12-07-2010 09:08 PM - edited 03-04-2019 10:43 AM
Hi all,
I am puzzled by this for a few days, could anybody help?
Behind out internet router (cisco881), their is a private WAN with routers at site A and B. We call here the headquater with Router 881.
In headquater, we can ping any pc in site A and B and vice versa. But any tcp connection from hq to sites failed.
For example, telnet from hq to site A get the black screen back, but no command prompt.
But if telnet from site A to hq, it works.
If I port forwarding a public IP from internet router 881 to site A, we can telnet to site A using the public IP successfully.
The router 881 and the WAN router in HQ are connected to an HP switch with VLAN1 and VLAN100 configured. We replace it with a dummy hub, it works all ok. How can a VoIP switch affect this? TCP is layer4, and the switch is layer3 switch.
Thanks in advance.
Lydia
12-07-2010 09:27 PM
Do you have any ACLs/Firewall configuration on the switch?
12-07-2010 10:17 PM
There is no ACL/Firewall configured in the switch. Below is the configuration. Basically it is only tag the ports for voice and data and it has qos configured.
J9089A Configuration Editor; Created on release #R.11.22
hostname "ProCurve Switch 2610-48-PWR"
interface 8
name "Router10.0.0.8"
exit
interface 47
name "DHCP Server"
exit
interface 48
name "Mobile Extension"
exit
interface 49
name "Mitel Controller"
exit
interface 50
name "Uplink Data"
exit
ip default-gateway 10.0.0.8
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "Data"
untagged 1-47,49-52
ip address 10.0.0.56 255.255.0.0
qos priority 2
no untagged 48
exit
vlan 100
name "Voice"
untagged 48
ip address 10.100.1.1 255.255.255.0
qos priority 6
tagged 1-46,49-52
voice
exit
ip route 0.0.0.0 0.0.0.0 10.0.0.8
spanning-tree
12-08-2010 12:14 AM
Hi,
Can you post topology and config of all routers without sensitive info of course.
Regards.
12-09-2010 05:43 PM
Let me see if I understand. You can ping TelnetServerA in SiteA from HQ but you cannot Telnet to it? Yet if you remove the HP switch it works...
If you've posted the HP config in its entirety then I'm stumped. The only difference betwee na hub and your switch is the tagging. Your tagging traffic to your router 10.0.0.8 but if ping is working ok then the router on the other end must be working ok.
Does this HP switch have any type of SPAN? Can you run netflow on your branch routers? Ideally you need to see if the traffic is leaving the switch and if it is, how/if it is mutating the traffic in any way and how far that traffic travels throughout your network.
Rgds
Scott
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide