cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
801
Views
0
Helpful
2
Replies

VLAN routing and Summarization

l.ruiz
Level 1
Level 1

Hi.

I've been assigned the task of coming up with a plan to segment our existing network with vlans. The current network is a flat network running on Cisco 3550 and 2950 switches. The ip block that we currently have in place using vlan 1 is 10.150.4.0 /22. We?ve got another IP block from our parent company that we want to use to break up the departments, it is 10.150.16.0/22. We got this second block because we want to break up the current network in phases not all at once. I have already added a VLAN to this network using the new block which I subnetted to 10.150.19.192/28. My question is about routing and summarizing the new vlans. Where should I put the static routes or should I use a separate routing protocol. We want to be able to reach our remote sites trough the wan link and be able to get to the internet through our firewall. We don?t manage the WAN Router but our parent company's wan team added a secondary ip address (10.150.16.254/22) to the interface. With the new vlan50 I can get a dhcp address from the dhcp server and ping vlan 1 and reach or remote sites but couldn?t get to the internet. I have attached a diagram and the config files of the 3 main switches used for the vlan 50, any feedback will be appreciated. Let me know if more info is needed.

Thanks

LR

2 Replies 2

hoogen_82
Level 4
Level 4

Hi,

I think your internet traffic is hitting 10.150.16.254 and getting dropped. You have given all your default route to point to this IP so all your internet traffic would flow to that IP.

You probably need to ask your parent company network guys to reroute the internet traffic to your firewall ip 10.50.4.251.

HTH

Hoogen

Do rate if this helps :)

ray.qadri
Level 1
Level 1

You route statment is not correct.

Do the following;

Move your default on GW router to FW-inside interface not your corporate WAN router. Create static route to reach other 10.0.0.0 destinations via WAN border. Remove advertising network 10.0.0.0 from your EIGRP network statment. Let me know if this helps everything else looks good.

ray

Review Cisco Networking for a $25 gift card