Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1044
Views
5
Helpful
10
Replies

Route to untagged traffic

pietersaenen
Level 1
Level 1

‎08-31-2020 02:38 AM

Hello All,

 

I have a situation where I could use some help.

My infrastructure is configured as followed:

A cisco router where dot1.q is used to create vlans. A stack of 2960S switches where all the vlans have been configured.

I need to connect some devices on one of those vlan's to a range that is unknown in my network. This is a range that was supplied by the building to connect to the intercom and videophones to operate doors etc... This is in the 192.168.1.0/24 range.

 

I managed to communicate with this 192.168.1.0/24 network if I create an SVI on my switches in this range, but how can I route from my vlans to this network?

 

Any help is appreciated.

 

Kind Regards

 

Pieter

Labels:
0 Helpful
10 Replies 10

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-31-2020 03:50 AM

Hello @pietersaenen ,

assuming that the building subnet 192.168.1.0/24 is connected to a Vlan in the range you can do the following:

 

If you know which Vlan is for example Vlan 252 you can use a secondary address on the router used for inter VLAN routing

 

int gi0/0.252

enc dot1q 252

! ip address primary is left unchanged

ip address ....

ip address 192.168.1.254 255.255.255.0 secondary

 

This should solve your issue.

 

Hope to help

Giuseppe

 

0 Helpful

pietersaenen
Level 1
Level 1
In response to Giuseppe Larosa

‎08-31-2020 04:11 AM

Hello Giuseppe,

 

I will try this and let know the outcome...

 

Thanks in advance

 

Pieter

0 Helpful

pietersaenen
Level 1
Level 1
In response to Giuseppe Larosa

‎09-01-2020 12:59 AM

Hello Giuseppe,

 

I have tried to add a secondary ip address to the vlan that should be able to communicate with the building network, but still not able to ping the building network from 10.49.149.1

 

interface GigabitEthernet0/1.149
description Crestron
encapsulation dot1Q 149
ip address 192.168.1.151 255.255.255.0 secondary
ip address 10.49.149.1 255.255.255.0
ip helper-address 10.32.1.2
no ip proxy-arp

 

How should i configure the switchports where the building network is connected to?

 

Any ideas

 

Thanks in advance

 

Pieter

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to pietersaenen

‎09-01-2020 01:12 AM

Hello @pietersaenen ,

you need to take over the role of the default gateway for the building subnet 192.168.1.151 should be the default gateway for all the building connected devices.

If a default gateway is already deployed you would need to have its configuration changed so that it can have  a default route to next-hop 192.168.1.151.

This is what is missing now devices in the building subnet either have no default gateway configured or they have a default gateway configured that is not 192.168.1.151.

So you should check the configuration of two devices connected to the building subnet to understand what is the better next step.

 

Hope to help

Giuseppe

0 Helpful

pietersaenen
Level 1
Level 1
In response to Giuseppe Larosa

‎09-01-2020 01:25 AM

Hello Giuseppe,

 

So I need to ask the building management what IP they use as default gateway for their network and configure this as secondary IP address on my router?

 

Pieter

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to pietersaenen

‎09-01-2020 01:58 AM

Hello @pietersaenen ,

please note that if that default gateway already exists it should be configured to point to your secondary address as next-hop for all the 10.x.y.0 subnets you have in use.

Using the same IP address of an already existing device either host or router would cause an address conflict in the LAN so it is not recommended.

If they configured a default gateway but that default gateway is just a place holder it is not in use you can re-use that IP as secondary on your router.

So yes you need to talk with people managing the building.

Check also that what you want to do is allowed by the building security policies

 

Hope to help

Giuseppe

 

0 Helpful

pietersaenen
Level 1
Level 1
In response to Giuseppe Larosa

‎09-01-2020 02:26 AM

Hello Giuseppe,

 

So building management need to add a route on their side pointing to the secondary IP address I configure on my route?

 

Pieter

0 Helpful

pietersaenen
Level 1
Level 1
In response to pietersaenen

‎09-01-2020 02:26 AM

So building management need to add a route on their side pointing to the secondary IP address I configure on my router?

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to pietersaenen

‎09-01-2020 03:34 AM

Hello @pietersaenen ,

yes if they have a router or multilayer switch that acts as default gateway for the building subnet

>> So building management need to add a route on their side pointing to the secondary IP address I configure on my route?

 

Hope to help

Giuseppe

 

pietersaenen
Level 1
Level 1
In response to Giuseppe Larosa

‎09-01-2020 03:50 AM

Hello @Giuseppe Larosa ,

I will contact the building management and ask to add a route. Will come back to you with the outcome...

 

Thanks in advance

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card