cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
464
Views
0
Helpful
7
Replies

Question on L2/3 routing

npereira
Level 1
Level 1

Hi all,

I have 1 6513 and need help configuring a network on it.

We use VLAN and have about 8 of them.

I have to intoroduce a private SIP network to the switch.

So the port that has the WAN connection from the provider is G12/41 and is setup with an IP address:

207.218.57.114/30

The G12/42 is connected to the SIP gateway with IP address :

208.48.188.219/29

The Gateway has :

208.48.188.218/29

Theses ports do not have any VLAN associated to them.

I need a way to go from my PROD vlan to the 208 network so I can manage the SIP Gateway.

My question is how do I setup another port (G12/43) which would be a PC connected to it, to have access from my PROD vlan to this 208 network?

Take note that there is a second SIP Provider with a Private network (different IP address scheme but same physical config) in here also, and the management PC also needs access to that network which is 65.89.151.xx/29

7 Replies 7

lgijssel
Level 9
Level 9

In general, these issues can be solved by configuring an ethernet-vlan. What I mean by that is a vlan without any interface vlan config.

Assigning switchports to this vlan allows interconnectivity but effecitvely isolates them from the rest of the network as there is no link to layer3. This implies that your routing demands must be solved in another way.

Perhaps by adding some external routers? There might be an easier way but we need to know more about your topology to advise properly.

regards,

Leo

So how would the config of all 3 ports + vlan look like?

Sorry, I must have misread your question.

As I see it now, why are you unable to access the sip-gateways over the Internet?

They have public adresses and you will certainly have Internet access.

Is this perhaps a firewall issue?

Leo

all the IP addresses listed above are reserved on a Private IP VPN, so no internet access available to those.

In that case, you may want to run NAT to hide your internal adresses and (more important) to access the SIP's without modifying their routing tables. All it takes is one free ip from the /29.

You can then configure the required routes as static hostroutes and make them available from your internal network.

I suppose that you are sufficiently aquainted with configuring NAT.

regards,

Leo

i did not want to use nat, as it's a private protected network.

Does anyone know how my config should be?

Can I put the 208.48.188.xx L3 port into a vlan and make the 2 vlans (PROD and this new one) talk to each other?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: