Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
506
Views
0
Helpful
7
Replies

CME/ Internet Access Question

dmitrybarsky
Level 1
Level 1

‎02-13-2008 10:52 AM - edited ‎03-13-2019 04:58 PM

I am in the process of setting up a hypothetical CME system and I have most things out but I need some help with regard to getting internet access. Here is the equipment that I want to use and how I want to use it

Cisco 2811 router with ES module

Linksys WRT54G router (that will handle NAT)

Linksys Cable Modem to Comcast Cable Internet (DHCP)

Here is the scenario I have so far:

On the 2811 there are two DHCP pools created (that correspond to the two VLANS used in the network):

DHCP Pool DATA

with addresses 10.1.10.x

where default router is 10.1.10.1

DHCP Pool VOICE

with addresses 10.1.20.x

where default router is 10.1.20.1

and option 150 is 10.1.20.1 (cisco CME tftp)

Likewise, the telephony-service source ip is configured as 10.1.20.1

The virtual gigabit ethernet interface on the router that connects to the ES module is configured with two subinterfaces that correspond to the two VLANs used:

So Gi1/0 (or whatever its number is)

has two subinterfaces:

Gi1/0.10 for DATA

where the dot1q is for VLAN 10

the interface ip is 10.1.10.1

Gi1/0.20 for VOICE

where the dot1q is for VLAN 20

the interface ip is 10.1.20.1

On the ES switch, the virtual gigabit port (Gi1/0/2 lets call it) is set up for trunking with dot1q and is setup to allow all VLANs across the trunk.

the individual switchports on the ES module are configured as follows:

Interface FastEthernet0/x

switchport access vlan 10

switchport trunk encapsulation dot1q

switchport mode access

switchport voice vlan 20

spanning-tree portfast

-------------------------------------

First off, I would like to use the Linksys router for web access and have it connected to one of my switchports on the ES module. The DHCP server on the Linksys would of course be off and lets say the linksys will have a static ip of 10.1.10.2 and would thus reside in the DATA vlan (the linksys would of course still get the comcast internet outside IP via DHCP from the connected cable modem).

So far, if I look at this setup as it would operate it seems to me that most everything would work fine. Inter-vlan routing should be ok thanks to the subinterfaces on the router and trunk on the switch, so computers connected to the switch that are placed in vlan 10 DATA will be able to ping phones that are in the VOICE vlan. Likewise, computers will be able to access to CME as well at its address 10.1.20.1.

Likewise, thanks to the DHCP computers connected to the switch will have a default router address of 10.1.10.1 (the 2811).

So, as far as I understand it, all of the above inter-vlan routing from the DATA to the VOICE vlan will work because of the fact that the computers know to "ask" the router 10.1.10.1 where to route packets that are not in their subnet.

Here's where the problem comes in, supposing I want internet access through the linksys router (on the DATA vlan, but that doesn't really matter, does it?) how do I let a computer know how to route internet traffic to that router without changing the default router command in the DHCP pool for the DATA Vlan?

the reason I ask this is because I thought about this for a while and at one point I figured I could just set the default router for the DATA DHCP pool to point directly to the static ip of the Linksys, however while this should give the computers internet access wouldn't it isolate the DATA vlan from the VOICE vlan altogether? After all, in this scenario supposing a computer tries to ping 10.1.20.1 (the CME) and since its in a different subnet it would query the default router which is the Linksys and the ping would fail since the linksys has no way of routing the traffic between subnets?

Is one possible solution to have the following line in my 2811 config

ip classless

ip route 0.0.0.0 0.0.0.0 10.1.10.2

I unfortunately do not have the equipment on hand to test this but would such a setup work?

Any and all help is of course appreciated!!

Labels:
0 Helpful
7 Replies 7

Brandon Buffin
VIP Alumni
VIP Alumni

‎02-13-2008 11:33 AM

My recommendation would be to take the Linksys out of the equation and allow the 2811 to route traffic to the internet.

Brandon

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame
In response to Brandon Buffin

‎02-13-2008 11:39 AM

I agree with Michael. If you're allowed to use cable modem of your own, you can use a cable Network Module in the 2811.

Similarly for HWIC-1ADSL that is router's card for ADSL. Note, the ES module is expensive and unless you get PoE with it, doesn;t do much advantae. It can be better to get an external switch with Poe instead.

0 Helpful

dmitrybarsky
Level 1
Level 1
In response to paolo bevilacqua

‎02-13-2008 11:46 AM

thank you for the quick replied. I agree that the 2811 would certainly be better for routing than the linksys. I was just wondering whether a setup such as the one I described would work? With regard to the es module I just used that as an example I have no particular attachment to it.

Thanks again I love this forum!

0 Helpful

dmitrybarsky
Level 1
Level 1
In response to paolo bevilacqua

‎02-13-2008 11:53 AM

thank you for the quick replied. I agree that the 2811 would certainly be better for routing than the linksys. I was just wondering whether a setup such as the one I described would work? With regard to the es module I just used that as an example I have no particular attachment to it.

Thanks again I love this forum!

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame
In response to dmitrybarsky

‎02-13-2008 11:57 AM

Sure. About all the routing stuff, you should not need worry to much about. Once the router gets a packet for a destination it knows, it will route it.

All what the phones and PCs need, no matter the VLAN they're using, is a default gateway. That is the router precisely.

0 Helpful

dmitrybarsky
Level 1
Level 1
In response to paolo bevilacqua

‎02-13-2008 05:44 PM

so essentially what you are saying is that I could use the config described in my initial post and I wouldn't have to even use the ip route command at all? If this is the case then how does the router know to forward packets that are meant to go to the Internet through the linksys router connected to an arbitrary port on one of my switches? I was just wondering how this works from a technical standpoint. I understand how the inter-vlan routing works on the internal network its just the connection to the Internet through a secondary router (linksys) that gets me confused. One of the reasons is because it isn't defined as a router anywhere in my config. Does the 2811 just send some sort of broadcast message when it receives packets going to tge Internet? Is that how it routes them to the outside? I was just wondering because I want to understand how this type of scenario would work.

Thanks again!!!

0 Helpful

jburk
Level 1
Level 1
In response to dmitrybarsky

‎04-01-2008 01:58 PM

no the 2811 doesn't broadcast, it just routes to networks it knows about. so you have the default route of 0.0.0.0 0.0.0.0 to 10.1.10.2 - so the PC asks it's default gateway (2811) for a route to an internet address and the 2811 doesn't have that subnet directly connected so it forwards the packet based on it's routing table to the default route, which will take you to the Linksys and so on.

another option you have is to let the 2811 do the NAT, vlan your internal stuff and trunk it to one fastE interface and then connect the other fastE to your DSL modem. This way you can avoid another NM or WIC.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents