Single-port 2600 router with 2900XL switch

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Slava Maslennikov on Server Fault See other posts from Server Fault or by Slava Maslennikov
Published on 2012-12-04T23:30:48Z Indexed on 2012/12/05 5:09 UTC
Read the original article Hit count: 377

Filed under:
|
|

I have a setup, where the single port 2600 router is in port 0/2 in the switch, outside network is on port 0/1, and the rest (0/3-0/24) should be clients for the second network that would be managed by the 2600 router.

I configured everything with two VLANs: 100 for outside (0/2-0/24), 200 for inside (0/1-0/2). 0/2 is a trunk port for the two VLANs.

The issue that came about is that I can't have two VLANs on at once: software doesn't allow it.

Now, I can ping the outside network devices (172.16.7.1, 172.16.7.103), and even google (8.8.8.8) from the router, but not the switch. Devices on connected get a DHCP lease properly but can't ping outside the network, just the router - 172.17.7.1 and the switch itself, 172.17.7.7.

The configuration for both the router and the switch are here, as well as below.

Router:

rt.throom#sho run
Building configuration...

Current configuration : 1015 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname rt.throom
!
enable password To053cret
!
!
!
!
!
no ip subnet-zero
ip dhcp excluded-address 172.17.7.1 172.17.7.2
ip dhcp excluded-address 172.17.7.3 172.17.7.4
ip dhcp excluded-address 172.17.7.5
!
ip dhcp pool VLAN200
   network 172.17.7.0 255.255.255.0
   default-router 172.17.7.1
   dns-server 8.8.8.8
!
ip audit notify log
ip audit po max-events 100
!
!
!
!
!
!
!
interface Ethernet0/0
 no ip address
!
interface Ethernet0/0.100
 encapsulation dot1Q 100
 ip address 172.16.7.15 255.255.255.0
 ip nat outside
!
interface Ethernet0/0.200
 encapsulation dot1Q 200
 ip address 172.17.7.1 255.255.255.0
 ip nat inside
!
router eigrp 20
 network 172.16.0.0
 network 172.17.0.0
 no auto-summary
 no eigrp log-neighbor-changes
!
no ip classless
no ip http server
!
access-list 1 permit 172.17.7.0 0.0.0.255
!
!
line con 0
line aux 0
line vty 0 4
 login
!
end

Switch:

sw.throom#sho run
Building configuration...

Current configuration:
!
version 11.2
no service pad
no service udp-small-servers
no service tcp-small-servers
!
hostname sw.throom
!
enable password Oh5053cret
!
!
no spanning-tree vlan 100
no spanning-tree vlan 200
ip subnet-zero
!
!
interface VLAN1
 no ip address
 no ip route-cache
!
interface FastEthernet0/1
 switchport access vlan 100
 spanning-tree portfast
!
interface FastEthernet0/2
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/3
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 200
 spanning-tree portfast
!        
interface FastEthernet0/13
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 200
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 200
 spanning-tree portfast
!
!
line con 0
 stopbits 1
line vty 0 4
 login
line vty 5 9
 login
!
end

sho ip route gives: 

Gateway of last resort is 172.16.7.1 to network 0.0.0.0

172.17.0.0/24 is subnetted, 1 subnets
C       172.17.7.0 is directly connected, Ethernet0/0.200
172.16.0.0/24 is subnetted, 1 subnets
C       172.16.7.0 is directly connected, Ethernet0/0.100
S*   0.0.0.0/0 [1/0] via 172.16.7.1

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about cisco

Related posts about routing

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle