cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1461
Views
0
Helpful
3
Replies

%Inconsistent address and mask - VPN inbound traffic

#TCN
Level 1
Level 1

Hi

I seem to be having some sort of mind block with static routing

The voice and data are on completely separate networks and I have a requirement to make both networks accessible for remote support

192.168.100 - 130.0 Voice network 

192.168.200 - 230.0 Data Network

I have a Cisco 877 router working as a VPN server and remote support need to access both voice and data networks.

------

The inside IP of the ADSL vpn router is 192.168.214.1 / 24   and that routes all inside traffic to the data core on IP 192.168.214.254

routing at the moment is:

ip route 192.168.0.0 255.255.0.0 192.168.214.254  (I can access all resources on data network)

ip route 0.0.0.0 0.0.0.0 dialer1

-------

the support team want to access the voice network now which is on completly seperate equipment...

so I was going to create a vlan on the voice core switch and give it an IP of  192.168.214.2 and conenct to the ADSL router directly  e.g....

Voice Core (new vlan to talk to VPN Router)

------------------------

interface vlan 214
ip address 192.168.214.2 255.255.255.0

ip route 0.0.0.0 0.0.0.0 192.168.214.1 (vpn router inside ip)

---------------

I want to route 192.168.200-230.0 towards 192.168.214.254 (data network gateway)

and the Voice networks - 192.168.100-130.0 towards 192.168.214.2 (voice network gatway)

I know i can use ip route 192.168.96.0 255.255.224.0 192.168.214.2 (which would be 96-128) but i would like to get it to cover the only subnets needed

1 Accepted Solution

Accepted Solutions

Jon Marshall
Hall of Fame
Hall of Fame

James

I know i can use ip route 192.168.96.0 255.255.224.0 192.168.214.2 (which would be 96-128) but i would like to get it to cover the only subnets needed

Just to clarify, is this what you are asking ie. how to summarise your voice networks ? If so you can't because they go from below .128 to above .128 ie. 192.168.100-130.0

So even your 192.168.96.0/27 would not cover all the networks. To cover only those subnets the best you could do is -

192.168.100.0 255.255.252.0

192.168.104.0 255.255.248.0

192.168.112.0 255.255.240.0

192.168.128.0 255.255.254.0

192.168.130.0 255.255.255.0

so you would need route statements for each of the above ranges.

Jon

View solution in original post

3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

James

I know i can use ip route 192.168.96.0 255.255.224.0 192.168.214.2 (which would be 96-128) but i would like to get it to cover the only subnets needed

Just to clarify, is this what you are asking ie. how to summarise your voice networks ? If so you can't because they go from below .128 to above .128 ie. 192.168.100-130.0

So even your 192.168.96.0/27 would not cover all the networks. To cover only those subnets the best you could do is -

192.168.100.0 255.255.252.0

192.168.104.0 255.255.248.0

192.168.112.0 255.255.240.0

192.168.128.0 255.255.254.0

192.168.130.0 255.255.255.0

so you would need route statements for each of the above ranges.

Jon

Thanks Jon

below config was successfully implemented.

Voice Network Core Switch
------------------

interface gig 2/1/48
Description Link to ADSL_877
ip address 192.168.214.253 255.255.255.0

ip route 0.0.0.0 0.0.0.0 192.168.214.1

---------------

Data Network Core Switch
------------------
interface 2/1/48
Description Link to ADSL_877
ip address 192.168.214.254 255.255.255.0

ip route 0.0.0.0 0.0.0.0 192.168.214.1

-----------

ADSL 877 (VPN Router)
--------------

interface Vlan1
description Inside_Lan_192.168.214.0_/24
ip address 192.168.214.1 255.255.255.0
ip nat inside
ip virtual-reassembly


ip route 192.168.100.0 255.255.252.0 192.168.214.253
ip route 192.168.104.0 255.255.248.0 192.168.214.253
ip route 192.168.112.0 255.255.240.0 192.168.214.253
ip route 192.168.128.0 255.255.254.0 192.168.214.253
ip route 192.168.130.0 255.255.255.0 192.168.214.253

ip route 192.168.0.0 255.255.252.0 192.168.214.254


ip route 0.0.0.0 0.0.0.0 Dialer1

spremkumar
Level 9
Level 9

Hi James

Can you post out a pictorial view of your requirement? I could see potential clashes in ip addressing and GW assignment to the data and voice devices.

Also would like to hear from you on the switch model you are using out there.

regds

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: