steveb9288
asked on
SG300 vlan routing problem
I have an SG300 setup with config below:
I have a pc in port 1 with:
ip 10.1.1.1
mask 255.255.255.0
gateway 10.1.1.72
I have a pc in port 2 with:
ip 10.1.20.1
mask 255.255.255.0
gateway 10.1.20.254
I have a pc in port 48 with:
ip 10.1.2.1
mask 255.255.255.0
gateway 10.1.2.251
each pc can ping all vlan interfaces
pc's are unable to ping each other
in cli "show ip route" gives
Maximum Parallel Paths: 1 (1 after reset)
IP Forwarding: enabled
Codes: > - best, C - connected, S - static
C 10.1.1.0/24 is directly connected, vlan 1
C 10.1.2.0/24 is directly connected, vlan 10
C 10.1.20.0/24 is directly connected, vlan 20
Dont understand what the problem is.
Please help.
Thanks
Steve
config-file-header
switch785795
v1.3.0.62 / R750_NIK_1_3_647_260
CLI v1.0
set system mode router
file SSD indicator plaintext
@
vlan database
vlan 10,20
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switch785795
username cisco password encrypted 59e565679d64eed73ce9c04cb4 f0a11627fb 14c7 privilege 15
ip ssh server
clock timezone " " 0 minutes 0
!
interface vlan 1
ip address 10.1.1.72 255.255.255.0
no ip address dhcp
!
interface vlan 10
name VOIP
ip address 10.1.2.251 255.255.255.0
!
interface vlan 20
name Data
ip address 10.1.20.254 255.255.255.0
!
interface gigabitethernet1
switchport mode access
!
interface gigabitethernet2
switchport mode access
switchport access vlan 20
!
interface gigabitethernet48
switchport mode access
switchport access vlan 10
!
exit
I have a pc in port 1 with:
ip 10.1.1.1
mask 255.255.255.0
gateway 10.1.1.72
I have a pc in port 2 with:
ip 10.1.20.1
mask 255.255.255.0
gateway 10.1.20.254
I have a pc in port 48 with:
ip 10.1.2.1
mask 255.255.255.0
gateway 10.1.2.251
each pc can ping all vlan interfaces
pc's are unable to ping each other
in cli "show ip route" gives
Maximum Parallel Paths: 1 (1 after reset)
IP Forwarding: enabled
Codes: > - best, C - connected, S - static
C 10.1.1.0/24 is directly connected, vlan 1
C 10.1.2.0/24 is directly connected, vlan 10
C 10.1.20.0/24 is directly connected, vlan 20
Dont understand what the problem is.
Please help.
Thanks
Steve
config-file-header
switch785795
v1.3.0.62 / R750_NIK_1_3_647_260
CLI v1.0
set system mode router
file SSD indicator plaintext
@
vlan database
vlan 10,20
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switch785795
username cisco password encrypted 59e565679d64eed73ce9c04cb4
ip ssh server
clock timezone " " 0 minutes 0
!
interface vlan 1
ip address 10.1.1.72 255.255.255.0
no ip address dhcp
!
interface vlan 10
name VOIP
ip address 10.1.2.251 255.255.255.0
!
interface vlan 20
name Data
ip address 10.1.20.254 255.255.255.0
!
interface gigabitethernet1
switchport mode access
!
interface gigabitethernet2
switchport mode access
switchport access vlan 20
!
interface gigabitethernet48
switchport mode access
switchport access vlan 10
!
exit
ASKER
Hi
Thanks for responding - this is doing my head in!
I've double checked all the pc configs and the ports they are in.
Only ports 1,2 and 48 are up.
Thats all of the config apart from the keys - do you need them?
Thanks for responding - this is doing my head in!
I've double checked all the pc configs and the ports they are in.
Only ports 1,2 and 48 are up.
Thats all of the config apart from the keys - do you need them?
ASKER
Update - have just upgraded to latest firmware 1.3.7.18
No change. Have tried shutting down and restarting each vlan through cli but no difference.
Help very gratefully received
Config below:
config-file-header
switch785795
v1.3.7.18 / R750_NIK_1_35_647_358
CLI v1.0
set system mode router
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e443003371 9968c0
!
vlan database
vlan 10,20
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switch785795
username cisco password encrypted 59e565679d64eed73ce9c04cb4 f0a11627fb 14c7 privilege 15
ip ssh server
clock timezone " " 0 minutes 0
!
interface vlan 1
ip address 10.1.1.72 255.255.255.0
no ip address dhcp
!
interface vlan 10
name VOIP
ip address 10.1.2.251 255.255.255.0
!
interface vlan 20
name Data
ip address 10.1.20.254 255.255.255.0
!
interface gigabitethernet1
switchport mode access
!
interface gigabitethernet2
switchport mode access
switchport access vlan 20
!
interface gigabitethernet48
switchport mode access
switchport access vlan 10
!
exit
No change. Have tried shutting down and restarting each vlan through cli but no difference.
Help very gratefully received
Config below:
config-file-header
switch785795
v1.3.7.18 / R750_NIK_1_35_647_358
CLI v1.0
set system mode router
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e443003371
!
vlan database
vlan 10,20
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switch785795
username cisco password encrypted 59e565679d64eed73ce9c04cb4
ip ssh server
clock timezone " " 0 minutes 0
!
interface vlan 1
ip address 10.1.1.72 255.255.255.0
no ip address dhcp
!
interface vlan 10
name VOIP
ip address 10.1.2.251 255.255.255.0
!
interface vlan 20
name Data
ip address 10.1.20.254 255.255.255.0
!
interface gigabitethernet1
switchport mode access
!
interface gigabitethernet2
switchport mode access
switchport access vlan 20
!
interface gigabitethernet48
switchport mode access
switchport access vlan 10
!
exit
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Tamas
Pc's respond to pings from switch on their respective subnets and they are definitely all 255.255.255.0.
The gateway addresses were just selected - could all be .254 or .1 - no reason.
No VRRP/HSRP going on.
Pc's respond to pings from switch on their respective subnets and they are definitely all 255.255.255.0.
The gateway addresses were just selected - could all be .254 or .1 - no reason.
No VRRP/HSRP going on.
Okay. Check a "show ip interface", maybe it tells something?
Maybe give it a default route? Shouldn't be needed, but can't really hurt either...
Increase loglevel, see what it says...
Do you ping PCs by name? Maybe it tries to ping on IPv6?
I agree on the "it should just work like this" part, though...
Maybe give it a default route? Shouldn't be needed, but can't really hurt either...
Increase loglevel, see what it says...
Do you ping PCs by name? Maybe it tries to ping on IPv6?
I agree on the "it should just work like this" part, though...
Also, could you post the entire switch config?