Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2414
Views
0
Helpful
5
Replies

Dot1Q Encapsulation in Wan and Lan interfaces of Router 2900

zsmr00001
Level 1
Level 1

‎05-02-2014 09:27 AM - edited ‎03-04-2019 10:54 PM

Hello Friends,

A Router 2911 have its Lan interface with dot1q encapsulation, my task was configure its Wan interface with dot1q encapsulation too. The point was that a vlan in Lan SubInterface had to go out through other vlan in Wan SubInterface, they must be related one to one.

So, I make the following:

 

1.-Added SubInterfaces in Wan  interface, Vlan 80 y 81:

************************************************************************

interface GigabitEthernet0/0.80

 encapsulation dot1Q 80

 ip address 11.0.12.2 255.255.255.252

!

interface GigabitEthernet0/0.81

 encapsulation dot1Q 81

 ip address 11.0.12.6 255.255.255.252

********************************************************************************

 

2.- Configured Accesslist y RouteMap for each Lan Subinterface:

****************************************************************************

access-list 101 permit ip 192.168.120.0 0.0.0.63 any

access-list 102 permit ip 192.168.120.64 0.0.0.63 any

!

route-map RedB_Cahua permit 20

 match ip address 102

 set ip next-hop 11.0.12.5

!

route-map RedA_Cahua permit 10

 match ip address 101

 set ip next-hop 11.0.12.1

****************************************************************************************

 

3.- Added the IP Route's followings:

**************************************************************************************

ip route 11.0.12.0 255.255.255.252 GigabitEthernet0/0.80

ip route 11.0.12.4 255.255.255.252 GigabitEthernet0/0.81

ip route 192.168.120.0 255.255.255.192 GigabitEthernet0/1.20

ip route 192.168.120.64 255.255.255.192 GigabitEthernet0/1.21

**************************************************************************************

4.-Finally, inserted the Route-Map in the Lan Subinterfaces

******************************************************************************************

interface GigabitEthernet0/1.20

 encapsulation dot1Q 20

 ip address 192.168.120.60 255.255.255.192

 standby 2 ip 192.168.120.62

 standby 2 priority 105

 standby 2 preempt

 standby 2 track 1 decrement 10

ip policy route-map RedA_Cahua

!

interface GigabitEthernet0/1.21

 encapsulation dot1Q 21

 ip address 192.168.120.125 255.255.255.192

 standby 3 ip 192.168.120.126

 standby 3 priority 105

 standby 3 preempt

 standby 3 track 1 decrement 10

 ip policy route-map RedB_Cahua

*************************************************************************************

 

This Wan port is connected to a Trunk port of remote Swich 3560, in this only is allowed the Vlans 80 and 81, and I configured its nativeVlan as Vlan2.

When I connect a Laptop on access port with Vlan80 in remote Switch, I can do ping to all equipments on subnetwork corresponding to it (192.168.120.0
/192). The same way for Vlan 81.

But the trouble is that I can't have web connection to this equipments. Also, this equipments can do ping's to google, hotmail, DNS's but they don't have web connections. I have checked with traceroute and it is correct. There is no filter either.

And when this network is without Wan Subinterfaces on Router and connected to Acces port  on remote Switch, it works very well.

I will  appreciate all help you can give me on this issue.

Thanks for your time.

Best regards,

Sandro

 

 

Labels:
0 Helpful
5 Replies 5

davrojas
Level 3
Level 3

‎05-02-2014 11:28 AM

Hello Sandro,

 

For "I can't have web connection to this equipments" what error message do you get or what is the behavior?  Do you get an HTTP 500 or something similar?

0 Helpful

zsmr00001
Level 1
Level 1
In response to davrojas

‎05-02-2014 03:36 PM

Hello,

Davrojas, there is no message, all seem to be rigth, but when I test the web connection it does not connect.

0 Helpful

davrojas
Level 3
Level 3
In response to zsmr00001

‎05-05-2014 04:32 PM

Hello zsmr00001,

 

What results do you get when you try to telnet using port 8080 or 443 to any of the equipments?

0 Helpful

zsmr00001
Level 1
Level 1
In response to davrojas

‎05-09-2014 06:52 AM

Hello davrojas,

I found the error yesterday.  What happend was that there is a microwave link between Router 2911 and Switch 3560, so in this microwave link the size of MTU was short, then we changed its size and it worked. 

Regarding your question I coud do telnet too, but not to the web connection. It was for the short MTU.

Thanks for your interest.

0 Helpful

rosaho
Level 3
Level 3
In response to zsmr00001

‎07-24-2015 03:20 PM

This discussion has been reposted from Top Contributors to the WAN, Routing and Switching community.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card