Same subnet on two different Sites

TristanGude · ‎01-10-2017

We have a Payroll software with two clock-in devices. The software requires that the computer where the software is installed and all the clock-in devices be in the same subnet. We have two sites connected through a VPN. Site A subnet 172.16, Site B subnet 172.17, Computer and clock-in A are in subnet 172.16.107 on Site A. That works fine. So, I created a subnet 172.16.107 on Site B, routed the 172.16.107 to Site A, but it does not work. I cannot ping the clock-in form the other site of the VPN. Please help,.

Philip D'Ath · ‎01-10-2017

Are you sure? That would mean they are pretty much a brain dead device to have such a restriction. I find it hard to believe that devices in this age have such dumb restrictions.

If this really is true, you'll need to use L2TPv3 over your VPN. You'll need to create a VLAN at your remote site (remote from the server) and put the time clock devices in it. Then use L2TPv3 to connect that VLAN to the local site with the server.

TristanGude · ‎01-11-2017

Thank you for replying. All the examples that I can find for L2TPv3 requires 4 routers, 2 on each site. I only have a router on each site. Can I use a L3 switch to simulate the router, how? I am lost.

VLAN 107 - Router Configuration

ip dhcp pool 107
network 172.16.107.0 255.255.255.0
domain-name elsolacademy.net
dns-server 172.16.0.225
default-router 172.16.107.1
netbios-name-server 172.16.0.225
lease 10
!

interface GigabitEthernet0/1.107
description Room-7
encapsulation dot1Q 107
ip address 172.16.107.1 255.255.255.0
ip nat inside
ip virtual-reassembly in

interface Tunnel0
ip address 172.16.10.1 255.255.255.0
tunnel source ....
tunnel destination ....

So when I trying to use xconnect command, I get

CISCO-3925-Router-El(config-subif)#xconnect 172.16.10.2 1001 encapsulation l2tpv3 pw-class l2tp1
Incompatible with ip address command on Gi0/1.107 - command rejected.

Thank you for your help

Philip D'Ath · ‎01-11-2017

You only require a single router at each site. You should dedicate one port to L2TP (which will go to the switch/vlan you want bridged) one one to L3 for the routing.

Layer 2 interfaces can not have an IP address on them.

TristanGude · ‎01-11-2017

But that is the port I am using for the dotq1 encapsulation and it the xconnect command take the entire network down. So if I need to use that port for the xconnect where do I create the vlans with the command int 0/1.vlan#?

Philip D'Ath · ‎01-11-2017

Can you not use Gig0/2? Use another [additional] port on the router at both ends.

TristanGude · ‎01-11-2017

yes, I did, but it does not work. Nothing is connected to gig0/2. So it shows the xconnect all as down.

Sorry. I am new at this.

Philip D'Ath · ‎01-11-2017

You need to plug Gig0/2 into your switch and have it present whatever vlan you want trunked between the two sites.

TristanGude · ‎01-12-2017

The issue is that the layout does not allow me to do that. See the Elementary Site layout attached. Not very good, but I hope you can understand it.

Philip D'Ath · ‎01-12-2017

You need to create a new vlan (at both sites, the same new vlan), and put all your payroll solution into that. Then L2TPv3 connect that VLAN together.

Either that for find a new payroll solution.