«

I have a 2801 router with a 4 port ethernet switch. I have vlan10 20
and 30 assigned to fa0/3/0 /1 /2 on the switch. all vlans can connect
to the internet, its just I cannot route between them. I need vlans 20
and 30 to be able to access resources on vlan 10. Any Ideas? any thing
you guys need to see? Much thanks in advance!

On Jun 18, 12:51 pm, Jeit...@gmail.com wrote:
> I have a 2801 router with a 4 port ethernet switch. I have vlan10 20
> and 30 assigned to fa0/3/0 /1 /2 on the switch. all vlans can connect
> to the internet, its just I cannot route between them. I need vlans 20
> and 30 to be able to access resources on vlan 10. Any Ideas? any thing
> you guys need to see? Much thanks in advance!

IP routing enabled? You shouldn't need a protocol if it is, but you
may want to consider turning up something basic like RIP for those
networks. Should work fine.

So on the interface (the VLAN) enable rip?

writes:
>I have a 2801 router with a 4 port ethernet switch. I have vlan10 20
>and 30 assigned to fa0/3/0 /1 /2 on the switch. all vlans can connect
>to the internet, its just I cannot route between them. I need vlans 20
>and 30 to be able to access resources on vlan 10. Any Ideas? any thing
>you guys need to see? Much thanks in advance!

Do you have layer-3 interfaces done up in each of the VLANs? You'll
have to run packets through the router to do inter-vlan routing. I'm
assuming that is what you want, as if you wanted layer-2, then there's
no point in doing seperate VLANs.

How about some sanitized configs of the apporiate config sections?

If your running router on a stick, all the vlans should be directly
connected and assuming the trunk to your router is configured
correctly (Sub interfaces, encapsulation, total) then you shouldn't
need any routing protocols or any static routes to reach each of the
different networks. They should seen as directly connected. I not,
check your routing table and see what the router sees. From there you
can get a better of idea what is going on. If networks (Vlans) are not
showing up in your routing table, they are not connected correctly. If
they are not directly connected you will need static routes or a
routing protocol.

A look at the config of your router and switch that is trunking the
vlans would go a long ways for help!



On Jun 18, 12:15 pm, Trendkill <jpma...@gmail.com> wrote:
> On Jun 18, 12:51 pm, Jeit...@gmail.com wrote:
>
> > I have a 2801 router with a 4 port ethernet switch. I have vlan10 20
> > and 30 assigned to fa0/3/0 /1 /2 on the switch. all vlans can connect
> > to the internet, its just I cannot route between them. I need vlans 20
> > and 30 to be able to access resources on vlan 10. Any Ideas? any thing
> > you guys need to see? Much thanks in advance!
>
> IP routing enabled? You shouldn't need a protocol if it is, but you
> may want to consider turning up something basic like RIP for those
> networks. Should work fine.

On Jun 18, 12:21 pm, Jeit...@gmail.com wrote:
> So on the interface (the VLAN) enable rip?

If you want to run rip. Go to privlaged, and global exec prompted.
Turn on Rip.

I beleive it's simply "Router)router rip"

Then add the network address of each attached network you want to
broadcast. FOr example if you have networks

192.168.10.0
192.168.20.0
192.168.30.0

simply type

network 192.168.10.0
network 192.168.20.0
network 192.168.30.0

Do this after you have turned on rip, you would have entered a new
prompt. If you do it correctly those attached interfaces will be
broadcast. However if your networks are directly connected it is not
needed and you might be having another problem.

Look at your routing table and see what it says

"show ip route"

do that at the privlaged prompt.

I got it working, I had to set each VLAN to process the other VLAN
packets, at the VLANS that I want to talk to each other!! her is my
config, I am sure it can use a little tunning up!! tell me what you
think.

Current configuration : 5268 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname edge.bluehaven
!
boot-start-marker
boot system flash startup-config
boot config flash:startup-config
boot-end-marker
!

!
no aaa new-model
!
resource policy
!
no network-clock-participate wic 1
no ip cef
!
!
ip dhcp relay information option
no ip dhcp relay information check
!
!
ip name-server 192.168.1.19
ip name-server 192.168.100.11
!
!
!

!
!

!
!
controller T1 0/1/0
framing esf
clock source internal
linecode b8zs
channel-group 0 timeslots 1-24
!
controller T1 0/1/1
framing esf
clock source internal
linecode b8zs
channel-group 0 timeslots 1-24
!
!
!
!
!
interface Multilink1
ip address 10.0.0.1 255.255.255.252
ip route-cache flow
ppp multilink
ppp multilink group 1
!
interface FastEthernet0/0
no ip address
ip route-cache flow
shutdown
duplex auto
speed auto
no keepalive
!
interface FastEthernet0/1
no ip address
ip access-group bluehaven in
ip access-group bluehaven out
ip virtual-reassembly
ip route-cache flow
shutdown
duplex auto
speed auto
snmp trap link-status permit duplicates
!
interface FastEthernet0/3/0
description Blue Haven Servers VLAN 10
switchport access vlan 10
speed 100
!
interface FastEthernet0/3/1
description Blue Haven Operations VLAN 20
switchport access vlan 20
speed 100
!
interface FastEthernet0/3/2
description Blue Haven Supplies Direct Operations VLAN 30
switchport access vlan 30
speed 100
!
interface FastEthernet0/3/3
speed 100
!
interface Serial0/1/0:0
no ip address
encapsulation ppp
ip route-cache flow
ppp multilink
ppp multilink group 1
!
interface Serial0/1/1:0
description bluehaven corp
no ip address
ip access-group bluehaven in
ip access-group bluehaven out
encapsulation ppp
ip route-cache flow
no cdp enable
ppp multilink
ppp multilink group 1
!
interface Vlan1
no ip address
ip helper-address 192.168.1.19
!
interface Vlan10
ip address 192.168.1.2 255.255.255.0
ip virtual-reassembly
ip route-cache flow
vlan-id dot1q 10
exit-vlan-config
!
vlan-id dot1q 20
exit-vlan-config
!
vlan-id dot1q 30
exit-vlan-config
!
!
interface Vlan20
ip address 192.168.2.1 255.255.255.0
no ip next-hop-self eigrp 1
ip virtual-reassembly
ip route-cache flow
vlan-id dot1q 10
exit-vlan-config
!
vlan-id dot1q 20
exit-vlan-config
!
vlan-id dot1q 200
exit-vlan-config
!
!
interface Vlan30
ip address 192.168.3.1 255.255.255.0
no ip next-hop-self eigrp 1
ip virtual-reassembly
ip route-cache flow
vlan-id dot1q 10
exit-vlan-config
!
vlan-id dot1q 30
exit-vlan-config
!
vlan-id dot1q 200
exit-vlan-config
!
!
router isis
!
ip route profile
ip route 0.0.0.0 0.0.0.0 192.168.1.254
ip route 192.168.1.0 255.255.255.0 192.168.1.254
ip route 192.168.100.0 255.255.255.0 10.0.0.2
ip route 192.168.200.0 255.255.255.0 10.0.0.2
ip route 192.168.254.0 255.255.255.0 192.168.100.1
ip route 192.168.255.0 255.255.255.0 192.168.100.1
!
ip flow-cache timeout active 1
ip flow-export source Vlan10
ip flow-export version 5
ip flow-export destination 192.168.1.118 9996
!
no ip http server
no ip http secure-server
!
ip access-list extended bluehaven
permit ip any any
!
snmp-server community public RW
snmp-server ifindex persist
!
!
!
!
control-plane
!
disable-eadi
!
line con 0
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
end

Okay, I thought I had it. I was wrong. From VLAN20 and 30 I can hit my
DNS server on VLAN10 @192.168.1.19 but I cannot access any other
resources. from VLAN1 I can ping machines on the other 2 VLANS.

Okay,

Here is my routing table

Gateway of last resort is 192.168.1.254 to network 0.0.0.0

S 192.168.200.0/24 [1/0] via 10.0.0.2
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.2/32 is directly connected, Multilink1
C 10.0.0.0/30 is directly connected, Multilink1
S 192.168.255.0/24 [1/0] via 192.168.100.1
S 192.168.254.0/24 [1/0] via 192.168.100.1
C 192.168.1.0/24 is directly connected, Vlan10
C 192.168.2.0/24 is directly connected, Vlan20
S 192.168.100.0/24 [1/0] via 10.0.0.2
C 192.168.3.0/24 is directly connected, Vlan30
S* 0.0.0.0/0 [1/0] via 192.168.1.254

Ill need someone to back me up here because I havnt used router on a
stick ina while. That and I dont have the time to look it up, dealing
with my own issues atm....

Are you trunking all 3 vlans to one single interface? Or are they
coming in on 3 different interfaces?

Also, on the router you shouldnt have to program any of the vlans
unless it acting as a switch also. You simply need to tag the
interfaces to the appropriate switches. I remember assigning hepler
address's and other information directly to the interface, not the
vlan interface. In fact i dont ever remember programing a vlan
interface on a router. But its been a while so I would have to say I
dont know. All I remember having to do was assign a vlan to each sub
interface, define the type of encapsulation, and boom done. Ive never
programed on a vlan interface on a router. Even if the router is
switching, it shouldnt be necessary.

You could try keeping this

interface FastEthernet0/3/0
description Blue Haven Servers VLAN 10
switchport access vlan 10
speed 100

Removing this

interface Vlan10
ip address 192.168.1.2 255.255.255.0
ip virtual-reassembly
ip route-cache flow
vlan-id dot1q 10
exit-vlan-config

moving the encapsulation statement back to the interface and move the
IP address onto the interface.

The way I understand it you wouldnt normally assign an IP address to a
vlan interface unless you were truely on a switch. If this is really a
router, it makes more sense to program the IP address on the interface
itself.

What confuses me is your using Dot1q as your trunking encapsulation,
but your FA0/3/0 is set to switchport access. That tells the switch
that it is not a trunked link, there would be no need for an
encapsulation protocol.

If your trunking, and those are sub interfaces, then you need to have
it look more like this....

interface FastEthernet0/3/0
description Blue Haven Servers VLAN 10
encapsulation dot1q 10
ip address 192.168.1.2 255.255.255.0
speed 100

If its a switchport, and memory serves me right, you also need
"switchport mode trunk" "Switchport access" tells the switch that that
port is going to an end node like a computer.

Any how you might want to wait for confirmation on what I said but if
your in a rush theres this option. (and can afford to have that
portion of the network down) you can always try what I said and if it
doesnt work reboot the router remembering not to save the config.


On Jun 18, 1:43 pm, Jeit...@gmail.com wrote:
> Okay,
>
> Here is my routing table
>
> Gateway of last resort is 192.168.1.254 to network 0.0.0.0
>
> S 192.168.200.0/24 [1/0] via 10.0.0.2
> 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
> C 10.0.0.2/32 is directly connected, Multilink1
> C 10.0.0.0/30 is directly connected, Multilink1
> S 192.168.255.0/24 [1/0] via 192.168.100.1
> S 192.168.254.0/24 [1/0] via 192.168.100.1
> C 192.168.1.0/24 is directly connected, Vlan10
> C 192.168.2.0/24 is directly connected, Vlan20
> S 192.168.100.0/24 [1/0] via 10.0.0.2
> C 192.168.3.0/24 is directly connected, Vlan30
> S* 0.0.0.0/0 [1/0] via 192.168.1.254