cancel
Showing results for 
Search instead for 
Did you mean: 

EXOS configuration for VLAN to connect to Internet

EXOS configuration for VLAN to connect to Internet

Bhavdeep_Chhabr
New Contributor
Newbie to networking and Extreme Networks switch and trying to set up a simple config at home. I picked up a Summit 450e defaulted to factory config with a 15.6b image. I have created 4 VLANs - data,voice, guest and inet-gw. Port 1 is data, Port 2 is voice, Port 3 is guest, Port 12 is inet-gw. PC attached to each of ports 1, 2 and 3 and a verizon router attached to port 12. For purposes of simulating using GNS-3 I used the NAT-1 appliance instead of the actual Verizon router. I am able to ping each PC from each of the other PCs connected to the switch. I am able to ping www.google.com and other publicly accessible internet sites from the inet-gw VLAN on the switch using the console (hence showing that the NAT-1 connection to the switch works). The problem is that i cannot reach the internet from any of the PCs connected to the switch (i.e. from the data, voice, or guest VLANs). I followed Drew C's post that showed a very similar set-up but he did not have any actual configuration commands so obviously I am missing something in my config. Have been messing with it for the last two days but no luck so throwing myself at your mercy now...config schematic below...

* Summit-PC.11 # show vlan ----------------------------------------------------------------------------------------------- Name VID Protocol Addr Flags Proto Ports Virtual Active router /Total ----------------------------------------------------------------------------------------------- data 10 10.1.10.1 /24 -f--------------------------- ANY 1 /1 VR-Default Default 1 ------------------------------------------------- ANY 0 /0 VR-Default guest 30 30.1.30.1 /24 -f--------------------------- ANY 1 /1 VR-Default inet-gw 100 192.168.122.175/24 -f--------------------------- ANY 1 /1 VR-Default Mgmt 4095 ------------------------------------------------- ANY 1 /1 VR-Mgmt voice 20 20.1.20.1 /24 -f--------------------------- ANY 1 /1 VR-Default -----------------------------------------------------------------------------------------------Ori Destination Gateway Mtr Flags VLAN Duration
#bo Default Route 192.168.122.1 1 UG-D---um--f- inet-gw 0d:0h:34m:7s
#d 10.1.10.0/24 10.1.10.1 1 U------um--f- data 0d:0h:34m:18s
#d 20.1.20.0/24 20.1.20.1 1 U------um--f- voice 0d:0h:34m:18s
#d 30.1.30.0/24 30.1.30.1 1 U------um--f- guest 0d:0h:34m:18s
#d 192.168.122.0/24 192.168.122.175 1 U------um--f- inet-gw 0d:0h:34m:8s

* Summit-PC.17 # sh dhcp-client state
Client VLAN Protocol Server Current State
--------------- -------- --------------- ---------------------------------------
data None 0.0.0.0
Default None 0.0.0.0
guest None 0.0.0.0
inet-gw DHCP 192.168.122.1 DHCP state; Bound
Mgmt None 0.0.0.0
voice None 0.0.0.0

A total of 6 vlan(s) where displayed.

02b4369264854b42b779e4967a0ede2a_RackMultipart20171203-98146-161rvtf-exos_test_config_inline.png



9 REPLIES 9

i'm not sure how to do that since the NAT-1 device in GNS-3 does not have any configuration capability - also, when I ping 4.2.2.1 or 8.8.8.8 from the switch it does go out on the NAT1 device and make it's way back to the switch - is there any configuration commands I can add to the switch to make the traffic flow back to the appropriate PC?

The ping is not successful, since NAT-1 device in GNS3 doesn't know way how to get to the data, voice and guest network (i.e. there is no routing table for those networks in NAT-1 device). So even though the ping request from each PC is reached at the NAT-1 device but NAT-1 can't reply to that as it doesn't have routing table for the networks.
It is same to normal data traffic. The internet traffic from each PC can go outside after NAT but can't return back on NAT-1 device with same reason.
You should add networks (data, voice and guest) to the route table in NAT-1 device via static or dynamic (e.g. OSPF).

David_Choi
Extreme Employee
As Partick said above, please check first if the ping to 192.168.122.1 from each PC is successful. If not, you would need to add routing to each vlan (data, voice and guest) in NAT-1 device.
If ping is successful, then I think you need to check NAT configuration since NAT is working well for direct interface (192.168.122.0/24) but other PC networks.

Nick_Yakimenko
New Contributor II
Just a notice that you are currently using the ip-s not from private subnet on vlans 20 and 30 Have you enabled ipforwarding on your vlans?

Patrick_Voss
Extreme Employee
Hello Bhavdeep,

Does 192.168.122.1 know how to get back to the data, voice and guest network? Can the devices in the other VLANs ping 192.168.122.1?
GTM-P2G8KFN