Newbie
Ports 1-8 vlan 10.
port 9 vlan 1
Can not ping to other pc to different subnets.
Can ping vlan ip address from all ports.
Do I need to do ACL ?
Doing DHCP on Vlan 10 for phones, customer is dong DHCP on Cisco Switch vlan 1. Will the 2 DHCP servers interfere using intervlan routing?
Would like to do. Customer on 192.168.254.0/24 needs to access the servers 192.168.253.0/24 to manage phone system and other applications.
Customer is using a Cisco Small Business RV082 8 port VPN router.Doing DHCP for printers only.
interface vlan 1
ip address 192.168.254.1 255.255.255.0
ip route-cache express
no shutdown
!
interface vlan 10
ip address 192.168.253.1 255.255.255.0
ip route-cache express
no shutdown
Gateway to Cisco VPN router. Also it is the gateway to the internet.
ip route 0.0.0.0 0.0.0.0 192.168.254.248
Mitelswitch#show running-config
Building configuration...
!
!
! ADTRAN, Inc. OS version R11.1.0
! Boot ROM version R11.1.0
! Platform: NetVanta 1531, part number 1700570F1
! Serial number
!
!
hostname "Mitelswitch"
ip subnet-zero
ip classless
ip routing
!
!
ip route-cache express
!
auto-config
!
event-history on
no logging forwarding
no logging email
!
no service password-encryption
!
portal-list "all" console ftp http-admin ssh telnet
!
username "scott" portal-list "all" password encrypted "424a3b8dbeafe11306c3df6f3a94425d4e9e"
username "admin" portal-list "all" password encrypted "2c24a942824dd95fe345b57565b9b766ed74"
!
aaa on
ftp authentication LoginUseLocalUsers
!
!
aaa authentication login LoginUseTacacs group tacacs+
aaa authentication login LoginUseRadius group radius
aaa authentication login LoginUseLocalUsers local
aaa authentication login LoginUseLinePass line
!
aaa authentication enable default enable
!
aaa authentication port-auth default local
!
!
no dot11ap access-point-control
no dos-protection
no desktop-auditing dhcp
no network-forensics ip dhcp
!
vlan 1
name "Default"
!
vlan 10
name "Phone"
!
interface gigabit-switchport 0/1
no shutdown
switchport access vlan 10
no lldp send-and-receive
!
interface gigabit-switchport 0/2
no shutdown
switchport access vlan 10
no lldp send-and-receive
!
interface gigabit-switchport 0/3
no shutdown
switchport access vlan 10
!
interface gigabit-switchport 0/4
no shutdown
switchport access vlan 10
!
interface gigabit-switchport 0/5
no shutdown
switchport access vlan 10
!
interface gigabit-switchport 0/6
no shutdown
switchport access vlan 10
!
interface gigabit-switchport 0/7
no shutdown
switchport access vlan 10
!
interface gigabit-switchport 0/8
no shutdown
switchport access vlan 10
!
interface gigabit-switchport 0/9
no shutdown
switchport access vlan 10
!
interface gigabit-switchport 0/10
no shutdown
!
interface gigabit-switchport 0/11
no shutdown
!
interface gigabit-switchport 0/12
no shutdown
!
!
!
interface vlan 1
ip address 192.168.254.1 255.255.255.0
ip route-cache express
no shutdown
!
interface vlan 10
ip address 192.168.253.1 255.255.255.0
ip route-cache express
no shutdown
!
!
!
!
!
ip route 0.0.0.0 0.0.0.0 192.168.254.248
!
no tftp server
no tftp server overwrite
http authentication LoginUseLocalUsers
http server
no http secure-server
no snmp agent
no ip ftp server
no ip scp server
no ip sntp server
!
!
!
!
!
snmp-server engine local 800002980300a0c801e5e1
!
!
!
!
line con 0
login authentication LoginUseLocalUsers
!
line telnet 0 4
login authentication LoginUseLocalUsers
password md5 encrypted 3a146c05992288c8ea31be9c2656ede1
no shutdown
line ssh 0 4
login authentication LoginUseLocalUsers
no shutdown
!
!
!
!
end
Thank You
Scott
Hi Scott:
Thanks for posting your question in the Support Community! I think your configuration looks good.
It's important that the 1531 is the default gateway for hosts in both VLANs. 192.168.253.1 should be the default gateway for Voice devices; 192.168.254.1 for devices in the Default VLAN. A common challenge when integrating a Layer 3 switch to an existing LAN is that hosts will already have a default gateway assigned which is some other router (perhaps the Cisco at 192.168.254.248 directly), when they should be changed to use the 1531 as the default gateway to support inter-VLAN routing.
Another approach is available, though it is less efficient: Add a static route to the Cisco router to the 192.168.253.0/24 network via gateway 192.168.253.1. This can be useful when it is difficult to get all of the devices' default gateway changed to the 1531. However, if you have a large volume of traffic between the VLANs, then the link up to the Cisco router and back down to the 1531 will impose a bottleneck. I would consider adding the static route to the Cisco as a catch-all and then take action to update DHCP and statically-addressed hosts to point to the 1531 as default gateway. You might end up with a mix, but each device pointed to the 1531 will benefit from the most efficient path (and reduce load/congestion through the Cisco).
In some cases, a third option is simplest: Coordinate to change the Cisco router to use a new LAN IP address. Add the IP address 192.168.254.248 to the 1531 interface VLAN 1 as a secondary address. Change your 1531 default route to the Cisco's new address. At that point, there's no need to change the default gateway for existing LAN devices since you have essentially shuffled the same address to another unit. This approach may ease the amount of work required while realizing the full benefit and performance efficiency of the Layer 3 switch.
Please keep us posted and reply if you have additional questions.
Best,
Chris
Hi Scott:
Thanks for posting your question in the Support Community! I think your configuration looks good.
It's important that the 1531 is the default gateway for hosts in both VLANs. 192.168.253.1 should be the default gateway for Voice devices; 192.168.254.1 for devices in the Default VLAN. A common challenge when integrating a Layer 3 switch to an existing LAN is that hosts will already have a default gateway assigned which is some other router (perhaps the Cisco at 192.168.254.248 directly), when they should be changed to use the 1531 as the default gateway to support inter-VLAN routing.
Another approach is available, though it is less efficient: Add a static route to the Cisco router to the 192.168.253.0/24 network via gateway 192.168.253.1. This can be useful when it is difficult to get all of the devices' default gateway changed to the 1531. However, if you have a large volume of traffic between the VLANs, then the link up to the Cisco router and back down to the 1531 will impose a bottleneck. I would consider adding the static route to the Cisco as a catch-all and then take action to update DHCP and statically-addressed hosts to point to the 1531 as default gateway. You might end up with a mix, but each device pointed to the 1531 will benefit from the most efficient path (and reduce load/congestion through the Cisco).
In some cases, a third option is simplest: Coordinate to change the Cisco router to use a new LAN IP address. Add the IP address 192.168.254.248 to the 1531 interface VLAN 1 as a secondary address. Change your 1531 default route to the Cisco's new address. At that point, there's no need to change the default gateway for existing LAN devices since you have essentially shuffled the same address to another unit. This approach may ease the amount of work required while realizing the full benefit and performance efficiency of the Layer 3 switch.
Please keep us posted and reply if you have additional questions.
Best,
Chris
Had tech plug laptop into port 10 Vlan 1. ip 192.168.254.2 255.255.255.0 G192.168.254.1
Can ping to the 192.168.254.2 from any device from the 192.168.253.0/24 G 192.168.253.1
For some reason when I was on site I could not ping. DId notice when I plug into the switch it takes a little bit of time to come up. What I would like do is give internet to .253.0/24. Port 10/Vlan 1 is just to connect to the layer 2 switch or port on the Cisco RV082 8-port VPN router.Customer is using 192.168.254.0/24 G 192.168.254.248. Using DHCP for only printers all pc are static on Vlan 1.
On the other network 192.168.253.0/24 G 192.168.253.1 of the Adtran 1531 Vlan 10 ports 1-9 192.168.253.1
What is the best way to make this work and what route do I need in the Adtran and Cisco?
Thank you
Scott
Scott:
I think your default route in the 1531 will work for that unit. In the Cisco, add a static route to the 192.168.253.0/24 network via 192.168.254.1.
Chris
Chris,
We plugged in port 10 vlan 10 of the 1531. The other side went into the Cisco RV-082 VPN router. added a route in the network section 192.168.253.1. Change the PC gateways to 192.168.254.1 from 192.168.254.248. They still have route for 192.168.254.248 to the internet. .254.x can see the .253.x network behind the router. 253.x cannot see the .254.x or ping. I am guessing the router is blocking it. Did not have enough time to work with customer. I do know the 1531 is doing all the routing for the few pc using the 192.168.254.1 gateway.Do need to get access to the internet on the .253.x If th e .254 is getting to internet using the gatway of the 1531 with a route of 192.168.254.248.
Going to plug straight in the layer 2 switch and see if we get some where.
Thank you
Scott