0
My environment consists of a Cisco WS-3750-24T-S L3 switch, a Cisco 3825 integrated services router, and a host connected to the switch. The host is a virtual machine in ESXi that is tagged as VLAN 30, and its physical NIC is connected to GigabitEthernet1/0/13 on the switch. Port 13 on the switch is configured as a trunk, as I plan on having multiple virtual machines tagged as different VLANs connecting to the switch via that port. The host in question has an IP address of 10.2.30.10, and its default gateway is set to 10.2.30.2 (which is the IP address of the VLAN interface on the switch).
The switch has a trunk port at GigabitEthernet1/0/23 that is configured to pass all VLAN traffic to port GigabitEthernet0/0 on the Cisco 3825 router. I have configured GigabitEthernet0/0.30 on the router to have an IP address of 10.2.30.1. All traffic is passed to the "WAN" interface of the router, which is GigabitEthernet0/1 and is set up to receive an IP address via DHCP from the rest of my environment.
The router is able to ping Google's DNS servers (8.8.8.8) without an issue. Any host that is connected directly to the router through GigabitEthernet0/0 and configured with a correct static IP address is also able to ping Google's DNS servers. However, the problem that I am experiencing is that the L3 switch is not able to ping Google's DNS servers, nor is the host connected to the switch.
I have enabled detailed packet debugging, ARP debgging, and ICMP debugging on the switch. When I attempt to ping Google's DNS servers from the host connected to the switch, I receive the following: IP: s=10.2.30.2 (local), d=8.8.8.8, len 60, unroutable ICMP type=8, code=0
Based upon the troubleshooting that I have done so far, I believe that I am having some sort of NAT issue, when I use the show ip nat translations command on both the router and switch, I receive an empty response. I have also used the debug ip nat command to see there are any NAT-related error messages that appear when I attempt to ping an external IP address, but I have not noticed any messages at all.
Here is a link to the router's full running configuration file, and here is a link to the switch's full running configuration file.
Thank you in advance for any and all help!
Ageudum
Posted 2016-02-13T03:54:46.253
Reputation: 26
Are you sure this is in a home network? If this is in a business environment, please post this on [sf] instead, as enterprise networking questions are off-topic for Super User (see the [help/on-topic] for details). Please don't cross-post—if you post your question there, you should delete the question here. – bwDraco – 2016-02-13T04:11:02.967
I am using this in a home environment, although the equipment is (older) enterprise-grade stuff. – Ageudum – 2016-02-13T04:13:48.400
Oh, okay. That makes sense now. – bwDraco – 2016-02-13T04:14:19.067
Can the VM ping the inside interface of the router? IP
10.0.0.1– Smeerpijp – 2016-02-13T17:37:34.370It cannot. I receive a "Destination host unreachable" error when I attempt to do so. With
debug ip packet detailenabled, I can see that the packets receive an "unroutable" error as well. – Ageudum – 2016-02-13T18:07:14.153The VM sends tagged VLAN 30 packets to a trunk port on the switch, and another trunk port on that switch is connected to your router, that has the IP of 10.2.30.1 on that VLAN 30 sub-interface? Then your VM's default gateway should be .1, not .2 - as the routing should be done by the router, that has an interface in the same subnet. – xpac – 2016-02-14T00:24:16.957
I have changed the default gateway of the host to the router at 10.2.30.1, but there has been no change in my issue. Both the host and the switch are unable to ping external IP addresses, such as 8.8.8.8. – Ageudum – 2016-02-14T20:14:56.597