05-10-2014 09:17 AM - edited 03-04-2019 10:57 PM
Introduction:
I have a ftth (Fiber to the home) service at home. My ISP offering 2 services with the ftth which is Internet access on Vlan500 and IPTV on Vlan600. I managed to setup router for internet access but not IPTV. I keep trying for 2 months without luck. Need help from you guy expert.
My Router and switch:
I have a CISCO1841 router and WS-C2950T-24 switch
My problem:
Internet access is working fine. All computer and laptop able to access internet. But IPTV is not working. Also not able to obtain IP from ISP. I have 2 port in my CISCO1841. fa0/0 connected to modem and fa0/1 connected to WS-C2950. I have no extra port for IPTV. Hence the IPTV set have to connected to switch and create vlan from the router to the switch to the IPTV set.
Computer connection:
BTU(modem) > [fa0/0.500 - 1841 - fa0/1] > [fa0/1 - 2950 - fa0/19] > [Access Point] > [computer]
IPTV connection:
BTU(modem) > [fa0/0.600 - 1841 - fa0/1] > [fa0/1 - 2950 - fa0/22] > [IPTV Set]
CISCO1841 Router:
interface FastEthernet0/0
description "WAN Port to Unifi BTU"
no ip address
duplex auto
speed auto
no cdp enable
!
interface FastEthernet0/0.500
encapsulation dot1Q 500
ip nat outside
ip virtual-reassembly
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
!
interface FastEthernet0/0.600
encapsulation dot1Q 600
ip nat outside
ip virtual-reassembly
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
!
interface FastEthernet0/1
description "LAN port connect to Switch"
ip address 192.168.xxx.x1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
interface Dialer1
ip ddns update hostname palma.ddns.net
ip ddns update ddns-noip
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname myusername
ppp chap password 0 mypassword
ppp pap sent-username username password 0 mypassword
WS-C2960:
interface FastEthernet0/1
description "Router uplink"
switchport trunk allowed vlan 1,500,600
switchport mode trunk
switchport voice vlan 600
spanning-tree portfast
interface FastEthernet0/19
description "Serve GF Study Room AP"
interface FastEthernet0/22
description "Serve TM IPTV"
switchport access vlan 600
switchport mode access
interface Vlan1
ip address 192.168.xxx.x8 255.255.255.0
no ip route-cache
show vlan:
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/23
Fa0/24, Gi0/1, Gi0/2
500 Unifi Internet Vlan active
600 Vlan 600 for IPTV active Fa0/22
show interface summary:
* FastEthernet0/22 0 0 0 0 0 0 0 0 0
Help is much appreciated. Thank you in advance.
05-10-2014 12:03 PM
Hi,
On a quick look, I think you have PC/Laptop connected to F0/19 of your switch?. You appear to have trunk enabled on F0/1 (which is connected to your 1841 router) and enabled IP address on LAN interface of 1841. So 1841 will expect IP packets without any dot1q and any dot1q will be dropped.
Since F0/19 is is default vlan, traffic from this port will be sent without any dot1q which will be forwarded by 1841 while traffic from your IPTV will be sent with 600 as dot1q which will be dropped by 1841.
How are you getting IP address for your PC/Laptop?. Few things you may need to do are:
1. Configure 2 subinterfaces for F0/1 (one for IPTV and other for Internet)
2. Enable DHCP on 1841 with different pool (one for IPTV and otehr for Internet).
3. Modify your NAT statements.
-Nagendra
05-10-2014 01:31 PM
Hello Nagendra
Thank you for your reply.
Yes, Laptop are connect to 2950 fa0/19
Yes, truck on 2950 fa0/1 with vlan500,600,1 (native vlan 1)
All PC obtain IP from the DHCP pool supply by CSICO1841. Here is my existing DHCP:
no ip dhcp use vrf connected
ip dhcp binding cleanup interval 10
ip dhcp excluded-address 192.168.xxx.1 192.168.xxx.100
ip dhcp excluded-address 192.168.xxx.250 192.168.xxx.254
ip dhcp excluded-address 192.168.xxx.101 192.168.xxx.150
!
ip dhcp pool LAN-Pool
network 192.168.xxx.0 255.255.255.0
domain-name mydomain.local
dns-server 8.8.8.8 202.188.0.133
default-router 192.168.xxx.x1
lease 7
!
Follow your advise I added another pool for IPTV. But I am not sure the IP will assigned by my CISCO1841 or by my ISP directly.
no ip dhcp use vrf connected
ip dhcp binding cleanup interval 10
ip dhcp excluded-address 192.168.xxx.1 192.168.xxx.100
ip dhcp excluded-address 192.168.xxx.250 192.168.xxx.254
ip dhcp excluded-address 192.168.xxx.101 192.168.xxx.150
!
ip dhcp pool LAN-Pool
network 192.168.xxx.0 255.255.255.0
domain-name mydomain.local
dns-server 8.8.8.8 202.188.0.133
default-router 192.168.xxx.x1
lease 7
!
ip dhcp pool IPTV-Pool
network 192.168.yy.0 255.255.255.0
domain-name iptv.mydomain.local
dns-server 8.8.8.8 202.188.0.133
default-router 192.168.yyy.y1
lease 7
I added 2 sub-interface in my CISCO1841. Now it look like this:
interface FastEthernet0/1
description "LAN port connect to Switch"
ip address 192.168.60.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1.500
description "Vlan500 for internet access"
encapsulation dot1Q 500
ip nat inside
ip virtual-reassembly
no cdp enable
!
interface FastEthernet0/1.600
description "Vlan600 for IPTV"
encapsulation dot1Q 600
ip nat inside
ip virtual-reassembly
no cdp enable
Appreciate if you can send me guide on how and what to modify in my NAT statement?
05-26-2014 01:20 AM
Hello nocsertech,
I share with you my working configuration. Since IPTV vlan from BTU is bridging mode, so we just need to bring 2 sub interface together will do.
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.500
encapsulation dot1Q 500
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface FastEthernet0/0.600
encapsulation dot1Q 600
bridge-group 1
bridge-group 1 spanning-disabled
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.500
encapsulation dot1Q 500
ip address 1.1.1.1 255.255.255.252
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface FastEthernet0/1.600
encapsulation dot1Q 600
bridge-group 1
bridge-group 1 spanning-disabled
bridge 1 protocol ieee
but i have a problem here too.... Every time if i completely power off the STB, i got to wait for 5 min before can watch show.
Hope above config can lead you some where.
06-08-2014 02:53 AM
Hi Stangly
Thank you for your kind reply. I have created vlan 500 and vlan 600 on both my router interface and also bridge on vlan600. But still does not work. Any idea where is my mistake made?
interface FastEthernet0/0
description "WAN Port to Unifi BTU"
no ip address
duplex auto
speed auto
no cdp enable
!
interface FastEthernet0/0.500
encapsulation dot1Q 500
ip nat outside
ip virtual-reassembly
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
!
interface FastEthernet0/0.600
encapsulation dot1Q 600
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
!
interface FastEthernet0/1
description "LAN port connect to Switch"
ip address 192.168.xx.xx 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1.600
encapsulation dot1Q 600
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
!
bridge 1 protocol ieee
In my switch.
WS-C2950:
interface FastEthernet0/1
description "Router uplink"
switchport trunk allowed vlan 1,500,600
switchport mode trunk
switchport voice vlan 600
spanning-tree portfast
interface FastEthernet0/22
description "Serve TM IPTV"
switchport access vlan 600
switchport mode access
interface Vlan1
ip address 192.168.xxx.x8 255.255.255.0
no ip route-cache
show vlan:
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/23
Fa0/24, Gi0/1, Gi0/2
500 Unifi Internet Vlan active
600 Vlan 600 for IPTV active Fa0/22
06-14-2014 09:06 AM
Hello nocsertech,
When i look into your Switch config, that is voice vlan conflit with IPTV Vlan, try this way.
interface FastEthernet0/1
no switchport voice vlan 600
Bare in mind, got to wait for few min to get connected. Hope this help.
06-21-2014 09:03 AM
Hello Stangly
I removed the voice voice vlan 600
switch 2950
=============
interface FastEthernet0/1
description "Router uplink"
switchport trunk allowed vlan 1,500,600
switchport mode trunk
interface FastEthernet0/22
description "Serve TM IPTV"
switchport access vlan 600
switchport mode access
Router 1841
===========
interface FastEthernet0/0
description "WAN Port to Unifi BTU"
no ip address
duplex auto
speed auto
no cdp enable
!
interface FastEthernet0/0.500
encapsulation dot1Q 500
ip nat outside
ip virtual-reassembly
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
!
interface FastEthernet0/0.600
encapsulation dot1Q 600
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
!
interface FastEthernet0/1
description "LAN port connect to Switch"
ip address 192.168.xx.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1.600
encapsulation dot1Q 600
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
I wait 15 mins still network error show in TV screen. Any others setting i need to take care of?
Thanks again.
07-12-2014 01:38 AM
Hello nocsertech,
make sure you have "bridge 1 protocol ieee" configured. Beside that i cant see any problem...
Maybe you can try to isolate the issue one by one, try to inject dhcp from external router interface 0/0.600 let it broadcast into your switch vlan 600, try to see your client in the switch vlan 600 can get the IP or not.
If yes, then mean your router has correct setting but unfortunately your 0/0.600 did not pickup/send DHCP reqeust correctly.
If no, try to troubleshooting first until internal client can get the ip address from external DHCP server.
08-02-2014 10:33 AM
Hi stangly
Again thank you for your reply.
I am sure IPTV set successfully obtain the VLAN 600 IP. The only Vlan 600 access port is fa0/22 and it is connected to IPTV set.
My router fa0/1 is the switch facing interface.
interface FastEthernet0/1
description "LAN port connect to Switch"
ip address 192.168.60.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1.600
encapsulation dot1Q 600
ip address 192.168.70.1 255.255.255.0
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
My DHCP for IPTV as below:
ip dhcp pool IPTV-POOL
network 192.168.70.0 255.255.255.0
domain-name palma.local
dns-server 8.8.8.8 202.188.0.133
default-router 192.168.70.1
lease 7
I my switch, I able to obtain MAC address of IPTV:
========================================
switch#show mac address-table | include Fa0/22
600 0007.6372.007c DYNAMIC Fa0/22
In my router I can the IP being assigned and ping it
=========================================
router#show ip arp | include 007c
Internet 192.168.70.2 0 0007.6372.007c ARPA FastEthernet0/1.600
router.palma#ping 192.168.70.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.70.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Here is my MAC search for fa0/1:
============================
switch#show mac address-table | include Fa0/1
600 001c.583b.39bb DYNAMIC Fa0/1
router#show ip arp | include 39bb
Internet 192.168.60.1 - 001c.583b.39bb ARPA FastEthernet0/1
Internet 192.168.70.1 - 001c.583b.39bb ARPA FastEthernet0/1.600
From the above I can say IP is successfully being assigned. But IPTV set still display no connection. Any other clue?
08-02-2014 06:40 PM
Hello nocsertech,
I found your problem... please make correction below.
1) Revert all your config back to previous stage.
2) Make sure you leave your Fastethernet 0/1 without IP, only configure IP on sub interface. Fa0/1 is main interface and Fa0/1.1 is subinterface.
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.500
encapsulation dot1Q 500
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface FastEthernet0/0.600
encapsulation dot1Q 600
ip tcp adjust-mss 1452
bridge-group 1
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.1
encapsulation dot1Q 1
ip address 192.168.60.1
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface FastEthernet0/1.600
encapsulation dot1Q 600
ip tcp adjust-mss 1452
bridge-group 1
!
ip dhcp pool User
network 192.168.60.0 255.255.255.0
domain-name abc.local
dns-server 8.8.8.8 202.188.0.133
default-router 192.168.60.1
!
Wish you success.
04-08-2015 03:19 AM
Thank you for your update. Let me try and will post here.
05-12-2014 09:06 AM
Anybody can give me some guide? Much appreciated.
05-18-2016 02:14 AM
For Unifi (Data + IPTV) user who wish to use Cisco Router and Switch may refer to the working configuration below.
*Note: "bridge irb" & "bridge 1 protocol ieee" is compulsory.
============================= ROUTER 1921 =============================
!
ip dhcp pool MYDHCP
network 192.168.1.0 255.255.255.0
default-router 192.168.1.254
dns-server 192.168.1.254 1.9.1.9 202.188.0.133
lease 0 0 30
!
bridge irb
!
interface GigabitEthernet0/0
description WAN - BTU
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.500
description WAN DATA
encapsulation dot1Q 500
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface GigabitEthernet0/0.600
description WAN IPTV
encapsulation dot1Q 600
bridge-group 1
!
interface GigabitEthernet0/1
description LOCAL NETWORK
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.500
description LAN DATA
encapsulation dot1Q 500
ip address 192.168.1.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.600
description LAN IPTV
encapsulation dot1Q 600
bridge-group 1
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname YourUsername@unifi
ppp chap password 0 YourPassword
ppp pap sent-username YourUsername@unifi password 0 YourPassword
!
ip forward-protocol nd
!
ip nat inside source list 100 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol ieee
!
============================= SWITCH SG300-10 =============================
!
interface vlan 500
name DATA
!
interface vlan 600
name IPTV
!
interface gigabitethernet1
description DATA
switchport mode access
switchport access vlan 500
!
interface gigabitethernet2
description DATA
switchport mode access
switchport access vlan 500
!
interface gigabitethernet3
description DATA
switchport mode access
switchport access vlan 500
!
interface gigabitethernet4
description DATA
switchport mode access
switchport access vlan 500
!
interface gigabitethernet5
description DATA
switchport mode access
switchport access vlan 500
!
interface gigabitethernet6
description DATA
switchport mode access
switchport access vlan 500
!
interface gigabitethernet7
description DATA
switchport mode access
switchport access vlan 500
!
interface gigabitethernet8
description DATA
switchport mode access
switchport access vlan 500
!
interface gigabitethernet9
description IPTV
switchport mode access
switchport access vlan 600
!
interface gigabitethernet10
description SWITCH-ROUTER UPLINK
switchport trunk allowed vlan add 500,600
!
09-21-2016 08:25 AM
HI, I am doing the same thing in our new Malaysia office. I noticed on your working config that you dont call up the Dialer 1 for the Gig0/1.600 vlan subinterface. Does that mean you only need the dialer interface once for the data vlan (Gig0/1.500) ?
09-21-2016 08:47 AM
You dont need vlan 600 unless you would like to watch their IP TV. Vlan 500 is for data.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide