Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
568
Views
0
Helpful
1
Replies

Help with Site to Site Routing UC520

brian.russell31
Level 3
Level 3

‎05-15-2013 11:11 AM - last edited on ‎03-25-2019 11:05 PM by Community Manager

Hi All,

Looking for assistance \ guidance on trying to get the routing correct thus to reach each sites devices.

I have attached a network diagram to help you understand my setup:

Network Diag.JPG

I can establish the link between both sites and ping both the 10.54.8.1 and the 192.168.20.1 from each end.

What I am trying to reach is the devices on the Sky Router 192.168.0.0 subnett - I have tried via CCA to enter the correct static route but failed miserably. However when I SSH onto the Scotland device from the router and CLI I can ping the Sky router 192.168.0.1 but from Poland the router goes out via my local ISP provider and gets routed to nowhere. What would be the router I would need to enter on both ends thus to access devices on both Poland 10.54.8.0 and the 192.168.0.0 subnetts?

When I try the route I think is correct CCA gives me a warning that the router is not valid and doesnt add it in.

Thanks for you help in advance

Brian                  

Labels:
0 Helpful
1 Reply 1

CHRIS YEO
Level 1
Level 1

‎05-15-2013 09:33 PM

Hi Brian,

So there would be a few things you would have to do.

1) Update the nat rules to make it so the UC doesn't nat the traffic out (which is what you are saying is happening)

2) You need to update the acl's that describe the interesting vpn traffic

3) You need to ensure the acl's for the appropriate interfaces are not blocking what you are trying to do

4) update the routing tables

5) This "may" be supported.

A much safer way is to use an ISR in front of the UC's to run dynamic routing and something like dmvpn, which makes a lot of this easier... more complex to setup, but 'easier'.

Now you can also do dmvpn, and dynamic routing on the UC.  This is NOT a supported configuration, but I know it works and is very functional.  When you have an update or you need support, you will have to verify this configuration manually.

0 Helpful
Customers Also Viewed These Support Documents