Solved

Setting up vlan forwarding on Cisco 4510r Catalyst switch

Posted on 2014-02-26
8
916 Views
Last Modified: 2014-02-28
Total novice but working with someone who has a clue.
Cisco 4510r running os 12.2

We had everything running in vlan 1 which was 10.0.0.x , gateway 10.0.0.1, subnet 255.255.252.0
We created vlan 20 which is set to 10.0.20.0, gateway 10.0.20.1, subnet 255.255.255.0.

We added 1 port to vlan 20 and verified that we could ping the new gateway.
We are attempting to get vlan 20 to route to vlan 1
So from a machine in vlan 20 with ip 10.0.20.100 be able to at least ping a machine in vlan 1 with IP 10.0.0.20.

no luck. Looking for any information that I can forward to the engineer working on this issue.
Thanks,
0
Comment
Question by:adamant40
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 1

Expert Comment

by:netdsg
ID: 39890683
Can the switch ping both the PC's?
0
 

Author Comment

by:adamant40
ID: 39890696
Yes
0
 
LVL 1

Expert Comment

by:netdsg
ID: 39890716
Verify the following:

ip routing is enabled on the switch with the 'ip routing' command in global mode

You can verify this on the switch console with a 'show ip route' command, routes for both networks should be present.

Verify the use of VLAN interfaces on the 4500 switch

Example:
interface vlan 1
ip address 10.0.0.1 255.255.255.0

The switch ports should look something like this:

int g0/x
switchport mode access
switchport access vlan 1

int g0/x
switchport mode access
switchport access vlan 20

Verify the default gateways on the PC's

10.0.0.x PC default gateway 10.0.0.1
10.0.20.x PC default gateway 20.0.20.1
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 

Author Comment

by:adamant40
ID: 39890769
Thanks I have passed that on to Engineer working on it and will update when I hear back.
0
 

Author Comment

by:adamant40
ID: 39893472
So things get more complicated, do my best to record what the engineer told me. If I can't provide enough information to make this clear I'll close out the question and award you the points.

They setup vlan 10 and vlan 20 and were able to route between those vlans no problem.

Most of our systems are in vlan 1 (guess that is the default). Vlan 1 has a gateway address of 10.0.0.5, the IP address of the switch itself.

Our Pix firewall is the 10.0.0.1 gateway IP.
0
 
LVL 1

Accepted Solution

by:
netdsg earned 500 total points
ID: 39893888
One approach is to make the link between the firewall and the switch a routed link.  See the attached jpeg drawing L3 switch to Firewall Drawing
The key here is the 'no switchport' command on the switch port facing the firewall.

With this approach the appropriate vlan interface is the default gateway for the hosts.  The Layer three switch then routes traffic to the other Vlan or to the firewall as needed.  The firewall needs routes back to the vlans and NAT configuration for any new vlans.
0
 

Author Comment

by:adamant40
ID: 39895133
Thanks I'll pass this along and see what happens.
0
 

Author Closing Comment

by:adamant40
ID: 39895137
Unable to implement myself but will pass on to the engineer.
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article explains the protocols and technology which is involved when two computers on different TCP/IP networks communicate with each other. In the diagram, a router is used to segregate two networks. The networks are 192.168.1.0/24 and 192…
SSL is a very common protocol used these days when browsing the web.  The purpose is to provide security to communication, but how does it do it?  There are several pieces at work that have to be setup before SSL will even work and it requires both …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question