4 Replies Latest reply on Sep 2, 2015 10:19 PM by skerzman

    inter vlan routing 1531 can not ping

    skerzman New Member

      Newbie

       

      Ports 1-8  vlan 10.

      port 9 vlan 1

      Can not ping to other pc to different subnets.

      Can ping vlan ip address from all ports.

      Do I need to do ACL ?

      Doing DHCP on Vlan 10 for phones, customer is **** DHCP on Cisco Switch vlan 1. Will the 2 DHCP servers interfere using intervlan routing?

      Would like to do. Customer on 192.168.254.0/24 needs to access the servers 192.168.253.0/24 to manage phone system and other applications.

      Customer is using a Cisco Small Business RV082 8 port VPN router.Doing DHCP for printers only.

       

      interface vlan 1

        ip address  192.168.254.1  255.255.255.0

        ip route-cache express

        no shutdown

      !

      interface vlan 10

        ip address  192.168.253.1  255.255.255.0

        ip route-cache express

        no shutdown

       

      Gateway to Cisco VPN router. Also it is the gateway to the internet.

      ip route 0.0.0.0 0.0.0.0 192.168.254.248

       

      Mitelswitch#show running-config

      Building configuration...

      !

      !

      ! ADTRAN, Inc. OS version R11.1.0

      ! Boot ROM version R11.1.0

      ! Platform: NetVanta 1531, part number 1700570F1

      ! Serial number

      !

      !

      hostname "Mitelswitch"

      ip subnet-zero

      ip classless

      ip routing

      !

      !

      ip route-cache express

      !

      auto-config

      !

      event-history on

      no logging forwarding

      no logging email

      !

      no service password-encryption

      !

      portal-list "all" console ftp http-admin ssh telnet

      !

      username "scott" portal-list "all" password encrypted "424a3b8dbeafe11306c3df6f3a94425d4e9e"

      username "admin" portal-list "all" password encrypted "2c24a942824dd95fe345b57565b9b766ed74"

      !

      aaa on

      ftp authentication LoginUseLocalUsers

      !

      !

      aaa authentication login LoginUseTacacs group tacacs+

      aaa authentication login LoginUseRadius group radius

      aaa authentication login LoginUseLocalUsers local

      aaa authentication login LoginUseLinePass line

      !

      aaa authentication enable default enable

      !

      aaa authentication port-auth default local

      !

      !

      no dot11ap access-point-control

       

      no dos-protection

       

      no desktop-auditing dhcp

       

      no network-forensics ip dhcp

      !

       

      vlan 1

        name "Default"

      !

      vlan 10

        name "Phone"

      !

      interface gigabit-switchport 0/1

        no shutdown

        switchport access vlan 10

        no lldp send-and-receive

      !

      interface gigabit-switchport 0/2

        no shutdown

        switchport access vlan 10

        no lldp send-and-receive

      !

      interface gigabit-switchport 0/3

        no shutdown

        switchport access vlan 10

      !

      interface gigabit-switchport 0/4

        no shutdown

        switchport access vlan 10

      !

      interface gigabit-switchport 0/5

        no shutdown

        switchport access vlan 10

      !

      interface gigabit-switchport 0/6

        no shutdown

        switchport access vlan 10

      !

      interface gigabit-switchport 0/7

        no shutdown

        switchport access vlan 10

      !

      interface gigabit-switchport 0/8

        no shutdown

        switchport access vlan 10

      !

      interface gigabit-switchport 0/9

        no shutdown

        switchport access vlan 10

      !

      interface gigabit-switchport 0/10

        no shutdown

      !

      interface gigabit-switchport 0/11

        no shutdown

      !

      interface gigabit-switchport 0/12

        no shutdown

      !

      !

      !

      interface vlan 1

        ip address  192.168.254.1  255.255.255.0

        ip route-cache express

        no shutdown

      !

      interface vlan 10

        ip address  192.168.253.1  255.255.255.0

        ip route-cache express

        no shutdown

      !

      !

      !

      !

      !

      ip route 0.0.0.0 0.0.0.0 192.168.254.248

      !

      no tftp server

      no tftp server overwrite

      http authentication LoginUseLocalUsers

      http server

      no http secure-server

      no snmp agent

      no ip ftp server

      no ip scp server

      no ip sntp server

      !

      !

      !

      !

      !

      snmp-server engine local 800002980300a0c801e5e1

      !

      !

      !

      !

      line con 0

        login authentication LoginUseLocalUsers

      !

      line telnet 0 4

        login authentication LoginUseLocalUsers

        password md5 encrypted 3a146c05992288c8ea31be9c2656ede1

        no shutdown

      line ssh 0 4

        login authentication LoginUseLocalUsers

        no shutdown

      !

      !

      !

      !

      end

       

      Thank You

      Scott

        • Re: inter vlan routing 1531 can not ping
          cj! Beta_User

          Hi Scott:

           

          Thanks for posting your question in the Support Community!  I think your configuration looks good.

           

          It's important that the 1531 is the default gateway for hosts in both VLANs.  192.168.253.1 should be the default gateway for Voice devices; 192.168.254.1 for devices in the Default VLAN.  A common challenge when integrating a Layer 3 switch to an existing LAN is that hosts will already have a default gateway assigned which is some other router (perhaps the Cisco at 192.168.254.248 directly), when they should be changed to use the 1531 as the default gateway to support inter-VLAN routing.

           

          Another approach is available, though it is less efficient:  Add a static route to the Cisco router to the 192.168.253.0/24 network via gateway 192.168.253.1.  This can be useful when it is difficult to get all of the devices' default gateway changed to the 1531.  However, if you have a large volume of traffic between the VLANs, then the link up to the Cisco router and back down to the 1531 will impose a bottleneck.  I would consider adding the static route to the Cisco as a catch-all and then take action to update DHCP and statically-addressed hosts to point to the 1531 as default gateway.  You might end up with a mix, but each device pointed to the 1531 will benefit from the most efficient path (and reduce load/congestion through the Cisco).

           

          In some cases, a third option is simplest:  Coordinate to change the Cisco router to use a new LAN IP address.  Add the IP address 192.168.254.248 to the 1531 interface VLAN 1 as a secondary address.  Change your 1531 default route to the Cisco's new address.  At that point, there's no need to change the default gateway for existing LAN devices since you have essentially shuffled the same address to another unit.  This approach may ease the amount of work required while realizing the full benefit and performance efficiency of the Layer 3 switch.

           

          Please keep us posted and reply if you have additional questions.

           

          Best,

          Chris

            • Re: inter vlan routing 1531 can not ping
              skerzman New Member

              Had tech plug laptop into port 10 Vlan 1. ip 192.168.254.2  255.255.255.0  G192.168.254.1

              Can ping to the 192.168.254.2 from any device from the 192.168.253.0/24 G 192.168.253.1

              For some reason when I was on site I could not ping. DId notice when I plug into the switch it takes a little bit of time to come up. What I would like do is give internet to .253.0/24. Port 10/Vlan 1 is just to connect to the layer 2 switch or port on the Cisco RV082 8-port VPN router.Customer is using 192.168.254.0/24 G 192.168.254.248. Using DHCP for only printers all pc are static on Vlan 1.

              On the other network 192.168.253.0/24 G 192.168.253.1 of the Adtran 1531 Vlan 10 ports 1-9 192.168.253.1


              What is the best way to make this work and what route do I need in the Adtran and Cisco?

               

              Thank you

              Scott

                • Re: inter vlan routing 1531 can not ping
                  cj! Beta_User

                  Scott:

                   

                  I think your default route in the 1531 will work for that unit.  In the Cisco, add a static route to the 192.168.253.0/24 network via 192.168.254.1.

                   

                  Chris

                    • Re: inter vlan routing 1531 can not ping
                      skerzman New Member

                      Chris,

                       

                      We plugged in port 10 vlan 10 of the 1531. The other side went into the Cisco RV-082 VPN router. added a route in the network section 192.168.253.1. Change the PC gateways to 192.168.254.1 from 192.168.254.248. They still have route for 192.168.254.248 to the internet. .254.x can see the .253.x network behind the router. 253.x cannot see the .254.x or ping. I am guessing the router is blocking it. Did not have enough time to work with customer. I do know the 1531 is doing all the routing for the few pc using the 192.168.254.1 gateway.Do need to get access to the internet on the .253.x If th e .254 is getting to internet using the gatway of the 1531 with a route of 192.168.254.248.

                      Going to plug straight in the layer 2 switch and see if we get some where.

                       

                      Thank you

                      Scott