Cisco 4506 VLAN problem

[Teecee33]

I have a Cisco 4506 with a sup2+ engine that I am trying to setup some vlans on and I am having some issues. I will post my config below. What I am trying to do is intervlan routing.

Vlan 1 = 192.168.0.0 255.255.252.0
vlan 20 = 172.20.0.0 255.255.0.0

I want to have my servers on vlan 1 and my users on vlan 20. I will be adding more vlans but just starting simple right now. I setup some static routes that you will see in my config but vlan 20 and vlan 1 will not talk. I have also tried RIP without any success. I know I am just missing a simple command somewhere so any help would be much appreciated.

Below is my config minus a ton of interfaces....

version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service compress-config
!
no aaa new-model
vtp domain ''
vtp mode transparent
ip subnet-zero
no ip domain-lookup
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
power redundancy-mode redundant
!
!
!
vlan internal allocation policy ascending
!
vlan 20
!
interface GigabitEthernet3/27
switchport access vlan 20
switchport mode access
!
interface Vlan1
ip address 192.168.3.33 255.255.252.0
!
interface Vlan20
description user
ip address 172.20.0.5 255.255.0.0
ip helper-address 192.168.0.3
!
ip route 172.20.0.0 255.255.0.0 Vlan1
ip route 192.168.0.0 255.255.252.0 Vlan20
ip http server


As you can see I set g3/27 to vlan 20 and with static routes I pointed the two vlans at each other. I still cannot ping each other. Vlan 1 can talk to all vlan 1 devices and vlan 20 talks to all vlan 20 devices but not cross vlan communication.

Here is a show ip route...

C 172.20.0.0/16 is directly connected, Vlan20
C 192.168.0.0/22 is directly connected, Vlan1


Any ideas? It would be much appreciated.

 

[baddos]

ip route 172.20.0.0 255.255.0.0 Vlan1
ip route 192.168.0.0 255.255.252.0 Vlan20

These commands are not necessary sense those are connected routes. Your routing table is showing that they are connected routes.

I would make sure the host your are connecting with is properly configured.

 

[Teecee33]

The host that is in vlan 20 can ping the vlan 20 ip which is 172.20.0.5. The host's ip settings are

172.20.1.2
255.255.0.0
172.20.0.1

 

[baddos]

Ok... Any access-lists applied to the VLAN interfaces?

Also make sure there is not any IP address conflicts.

Post the port configuration for this host.

 

[Teecee33]

I posted my config. No access lists.

 

[ADB100]

When you listed the host's ip settings as:

172.20.1.2
255.255.0.0
172.20.0.1

Is the last line the default gateway for the host? if it is then it doesn't point at the VLAN 20 ip address of the Catalyst. Do you by chance have another IP router (internet access?) on the VLAN 20 subnet? and your hosts on this network are using that as their default gateway?

If this is the case a bit of a redesign is required, either that or start adding static routes on the hosts (time-consuming and difficult to maintain if there are several hosts).

Andy

 

[baddos]

Yep. That host's default gateway should be 172.20.0.5

 

[vipergg]

Also make sure both vlans are active by doing a "show vlan " , it should show vlan 1 and 20 as active , if not then create vlan 20 , conf t, vlan 20 , enter . Exit , then do the same command . Also check the status of the vlan with "show ip int brief" , both should show up/up . Of course the clients will need to have the vlan address for the default gateway such as anyone on vlan 20 would need 172.20.0.5 as their default gateway .

 

[Teecee33]

Thanks guys. The default gateway was the problem.