3560G unable to Ping Router or External Network

zbresser

I am setting up my first Cisco Switch, its a 3560G and I'm going to use it to segment my network with Vlans, I have followed this guide.






All I have connected right now is my router (cheap Home router) and I can ping devices on my local network 192.168.1.0/24 except for the router (can ping its interface 192.168.1.200 but not its ip 192.168.1.1) and I am unable to ping externally such as google.com or 8.8.8.8 if I ping google.com I get:

    CORESW01#ping google.com
    Translating "google.com"...domain server (255.255.255.255) [OK]


    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 172.217.8.206, timeout is 2 seconds:
    .....
    Success rate is 0 percent (0/5)

As you can see it is grabbing a valid IP for the domain google.com but is
for some reason unable to route to it.






I am also able to ping the switch from a client that is not connected to the switch (they both are connected to the router), but from a device connected to the switch I am unable to ping externally as well but can ping other Vlan interfaces such as 10.0.100.1






I have attached a network diagram, the only difference is the interface between the router and the switch is 192.168.1.200 not 192.168.1.2






Here is my running-config

    Current configuration : 3595 bytes
    !
    ! Last configuration change at 00:33:49 UTC Mon Mar 1 1993
    ! NVRAM config last updated at 06:38:52 UTC Thu Jun 8 2017
    !
    version 15.0
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname CORESW01
    !
    boot-start-marker
    boot-end-marker
    !
    !
    !
    no aaa new-model
    system mtu routing 1500
    ip routing
    !
    !
    !
    !
    !
    (Removed Cert info)
    !
    !


    (Removed Cert info)
    quit
    !
    !
    !
    !
    !
    spanning-tree mode pvst
    spanning-tree extend system-id 
    !
    vlan internal allocation policy ascending
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface GigabitEthernet0/1
     switchport access vlan 100
    !
    interface GigabitEthernet0/2
     switchport access vlan 100
    !
    interface GigabitEthernet0/3
    !
    interface GigabitEthernet0/4
     switchport access vlan 100
    !
    interface GigabitEthernet0/5
     switchport access vlan 100
    !
    interface GigabitEthernet0/6
    !
    interface GigabitEthernet0/7
    !
    interface GigabitEthernet0/8
    !
    interface GigabitEthernet0/9
    !
    interface GigabitEthernet0/10
    !
    interface GigabitEthernet0/11
    !
    interface GigabitEthernet0/12
    !
    interface GigabitEthernet0/13
    !
    interface GigabitEthernet0/14
    !
    interface GigabitEthernet0/15
    !
    interface GigabitEthernet0/16
    !
    interface GigabitEthernet0/17
    !
    interface GigabitEthernet0/18
    !
    interface GigabitEthernet0/19
    !
    interface GigabitEthernet0/20
    !
    interface GigabitEthernet0/21
    !
    interface GigabitEthernet0/22
    !
    interface GigabitEthernet0/23
    !
    interface GigabitEthernet0/24
     no switchport
     ip address 192.168.1.200 255.255.255.0
    !
    interface GigabitEthernet0/25
    !
    interface GigabitEthernet0/26
    !
    interface GigabitEthernet0/27
    !
    interface GigabitEthernet0/28
    !
    interface Vlan1
     ip address 10.0.1.1 255.255.255.0
    !
    interface Vlan40
     ip address 10.0.40.1 255.255.255.0
    !
    interface Vlan100
     ip address 10.0.100.1 255.255.255.0
    !
    ip http server
    ip http secure-server
    !
    !
    ip default-network 192.168.1.0
    ip route 0.0.0.0 0.0.0.0 192.168.1.1
    !
    !
    snmp-server community no RO
    !
    !
    line con 0
    line vty 0 4
    line vty 5 15
    !
    end

Here is show ip route

    CORESW01#show ip route
    Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
     D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
     N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
     E1 - OSPF external type 1, E2 - OSPF external type 2
     i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
     ia - IS-IS inter area, * - candidate default, U - per-user static route
     o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
     + - replicated route, % - next hop override
    
    Gateway of last resort is 192.168.1.1 to network 0.0.0.0
    
    S* 0.0.0.0/0 [1/0] via 192.168.1.1
     * 192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
    C* 192.168.1.0/24 is directly connected, GigabitEthernet0/24
    L 192.168.1.200/32 is directly connected, GigabitEthernet0/24

I'm sure its something stupid I messed up and any help would be appreciated.










Thanks

DCD

Your VLan may not be in your NAT configuration.

zbresser

So my current setup is a simple netgear router hooked up to a 3560g acting as the layer 3 device.

I believe I have it figured out and will test when I get out of work in 4 hours.

Am I correct that even though I have a default route on the switch via ip route 0.0.0.0 0.0.0.0 192.168.1.1 I would also need to put static routes on my router in order for it to know how to send a reply back.

That is something I overlooked, I didn't think about the fact that 10.0.1.x and 10.0.40.x and 10.0.100.x mean nothing to the router and I have to tell it to route it through the switch's interface via 192.168.1.200, correct?

zbresser

Well its the switch isn't it? Its acting as a Layer 3 device routing between the vlans.

DCD

It not your switch it your 10 network are not being translated by the router. The Vlan which are the 10 network are getting drop by the internet because they are private IP address.