
 --More--          switchport access vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/22
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/23
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/24
 --More--          switchport access vlan 200
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/25
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/26
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/27
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/28
 --More--          switchport access vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/29
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/30
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/31
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/32
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/33
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/34
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/35
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/36
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/37
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/38
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/39
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/40
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/41
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/42
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/43
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/44
 --More--          switchport access vlan 100
 --More--          switchport voice vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust device cisco-phone
 --More--          mls qos trust cos
 --More--          auto qos voip cisco-phone 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/45
 --More--          switchport access vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/46
 --More--          switchport access vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/47
 --More--          switchport access vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/48
 --More--          switchport access vlan 200
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          spanning-tree portfast
 --More--         !
 --More--         interface GigabitEthernet2/0/49
 --More--          description Connection to TR1
 --More--          switchport trunk encapsulation dot1q
 --More--          switchport mode trunk
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          channel-group 1 mode on
 --More--         !
 --More--         interface GigabitEthernet2/0/50
 --More--          description Connection to TR2
 --More--          switchport trunk encapsulation dot1q
 --More--          switchport mode trunk
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--          channel-group 2 mode on
 --More--         !
 --More--         interface GigabitEthernet2/0/51
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--         !
 --More--         interface GigabitEthernet2/0/52
 --More--          srr-queue bandwidth share 10 10 60 20
 --More--          srr-queue bandwidth shape  10  0  0  0 
 --More--          queue-set 2
 --More--          mls qos trust cos
 --More--          auto qos voip trust 
 --More--         !
 --More--         interface Vlan1
 --More--          no ip address
 --More--          shutdown
 --More--         !
 --More--         interface Vlan100
 --More--          ip address 10.0.1.6 255.255.0.0
 --More--         !
 --More--         interface Vlan117
 --More--          ip address 10.2.31.1 255.255.255.0
 --More--          ip helper-address 10.0.0.203
 --More--         !
 --More--         interface Vlan200
 --More--          ip address 172.16.0.1 255.255.0.0
 --More--          ip helper-address 10.0.0.203
 --More--         !
 --More--         ip default-gateway 10.0.0.2
 --More--         ip classless
 --More--         ip http server
 --More--         !
 --More--         snmp-server community 4meonly49 RW
 --More--         snmp-server community 2view49 RO
 --More--         !
 --More--         control-plane
 --More--         !
 --More--         !
 --More--         line con 0
 --More--         line vty 0 4
 --More--          exec-timeout 0 0
 --More--          password 7 141A1D051805242A76786361
 --More--          login
 --More--         line vty 5 15
 --More--          password 7 141A1D051805242A76786361
 --More--          login
 --More--         !
 --More--         !
 --More--         monitor session 1 source interface Fa1/0/23
 --More--         monitor session 1 destination interface Gi2/0/25
 --More--         ntp clock-period 36028912
 --More--         ntp server 10.0.0.203
 --More--         end
 --More--

Open in new window

sonicwallrouting.doc
0
mati02
Asked:
mati02
  • 12
  • 8
1 Solution
 
giltjrCommented:
What your default gateway on the Cat3750 should not matter.  The only time the Cat3750 should route traffic to something else is if it does not know how to get there.  All traffic for the 3 VLAN's should be routed within the Cat3750 and never hit the external gateway.

When telnet'ed into the Cat3750 can you ping its own IP addresses?

What does the route table look like on the Cat3750?

When you configure a static IP address on your computer what IP address are you using as the default route?

0
 
mati02Author Commented:
Yes, while telnetted, i can ping its own ip address (success rate 100%)

Routing table.

TR3>show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    172.16.0.0/16 is directly connected, Vlan200
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.0.0.0/16 is directly connected, Vlan100
C       10.2.31.0/24 is directly connected, Vlan117
TR3>
TR3>exit

When configuring a static ip address i use default gateway of my vlan 10.2.31.1 and i have assigned a random address to my host of 10.2.31.5

0
 
giltjrCommented:
When you configure your PC with a static IP address can you ping 10.2.31.1?

I am assuming that your PC is connected to a port that is on VLAN117, is that correct?

Since you have IP routing enabled, you will also need to set a gateway of last resort, which is basically a default route.

    ip route 0.0.0.0 0.0.0.0 10.0.0.2

You may also want to review:

     http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_example09186a00801cc828.shtml
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
mati02Author Commented:
Yes, my test pc is connected on vlan117, and yes, i can ping 10.2.31.1. If I create this ip route won't it create a routing loop since the router is then going to send information back to 10.0.1.6 (which happens to be where vlan 117 resides? I just want to make sure this isn't going to bring my network down.
0
 
mati02Author Commented:
One more thing, even if the default route isn't set, i should still be able to ping the default gateway (10.0.0.2), correct?
0
 
giltjrCommented:
From your test PC can you ping 10.0.1.6 or 172.16.0.1?

Well based on your config if you disable ip routing then 10.0.0.2 would be used as your default. Isn't it already routing back to 10.0.1.6?

If everything that you need to work for normal production is working, then do NOT add the 0.0.0.0 0.0.0.0 route.

However the 0..0.0.0 0.0.0.0 route I would be surprised that you can get any traffic out with ip routing enabled.  Although I have not worked with a 3750, most of Cisco's L3 switches use the "ip default-gateway" configuration option when they do NOT have ip routing enabled.   When they have ip routing enabled they use the gateway of last resort (ip route 0.0.0.0 0.0.0.0 x.x.x.x).
0
 
giltjrCommented:
To answer you question about ping'ing 10.0.0.2.  Based on my understanding of how Cisco L3 devices work, you should not be able to ping 10.0.0.2.

The reason is in my prior answer.  Basically if you have ip routing enable (ip routing in your config) then all routing decisions are made based on the IOS  routing code, which uses all routes in the routing table (show ip route).  With ip routing disabled (no ip routing), then it uses the ip default-gateway parameter.  Since you have ip routing enabled and no "gateway of last resort" in your ip route table, I am surprised that you have any ip routing functions in the 3750 working at all.  Now, again, this is based on my experience with other Cisco L3 switches.

0
 
mati02Author Commented:
giltjr,

I added the route 0.0.0.0 0.0.0.0 10.0.0.2 and I am now able to ping the default gateway(10.0.0.2). I can now ping to the 10.0.x /16 network (default data vlan 100). The only problem is that i cannot get out to the internet from vlan117 (10.2.31.x /24). When i run a tracert (www.google.com) on my test machine connected to vlan117  it only gets to the subnet default gateway (10.2.31.1). Do you know why this would be?
0
 
giltjrCommented:
The next hop should be the firewall right?  Is it configured to allow the new IP subnet to ping/tracert or even access the Internet?  Does it (the firewall) have a route to get back to the new IP subnet?
0
 
mati02Author Commented:
Yes, this is shown in my initial comment. Under my initial screenshot under "route policies" it shows the rule i setup for the new vlan.

These objects reflect Addresses in screenshot below.

LAN SUBNETS - 10.0.0.0 /16
VLAN 117 RANGE - 10.2.31.1-10.2.31.254
VLAN ROUTING - 10.0.1.6
route-policies.doc
0
 
mati02Author Commented:
FYI~ I modified the names in my firewall rule, so the original screenshot is outdated. Thanks!
0
 
giltjrCommented:
Ops, sorry about that.  Are computers on the other subnets able to get to the Internet and do ping/tracert?

Are there any access control lists or NAT policies where the new subnet would need to be added?
0
 
giltjrCommented:
One thing I just noticed on the top of the screen shot it shows that the Interface X0 is disabled.  I would assume that if it is disabled that nothing would pass through it.
0
 
mati02Author Commented:
These are just for RIP advertisements. We're not using RIP. All other computers on VLAN100 (10.0 /16) are able to get out just fine. I'm searching through the NAT and firewall rules, seems like you're onto something when you said there could be a rule blocking since this is a new subnet.
0
 
mati02Author Commented:
YES! It was a firewall rule, I will DEFINITELY award you the points for this one, but i have one more for you.... You have any idea why when i ping my exchange server from vlan 117 i get the external address? All other traffic is working flawlessly. We have a front end exchange server in our DMZ and a standard server on our lan.
0
 
mati02Author Commented:
FYI!~ i ping the internal address and get a response from external.
0
 
mati02Author Commented:
figured it out. Thanks a million! Yet another firewall rule.  
0
 
giltjrCommented:
Did you really meant to just close this without awarding points?
0
 
mati02Author Commented:
not at all, i set to give you 500 points. Let me try it again. You've helped a BUNCH, you deserve em'!
0
 
mati02Author Commented:
I think that did it, let me know if for some reason it didn't go through. Thanks again!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

  • 12
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now