Cisco switch with 2 different vlans, but 2nd is not working

So, here is my scenario

Currently with 192.168.60.0/24 network set as VLAN200 on a switch, my router is 192.168.60.2.

Got a cisco 2960 switch as 192.168.60.1, and set with default GW 192.168.60.2

However, I need to set a new vlan for a vpn (mikrotik)

Mikrotik ip is 8.20.15.251/24

Ive created a VLAN400, as 8.20.15.0/24 and indicated the ip helper as the mikrotik. After assigning ports to that VLAN, it doesnt acquire IP, neither reach the GW (if I assign static IP to the computer). From the switch, if I try to ping the mikrotik ip, it does not respond (if I connect a computer directly on the mikrotik, I do get an IP, I can access it and even access the VPN services without problems)

Am I missing something?

thank you
LVL 2
Allan MartinsICT TechnicianAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TjnoNetwork AdministratorCommented:
can you draw a brief diagram?
0
Allan MartinsICT TechnicianAuthor Commented:
A just made this simple drawing. Let me know if this helps to make it clear.
0
TjnoNetwork AdministratorCommented:
can you show us the results of these commands on Cisco switch:
show ip int b
show vlan
show ip route
show cdp nei
show int trunk

Open in new window

0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

Mitul PrajapatiJunior IT EngineerCommented:
Hi,

Have you tried to configure Router on a stick for both of the VLANs 200 & 400 (If you are using 1 Network cable between Cisco switch and router). It seems like your switch doesn't know where to forward 8.20.15.0/24 traffic. And do not forget to make switch port as a trunk those are connected to router and mikrotik.

Hopefully this will work for you.
0
Allan MartinsICT TechnicianAuthor Commented:
** show ip int b **
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM  administratively down down
Vlan102                unassigned      YES unset  up                    up
Vlan103                unassigned      YES unset  up                    down
Vlan200                192.168.60.1    YES NVRAM  up                    up
Vlan400                8.20.15.1       YES manual up                    up
FastEthernet0          unassigned      YES NVRAM  administratively down down
GigabitEthernet1/0/1   unassigned      YES unset  up                    up
GigabitEthernet1/0/2   unassigned      YES unset  up                    up
GigabitEthernet1/0/3   unassigned      YES unset  up                    up
GigabitEthernet1/0/4   unassigned      YES unset  up                    up
GigabitEthernet1/0/5   unassigned      YES unset  up                    up
GigabitEthernet1/0/6   unassigned      YES unset  up                    up
GigabitEthernet1/0/7   unassigned      YES unset  down                  down
...

Open in new window

(all other repeats the same)

** show vlan **
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active
400  ALPHAVILLE                       active    Gi1/0/13
200  network                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                Gi1/0/10, Gi1/0/11, Gi1/0/12

Open in new window


                                                                        
                                                                        

** show ip route **                                                                        
Default gateway is 192.168.60.2

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty

Open in new window




** show cdp nei **
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
                  D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
ESX1.smartservices.com
                 Gig 1/0/3         163               S    VMware ES vmnic0
ESX3.smartservices.com
                 Gig 1/0/2         126               S    VMware ES vmnic0
ESX2.smartservices.com
                 Gig 1/0/1         126               S    VMware ES vmnic0

Open in new window

                       

                         
** show int trunk **
simply shows nothing...
0
TjnoNetwork AdministratorCommented:
Do you have the route from Switch to Microtik? Since the default gateway of Switch is 192.168.60.2, the traffic will go to Router first, but I am not sure it can reach the Microtik, can you confirm more information?

From switch:
ping 192.168.60.1 
traceroute 192.168.60.1 
ping 8.20.15.251
traceroute 8.20.15.251

Open in new window


From Router
ping 8.20.15.251
traceroute 8.20.15.251

Open in new window



From Microtik:
ping 192.168.60.2
traceroute 192.168.60.2 
ping 8.20.15.1
traceroute 8.20.15.1

Open in new window

0
Yuri SpirinSystems IntegrationCommented:
Hi!
First of all, Cisco 2960 is L2 switch so it can't do inter-vlan routing between VLANs 200 and 400. To have packets flowing between those VLANs you have to setup trunk link from switch to router. Trunk must include VLANs 200 and 400. Then you have to setup IP subinterfaces on the router for subnets 192.168.60.0/24 and 8.20.15.0/24. After that is done the router will be routing packets between those subnets so the computers in VLANs 200 will be able to reach Microtic (assuming the default gateway on computers is set to 192.168.60.2).

Second, if you want some computers to be on same subnet with Microtic (as shown on the right in your diagram), you have to assign some ports on the switch to vlan 400. Currently you have only one port assigned to it.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
WissamSenior Network EngineerCommented:
Hi,

if the switch is a 2960X, you can set it for inter-vlan routing, would it be possible to share the switch output of the command : show version
0
Allan MartinsICT TechnicianAuthor Commented:
Thank you all, we managed to set static routes on the computers until we changed the entire network subnet (this weekend), everything is working fine now. thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.