Routing Internet to VLAN (ENET WIC 4SW)

[MobyRic]

All...

I've purchased a 1760 Router with two WICS, an older 10MB Enet WIC and a new 4 port layer 2 SW WIV. I'm trying to do what I think is a pretty basic config, but seem to be having problems routing and I'm looking for help. Here's the scenario...

FE0/0 - Private IP for management only
FE0/1 through FE0/4 - Switch WIC setup as layer 2 VLAN 666 with a virtual IP on the VLAN (Plan to use as publicly routed /29 subnet) with up to 4 "public" hosts, such as my firewall(s). These will in turn, also connect to the private IP (as noted, 0/0 is only for mgmt). Using VLAN virtual IP as my DFGW for nodes in this subnet.
E1/0 - Single port enet WIC, connected to ISP using DHCP. This is the outbound connection to the Internet.

Here's the problem. From the router, I can show IP routes and see all connected subnets. The issue is that I have a device plugged into FE0/1 with an IP of .226. The VLAN virtual IP is .225. From the router, I can ping .225 but not .226 (there are no rules to prevent ICMP). From .226, I can not ping .225 (DFGW / VIP of the VLAN 666).

Thoughts? Here's the config...

************
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
no ip dhcp use vrf connected
!
ip cef
!
interface FastEthernet0/0
ip address 172.20.66.1 255.255.255.0
speed auto
full-duplex
no cdp enable
!
interface FastEthernet0/1
switchport access vlan 666
!
interface FastEthernet0/2
switchport access vlan 666
!
interface FastEthernet0/3
switchport access vlan 666
!
interface FastEthernet0/4
switchport access vlan 666
!
interface Ethernet1/0
description Internet Public Interface (Cable Modem)
ip address dhcp
full-duplex
!
interface Vlan1
no ip address
shutdown
!
interface Vlan666
desc Publicly Routed Subnet Range
ip address 24.229.12.225 255.255.255.248
!
ip classless

 

[vipergg]

Do a show vlan does vlan 666 show up ? if not create it , conf t , vlan 666 , enter .

 

[MobyRic]

It is up. It also shows in the routing table.

 

[MobyRic]

Just to confirm...

sho int vlan 666
Vlan666 is up, line protocol is up
Hardware is EtherSVI, address is 0012.430c.da1a (bia 0012.430c.da1a)
Description: Publicly Routed Subnet Range
Internet address is 24.229.12.225/29
MTU 1500 bytes, BW 100000 Kbit, DLY 1000000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 06:58:15, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
54 packets input, 3242 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
59 packets output, 3540 bytes, 0 underruns
0 output errors, 2 interface resets
0 output buffer failures, 0 output buffers swapped out

 

[lambent]

Is the interface f0/1 "up up" when you plug in your device?

 

[MobyRic]

Yes it is. Driving me crazy (must be something really silly missing).

 

[lambent]

Make sure the IP address and subnet mask of your device match with that in the interface VLAN 666

 

[MobyRic]

They do...

 

[lambent]

Plug in another device with same subnet and see if the 2 devices can ping each other.