VLAN's, no internet access.

So im playing around with inter-vlan routing. I have my 3750, connected to my home router(ER-X), which goes to my ISP's modem. So I've enabled IP routing on my 3750, set up the appropriate VLANS and their corresponding SVI's. Then configured the port that connects the 3750 to my router with no switchport and to get IP address via DHCP. I then configured a default route: 0.0.0.0 0.0.0.0 192.168.1.1, which points to my home router. Now, inter-vlan routing works great, all hosts in other subnets can talk to all hosts in other networks. Now, the switch itself is able to ping google, facebook, etc... So it has no issue accessing the internet via my home router. Now here's the issue, no hosts on the configured vlans are able to access the internet. They can talk to machines on all other networks that I've configured on the switch, but nothing else. What am I missing?

Here's my running config:

!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname L3SW1
!
boot-start-marker
boot-end-marker
!
enable secret
!
username eazy secret 5
no aaa new-model
switch 1 provision ws-c3750g-24ts-1u
system mtu routing 1500
ip subnet-zero
ip routing
ip domain-name eazy.com
!
!
!

spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
ip ssh version 2
!
!
!
interface GigabitEthernet1/0/1
no switchport
ip address dhcp
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport access vlan 10
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 20
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/18
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/19
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/20
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
!
interface Vlan99
ip address 10.0.1.6 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 0.0.0.0 0.0.0.0 192.168.1.1 254
ip http server
ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
password 7 032E52111C0A2D1C1F5D4B44
logging synchronous
login
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
transport input ssh
line vty 5 15
exec-timeout 0 0
logging synchronous
login local
transport input ssh
!
end

Find more posts tagged with

Comments

Ertaz

A route back from your home router?

DCD

I take it this is the port for the router !
interface GigabitEthernet1/0/1
no switchport
ip address dhcp
spanning-tree portfast
!

Add a description and like Ertaz "A route back from your home router" your router doesn't know how to get to those subnet, you need to add a Routing protocol or Static routes.

TechGromit

interface GigabitEthernet1/0/1
no switchport

does not support VLAN subinterfaces,

Thus the Gi1/0/1 can't talk to the access ports with Vlans assigned.

Bad_Request

Ertaz said:

A route back from your home router?

DCD said:

I take it this is the port for the router !
interface GigabitEthernet1/0/1
no switchport
ip address dhcp
spanning-tree portfast
!
Add a description and like Ertaz "A route back from your home router" your router doesn't know how to get to those subnet, you need to add a Routing protocol or Static routes.

YES!!! Thank you guys!! Added a static route in my Edge Router for each VLAN behind my 3750 and that solved the issue!! Thanks again guys!!