We recently switched two of our branches to point-to-point fiber connections to our corporate office. Previously they were using MPLS connections. For branch A, the ethernet handoff of the fiber is connected directly to a Catalyst 3750 gigabit port. That port has no configuration on it. The other end of that fiber is connected to a gigabit port on the 3750 switch at our corporate office. That port is configured with an IP address that is within the subnet of branch A, and is operating at layer 3 due to the no switchport command.
Branch B currently has a Cisco Express 500 ethernet port (with no configuration on it) connected to the fiber hand off there. At first we setup a port on the 3750 at our corporate office that is connected to Branch B via the fiber in the same manner. This resulted in us receiving DCHP leases at Branch B from Branch A. Obviously not desired. Now we have the port on the corporate 3750 that is connected to Branch B's fiber configured with switchport vlan 64. I also configured interface vlan 64 on that switch at corporate with an IP address from the branch B subnet. We then set that IP address as the default IP address for devices at Branch B.
We are having trouble with both an ATM and a phone system not communicating properly at Branch B. At Branch A we are experiencing the same oddity with the phone system, but the ATM is able to communicate fully. At branch B, when configuring a Windows Vista or Windows 7 laptop with a static IP address that is known to be available, you get transit failures when trying to ping. Essentially everything seems to be able to route fine, but some traffic even after a full tcp hand shake seems to not transmit properly.
When you configure a point-to-point fiber connection from a layer 2 switch at a location without a router to a location with a Cisco Catalyst 3750 switch as the endpoint, what is the best way to configure both sides?
Currently we only have vlan 64 configured on the port mentioned on our switch at corporate, and then the switch at Branch B is essentially operating as an unmanaged switch at the moment with all ports in vlan 1. I could really use some assistance.
Thanks in advance!
You have given us information about connections at headquarters that will get us started. But at each branch you have only said that the fiber connects to interfaces which gave no configuration. This means that these interfaces are in the default VLAN of their site. You have not told us whether there is a VLAN interface for these VLANs. And you have not told us whether routing is enabled on the remote devices. Can you clarify that for us.
And can you confirm what is configured on the problem end stations for their default gateway?
Sent from Cisco Technical Support iPhone App
On the branch switches, the ports involved are in the default vlan, which currently is still vlan 1. Branch A has a vlan interface configured for vlan 1, but there are no vlan interfaces configured on the Cisco Express 500 switch at Branch B. IP routing is enabled on the 3750 switches at corporate and Branch A. The switch at Branch B is only layer 2 aware.
The default gateway is set to 10.0.17.2 for devices at Branch A. 10.0.17.2 is configured directly on one of the ports on the 3750 at corporate. 10.0.64.254 is the default gateway for devices at Branch B. It is configured on interface vlan 64 on the 3750 at corporate.
Let me know if you have any other questions. When doing packet captures of the ports connected to our phone system devices at different locations while having someone initiate a call, I see syn, syn ack, and ack for the h323 communication. But when capturing on the port connected to one of the fiber runs at corporate, I never see the packet that I should then see from the initiating device. It's very stange since it completes the handshake... At least, it's strange to me since I don't understand what I'm missing, but it could very well be quite logical.
Also, doing a packet capture connected to one of the access ports on the switch at Branch B, I'm capturing packets being sent from a server at Corporate to a server at Branch A. I'm also seeing arp broadcasts from Branch A. I would think that since the interface on the 3750 at Corporate is assigned to vlan 64, arp broadcasts from vlan 1 would not be able to reach Branch B over vlan 64. Is this how it should work? Or are arp broadcasts supposed to be able to traverse from one vlan to another on a switch enabled with ip routing? Thank you!
If the port at the corporate office for Branch Office is configured with no switchport then it should not be forwarding any broadcasts from Branch A. And if a server at corporate is attempting to communicate with a server at Branch
A and the traffic is being sent to Branch B then that should not happen.
Perhaps you can post the config of the 3750 at corporate (or at least of the ports for Branch A and Branch B). It might also be helpful if you would post the output of show ip route and of show interface trunk from the 3750 at corporate.