this .1 address has been set as the default gateway for all items on the individual VLANs, allowing them to all communicate to each other.
192.168.168.0 (VLAN80) holds a number of servers, i have set up some static routes to 192.168.168.1 for each of the above subnets.
I can ping from one subnet to the other, no problem at all.
192.168.170.0 (VLAN100) This holds some general servers for the whole organisation, and also the gateway to the internet.
My problem is that I cannot access the internet from anything other than the 192.168.170.0 subnet. This is obviously to do with routing!!
a little more info:
192.168.168.16 is a windows DC, with DNS and DHCP etc on it. this is currently issuing DHCP to VLAN20, giving 192.168.2.0 addresses, all good, and giving a default gateway of 192.168.162.1, and DNS as 192.168.168.16
192.168.168.16, has its default gateway set to 192.168.170.17, a server with the same subnet routing as above. these 2 servers can both access each other.
192.168.170.17 has a default gateway of 192.168.170.40 (Internet gateway).
So basically, anything on the 170.0 subnet can access the internet with a default gateway of 170.17.....also giving it access to all other subnets, but the other subnets cannot acess the internet.
If i am a PC on VLAN20, this is the route i would expect to take
192.168.162.34 (My PC)
192.168.162.1 (Layer 3 Switch Routing)
192.168.168.16 (DNS Server, DG on 170 subnet, so route to that)
192.168.168.1 (Layer 3 Switch Again)
192.168.170.40 (Internet Gateway)
This is obviously wrong, i feel that I am close, but not quite sure where i am wrong.
Your analysis provides quite an insight on your network setup and possible problems.
Since all your VLANs are able to communicate between each other, hence InterVLAN routing is working correctly for you, I feel that your problem is around your Internet Gateway marked as 192.168.170.40.
The 192.168.170.40 device needs to be able to provide Internet access for every internal network. This effectively means that NAT must be performed for each VLAN.
From your testing and troubleshooting, I believe that your Gateway is only performing NAT for the clients belonging in the same network that is, 192.168.170.0.
My suggestion is to check your configuration on your Internet Gateway as this is more likely to be the source of your problem.
Looks like the 170.40 address does not know how to get to the other subnets .
I am not sure if i may have understood your issue but just humour me ....
If you have a L3 switch and all your vlans are terminating on this switch you should be putting a default route on this switch to point to the 170.40 address. And make sure the 170.40 address should have routes back to all the vlans