Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1100
Views
0
Helpful
5
Replies

Vlan routing

Go to solution
Arne4
Level 1
Level 1

‎05-12-2022 10:23 AM - edited ‎05-13-2022 02:45 AM

Hey guys,

 

I'm attempting to route my managment vlan over 2 seperate routers but i haven't had any success so far.

 
 

This is my current setup, i'm trying to route vlan 99 (red) over to the green network. The idea is that my WLC is on the the managment vlan (99) which is currently only active in the red zone. Don't mind R1,R3 they are just redundancy. Also the link between R0 and R2 don't route any traffic this is just an uplink for HRSP, everything goes thru the "firewall".

image.png

Any help would be greatly appreciated!

 

Kind Regards

Arne

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP
In response to Arne4

‎05-12-2022 11:45 AM - edited ‎05-12-2022 11:47 AM

 You can not extend one vlan passing through the Router, if that what you need.

What you can do is:

 

Creat vlan 99 on switch green.

Pass vlan 99 on the trunk between switch green and router R2.

Pass vlan 99 on the trunk between switch and wlc.

On R2 you can create a subinterface like:

int gi1/0

no ip add

int gi1/0.99

encapsulation dot1.q

ip add 192.168.1.1 255.255.255.0

 

Then, the WLC can have the IP address 192.168.1.2 255.255.255.0 and gateway 192.168.1.1

 

On the Router0 you can do the same thing but using a different ip range.

 

nt gi1/0

no ip add

int gi1/0.99

encapsulation dot1.q

ip add 192.168.2.1 255.255.255.0

 

Then you can configure the PC as 192.168.2.2 255.255.255.0 and gateway 192.168.2.1

 

Now, you need to configure the interface between R0 and R2 with a transit network.

Let´s say:

192.168.4.1 255.255.255.252 on R0

192.168.4.2 255.255.255.252 on R3

Then you enable RIP on both.

router rip

version 2

 

Then you can communicate between PC and WLC. But keep in mind that the VLAN 99 in one side has nothing to do with vlan 99 in the other side. Vlan does not pass through the router.  They are using the same ID but you need layer 3 routing to communicate.

 

 

 

 

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Flavio Miranda
VIP
VIP

‎05-12-2022 10:38 AM

Hi

 Not sure about what you meant by route vlan 99.  If you attach the .pkt file here , need to zip it, then will be easier.  Just tell what tou want to accomplish. You want that a PC in the red area access the WLC passing through area blue? 

0 Helpful

Go to solution
Arne4
Level 1
Level 1
In response to Flavio Miranda

‎05-12-2022 11:14 AM

Hello,

 

My end goal is that my WLC controller is connected to vlan 99 instead of vlan 2.

So in short my controller needs to access the the router in the red zone where vlan 99 is configured using Router On Stick.

 

I'd rather not upload the pkt since all of my devices are password protected and i'd have to reconfigure them all, but if its really necessary let me know and i'l upload it.

 

I hope this cleared it up a bit

 

 

 

0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to Arne4

‎05-12-2022 11:45 AM - edited ‎05-12-2022 11:47 AM

 You can not extend one vlan passing through the Router, if that what you need.

What you can do is:

 

Creat vlan 99 on switch green.

Pass vlan 99 on the trunk between switch green and router R2.

Pass vlan 99 on the trunk between switch and wlc.

On R2 you can create a subinterface like:

int gi1/0

no ip add

int gi1/0.99

encapsulation dot1.q

ip add 192.168.1.1 255.255.255.0

 

Then, the WLC can have the IP address 192.168.1.2 255.255.255.0 and gateway 192.168.1.1

 

On the Router0 you can do the same thing but using a different ip range.

 

nt gi1/0

no ip add

int gi1/0.99

encapsulation dot1.q

ip add 192.168.2.1 255.255.255.0

 

Then you can configure the PC as 192.168.2.2 255.255.255.0 and gateway 192.168.2.1

 

Now, you need to configure the interface between R0 and R2 with a transit network.

Let´s say:

192.168.4.1 255.255.255.252 on R0

192.168.4.2 255.255.255.252 on R3

Then you enable RIP on both.

router rip

version 2

 

Then you can communicate between PC and WLC. But keep in mind that the VLAN 99 in one side has nothing to do with vlan 99 in the other side. Vlan does not pass through the router.  They are using the same ID but you need layer 3 routing to communicate.

 

 

 

 

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Arne4

‎05-12-2022 12:31 PM

 

It's not clear where the L3 interface for vlan 99 is ie. you say vlan 99 is blue but then you say it is in the red zone and is on the router so where is the L3 interface for that vlan ? 

 

Jon

0 Helpful

Go to solution
David Ruess
VIP
VIP

‎05-12-2022 11:44 AM

Hello,

So to make sure I understand the requirement you need VLAN 2 and VLAN 99 to be able to "reach/route" to eachother? And it needs to be done with Router on a Stick?

A couple things.

For Router on a Stick you need a subinterface per VLAN you want to route. The VLANS will both be on 1 switch as well and not separated like you have them

When you say the link between R0 and R2 is an uplink for HSRP does that mean its a layer 2 link between your router devices?

Another point is you say everything goes through the firewall which to me means youare already routing traffic "through the firewall"

There may be a reconfiguring in order if some of these are the case.

What looks like you tried to do is R0 and R1 are HSRP neighbors of VLAN 99 and R2 and R3 are HSRP neighbors for VLAN 2? Is this correct?

 

@Flavio Miranda  may be right about uploading your pkt file. If you can remove the passwords it will help.
-David

0 Helpful
Customers Also Viewed These Support Documents