Solved: Setting up internet on Layer3 Switch

linuxwiz54 · ‎08-14-2016

How can I set this up and is there a document that I can refer too.

Milos Megis · ‎09-04-2016

Hi,
sorry I forgot one command last time.

You must enable L3 layer on switch with command "ip routing".

Also I hope that IP address which you used above (10.0.0.0) is just example.
This is private address and most probably it is not valid next hop interface address.

View solution in original post

Milos Megis · ‎09-11-2016

There is more form of command "ip route..."

1. ip route 0.0.0.0 0.0.0.0 <outgoing_interface> (use only on point-to-point lines)

2. ip route 0.0.0.0 0.0.0.0 <next_hop_ip_address>

3. ip route 0.0.0.0 0.0.0.0 <outgoing_interface> <next_hop_ip_address>

I think that you should use form 2 or 3.
But next hop ip address is not public IP address of VLAN interface but ip address of interface of next router in path (simply said "gateway").

View solution in original post

Milos Megis · ‎08-14-2016

Hi,
I don´t know what you imagine under "setting up internet...".

But you will have one problem if you don´t use public IP addresses.
Layer 3 switch doesn´t support NAT. So you cannot use private IP addresses.

If you will use public addresses then just move port into some VLAN and create VLAN interface for this VLAN.
Or on interface type command "no switchport" and you can configure it as routed port with IP address.
Don´t forget to configure default route in routing table.

linuxwiz54 · ‎09-04-2016

Hi Milos,

I lost my own thread and couldn't find it until today. I am connecting to the public IP address

when I check the "sh ip route" I get gateway of last resort not set. however I did type in default gateway 10.x.x.x. ip address,

so I create an "ip route 0.0.0.0 0.0.0.0 10.0.0.0"

What am i doing wrong

Milos Megis · ‎09-04-2016

Hi,
sorry I forgot one command last time.

You must enable L3 layer on switch with command "ip routing".

Also I hope that IP address which you used above (10.0.0.0) is just example.
This is private address and most probably it is not valid next hop interface address.

linuxwiz54 · ‎09-05-2016

hi milos,

after the "ip routing" do I need to type any sort of IP address or is that not necessary.

yes IP address above is an example that

Milos Megis · ‎09-05-2016

"ip routing" is whole command for enabling L3 service on switch.

linuxwiz54 · ‎09-09-2016

enabled ip routing, ip route should I put 0.0.0.0 0.0.0.0. (ip address) of the public or the VLAN.

Sorry I am new to this and learning.

Milos Megis · ‎09-11-2016

There is more form of command "ip route..."

1. ip route 0.0.0.0 0.0.0.0 <outgoing_interface> (use only on point-to-point lines)

2. ip route 0.0.0.0 0.0.0.0 <next_hop_ip_address>

3. ip route 0.0.0.0 0.0.0.0 <outgoing_interface> <next_hop_ip_address>

I think that you should use form 2 or 3.
But next hop ip address is not public IP address of VLAN interface but ip address of interface of next router in path (simply said "gateway").

linuxwiz54 · ‎09-12-2016

Thank you Milos, after the above command worked, I am able to ping from the switch google dns 8.8.8.8 or any outgoing ip address and get a successful ping, but when I connect a workstation, I have no internet connection. what am I doing wrong.

Milos Megis · ‎09-12-2016

For next troubleshooting it will be good if you send me running config of switch and ipconfig/all from PC.

I know that you use public IP what is sensitive information. So try replace sensitive information in config with "stars" (please leave first octet of IP as it is) or send me these configurations over private message.

linuxwiz54 · ‎09-16-2016

I have uploaded the config file I have hidden all the IP info which is public.

Milos Megis · ‎09-16-2016

Hi, as I thought.

You use private address. 10.x.x.x is private range.

You need NAT this address to public but switch doesn't support NAT.

Switch has public address so it is able to ping anything on internet. But PC has private address.

I wrote about this in first post.

If you have only one public IP then you cannot make it working only with this switch. You need router to perform NAT.

linuxwiz54 · ‎09-17-2016

Thank you very much all your help, So I will need to buy a router and configure a port to the internet and connect the other to switch to make this work am I correct.

If so what router would you recommend since this for learning do you think a cisco 7301 router would work.

Milos Megis · ‎09-18-2016

Yes you are correct. You need to perform (configure) NAT and only routers support this function.

I think that you don´t need so expensive router only just for learning (or only for NAT). You can try something cheaper (cisco 1841 for example). But if you know to get this box cheaply then it is your choice.

However, NAT function depends on IOS not on hardware itself.
But I think that every IOS supports IPv4 NAT function. You can check it on following webpage: http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

linuxwiz54 · ‎09-19-2016

Thank you for all the support Milos. I truly appreciate it.