• Status: Solved
  • Priority: High
  • Security: Public
  • Views: 84
  • Last Modified:

Cisco switch with 2 different vlans, but 2nd is not working

So, here is my scenario

Currently with 192.168.60.0/24 network set as VLAN200 on a switch, my router is 192.168.60.2.

Got a cisco 2960 switch as 192.168.60.1, and set with default GW 192.168.60.2

However, I need to set a new vlan for a vpn (mikrotik)

Mikrotik ip is 8.20.15.251/24

Ive created a VLAN400, as 8.20.15.0/24 and indicated the ip helper as the mikrotik. After assigning ports to that VLAN, it doesnt acquire IP, neither reach the GW (if I assign static IP to the computer). From the switch, if I try to ping the mikrotik ip, it does not respond (if I connect a computer directly on the mikrotik, I do get an IP, I can access it and even access the VPN services without problems)

Am I missing something?

thank you
0
Allan Martins
Asked:
Allan Martins
5 Solutions
 
13L@CK_H3@RTNetwork AdministratorCommented:
can you draw a brief diagram?
0
 
Allan MartinsAuthor Commented:
A just made this simple drawing. Let me know if this helps to make it clear.
0
 
13L@CK_H3@RTNetwork AdministratorCommented:
can you show us the results of these commands on Cisco switch:
show ip int b
show vlan
show ip route
show cdp nei
show int trunk

Open in new window

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Mitul PrajapatiIT EngineerCommented:
Hi,

Have you tried to configure Router on a stick for both of the VLANs 200 & 400 (If you are using 1 Network cable between Cisco switch and router). It seems like your switch doesn't know where to forward 8.20.15.0/24 traffic. And do not forget to make switch port as a trunk those are connected to router and mikrotik.

Hopefully this will work for you.
0
 
Allan MartinsAuthor Commented:
** show ip int b **
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM  administratively down down
Vlan102                unassigned      YES unset  up                    up
Vlan103                unassigned      YES unset  up                    down
Vlan200                192.168.60.1    YES NVRAM  up                    up
Vlan400                8.20.15.1       YES manual up                    up
FastEthernet0          unassigned      YES NVRAM  administratively down down
GigabitEthernet1/0/1   unassigned      YES unset  up                    up
GigabitEthernet1/0/2   unassigned      YES unset  up                    up
GigabitEthernet1/0/3   unassigned      YES unset  up                    up
GigabitEthernet1/0/4   unassigned      YES unset  up                    up
GigabitEthernet1/0/5   unassigned      YES unset  up                    up
GigabitEthernet1/0/6   unassigned      YES unset  up                    up
GigabitEthernet1/0/7   unassigned      YES unset  down                  down
...

Open in new window

(all other repeats the same)

** show vlan **
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active
400  ALPHAVILLE                       active    Gi1/0/13
200  network                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                Gi1/0/10, Gi1/0/11, Gi1/0/12

Open in new window


                                                                        
                                                                        

** show ip route **                                                                        
Default gateway is 192.168.60.2

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty

Open in new window




** show cdp nei **
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
                  D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
ESX1.smartservices.com
                 Gig 1/0/3         163               S    VMware ES vmnic0
ESX3.smartservices.com
                 Gig 1/0/2         126               S    VMware ES vmnic0
ESX2.smartservices.com
                 Gig 1/0/1         126               S    VMware ES vmnic0

Open in new window

                       

                         
** show int trunk **
simply shows nothing...
0
 
13L@CK_H3@RTNetwork AdministratorCommented:
Do you have the route from Switch to Microtik? Since the default gateway of Switch is 192.168.60.2, the traffic will go to Router first, but I am not sure it can reach the Microtik, can you confirm more information?

From switch:
ping 192.168.60.1 
traceroute 192.168.60.1 
ping 8.20.15.251
traceroute 8.20.15.251

Open in new window


From Router
ping 8.20.15.251
traceroute 8.20.15.251

Open in new window



From Microtik:
ping 192.168.60.2
traceroute 192.168.60.2 
ping 8.20.15.1
traceroute 8.20.15.1

Open in new window

0
 
Yuri SpirinSystems IntegrationCommented:
Hi!
First of all, Cisco 2960 is L2 switch so it can't do inter-vlan routing between VLANs 200 and 400. To have packets flowing between those VLANs you have to setup trunk link from switch to router. Trunk must include VLANs 200 and 400. Then you have to setup IP subinterfaces on the router for subnets 192.168.60.0/24 and 8.20.15.0/24. After that is done the router will be routing packets between those subnets so the computers in VLANs 200 will be able to reach Microtic (assuming the default gateway on computers is set to 192.168.60.2).

Second, if you want some computers to be on same subnet with Microtic (as shown on the right in your diagram), you have to assign some ports on the switch to vlan 400. Currently you have only one port assigned to it.
0
 
WissamSenior Network EngineerCommented:
Hi,

if the switch is a 2960X, you can set it for inter-vlan routing, would it be possible to share the switch output of the command : show version
0
 
Allan MartinsAuthor Commented:
Thank you all, we managed to set static routes on the computers until we changed the entire network subnet (this weekend), everything is working fine now. thanks!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now