Hello I am trying to setup an ICX 7150 to allow me to have multiple vlans share the same dhcp server on one vlan and the internet connection on the default vlan
However my very simple config seems unable to route from vlan 2 across to the default vlan
I have port 1/2/1 configured with ip address 192.168.50.15/24
My router is ip 192.168.50 254
I have the ip address range 10.172.2.1/24 attached to virtual interface VE 2
DCHP on 10.172.2.0 and that works if i connect to a untagged switchport
But I am unable to access the internet from any device with a 10.172.2.x address, default gateway is set to 10.172.2.1
Any advice greatly received and config shown below
ICX7150-C12 Router#sho run Current configuration: ! ver 08.0.95dT213 ! stack unit 1 module 1 icx7150-c12-poe-port-management-module module 2 icx7150-2-copper-port-2g-module module 3 icx7150-2-sfp-plus-port-20g-module stack-port 1/3/1 stack-port 1/3/2 ! ! global-stp ! ! ! vlan 1 name DEFAULT-VLAN by port spanning-tree ! vlan 2 name server by port untagged ethe 1/1/1 to 1/1/4 router-interface ve 2 !
aaa authentication web-server default local aaa authentication login default local boot sys fl sec console timeout 30 enable aaa console ip dhcp-client disable ip dhcp-server enable ! ip dhcp-server pool server lease 0 0 30 network 10.172.2.0 255.255.255.0 option 3 ip 10.172.2.1 option 5 ip 18.104.22.168 deploy ! ip default-network 192.168.50.0/24 ip dns server-address 192.168.50.254 ip route 0.0.0.0/0 192.168.50.254 ip route 10.172.2.0/24 192.168.50.254 ip router-id 192.168.50.15 ! telnet timeout 10 no telnet server username super password ..... username mgladmin password ..... ! ! password-change any ! ! ! ! manager registrar 22.214.171.124 126.96.36.199 manager active-list 188.8.131.52 184.108.40.206 ! manager port-list 987 ! ! router ospf area 0.0.0.0 ! ! ! ! ! ! ! ! interface ethernet 1/2/1 ip address 192.168.50.15 255.255.255.0 no ip dhcp-client enable ! interface ve 2 port-name Server ip address 10.172.2.1 255.255.255.0 ! ! ip ssh timeout 30 ip ssh idle-time 10 ! end
@vincent_felisaz Hi, no the router is a basic unit with a single ip address 192.168.50.254 that NATs out to the internet, I have the ICX switch in router mode and assumed that it would route traffic from multiple VLAN's with various subnets to the internet via the default LAN on 192.168.50.0/24. This is a trail setup for a much bigger network I am installing.
below are the results from the ping test
ICX7150-C12 Router>ping 220.127.116.11 source 192.168.50.15 Sending 1, 16-byte ICMP Echo to 18.104.22.168, timeout 5000 msec, TTL 64 Type Control-c to abort Reply from 22.214.171.124 : bytes=16 time=15ms TTL=116 Success rate is 100 percent (1/1), round-trip min/avg/max=15/15/15 ms. ICX7150-C12 Router>ping 126.96.36.199 source 10.172.2.1 Sending 1, 16-byte ICMP Echo to 188.8.131.52, timeout 5000 msec, TTL 64 Type Control-c to abort Request timed out. No reply from remote host. ICX7150-C12 Router>
So here is the issue, your NAT router must be aware of the 10.172.2.0 network. Otherwise it will not be able to route the traffic back to the end-device. There is no NAT on the ICX itself to mask the different subnets in its VLAN.
One way to do it is to configure the NAT/Internet Access router with all the local subnets. The second way is to use dynamic routing like OSPF to have exchanges between the 2 routers about their local subnets. In this way the ICX will announce to the NAT router the subnet 10.172.2.0 and others if there are.
Ok I kind of understand, but my router will only take 1 ip address, the Cisco system we have in place currently the router only has a single gateway ip address, i thought the the 10.172.2.0/24 would route to 192.168.50.254 via the ruckus unit, the switch is in router mode and all the examples I have seen show that to be the case. I have OSPF already switched on already. Also is it not routing the packets from 10.172.2.x across to 192.168.50.254.?
I very much appreciate you help with this thank you
For OSPF to work, you have to enable it globally, and assign interface(s) in the area (the right one if you have several). You have enable it already but you have to go on interface to assign it. So for your setup :