1 UC500 2 Networks

Unanswered Question

I have a UC500 where a workstation needs to connect to a separate network besides the UC network.  The link to the separate network is connected to fastethernet0/1/0.  The IP scheme is 10.32.4.0/24.  The gateway on that network is 10.32.4.254.

I connected the workstation to fastethernet0/1/1.  So far, I created a VLAN10 with an address of 10.32.4.245.  I can ping 10.32.4.245 from the workstation.  I cannot ping 10.32.4.254 from the workstation. If I telnet to the UC500, I can ping 10.32.4.254 no problem.


I tried to add a static route to 10.32.4.0 using VLAN10 as the interface.  That did not make a difference as far as pinging was concerned.


Anyone have an idea of how to fix this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

[email protected]


I have a UC500 where a workstation needs to connect to a separate network besides the UC network.  The link to the separate network is connected to fastethernet0/1/0.  The IP scheme is 10.32.4.0/24.  The gateway on that network is 10.32.4.254.

I connected the workstation to fastethernet0/1/1.  So far, I created a VLAN10 with an address of 10.32.4.245.  I can ping 10.32.4.245 from the workstation.  I cannot ping 10.32.4.254 from the workstation. If I telnet to the UC500, I can ping 10.32.4.254 no problem.


I tried to add a static route to 10.32.4.0 using VLAN10 as the interface.  That did not make a difference as far as pinging was concerned.


Anyone have an idea of how to fix this?


Here's what I did in a simular situation.

Caveats .. my OtherNet is VLAN201 and the network is 192.168.43.0/255.255.255.0


vlan 201

name LinkToOtherNet


interface FastEthernet0/1/0

switchport trunk native vlan 201

switchport mode trunk

macro description cisco-switch


interface Vlan201

description ** Link to OtherNet **

ip address 192.168.43.240 255.255.255.0

ip access-group 104 in

ip virtual-reassembly


That seems to have worked just fine on my end ... but naturally  your mileage may vary....


[email protected]


What does your access-list 104 look like?


access-list 104 deny tcp any eq 5060 any eq 5060

access-list 104 deny udp any eq 5060 any eq 5060

access-list 104 deny tcp any eq 5061 any eq 5061

access-list 104 deny udp any eq 5061 any eq 5061

access-list 104 deny tcp any eq 2427 any eq 2427

access-list 104 deny udp any eq 2427 any eq 2427

access-list 104 deny tcp any eq 2517 any eq 2517

access-list 104 deny udp any eq 2517 any eq 2517

access-list 104 deny tcp any eq 1718 any eq 1718

access-list 104 deny udp any eq 1718 any eq 1718

access-list 104 deny tcp any eq 1719 any eq 1719

access-list 104 deny udp any eq 1719 any eq 1719

access-list 104 deny tcp any eq 1720 any eq 1720

access-list 104 deny udp any eq 1720 any eq 1720

access-list 104 permit ip any any



Pretty much to keep SIP from sneeking in....  Plus a few other bad things...

I still cannot get this to work.  I attached the running config.  I tried it with and without the route statement that is currently in the config.  Do I need to do anything to the port that the pc is plugged into that needs access to the other network? It is fastethernet0/1/1.

[email protected]


I still cannot get this to work.  I attached the running config.  I tried it with and without the route statement that is currently in the config.  Do I need to do anything to the port that the pc is plugged into that needs access to the other network? It is fastethernet0/1/1.


Jason..


You'll need to plug the switch that supports your OtherNet (VLAN10) into FastE0/1/0.  You shouldn't need any route statement for VLAN10.  Since FastE0/1/0 is part of your OtherNet it'll know how to pass traffic back and forth to whatever other VLANs you've assigned to it...


I note you're routing to the BVI, not bad, but sometimes confusing.   I like to route serial (T1) traffic to interfaces, and Ethernet traffic to addresses.  But that is entirely a matter of personal preference...


Naturally, your mileage may vary....

Actions

This Discussion