X440 Multiple Vlan Routing

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Not a Problem
configure vlan default delete ports allconfigure vr VR-Default delete ports 1-24
configure vr VR-Default add ports 1-24
configure vlan default delete ports 1-24
create vlan "amp"
configure vlan amp tag 101
create vlan "control"
configure vlan control tag 100
create vlan "com"
configure vlan com tag 105
configure vlan amp add ports 6-8 untagged
configure vlan control add ports 1-5, 9-10, 14-20, 22-24 untagged
configure vlan com add ports 11-13 untagged
configure vlan control ipaddress 172.1.100.254 255.255.255.0
enable ipforwarding vlan control
configure vlan com ipaddress 172.1.105.1 255.255.255.0
enable ipforwarding vlan com
configure vlan amp ipaddress 172.1.101.1 255.255.255.0
enable ipforwarding vlan amp


I'm unable to ping anything on Com 105 or Amp 101 from Vlan Control 100.  
Photo of Fun & Games

Fun & Games

  • 80 Points 75 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Mareen

Mareen

  • 364 Points 250 badge 2x thumb
You have to enable loopback-modus for the vlans if there is nothing patched to the ports
Photo of Frank

Frank

  • 3,806 Points 3k badge 2x thumb
Sorry to ask the basic questions:

- the default gateway on the machine in Vlan Control is set to 172.1.100.254 ?
- the default gateway on the machines in Vlan Amp/Com is set to 172.1.101.1 / 172.1.105.1 respectively?
- the target machines aren't running Windows in default firewall mode that kills pings?
- does a traceroute give any hints?

Sorry if you already checked all that, but I've been bitten by one of these things more times than I care to admit ;)

   Frank
Photo of Henrique

Henrique, Employee

  • 10,342 Points 10k badge 2x thumb
Hi Frank, 

For Vlan control: PC IP: 172.1.100.x/24 and Gateway: 172.1.100.254
For Vlan amp: PC IP: 172.1.101.x/24 and Gateway: 172.1.101.1
For Vlan com: PC IP: 172.1.105.x/24 and Gateway: 172.1.105.1

You can try to ping the switch vlan IPs from each machine. Based on your configuration it should work.

If you cannot ping from machines to machines I believe the windows firewall is blocking ICMP traffic. You can add a rule to the windows firewall to allow ingress ICMP traffic.
Photo of Fun & Games

Fun & Games

  • 80 Points 75 badge 2x thumb
Default Gateways are setup. I can ping from the switch to all networks.  No firewall are enabled on any hardware.  
Photo of Henrique

Henrique, Employee

  • 10,342 Points 10k badge 2x thumb
Can you ping from the PC to it's own gateway (switch ipaddress) and to all other switch vlans ips (172.1.100.254, 172.1.101.1, 172.1.105.1)?

Please share the outputs for:
  • show vlan
  • show fdb
  • show iparp
Which switch port the PC is connected?