This post is more than 5 years old
15 Posts
0
28792
Can't connect PowerConnect 6248 to Cisco Router 881
I've read through alot from the forums for the past weeks. I'm in need of some help/advice
What i'm trying to achieve:
1. Have layer 3 switch - PowerConnect 6248 (192.168.5.2)- handles all inter vlan-routing
2. Have Cisco Router 881 (192.168.5.1) - handles internet routing
**At the moment, i can't ping from switch to router, neither i could ping from the pc connected to port 25
I'm currently using the following config:
SWITCH
!Current Configuration:
!System Description "PowerConnect 6248, 3.3.4.1, VxWorks 6.5"
!System Software Version 3.3.4.1
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 5,10,40,50,60,70
vlan routing 5 1
vlan routing 10 2
exit
stack
member 1 2
member 2 2
exit
ip address 10.10.10.10 255.0.0.0
ip default-gateway 10.10.10.1
no ip domain-lookup
ip routing
ip route 0.0.0.0 0.0.0.0 192.168.5.1
interface vlan 5
name "Connect to Cisco Router"
routing
ip address 192.168.5.2 255.255.255.0
exit
interface vlan 10
name "Internal Staff"
routing
ip address 192.168.10.1 255.255.255.0
exit
!
interface ethernet 1/g13
spanning-tree cost 200000
switchport mode general
switchport general allowed vlan add 5,10 tagged
exit
!
interface ethernet 1/g25
switchport access vlan 10
exit
Router
interface FastEthernet0
description LINK to SWITCH
switchport access vlan 5
no ip address
!
interface Vlan5
description LINK to SWITCH
ip address 192.168.5.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
!
ip nat inside source list NAT interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 [External Gateway ISP IP]
ip route 192.168.10.0 255.255.255.0 192.168.5.2
Thank you in advance to all the network gurus...
samuelthan
15 Posts
1
December 13th, 2012 17:00
Hi Daniel,
The route plugs into a modem.
Directly connect the client to the router, allows the client to access the internet. (Of course i had to tweak the config)
Something weird but a bit of progress.
On the PC. since i'm manually entering the IP address, i've not enter the DNS
But once i manually entered DNS enteries on my PC. I manage to connect to the internet, i could ping the internet/website , traceroute looks good
--- At the later stage, my plan is to have a Server handles the DHCP and DNS, so by then i could set my ip to automatic assigned on my PC
I'll do some more research, i think my concepts of some foundations on networking is shaky at the moment.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
December 11th, 2012 05:00
Everything looks pretty good on your configs. Since we have routing enabled on the 62xx switch, lets try this modification. Take port 13 out of general mode, and put it in access mode for VLAN 5. Once the change to port 13 is made, test, and let us know what the outcome is.
Thanks.
samuelthan
15 Posts
0
December 11th, 2012 13:00
Hi,
I've followed the changes as you've suggested. Not sure why we are going for the access mode. But still no go.
Can't ping the router 192.168.5.1 from the switch 192.168.5.2 can't ping the switch from router
Here's the config
interface ethernet 1/g13
switchport access vlan 5
exit
!
"Show ip interface" indicates the state is down for interface vlan 5
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
December 12th, 2012 05:00
Looks like on the access ports we are missing the command that actually places the port in that specific mode. Which is:
switchport mode access
The part you have in place:
switchport access vlan 10
Is used in Interface Configuration mode to configure the VLAN ID when the interface is in access mode.
Lets add the access mode to all access ports and test for connectivity again.
samuelthan
15 Posts
0
December 12th, 2012 06:00
I've entered the command u suggested
Configure
Interface Ethernet 1/g13
Switchport mode access
Exit
Interface Ethernet 1/g25
Switchport mode access
Exit
The show run command gives me the same
Message:
interface ethernet 1/g13
switchport access vlan 5
exit
interface ethernet 1/g25
switchport access vlan 10
exit
Can't ping from anywhere
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
December 12th, 2012 07:00
Thanks, lets try and pinpoint where the connection is dropping at. We should start at a client that connects to the 6248. Use it to try and ping it’s default gateway, which is VLAN 10, ip address 192.168.10.1. If we can ping that address then move on to trying to ping the next VLAN on the 6248, 192.168.5.2. And note where there is connection and where the communication stops.
samuelthan
15 Posts
0
December 12th, 2012 13:00
PC -
IP: 192.168.10.222
Subnetmask: 255.255.255.0
Default Gateway: 192.168.10.1
Physical connection is plugged into interface ethernet 1/g25
Ping 192.168.10.1
--------------------------
Error:
Pinging 192.168.10.1 with 32 bytes of data:
Reply from 192.168.10.222: Destination host unreachable
Reply from 192.168.10.222: Destination host unreachable
Reply from 192.168.10.222: Destination host unreachable
Reply from 192.168.10.222: Destination host unreachable
Then, i change my PC ip to 10.10.10.5
Ping 10.10.10.10
I got a reply back.
samuelthan
15 Posts
0
December 13th, 2012 01:00
further testing ... and some progress i manage to achieve the following:
1. Delete previous config, reset the switch to start from scratch.
2. Configure switch with the following:
Switch Config
!Current Configuration:
!System Description "PowerConnect 6248, 3.3.4.1, VxWorks 6.5"
!System Software Version 3.3.4.1
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 5,10,20,30,40,50,60,70,1000
vlan routing 10 1
vlan routing 20 2
vlan routing 40 4
vlan routing 50 5
vlan routing 60 6
vlan routing 70 7
vlan routing 5 8
exit
stack
member 1 2
member 2 2
exit
ip address 192.168.254.254 255.255.255.0
ip address vlan 1000
ip routing
ip route 0.0.0.0 0.0.0.0 192.168.5.2
interface vlan 5
name "Connect to Cisco Router"
routing
ip address 192.168.5.1 255.255.255.248
exit
interface vlan 10
routing
ip address 192.168.10.1 255.255.255.0
exit
interface vlan 20
routing
ip address 192.168.20.1 255.255.255.0
exit
interface vlan 40
name "Classrooms"
routing
ip address 192.168.40.1 255.255.255.0
exit
interface vlan 50
name "Boardroom"
routing
ip address 192.168.50.1 255.255.255.0
exit
interface vlan 60
name "Library"
routing
ip address 192.168.60.1 255.255.255.0
exit
interface vlan 70
name "DMZ"
routing
ip address 192.168.70.1 255.255.255.0
exit
!
interface ethernet 1/g13
spanning-tree cost 200000
switchport mode general
switchport general allowed vlan add 5,10,20,30,40,50,60,70 tagged
exit
!
interface ethernet 1/g24
switchport access vlan 60
exit
!
interface ethernet 1/g25
switchport access vlan 10
exit
!
interface ethernet 1/g26
switchport access vlan 10
exit
console#show ip route
Route Codes: R - RIP Derived, O - OSPF Derived, C - Connected, S - Static
B - BGP Derived, IA - OSPF Inter Area
E1 - OSPF External Type 1, E2 - OSPF External Type 2
N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA External Type 2
S 0.0.0.0/0 [1/0] via 192.168.5.2, vlan 5
C 192.168.5.0/29 [0/1] directly connected, vlan 5
C 192.168.10.0/24 [0/1] directly connected, vlan 10
C 192.168.20.0/24 [0/1] directly connected, vlan 20
C 192.168.40.0/24 [0/1] directly connected, vlan 40
C 192.168.50.0/24 [0/1] directly connected, vlan 50
C 192.168.60.0/24 [0/1] directly connected, vlan 60
C 192.168.70.0/24 [0/1] directly connected, vlan 70
With that i've hooked up 2 PC - one with 192.168.10.111 another 192.168.60.111 , both could ping the switch and each other. So that's good news.
The not so good news and my initial problem is still.... i can't ping the router at 192.168.5.2 nor my router could ping the switch at 192.168.5.1
Current config for Cisco Router 881:
interface FastEthernet0
description Link to Switch
switchport access vlan 5
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
description DMZ
switchport access vlan 70
no ip address
!
interface FastEthernet4
description INTERNET WAN PORT
ip address {EXTERNAL IP} 255.255.255.254
ip nat outside
ip virtual-reassembly in
duplex full
speed 100
!
interface Vlan5
ip address 192.168.5.2 255.255.255.248
no ip redirects
no ip unreachables
!
interface Vlan70
ip address {EXTERNAL IP} 255.255.255.240
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list NAT interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 {EXTERNAL IP}
ip route 192.168.10.0 255.255.255.0 192.168.5.1
ip route 192.168.60.0 255.255.255.0 192.168.5.1
!
ip access-list extended NAT
permit ip 192.168.10.0 0.0.0.255 any
!
show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is {EXTERNAL IP} to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 115.70.162.174
{EXTERNAL IP}/8 is variably subnetted, 2 subnets, 2 masks
C {EXTERNAL IP}/31 is directly connected, FastEthernet4
L {EXTERNAL IP}/32 is directly connected, FastEthernet4
192.168.5.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.5.0/29 is directly connected, Vlan5
L 192.168.5.2/32 is directly connected, Vlan5
S 192.168.10.0/24 [1/0] via 192.168.5.1
S 192.168.60.0/24 [1/0] via 192.168.5.1
I'm stuck :( ... any help would be good.
samuelthan
15 Posts
0
December 13th, 2012 02:00
Ok... some more changes since then... i manage to get both the router and switch able to talk to each other.
the changes made only onto Cisco Router config:
interface FastEthernet0
description Link to Switch
switchport mode trunk
no ip address
speed 100
!
Both my PC , 192.168.60.111, 192.168.10.111 can ping the router (192.168.5.2) and the switch (192.168.5.1) but still can't access the internet.
I know i'm getting close... just need some help if possible :)
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
December 13th, 2012 08:00
That is some great headway you have made. Thanks for keeping us updated, it is some good information to have. Moving on to the internet, I am not real familiar with this Cisco router, but a couple things to look at.
Does this router have anything else it plugs into before hitting external connection?
If we connect a client directly to one of the routers four ethernet ports on the back, does that directly connected client have access to the internet?
samuelthan
15 Posts
0
December 17th, 2012 20:00
Anyway, just for the sake of any forum visitor.
I've resolve my problem. Thanks for those who have input.