Solved

Cisco Routing Question

Posted on 2014-03-10
7
38 Views
Last Modified: 2015-09-15
I am planning on replacing some of our networking equipment as it is currently patch worked together.  Currently I am using a 3825 and a 3550 to do the routing at the hub location of our network.  My plan was to replace these two devices with a 3560X that I have.  

I have attached the config of the 3560X that I attempted to use.  The problem I have was the switch would only pass 192.168.1.X traffic out to our firewall.  My guess is it is a VLAN issue as traffic between all of the locations worked correctly.  I can provide any other relevant information to anyone who has any suggestions on this.
s1config.txt
0
Comment
Question by:joshparker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
7 Comments
 

Author Comment

by:joshparker
ID: 39918631
I should have mentioned that 192.168.1.1 is the address of my firewall connected via g0/22.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 39918982
1) Is your FW configured to NAT traffic from all the networks?

2) Does your FW have routes to the networks with the 3560 as the next hop?
0
 

Author Comment

by:joshparker
ID: 39919000
My firewall is configure to nat traffic from all networks and also has routers for all networks back to the 3560X  I was able to ping from the firewall to all networks but could not ping the firewall from those networks.  

I am pretty sure the problem was the firewall and entire 192.168.1.X subnet being on VLAN1.  I could access outside the network from that subnet but not any of the others but was unsure how to solve the issue.
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 50

Expert Comment

by:Don Johnston
ID: 39919010
I was able to ping from the firewall to all networks but could not ping the firewall from those networks.  

Since pings are bi-directional, if the firewall can ping a device on network A, then a device on network A can ping the firewall... unless the firewall is blocking the ICMP echo request.

From a device on one of the problem networks, do a traceroute to the internet and see where it stops.  That would be a good starting point.
0
 

Author Comment

by:joshparker
ID: 39919044
All traffic bound for outside the network stopped at the 3560 when doing a trace route.
0
 

Accepted Solution

by:
joshparker earned 0 total points
ID: 40971776
Ended up using a different piece of equipment
0
 

Author Closing Comment

by:joshparker
ID: 40977690
Couldnt find a solution so used a different piece of equipment
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question