• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 76
  • Last Modified:

configuration

am new to ccna ..i had small scenario attached and config mentioned below

Switch#show running-config
Building configuration...

Current configuration : 1565 bytes
!
version 12.2(37)SE1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
ip routing
!
!
!
spanning-tree mode pvst
!
!
!
interface FastEthernet0/1
 no switchport
 ip address 192.168.1.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/2
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
!
interface FastEthernet0/3
 switchport access vlan 20
 switchport mode access
 switchport nonegotiate
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 mac-address 0040.0b2d.7601
 ip address 10.0.0.1 255.0.0.0
!
interface Vlan20
 mac-address 0040.0b2d.7602
 ip address 20.0.0.1 255.0.0.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end



and from router end just configured gateway port gig0/0 with is connect to switch with the ip address 192.168.1.1....now i want to ping  from system to router gateway.but am unable to do that.what mistake did can any one help me with the configuration plz
Capture.PNG
0
vivek chintala
Asked:
vivek chintala
  • 4
  • 4
1 Solution
 
JustInCaseCommented:
Since there is no routing protocol configured you need to configure static route(s) on Router 0.
ip route 10.0.0.0 255.0.0.0 192.168.1.1
ip route 20.0.0.0 255.0.0.0 192.168.1.1
If router 0 does not have route to destination return traffic will be dropped.
ICMP packets is reaching Router 0 (you can see ti if you "debug ip icmp"), but router can't answer to ping requests since it is only know about network 192.168.1.0/24. Default route on Router 0 that is pointing to 192.168.1.2 could also solve the problem (ip route 0.0.0.0 0.0.0.0 192.168.1.2).
0
 
vivek chintalaAuthor Commented:
thnaks a lot its working but at the same time am able to ping 10.0.0.0 series to 20.0.0.0 series and i dont want to ping each other how do i restrict..i want 10 and 20 should commmunicate with router ..but i dont want it to communicate 10 and 20
0
 
JustInCaseCommented:
You need to implement filtering. Create access list and apply it to SVI interface.

access-list 100 deny ip 10.0.0.0 0.255.255.255 20.0.0.0 0.255.255.255
access-list 100 permit ip any any
!
interface vlan 10
ip access-group 100 in

Open in new window

Sure, you can do the same for VLAN 20 SVI (just with differently written ACL)
0
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

 
vivek chintalaAuthor Commented:
excellent..thanks a lot..and last question ..in real time same scenario , if i put normal netgear router 150 model will it work ? coz i need to implement in real time is that possible ?
0
 
JustInCaseCommented:
Typically, when it comes to L3 (routing) there is no problems if there are mixed vendors (for most of the IEEE compliant parts). Mixing devices at L2 depending on vendors can  cause issues.
I did not work with Netgear router 150, so I am not sure, but generally, it should work, just configuration part is vendor specific (static routes should be supported, but I am not sure about access-list filtering).
0
 
vivek chintalaAuthor Commented:
thanks a lot ..we will be using L3 dell switch hope access list should work .. thanks a lot good bye
0
 
vivek chintalaAuthor Commented:
thnaks a lot
0
 
JustInCaseCommented:
Most likely ACLs are supported on Dell and should be OK.

You're welcome.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now