Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
727
Views
0
Helpful
3
Replies

Incorrect Configuration

Sam J
Level 1
Level 1

‎07-13-2017 07:20 AM - edited ‎03-05-2019 08:50 AM

So we are adding a firewall to a remote location to provide IP voice and data access. 

The remote location will have Vlan 50 and Vlan 60, data and voice respectively. 

The firewall will have an address of 192.168.50.254 which points towards our main connection.

The 3560 will act as a DHCP server for the 60 net.

I have configured the DHCP pool and have excluded address but do not have an outside connection currently.

I have attached the switch's configuration file, any help would be greatly appreciated!

Labels:
Preview file
2 KB
0 Helpful
3 Replies 3

Rob B
Level 1
Level 1

‎07-16-2017 10:32 PM

Hi Sam,

What problem are you trying to solve here?  You haven't actually listed a question.

0 Helpful

Georg Pauwen
VIP
VIP

‎07-17-2017 12:17 AM

Hello,

it looks like you don't have ip routing enabled. Try the config below (and add a default static route):

ip routing
ip subnet-zero
ip dhcp excluded-address 192.168.50.254
ip dhcp excluded-address 192.168.50.253
ip dhcp excluded-address 192.168.50.1
ip dhcp excluded-address 192.168.60.1
ip dhcp excluded-address 192.168.60.253
ip dhcp excluded-address 192.168.60.254
!
ip dhcp pool Voice
network 192.168.60.0 255.255.255.0
default-router 192.168.60.253
option 150 ip 10.1.10.220
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport access vlan 50
switchport mode access
switchport voice vlan 60
spanning-tree portfast
!
interface FastEthernet0/48
switchport access vlan 50
switchport mode access
switchport voice vlan 60
spanning-tree portfast
!
interface GigabitEthernet0/1
description Firewall
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
no ip address
shutdown
!
interface Vlan50
description Data Vlan
ip address 192.168.50.253 255.255.255.0
!
interface Vlan60
description Voice Vlan
ip address 192.168.60.253 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.50.254
ip classless
ip http server
!
control-plane
!
ntp server 10.1.10.1
end

0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni

‎07-17-2017 12:30 AM

Hi,

First seen in your switch configuration, looks like, you are missing the Routing enable. 

Please enable routing with following commands.

Config t
IP routing 
ip route 0.0.0.0 0.0.0.0 192.168.50.254

Thanks,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Customers Also Viewed These Support Documents