Solved

SG300 vlan routing problem

Posted on 2014-03-04
6
654 Views
Last Modified: 2014-04-07
I have an SG300 setup with config below:

I have a pc in port 1 with:
ip 10.1.1.1
mask 255.255.255.0
gateway 10.1.1.72

I have a pc in port 2 with:
ip 10.1.20.1
mask 255.255.255.0
gateway 10.1.20.254

I have a pc in port 48 with:
ip 10.1.2.1
mask 255.255.255.0
gateway 10.1.2.251

each pc can ping all vlan interfaces

pc's are unable to ping each other

in cli "show ip route" gives
Maximum Parallel Paths: 1 (1 after reset)
IP Forwarding: enabled
Codes: > - best, C - connected, S - static


C   10.1.1.0/24 is directly connected, vlan 1
C   10.1.2.0/24 is directly connected, vlan 10
C   10.1.20.0/24 is directly connected, vlan 20


Dont understand what the problem is.

Please help.

Thanks

Steve






config-file-header
switch785795
v1.3.0.62 / R750_NIK_1_3_647_260
CLI v1.0
set system mode router

file SSD indicator plaintext
@
vlan database
vlan 10,20
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switch785795
username cisco password encrypted 59e565679d64eed73ce9c04cb4f0a11627fb14c7 privilege 15
ip ssh server
clock timezone " " 0 minutes 0
!
interface vlan 1
 ip address 10.1.1.72 255.255.255.0
 no ip address dhcp
!
interface vlan 10
 name VOIP
 ip address 10.1.2.251 255.255.255.0
!
interface vlan 20
 name Data
 ip address 10.1.20.254 255.255.255.0
!
interface gigabitethernet1
 switchport mode access
!
interface gigabitethernet2
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet48
 switchport mode access
 switchport access vlan 10
!
exit
0
Comment
Question by:steveb9288
  • 3
  • 2
6 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 39903807
Looks correct to me. Can you triple check the ip configurations on the pc's, also making sure they are actually in the ports you have configured. Sometimes simple mistakes are the issue.

Also, could you post the entire switch config?
0
 

Author Comment

by:steveb9288
ID: 39903927
Hi

Thanks for responding - this is doing my head in!

I've double checked all the pc configs and the ports they are in.

Only ports 1,2 and 48 are up.

Thats all of the config apart from the keys - do you need them?
0
 

Author Comment

by:steveb9288
ID: 39904070
Update - have just upgraded to latest firmware 1.3.7.18

No change. Have tried shutting down and restarting each vlan through cli but no difference.

Help very gratefully received

Config below:

config-file-header
switch785795
v1.3.7.18 / R750_NIK_1_35_647_358
CLI v1.0
set system mode router

file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 10,20
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switch785795
username cisco password encrypted 59e565679d64eed73ce9c04cb4f0a11627fb14c7 privilege 15
ip ssh server
clock timezone " " 0 minutes 0
!
interface vlan 1
 ip address 10.1.1.72 255.255.255.0
 no ip address dhcp
!
interface vlan 10
 name VOIP
 ip address 10.1.2.251 255.255.255.0
!
interface vlan 20
 name Data
 ip address 10.1.20.254 255.255.255.0
!
interface gigabitethernet1
 switchport mode access
!
interface gigabitethernet2
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet48
 switchport mode access
 switchport access vlan 10
!
exit
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 17

Accepted Solution

by:
TimotiSt earned 500 total points
ID: 39904102
I'd say check:
- firewalls on PCs,
- netmask on PCs: for class A addresses, windows loves to default to 255.0.0.0.

How did you come up with these gateway addresses? Is there VRRP/HSRP/anything going on, or you expanded subnets, or anything fancy? Not that they're bad, just somewhat unusual.

Tamas
0
 

Author Comment

by:steveb9288
ID: 39904478
Hi Tamas

Pc's respond to pings from switch on their respective subnets and they are definitely all 255.255.255.0.

The gateway addresses were just selected - could all be .254 or .1 - no reason.

No VRRP/HSRP going on.
0
 
LVL 17

Expert Comment

by:TimotiSt
ID: 39904668
Okay. Check a "show ip interface", maybe it tells something?
Maybe give it a default route? Shouldn't be needed, but can't really hurt either...
Increase loglevel, see what it says...
Do you ping PCs by name? Maybe it tries to ping on IPv6?

I agree on the "it should just work like this" part, though...
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Join & Write a Comment

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now