rrya871302
asked on
Accessing VPN on different subnet using Cisco 3750 switch
Oh Great Cisco VPN Gurus,
I am trying to make 1 port on a Cisco 3750 show up on a vlan that is in another subnet. I cannot get traffic to pass. I can do it on the core 6509 and it works fine. I'm at a loss on how to get it to work in this switch.
Thanks,
Randy
I am trying to make 1 port on a Cisco 3750 show up on a vlan that is in another subnet. I cannot get traffic to pass. I can do it on the core 6509 and it works fine. I'm at a loss on how to get it to work in this switch.
Thanks,
Randy
ASKER
Yes, the 3750 is connected to the 6509 via dot1q trunk. I am using VTP. The Vlan in my subnet is 76 and Vlan 80 is what I am trying to make the port see.
Pruning mode is disabled.
Thanks
Pruning mode is disabled.
Thanks
Can you send me the configuration of the trunk port on both sides? Also, the output of a "Show VLAN" and "SHOW INT TRUNK" on both sides.
Thanks
Thanks
ASKER
Here it is. Separated by '==========="
Thanks!
Sh INT Trunk on 3750
tech-p-dt#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/0/9 on 802.1q trunking 76
Fa1/0/34 on 802.1q trunking 76
Fa1/0/48 on 802.1q trunking 76
Gi1/0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/0/9 1-4094
Fa1/0/34 1-4094
Fa1/0/48 1-4094
Gi1/0/1 1-4094
Port Vlans allowed and active in management domain
Fa1/0/9 1-2,16,21-22,64,76,82,101, 140-141,15 1,192,240, 255,410-41 2,420-422, 64
0,760,951-952
Fa1/0/34 1-2,16,21-22,64,76,82,101, 140-141,15 1,192,240, 255,410-41 2,420-422, 64
0,760,951-952
Fa1/0/48 1-2,16,21-22,64,76,82,101, 140-141,15 1,192,240, 255,410-41 2,420-422, 64
0,760,951-952
Gi1/0/1 1-2,16,21-22,64,76,82,101, 140-141,15 1,192,240, 255,410-41 2,420-422, 64
0,760,951-952
Port Vlans in spanning tree forwarding state and not pruned
Port Vlans in spanning tree forwarding state and not pruned
Fa1/0/9 1-2,16,21-22,64,76,82,101, 140-141,15 1,192,240, 255,410-41 2,420-422, 64
0,760,951-952
Fa1/0/34 1-2,16,21-22,64,76,82,101, 140-141,15 1,192,240, 255,410-41 2,420-422, 64
0,760,951-952
Fa1/0/48 1-2,16,21-22,64,76,82,101, 140-141,15 1,192,240, 255,410-41 2,420-422, 64
0,760,951-952
Gi1/0/1 1-2,16,21-22,64,76,82,101, 140-141,15 1,192,240, 255,410-41 2,420-422, 64
0,760,951-952
tech-p-dt#
========================== ========== ========== ========== ========== ========== ===
Sh Vlan on 3750
tech-p-dt# sh vlan
VLAN Name Status Ports
---- -------------------------- ------ --------- -------------------------- -----
1 default active Gi1/0/2, Gi1/0/3, Gi1/0/4
2 VLAN0002 active
16 VLAN0016 active
21 VLAN0021 active
22 VLAN0022 active
64 Maint active
76 Admin-Center active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/10
Fa1/0/11, Fa1/0/12, Fa1/0/13
Fa1/0/14, Fa1/0/15, Fa1/0/16
Fa1/0/17, Fa1/0/18, Fa1/0/19
Fa1/0/20, Fa1/0/21, Fa1/0/22
Fa1/0/23, Fa1/0/24, Fa1/0/25
Fa1/0/26, Fa1/0/27, Fa1/0/29
Fa1/0/30, Fa1/0/31, Fa1/0/32
Fa1/0/33, Fa1/0/35, Fa1/0/36
Fa1/0/37, Fa1/0/38, Fa1/0/39
Fa1/0/40, Fa1/0/41, Fa1/0/42
Fa1/0/43, Fa1/0/44, Fa1/0/45
Fa1/0/46, Fa1/0/47
82 VLAN0082 active
101 VLAN0101 active
140 Wireless Mgmt. Vlan active
141 Intenral Wireless Clients active
151 Wireless-Guest-VLAN active
192 VLAN0192 active
240 VLAN0240 active
255 VLAN0255 active
410 VLAN0410 active
411 VLAN0411 active
412 VLAN0412 active
420 VLAN0420 active
421 VLAN0421 active
422 VLAN0422 active
640 Maintenance-Voice active
760 Admin_Voice active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/10
VLAN Name Status Ports
---- -------------------------- ------ --------- -------------------------- -----
Fa1/0/11, Fa1/0/12, Fa1/0/13
Fa1/0/14, Fa1/0/15, Fa1/0/16
Fa1/0/17, Fa1/0/18, Fa1/0/19
Fa1/0/20, Fa1/0/21, Fa1/0/22
Fa1/0/23, Fa1/0/24, Fa1/0/25
Fa1/0/26, Fa1/0/27, Fa1/0/29
Fa1/0/30, Fa1/0/31, Fa1/0/32
Fa1/0/33, Fa1/0/35, Fa1/0/36
Fa1/0/37, Fa1/0/38, Fa1/0/39
Fa1/0/40, Fa1/0/41, Fa1/0/42
Fa1/0/43, Fa1/0/44, Fa1/0/45
Fa1/0/46, Fa1/0/47
951 Firewall-Outside active
952 DMZ active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
16 enet 100016 1500 - - - - - 0 0
21 enet 100021 1500 - - - - - 0 0
22 enet 100022 1500 - - - - - 0 0
64 enet 100064 1500 - - - - - 0 0
76 enet 100076 1500 - - - - - 0 0
82 enet 100082 1500 - - - - - 0 0
101 enet 100101 1500 - - - - - 0 0
140 enet 100140 1500 - - - - - 0 0
141 enet 100141 1500 - - - - - 0 0
151 enet 100151 1500 - - - - - 0 0
192 enet 100192 1500 - - - - - 0 0
240 enet 100240 1500 - - - - - 0 0
255 enet 100255 1500 - - - - - 0 0
410 enet 100410 1500 - - - - - 0 0
411 enet 100411 1500 - - - - - 0 0
412 enet 100412 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
420 enet 100420 1500 - - - - - 0 0
421 enet 100421 1500 - - - - - 0 0
422 enet 100422 1500 - - - - - 0 0
640 enet 100640 1500 - - - - - 0 0
760 enet 100760 1500 - - - - - 0 0
951 enet 100951 1500 - - - - - 0 0
952 enet 100952 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
-------------------------- ---------- ---------- ---------- ---------- ---------- --
Primary Secondary Type Ports
------- --------- ----------------- -------------------------- ---------- ------
========================== ========== ========== ========== ========== ========== ======
Trunk Config on 3750
interface GigabitEthernet1/0/3
switchport trunk encapsulation dot1q
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
mls qos trust cos
auto qos voip trust
!
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
mls qos trust cos
auto qos voip trust
========================== ========== ========== ========== ========== ========== ========
Trunk on 6509
interface GigabitEthernet1/5
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
Thanks!
Sh INT Trunk on 3750
tech-p-dt#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/0/9 on 802.1q trunking 76
Fa1/0/34 on 802.1q trunking 76
Fa1/0/48 on 802.1q trunking 76
Gi1/0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/0/9 1-4094
Fa1/0/34 1-4094
Fa1/0/48 1-4094
Gi1/0/1 1-4094
Port Vlans allowed and active in management domain
Fa1/0/9 1-2,16,21-22,64,76,82,101,
0,760,951-952
Fa1/0/34 1-2,16,21-22,64,76,82,101,
0,760,951-952
Fa1/0/48 1-2,16,21-22,64,76,82,101,
0,760,951-952
Gi1/0/1 1-2,16,21-22,64,76,82,101,
0,760,951-952
Port Vlans in spanning tree forwarding state and not pruned
Port Vlans in spanning tree forwarding state and not pruned
Fa1/0/9 1-2,16,21-22,64,76,82,101,
0,760,951-952
Fa1/0/34 1-2,16,21-22,64,76,82,101,
0,760,951-952
Fa1/0/48 1-2,16,21-22,64,76,82,101,
0,760,951-952
Gi1/0/1 1-2,16,21-22,64,76,82,101,
0,760,951-952
tech-p-dt#
==========================
Sh Vlan on 3750
tech-p-dt# sh vlan
VLAN Name Status Ports
---- --------------------------
1 default active Gi1/0/2, Gi1/0/3, Gi1/0/4
2 VLAN0002 active
16 VLAN0016 active
21 VLAN0021 active
22 VLAN0022 active
64 Maint active
76 Admin-Center active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/10
Fa1/0/11, Fa1/0/12, Fa1/0/13
Fa1/0/14, Fa1/0/15, Fa1/0/16
Fa1/0/17, Fa1/0/18, Fa1/0/19
Fa1/0/20, Fa1/0/21, Fa1/0/22
Fa1/0/23, Fa1/0/24, Fa1/0/25
Fa1/0/26, Fa1/0/27, Fa1/0/29
Fa1/0/30, Fa1/0/31, Fa1/0/32
Fa1/0/33, Fa1/0/35, Fa1/0/36
Fa1/0/37, Fa1/0/38, Fa1/0/39
Fa1/0/40, Fa1/0/41, Fa1/0/42
Fa1/0/43, Fa1/0/44, Fa1/0/45
Fa1/0/46, Fa1/0/47
82 VLAN0082 active
101 VLAN0101 active
140 Wireless Mgmt. Vlan active
141 Intenral Wireless Clients active
151 Wireless-Guest-VLAN active
192 VLAN0192 active
240 VLAN0240 active
255 VLAN0255 active
410 VLAN0410 active
411 VLAN0411 active
412 VLAN0412 active
420 VLAN0420 active
421 VLAN0421 active
422 VLAN0422 active
640 Maintenance-Voice active
760 Admin_Voice active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/10
VLAN Name Status Ports
---- --------------------------
Fa1/0/11, Fa1/0/12, Fa1/0/13
Fa1/0/14, Fa1/0/15, Fa1/0/16
Fa1/0/17, Fa1/0/18, Fa1/0/19
Fa1/0/20, Fa1/0/21, Fa1/0/22
Fa1/0/23, Fa1/0/24, Fa1/0/25
Fa1/0/26, Fa1/0/27, Fa1/0/29
Fa1/0/30, Fa1/0/31, Fa1/0/32
Fa1/0/33, Fa1/0/35, Fa1/0/36
Fa1/0/37, Fa1/0/38, Fa1/0/39
Fa1/0/40, Fa1/0/41, Fa1/0/42
Fa1/0/43, Fa1/0/44, Fa1/0/45
Fa1/0/46, Fa1/0/47
951 Firewall-Outside active
952 DMZ active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
16 enet 100016 1500 - - - - - 0 0
21 enet 100021 1500 - - - - - 0 0
22 enet 100022 1500 - - - - - 0 0
64 enet 100064 1500 - - - - - 0 0
76 enet 100076 1500 - - - - - 0 0
82 enet 100082 1500 - - - - - 0 0
101 enet 100101 1500 - - - - - 0 0
140 enet 100140 1500 - - - - - 0 0
141 enet 100141 1500 - - - - - 0 0
151 enet 100151 1500 - - - - - 0 0
192 enet 100192 1500 - - - - - 0 0
240 enet 100240 1500 - - - - - 0 0
255 enet 100255 1500 - - - - - 0 0
410 enet 100410 1500 - - - - - 0 0
411 enet 100411 1500 - - - - - 0 0
412 enet 100412 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
420 enet 100420 1500 - - - - - 0 0
421 enet 100421 1500 - - - - - 0 0
422 enet 100422 1500 - - - - - 0 0
640 enet 100640 1500 - - - - - 0 0
760 enet 100760 1500 - - - - - 0 0
951 enet 100951 1500 - - - - - 0 0
952 enet 100952 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
--------------------------
Primary Secondary Type Ports
------- --------- ----------------- --------------------------
==========================
Trunk Config on 3750
interface GigabitEthernet1/0/3
switchport trunk encapsulation dot1q
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
mls qos trust cos
auto qos voip trust
!
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
mls qos trust cos
auto qos voip trust
==========================
Trunk on 6509
interface GigabitEthernet1/5
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So if I just add Vlan 80 to the 6509 the trunking and routing will allow it to be accessed by the 3750? I don't have to do anything to the interface going to the 3750?
Thanks,
Thanks,
ASKER
To the point and accurate Thanks very much.
1) Is the 3750 connected to the 6509 via an 802.1q trunk or access port?
2) Are you using VTP?
3) What are the VLAN numbers, and are they configured on both switches?
That should get us started. At first glance it sounds like you are pruning the VLAN and not allowing it out at the 3750.