Alright, pretty much a network newb. Really need to know how to just setup a vlan with an IP and a static route for our DHCP / DNS servers on these devices. (Nortel 5510 & Nortel 5520 acting as a core router.)
I have made my vlans and added the route but traffic is not getting through to DNS / DHCP servers, while I can PING IP addresses. So I am guessing my route is not working. I thought at first AT&T may have misconfigured their firewall interface IP which would be why I couldn't see or ping it.
My core router IP:
10.188.16.1
My VLAN IP:
172.30.188.11 (As per documentation to do so)
DNS / DHCP :
10.253.188.10
10.253.188.12
The route I am supposed to create is supposed to point to an interface on an AT&T managed firewalkl.
10.253.188.0/24 -> next hop 172.30.188.1
Here is what my interface for the connection to the firewall from my switch stack / router looks like:
Unit/Port: 4/13 Trunk: Admin Status: Enable Oper Status: Down EAP Oper Status: Up VLACP Oper Status: Down STP Oper Status: Forwarding Link: Down LinkTrap: Enabled Link Autonegotiation: Enabled Energy Saver: Disabled Energy Saver Oper Status: No Power Saving BPDU-guard (BPDU Filtering): Disabled BPDU-guard (BPDU Filtering) Oper Status: N/A SLPP-guard: Disabled SLPP-guard Oper Status: N/A **VLAN interfaces configuration** Filter Filter Untagged Unregistered Unit/Port Frames Frames PVID PRI Tagging Name --------- -------- ------------ ---- --- ------------- -------------- 4/13 No Yes 1 0 UntagAll Unit 4,Port 13 **VLAN ID port member configuration** Unit/Port VLAN VLAN Name VLAN VLAN Name VLAN VLAN Name --------- ---- ---------------- ---- ---------------- ---- ---------------- 4/13 1 default 96 DMZ-Traffic --------- ---- ---------------- ---- ---------------- ---- ---------------- *****Spanning-tree port configurations***** Unit Port Trunk Participation Priority Path Cost State ---- ---- ----- --------------- -------- --------- ---------- 4 13 Normal Learning 128 1 Forwarding
And here is the out put from a few common commands:
ROUTER#show vlan ip ============================================================================== Vid ifIndex Address Mask MacAddress Offset Routing ============================================================================== Primary Interfaces ------------------------------------------------------------------------------ 1 10001 10.188.16.1 255.255.240.0 00:1A:8F:69:B4:40 1 Enabled 96 10096 172.30.188.11 255.255.255.0 00:1A:8F:69:B4:42 3 Enabled Total VLAN IP entries: 2 ROUTER#show ip route static =============================================================================== Ip Static Route =============================================================================== DEST MASK NEXT COST PREF LCNHOP STATUS ENABLE ------------------------------------------------------------------------------- 0.0.0.0 0.0.0.0 10.188.16.5 1 5 TRUE ACTIVE TRUE 10.253.188.0 255.255.255.0 172.30.188.1 1 5 FALSE INACTV TRUE
All I did was create my vlan, assign it an IP address, enable routing on it, (routing is obviously enabled globally), and then created a static route for DNS /DHCP traffic. But when plugging it into the Checkpoint Firewall by AT&T it is a no go. These switches are fairly old and will be upgraded soon but if I could just get this working for now I would be happy. Thanks to anyone who tries to help.
No comments:
Post a Comment