+ Reply to Thread
Results 1 to 5 of 5
  1. Junior Member Registered Member
    Join Date
    Jun 2017
    Posts
    3
    #1

    Question 3560G unable to Ping Router or External Network

    I am setting up my first Cisco Switch, its a 3560G and I'm going to use it to segment my network with Vlans, I have followed this guide.






    All I have connected right now is my router (cheap Home router) and I can ping devices on my local network 192.168.1.0/24 except for the router (can ping its interface 192.168.1.200 but not its ip 192.168.1.1) and I am unable to ping externally such as google.com or 8.8.8.8 if I ping google.com I get:
    Code:
        CORESW01#ping google.com
        Translating "google.com"...domain server (255.255.255.255) [OK]
    
    
        Type escape sequence to abort.
        Sending 5, 100-byte ICMP Echos to 172.217.8.206, timeout is 2 seconds:
        .....
        Success rate is 0 percent (0/5)
    As you can see it is grabbing a valid IP for the domain google.com but is
    for some reason unable to route to it.






    I am also able to ping the switch from a client that is not connected to the switch (they both are connected to the router), but from a device connected to the switch I am unable to ping externally as well but can ping other Vlan interfaces such as 10.0.100.1






    I have attached a network diagram, the only difference is the interface between the router and the switch is 192.168.1.200 not 192.168.1.2






    Here is my running-config
    Code:
    
    
    
    
        Current configuration : 3595 bytes
        !
        ! Last configuration change at 00:33:49 UTC Mon Mar 1 1993
        ! NVRAM config last updated at 06:38:52 UTC Thu Jun 8 2017
        !
        version 15.0
        no service pad
        service timestamps debug datetime msec
        service timestamps log datetime msec
        no service password-encryption
        !
        hostname CORESW01
        !
        boot-start-marker
        boot-end-marker
        !
        !
        !
        no aaa new-model
        system mtu routing 1500
        ip routing
        !
        !
        !
        !
        !
        (Removed Cert info)
        !
        !
    
    
        (Removed Cert info)
        quit
        !
        !
        !
        !
        !
        spanning-tree mode pvst
        spanning-tree extend system-id 
        !
        vlan internal allocation policy ascending
        !
        !
        !
        !
        !
        !
        !
        !
        !
        !
        !
        !
        !
        !
        !
        interface GigabitEthernet0/1
         switchport access vlan 100
        !
        interface GigabitEthernet0/2
         switchport access vlan 100
        !
        interface GigabitEthernet0/3
        !
        interface GigabitEthernet0/4
         switchport access vlan 100
        !
        interface GigabitEthernet0/5
         switchport access vlan 100
        !
        interface GigabitEthernet0/6
        !
        interface GigabitEthernet0/7
        !
        interface GigabitEthernet0/8
        !
        interface GigabitEthernet0/9
        !
        interface GigabitEthernet0/10
        !
        interface GigabitEthernet0/11
        !
        interface GigabitEthernet0/12
        !
        interface GigabitEthernet0/13
        !
        interface GigabitEthernet0/14
        !
        interface GigabitEthernet0/15
        !
        interface GigabitEthernet0/16
        !
        interface GigabitEthernet0/17
        !
        interface GigabitEthernet0/18
        !
        interface GigabitEthernet0/19
        !
        interface GigabitEthernet0/20
        !
        interface GigabitEthernet0/21
        !
        interface GigabitEthernet0/22
        !
        interface GigabitEthernet0/23
        !
        interface GigabitEthernet0/24
         no switchport
         ip address 192.168.1.200 255.255.255.0
        !
        interface GigabitEthernet0/25
        !
        interface GigabitEthernet0/26
        !
        interface GigabitEthernet0/27
        !
        interface GigabitEthernet0/28
        !
        interface Vlan1
         ip address 10.0.1.1 255.255.255.0
        !
        interface Vlan40
         ip address 10.0.40.1 255.255.255.0
        !
        interface Vlan100
         ip address 10.0.100.1 255.255.255.0
        !
        ip http server
        ip http secure-server
        !
        !
        ip default-network 192.168.1.0
        ip route 0.0.0.0 0.0.0.0 192.168.1.1
        !
        !
        snmp-server community no RO
        !
        !
        line con 0
        line vty 0 4
        line vty 5 15
        !
        end
    Here is show ip route
    Code:
    
    
    
    
        CORESW01#show ip route
        Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
         D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
         N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
         E1 - OSPF external type 1, E2 - OSPF external type 2
         i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
         ia - IS-IS inter area, * - candidate default, U - per-user static route
         o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
         + - replicated route, % - next hop override
        
        Gateway of last resort is 192.168.1.1 to network 0.0.0.0
        
        S* 0.0.0.0/0 [1/0] via 192.168.1.1
         * 192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
        C* 192.168.1.0/24 is directly connected, GigabitEthernet0/24
        L 192.168.1.200/32 is directly connected, GigabitEthernet0/24
    I'm sure its something stupid I messed up and any help would be appreciated.










    Thanks
    Reply With Quote Quote  

  2. SS -->
  3. DCD
    DCD is offline
    Senior Member DCD's Avatar
    Join Date
    Jan 2013
    Location
    San Francisco , Ca
    Posts
    428

    Certifications
    CCNA
    #2
    Your VLan may not be in your NAT configuration.
    Reply With Quote Quote  

  4. Junior Member Registered Member
    Join Date
    Jun 2017
    Posts
    3
    #3
    So my current setup is a simple netgear router hooked up to a 3560g acting as the layer 3 device.

    I believe I have it figured out and will test when I get out of work in 4 hours.

    Am I correct that even though I have a default route on the switch via ip route 0.0.0.0 0.0.0.0 192.168.1.1 I would also need to put static routes on my router in order for it to know how to send a reply back.

    That is something I overlooked, I didn't think about the fact that 10.0.1.x and 10.0.40.x and 10.0.100.x mean nothing to the router and I have to tell it to route it through the switch's interface via 192.168.1.200, correct?
    Reply With Quote Quote  

  5. Junior Member Registered Member
    Join Date
    Jun 2017
    Posts
    3
    #4
    Well its the switch isn't it? Its acting as a Layer 3 device routing between the vlans.
    Reply With Quote Quote  

  6. DCD
    DCD is offline
    Senior Member DCD's Avatar
    Join Date
    Jan 2013
    Location
    San Francisco , Ca
    Posts
    428

    Certifications
    CCNA
    #5
    It not your switch it your 10 network are not being translated by the router. The Vlan which are the 10 network are getting drop by the internet because they are private IP address.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks