12-03-2018 06:30 AM
Hey Everyone,
So we just got setup with the Comcast P2P EDI Fiber. They never told me we needed to fo the L3 ourselves, so luckily we have a Cisco 4948 that can do some of that. I had this working the other day but we had a power outage and my cisco went to rommon so I lost everything and no I can not get it working again! So frustrating. Here is some info... The fiber comes out of Juniper into our Cisco Catalyst 4989 which then I have two ports on vlan to go to two seperate Barracuda firewalls which have seperate public ips. For some reason if I set my laptop to a static public ip it works but does not if I plug it into the Barracuda. Does all of this look correct?
Link IP Address: | 50.238.244.248/30 | Usable IP Block: | 50.238.245.0/28 |
Gateway: | 50.238.244.249 | Usable IP Ranges: | 50.238.245.2 thru 50.238.245.14 |
Layer 3 IP: | 50.238.244.250 | Usable Subnet Mask: | 255.255.255.240 |
Layer 3 Subnet Mask: | 255.255.255.252 | Usable IPv6 Block: | N/A |
DNS Information | |||
Geographic Location: |
| National DNS Servers |
|
Primary DNS: | 75.75.75.75 | Secondary DNS: | 75.75.76.76 |
Running Config:
Switch#show running-config
Building configuration...
Current configuration : 2636 bytes
!
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
!
!
no aaa new-model
ip subnet-zero
ip name-server 8.8.8.8
ip name-server 8.8.4.4
!
!
ip vrf EDI
!
ip vrf mgmtVrf
!
!
power redundancy-mode redundant
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet1
ip vrf forwarding mgmtVrf
no ip address
speed auto
duplex auto
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface GigabitEthernet1/3
!
interface GigabitEthernet1/4
!
interface GigabitEthernet1/5
!
interface GigabitEthernet1/6
!
interface GigabitEthernet1/7
!
interface GigabitEthernet1/8
!
interface GigabitEthernet1/9
!
interface GigabitEthernet1/10
!
interface GigabitEthernet1/11
!
interface GigabitEthernet1/12
!
interface GigabitEthernet1/13
!
interface GigabitEthernet1/14
!
interface GigabitEthernet1/15
!
interface GigabitEthernet1/16
!
interface GigabitEthernet1/17
!
interface GigabitEthernet1/18
!
interface GigabitEthernet1/19
!
interface GigabitEthernet1/20
!
interface GigabitEthernet1/21
!
interface GigabitEthernet1/22
!
interface GigabitEthernet1/23
!
interface GigabitEthernet1/24
!
interface GigabitEthernet1/25
!
interface GigabitEthernet1/26
!
interface GigabitEthernet1/27
!
interface GigabitEthernet1/28
!
interface GigabitEthernet1/29
!
interface GigabitEthernet1/30
!
interface GigabitEthernet1/31
!
interface GigabitEthernet1/32
!
interface GigabitEthernet1/33
!
interface GigabitEthernet1/34
!
interface GigabitEthernet1/35
!
interface GigabitEthernet1/36
!
interface GigabitEthernet1/37
!
interface GigabitEthernet1/38
!
interface GigabitEthernet1/39
!
interface GigabitEthernet1/40
!
interface GigabitEthernet1/41
!
interface GigabitEthernet1/42
!
interface GigabitEthernet1/43
!
interface GigabitEthernet1/44
!
interface GigabitEthernet1/45
!
interface GigabitEthernet1/46
switchport access vlan 80
!
interface GigabitEthernet1/47
switchport access vlan 80
!
interface GigabitEthernet1/48
no switchport
ip vrf forwarding EDI
ip address 50.238.244.250 255.255.255.252
!
interface TenGigabitEthernet1/49
!
interface TenGigabitEthernet1/50
!
interface TenGigabitEthernet1/51
!
interface TenGigabitEthernet1/52
!
interface Vlan1
no ip address
!
interface Vlan80
description Comcast LAN Block
ip vrf forwarding EDI
ip address 50.238.245.1 255.255.255.240
!
ip route vrf EDI 0.0.0.0 0.0.0.0 50.238.244.249
ip http server
!
!
!
!
line con 0
stopbits 1
line vty 0 4
!
end
12-03-2018 11:14 AM
Hi
You must to connect the firewalls at the ports: GigabitEthernet1/46 and GigabitEthernet1/47
.These ports are members of your inside Vlan 80
Regards
Ilir
12-03-2018 05:11 PM
Well yeah of course I know that . Im not really sure what happened but I enabled ip routing, walked away for 10 minutes, and then it started working. But if anyone else ever needs this type of information. The above config works. Im lucky i found some information while browsing.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide