Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
563
Views
3
Helpful
5
Replies

Problems in connecting to windows domain from a L3 switch

trackme
Level 1
Level 1

‎03-08-2006 09:48 PM - edited ‎03-03-2019 02:11 AM

Hello,

I have a Cisco L3 switch with two subnets on that switch. I dont have vlan for each subnet, all i did is confiugred two IP's for the single vlan, meaning the switch will have a IP in the server subnet and a secondary IP in the client subnet range. For the client subnet, the secondary IP will be the gateway and for the servers, the primary ip will be the gateway.

The issue is the Domain controller is in one subnet and the clients are in another subnet.

Because of this they are not able to see each other and the clients cant join the domain. Also the DHCP is not working,meaning clients are not getting an IP from the DHCP server. The scope is set to the range of Client IP range.

The only way to fix this, i have given dual IP's to this DC and then the systems clients started joing the domain.

I dont want to have the server with dual IP's.

What is the best way i can ensure that my Domain is in the server subnet and the clients who are in client subnet can join them over the Cisco L3 switch as both the server subnet switch and the client switch connected to the L3 which acts as the core switch at the site.

Labels:
0 Helpful
5 Replies 5

ankurbhasin
Level 9
Level 9

‎03-08-2006 09:55 PM

Hi Friend,

Which l3 switch you are having? If it is 3550 make sure ip routing is enabled as by default it is disabled and if it is disabled there will be no routing between the 2 subnets.

Also if it is enable check the ip route table if you are able to see both the subnets and make sure you are able to ping 2 machines if you assign 2 static ip for 2 different subnets to 2 machines.

Once routing is working I don;t think there should be any problem in your setup.

If possible paste the sh run from the switch.

Regards,

Ankur

0 Helpful

trackme
Level 1
Level 1
In response to ankurbhasin

‎03-08-2006 10:22 PM

hello,

Thanks for your reply.

Sorry that i didnt tell earlier that every thing works fine except the DHCP/Domain issue. This shows routing is ok.

Also i have complaints saying that when i have a user setup with a client ip, the performance is very slow, the moment i change that to a server IP range, the performance is very good.

The pity here is both for the client ip range and the Server IP range, the gateway is the L3 as i have configured dual IP's for that vlan in the L3, one for the Client IP range and the other for the server IP range.

The DHCP server will start issuing IP's to the client when the moment i change the IP of the DHCP server to the same range as that of the scope, i mean when i assign an IP to the DHCP server in the client IP range.

Both the DHCP and domain are the same machine and hence i have both problems ie DHCP not working and clients not able to join the domain.

think it should be some kind of broadcast issue here since both the DHCP and the Domain uses broadcasts.

I have tried using ip-helper address as well and still no luck :(

0 Helpful

ankurbhasin
Level 9
Level 9
In response to trackme

‎03-08-2006 10:40 PM

Hi Friend,

I presume the problem can be somewhere related to helper address where to be defined.

Lets take this way ip helper address is defined on the interface to route the broadcast packtes into unicast request.

When you might have defined the ip helper address I think it will take that command only when the request will come for the primary address and not for the secondary address.

Lets try this thing, I hope your DHCP server and domain controller server are in your primary subnet.

Can you configure their subnet for secondary address and client subnet as the primary ip address on the l3 interface on your l3 switch and then configure ip helper address with the ip address of dhcp server which is there in secondary ip subnet range.

Try this way and update if it works and I think it should work then.

Regards,

Ankur

0 Helpful

trackme
Level 1
Level 1
In response to ankurbhasin

‎03-09-2006 04:09 AM

thanks for your reply,

Guess what you said should work :)

i will try this soon since changing ip segments will have a down time which i cant right now.

i'm planning to have two vlans split and then configure the ip-helper address which i guess is more clean.

your thougts for any other better solution

0 Helpful

ankurbhasin
Level 9
Level 9
In response to trackme

‎03-09-2006 04:12 AM

Hi Friend,

If you already have the plan for segmenting the vlans that will be most preferred solution as per your network requirement.

As you already have 2 different subnets it is good to havethem stay in different vlans.

But when you plan to implement it try the solution which I posted earlier first which will clear if it works or not.

HTH, if yes please rate the post.

Ankur

Customers Also Viewed These Support Documents