Sorry, work is crazy and its taken me a couple hours just to get to typing a simple post.

So by not working, I mean I cant ping or transfer anything over the connection from either side.  sh arp shows only the connections for the Main office connection on the Austin router, and the Austin Router on the Main Office switch.  Shop switch does not show up on either.  On the Office switch, sh arp only shows local interfaces.

Interface is up/up.

I'm very much a n00b to cisco, so I had put "no switchport" because I read that was how you enable the ability to assign an ip address to the port and enable routing.  If that diables vlan tagging, then I guess it make sense that it wouldn't work.  How can I route from one switch to the without doing "no switchport"?  Looking at the Main Office switch, that port is configured with "no switchport" and seems to be working fine?

Main office switch interface config:

!

interface GigabitEthernet3/0/17

description Grande TLS to Austin 1.5mb

no switchport

bandwidth 1500

ip address 192.168.254.1 255.255.255.248

end

and here is the config for the Austin office interface:

!

interface FastEthernet4

ip address 192.168.254.2 255.255.255.248

duplex auto

speed auto

service-policy output QOS-Policy

end

let me know if you need any other info.

Justin

The working connections are not using vlan tags at all because they are routed ports. So you need to clarify with your provider what exactly they mean.

I think your TLS setup simply means you have the same IP subnet ie. 192.168.254.0/29 between sites and not that you actually need to use vlan tags. Certainly that looks like what is happening with your existing sites.

On your new router you have 2 default-routes

192.168.254.1 and .4 - what is .4 ?

Jon

I had wondered that.  The ISP guy said it could be done without tagging, but that it took an act of congress to be done.  I asked if our Austin shop was setup like that, and he said it was indeed setup for vlan tagged packets only.  Looks like I may have to ask him again.

.4 is nothing.  Its just left over from me screwing around when I had set the Austin router to .4 while changing the addresses from /30 to /29 to accomadate the extra ip that was needed for the shop.

Justin

I would go back to him with your existing config. If gi3/0/17 anf fa4 are the WAN connections then there is definitely no vlan tagging going on so they may have to set something else up for the new site.

Jon

Justin

It may be helpful information that the shop switch shows only local connections in the output of show arp. If there are no arp entries for anywhere else that would certainly explain the lack of connectivity. Would you be able to post the output of show interface gig0/47 from the shop switch?

HTH

Rick

Shop-switch#sh int gig0/47

GigabitEthernet0/47 is up, line protocol is up (connected)

  Hardware is Gigabit Ethernet, address is 0017.95da.e4c1 (bia 0017.95da.e4c1)

  Internet address is 192.168.254.6/29

  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

     reliability 235/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  input flow-control is off, output flow-control is unsupported

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input never, output 00:00:40, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 3000 bits/sec, 4 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     481288 packets input, 58806184 bytes, 0 no buffer

     Received 374767 broadcasts (0 IP multicasts)

     34136 runts, 0 giants, 0 throttles

     34136 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     0 watchdog, 369713 multicast, 0 pause input

     0 input packets with dribble condition detected

     1497 packets output, 624070 bytes, 0 underruns

     0 output errors, 0 collisions, 0 interface resets

     0 unknown protocol drops

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier, 0 pause output

     0 output buffer failures, 0 output buffers swapped out

Here is the Austin router's config if it helps:

We have a switch that connects to Fe0, and the WAN connection connects to Fe4.

Current configuration : 4235 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec localtime

service timestamps log datetime msec localtime

service password-encryption

!

hostname yantis-austin-rtr

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

enable secret 5 $1$GZAk$rs5C5q5ohGeX6dHXsKkUD/

!

no aaa new-model

!

crypto pki trustpoint TP-self-signed-1686741757

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-1686741757

revocation-check none

rsakeypair TP-self-signed-1686741757

!

!

crypto pki certificate chain TP-self-signed-1686741757

certificate self-signed 01

  30820249 308201B2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 31363836 37343137 3537301E 170D3032 30333031 30303036

  32345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36383637

  34313735 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  810099A7 B15D95DB 0AF4189B C31FD714 2AE72EFE 66D28416 6FC49769 BEFB1A0C

  58B6B5BC 372A805B 701186A1 CA6B69A9 250FA8C4 1B08039D 9C74BA45 6D33DC8C

  4B329AC0 18510F3D 5CD6AC4D 454B028A 81242E88 9BB06902 7AF921AA BA9EB220

  88C182A7 1936A178 5EF28E82 FCA63AD1 0410E276 6AB257E3 F14C9A36 D5EF7E69

  77890203 010001A3 71306F30 0F060355 1D130101 FF040530 030101FF 301C0603

  551D1104 15301382 1179616E 7469732D 61757374 696E2D72 7472301F 0603551D

  23041830 168014C7 030E84CC DE26A141 E3F0B709 3ACB240B 62FDE930 1D060355

  1D0E0416 0414C703 0E84CCDE 26A141E3 F0B7093A CB240B62 FDE9300D 06092A86

  4886F70D 01010405 00038181 006F5583 30DC9C04 C797A23F C2631B72 6B87D82B

  B6037724 BF2F0E4C 1D220C0A C9A0B00E 58E75777 8952EBC1 7A890196 7B92F7C9

  0B9205FB 18FC58C0 8E2F2210 DFAAED7D 86899C2D C1836505 99DDFD4D F3F94468

  485BF206 25A58DF0 0BB46826 B686854A 1E69BAA4 576AEB27 3F10886A D114090A

  C5E53198 302DBA1E DFE6DBC3 83

        quit

dot11 syslog

ip source-route

!

!

!

!

ip cef

no ip domain lookup

!

no ipv6 cef

multilink bundle-name authenticated

!

!

!

!

archive

log config

  hidekeys

!

!

!

class-map match-any VOIP-SIGNAL

match ip dscp cs5

match ip precedence 4

match ip precedence 3

class-map match-any VOIP-RTP

match ip dscp ef

match ip precedence 5

!

!

policy-map QOS-Policy

class VOIP-SIGNAL

    priority percent 10

class VOIP-RTP

    priority percent 50

class class-default

    fair-queue

     random-detect

!

!

!

!

interface FastEthernet0

switchport mode trunk

bandwidth 1500

!

interface FastEthernet1

switchport access vlan 12

switchport voice vlan 13

!

interface FastEthernet2

switchport access vlan 12

switchport voice vlan 13

!

interface FastEthernet3

switchport access vlan 12

switchport voice vlan 13

!

interface FastEthernet4

ip address 192.168.254.2 255.255.255.252

duplex auto

speed auto

service-policy output QOS-Policy

!

interface Vlan1

no ip address

!

interface Vlan12

ip address 192.168.12.1 255.255.255.0

ip helper-address 192.168.1.15

!

interface Vlan13

ip address 192.168.13.1 255.255.255.0

ip helper-address 192.168.1.15

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.254.1

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

Thanks guys.  I had figured it wasn't tagging, but the ISP had insisted that it couldn't possibly be passing information from the Austin location if it wasn't vlan tagged.  After you guys confirmed it, I called the ISP again and they said "Well, I guess its POSSIBLE since they had turned tagging off then back on for that location".  So I completely redid the connection as a config for two switches connected together with trunking, encapsulation, ect.  Working great now as if the two were just connected with a long cable, which is how it was supposed to work.  Only thing I couldn't get to work was VTP.   Not a big deal, but my configs look solid and it seems to be pretty simple from what I've read.  Best guess is that however the switches share vtp isn't compatible with the packets needed to cross the TLS connection.  No biggy though.

Justin

I am glad that you got it working and that our suggestions were helpful in getting to the solution. Thank you for posting back that it was solved and what the solution was. This helps make the forum be an effective tool when readers can read about an issue and can read what the solution turned out to be.

HTH

Rick