cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
skerzman
New Contributor

inter vlan routing 1531 can not ping

Jump to solution

Newbie

Ports 1-8  vlan 10.

port 9 vlan 1

Can not ping to other pc to different subnets.

Can ping vlan ip address from all ports.

Do I need to do ACL ?

Doing DHCP on Vlan 10 for phones, customer is dong DHCP on Cisco Switch vlan 1. Will the 2 DHCP servers interfere using intervlan routing?

Would like to do. Customer on 192.168.254.0/24 needs to access the servers 192.168.253.0/24 to manage phone system and other applications.

Customer is using a Cisco Small Business RV082 8 port VPN router.Doing DHCP for printers only.

interface vlan 1

  ip address  192.168.254.1  255.255.255.0

  ip route-cache express

  no shutdown

!

interface vlan 10

  ip address  192.168.253.1  255.255.255.0

  ip route-cache express

  no shutdown

Gateway to Cisco VPN router. Also it is the gateway to the internet.

ip route 0.0.0.0 0.0.0.0 192.168.254.248

Mitelswitch#show running-config

Building configuration...

!

!

! ADTRAN, Inc. OS version R11.1.0

! Boot ROM version R11.1.0

! Platform: NetVanta 1531, part number 1700570F1

! Serial number

!

!

hostname "Mitelswitch"

ip subnet-zero

ip classless

ip routing

!

!

ip route-cache express

!

auto-config

!

event-history on

no logging forwarding

no logging email

!

no service password-encryption

!

portal-list "all" console ftp http-admin ssh telnet

!

username "scott" portal-list "all" password encrypted "424a3b8dbeafe11306c3df6f3a94425d4e9e"

username "admin" portal-list "all" password encrypted "2c24a942824dd95fe345b57565b9b766ed74"

!

aaa on

ftp authentication LoginUseLocalUsers

!

!

aaa authentication login LoginUseTacacs group tacacs+

aaa authentication login LoginUseRadius group radius

aaa authentication login LoginUseLocalUsers local

aaa authentication login LoginUseLinePass line

!

aaa authentication enable default enable

!

aaa authentication port-auth default local

!

!

no dot11ap access-point-control

no dos-protection

no desktop-auditing dhcp

no network-forensics ip dhcp

!

vlan 1

  name "Default"

!

vlan 10

  name "Phone"

!

interface gigabit-switchport 0/1

  no shutdown

  switchport access vlan 10

  no lldp send-and-receive

!

interface gigabit-switchport 0/2

  no shutdown

  switchport access vlan 10

  no lldp send-and-receive

!

interface gigabit-switchport 0/3

  no shutdown

  switchport access vlan 10

!

interface gigabit-switchport 0/4

  no shutdown

  switchport access vlan 10

!

interface gigabit-switchport 0/5

  no shutdown

  switchport access vlan 10

!

interface gigabit-switchport 0/6

  no shutdown

  switchport access vlan 10

!

interface gigabit-switchport 0/7

  no shutdown

  switchport access vlan 10

!

interface gigabit-switchport 0/8

  no shutdown

  switchport access vlan 10

!

interface gigabit-switchport 0/9

  no shutdown

  switchport access vlan 10

!

interface gigabit-switchport 0/10

  no shutdown

!

interface gigabit-switchport 0/11

  no shutdown

!

interface gigabit-switchport 0/12

  no shutdown

!

!

!

interface vlan 1

  ip address  192.168.254.1  255.255.255.0

  ip route-cache express

  no shutdown

!

interface vlan 10

  ip address  192.168.253.1  255.255.255.0

  ip route-cache express

  no shutdown

!

!

!

!

!

ip route 0.0.0.0 0.0.0.0 192.168.254.248

!

no tftp server

no tftp server overwrite

http authentication LoginUseLocalUsers

http server

no http secure-server

no snmp agent

no ip ftp server

no ip scp server

no ip sntp server

!

!

!

!

!

snmp-server engine local 800002980300a0c801e5e1

!

!

!

!

line con 0

  login authentication LoginUseLocalUsers

!

line telnet 0 4

  login authentication LoginUseLocalUsers

  password md5 encrypted 3a146c05992288c8ea31be9c2656ede1

  no shutdown

line ssh 0 4

  login authentication LoginUseLocalUsers

  no shutdown

!

!

!

!

end

Thank You

Scott

Labels (1)
0 Kudos
1 Solution

Accepted Solutions
cj_
Valued Contributor
Valued Contributor

Re: inter vlan routing 1531 can not ping

Jump to solution

Hi Scott:

Thanks for posting your question in the Support Community!  I think your configuration looks good.

It's important that the 1531 is the default gateway for hosts in both VLANs.  192.168.253.1 should be the default gateway for Voice devices; 192.168.254.1 for devices in the Default VLAN.  A common challenge when integrating a Layer 3 switch to an existing LAN is that hosts will already have a default gateway assigned which is some other router (perhaps the Cisco at 192.168.254.248 directly), when they should be changed to use the 1531 as the default gateway to support inter-VLAN routing.

Another approach is available, though it is less efficient:  Add a static route to the Cisco router to the 192.168.253.0/24 network via gateway 192.168.253.1.  This can be useful when it is difficult to get all of the devices' default gateway changed to the 1531.  However, if you have a large volume of traffic between the VLANs, then the link up to the Cisco router and back down to the 1531 will impose a bottleneck.  I would consider adding the static route to the Cisco as a catch-all and then take action to update DHCP and statically-addressed hosts to point to the 1531 as default gateway.  You might end up with a mix, but each device pointed to the 1531 will benefit from the most efficient path (and reduce load/congestion through the Cisco).

In some cases, a third option is simplest:  Coordinate to change the Cisco router to use a new LAN IP address.  Add the IP address 192.168.254.248 to the 1531 interface VLAN 1 as a secondary address.  Change your 1531 default route to the Cisco's new address.  At that point, there's no need to change the default gateway for existing LAN devices since you have essentially shuffled the same address to another unit.  This approach may ease the amount of work required while realizing the full benefit and performance efficiency of the Layer 3 switch.

Please keep us posted and reply if you have additional questions.

Best,

Chris

View solution in original post

0 Kudos
4 Replies
cj_
Valued Contributor
Valued Contributor

Re: inter vlan routing 1531 can not ping

Jump to solution

Hi Scott:

Thanks for posting your question in the Support Community!  I think your configuration looks good.

It's important that the 1531 is the default gateway for hosts in both VLANs.  192.168.253.1 should be the default gateway for Voice devices; 192.168.254.1 for devices in the Default VLAN.  A common challenge when integrating a Layer 3 switch to an existing LAN is that hosts will already have a default gateway assigned which is some other router (perhaps the Cisco at 192.168.254.248 directly), when they should be changed to use the 1531 as the default gateway to support inter-VLAN routing.

Another approach is available, though it is less efficient:  Add a static route to the Cisco router to the 192.168.253.0/24 network via gateway 192.168.253.1.  This can be useful when it is difficult to get all of the devices' default gateway changed to the 1531.  However, if you have a large volume of traffic between the VLANs, then the link up to the Cisco router and back down to the 1531 will impose a bottleneck.  I would consider adding the static route to the Cisco as a catch-all and then take action to update DHCP and statically-addressed hosts to point to the 1531 as default gateway.  You might end up with a mix, but each device pointed to the 1531 will benefit from the most efficient path (and reduce load/congestion through the Cisco).

In some cases, a third option is simplest:  Coordinate to change the Cisco router to use a new LAN IP address.  Add the IP address 192.168.254.248 to the 1531 interface VLAN 1 as a secondary address.  Change your 1531 default route to the Cisco's new address.  At that point, there's no need to change the default gateway for existing LAN devices since you have essentially shuffled the same address to another unit.  This approach may ease the amount of work required while realizing the full benefit and performance efficiency of the Layer 3 switch.

Please keep us posted and reply if you have additional questions.

Best,

Chris

View solution in original post

0 Kudos
skerzman
New Contributor

Re: inter vlan routing 1531 can not ping

Jump to solution

Had tech plug laptop into port 10 Vlan 1. ip 192.168.254.2  255.255.255.0  G192.168.254.1

Can ping to the 192.168.254.2 from any device from the 192.168.253.0/24 G 192.168.253.1

For some reason when I was on site I could not ping. DId notice when I plug into the switch it takes a little bit of time to come up. What I would like do is give internet to .253.0/24. Port 10/Vlan 1 is just to connect to the layer 2 switch or port on the Cisco RV082 8-port VPN router.Customer is using 192.168.254.0/24 G 192.168.254.248. Using DHCP for only printers all pc are static on Vlan 1.

On the other network 192.168.253.0/24 G 192.168.253.1 of the Adtran 1531 Vlan 10 ports 1-9 192.168.253.1


What is the best way to make this work and what route do I need in the Adtran and Cisco?

Thank you

Scott

cj_
Valued Contributor
Valued Contributor

Re: inter vlan routing 1531 can not ping

Jump to solution

Scott:

I think your default route in the 1531 will work for that unit.  In the Cisco, add a static route to the 192.168.253.0/24 network via 192.168.254.1.

Chris

skerzman
New Contributor

Re: inter vlan routing 1531 can not ping

Jump to solution

Chris,

We plugged in port 10 vlan 10 of the 1531. The other side went into the Cisco RV-082 VPN router. added a route in the network section 192.168.253.1. Change the PC gateways to 192.168.254.1 from 192.168.254.248. They still have route for 192.168.254.248 to the internet. .254.x can see the .253.x network behind the router. 253.x cannot see the .254.x or ping. I am guessing the router is blocking it. Did not have enough time to work with customer. I do know the 1531 is doing all the routing for the few pc using the 192.168.254.1 gateway.Do need to get access to the internet on the .253.x If th e .254 is getting to internet using the gatway of the 1531 with a route of 192.168.254.248.

Going to plug straight in the layer 2 switch and see if we get some where.

Thank you

Scott