IP ROUTING QUESTION

Discussion in 'Cisco' started by Stefan M. Dohn, Feb 21, 2004.

  1. Hello, I want to know if I made the correct ip routing entries for the
    following situation:
    1) ALL Trafic should go to 172.16.0.10 the firewall in our 172.16.0.0
    subnet.
    2) ALL Traffic for the Subnet 172.16.52.0 should go through the router
    172.16.0.12
    our VPN Gateway for the 172.16.52.0 Subnet.


    I'm new to Cisco Configuration, any thoughts or corrections would be
    apreciated !
    Heres my config:

    !
    version 12.1
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    service compress-config
    !
    hostname 254.252
    !
    boot system bootflash:cat4000-is-mz.121-12c.EW1.bin
    enable secret 5 ***
    enable password ****
    !
    ip subnet-zero
    ip host R 172.16.254.253
    ip dhcp relay information option
    !
    !
    spanning-tree extend system-id
    spanning-tree vlan 1-254 priority 8192
    !
    spanning-tree mst configuration
    name aircab
    revision 2
    instance 2 vlan 1-1000
    !
    spanning-tree mst 0-2 priority 24576
    !
    !
    interface GigabitEthernet1/1
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet1/2
    !
    interface GigabitEthernet2/1
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet2/2
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet2/3
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet2/4
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet2/5
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet2/6
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet3/1
    switchport access vlan 254
    !
    interface GigabitEthernet3/2
    switchport access vlan 254
    !
    interface GigabitEthernet3/3
    switchport access vlan 254
    !
    interface GigabitEthernet3/4
    switchport access vlan 254
    !
    interface GigabitEthernet3/5
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet3/6
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/1
    switchport access vlan 254
    !
    interface GigabitEthernet4/2
    switchport access vlan 254
    !
    interface GigabitEthernet4/3
    switchport access vlan 254
    !
    interface GigabitEthernet4/4
    switchport access vlan 254
    !
    interface GigabitEthernet4/5
    switchport access vlan 254
    !
    interface GigabitEthernet4/6
    switchport access vlan 254
    !
    interface GigabitEthernet4/7
    switchport access vlan 254
    !
    interface GigabitEthernet4/8
    switchport access vlan 254
    !
    interface GigabitEthernet4/9
    switchport access vlan 254
    !
    interface GigabitEthernet4/10
    switchport access vlan 254
    !
    interface GigabitEthernet4/11
    switchport access vlan 254
    !
    interface GigabitEthernet4/12
    switchport access vlan 254
    !
    interface GigabitEthernet4/13
    switchport access vlan 254
    !
    interface GigabitEthernet4/14
    switchport access vlan 254
    !
    interface GigabitEthernet4/15
    switchport access vlan 254
    !
    interface GigabitEthernet4/16
    switchport access vlan 254
    !
    interface GigabitEthernet4/17
    switchport access vlan 254
    !
    interface GigabitEthernet4/18
    switchport access vlan 254
    !
    interface GigabitEthernet4/19
    switchport access vlan 254
    !
    interface GigabitEthernet4/20
    switchport access vlan 254
    !
    interface GigabitEthernet4/21
    switchport access vlan 254
    !
    interface GigabitEthernet4/22
    switchport access vlan 254
    !
    interface GigabitEthernet4/23
    switchport access vlan 254
    !
    interface GigabitEthernet4/24
    switchport access vlan 254
    !
    interface GigabitEthernet4/25
    switchport access vlan 254
    !
    interface GigabitEthernet4/26
    switchport access vlan 254
    !
    interface GigabitEthernet4/27
    switchport access vlan 254
    !
    interface GigabitEthernet4/28
    switchport access vlan 254
    !
    interface GigabitEthernet4/29
    switchport access vlan 254
    !
    interface GigabitEthernet4/30
    switchport access vlan 254
    !
    interface GigabitEthernet4/31
    switchport access vlan 254
    !
    interface GigabitEthernet4/32
    switchport access vlan 254
    !
    interface GigabitEthernet4/33
    switchport access vlan 254
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/34
    switchport access vlan 254
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/35
    switchport access vlan 254
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/36
    switchport access vlan 254
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/37
    switchport access vlan 254
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/38
    description switchport fuer CIDS
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/39
    description switchport fuer ECS
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/40
    description switchport fuer Water Waste
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/41
    description switchport fuer IMA
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/42
    description switchport fuer Victoria
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/43
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/44
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/45
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/46
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/47
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet4/48
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet5/1
    !
    interface GigabitEthernet5/2
    !
    interface GigabitEthernet5/3
    !
    interface GigabitEthernet5/4
    !
    interface GigabitEthernet5/5
    !
    interface GigabitEthernet5/6
    !
    interface GigabitEthernet6/1
    !
    interface GigabitEthernet6/2
    !
    interface GigabitEthernet6/3
    !
    interface GigabitEthernet6/4
    !
    interface GigabitEthernet6/5
    !
    interface GigabitEthernet6/6
    !
    interface Vlan1
    ip address 172.16.1.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby ip 172.16.1.254
    standby priority 80
    standby preempt
    !
    interface Vlan2
    ip address 172.16.2.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 2 ip 172.16.2.254
    standby 2 priority 80
    standby 2 preempt
    !
    interface Vlan3
    ip address 172.16.3.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 3 ip 172.16.3.254
    standby 3 priority 80
    standby 3 preempt
    !
    interface Vlan4
    ip address 172.16.4.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 4 ip 172.16.4.254
    standby 4 priority 80
    standby 4 preempt
    !
    interface Vlan5
    ip address 172.16.5.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 5 ip 172.16.5.254
    standby 5 priority 80
    standby 5 preempt
    !
    interface Vlan6
    ip address 172.16.6.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 6 ip 172.16.6.254
    standby 6 priority 80
    standby 6 preempt
    !
    interface Vlan7
    ip address 172.16.7.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 7 ip 172.16.7.254
    standby 7 priority 80
    standby 7 preempt
    !
    interface Vlan8
    ip address 172.16.8.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 8 ip 172.16.8.254
    standby 8 priority 80
    standby 8 preempt
    !
    interface Vlan9
    ip address 172.16.9.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 9 ip 172.16.9.254
    standby 9 priority 80
    standby 9 preempt
    !
    interface Vlan10
    ip address 172.16.10.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 10 ip 172.16.10.254
    standby 10 priority 80
    standby 10 preempt
    !
    interface Vlan11
    ip address 172.16.11.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 11 ip 172.16.11.254
    standby 11 priority 80
    standby 11 preempt
    !
    interface Vlan12
    ip address 172.16.12.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 12 ip 172.16.12.254
    standby 12 priority 80
    standby 12 preempt
    !
    interface Vlan13
    ip address 172.16.13.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 13 ip 172.16.13.254
    standby 13 priority 80
    standby 13 preempt
    !
    interface Vlan14
    ip address 172.16.14.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 14 ip 172.16.14.254
    standby 14 priority 80
    standby 14 preempt
    !
    interface Vlan15
    ip address 172.16.15.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 15 ip 172.16.15.254
    standby 15 priority 80
    standby 15 preempt
    !
    interface Vlan16
    ip address 172.16.16.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 16 ip 172.16.16.254
    standby 16 priority 80
    standby 16 preempt
    !
    interface Vlan17
    ip address 172.16.17.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 17 ip 172.16.17.254
    standby 17 priority 80
    standby 17 preempt
    !
    interface Vlan18
    ip address 172.16.18.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 18 ip 172.16.18.254
    standby 18 priority 80
    standby 18 preempt
    !
    interface Vlan19
    ip address 172.16.19.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 19 ip 172.16.19.254
    standby 19 priority 80
    standby 19 preempt
    !
    interface Vlan20
    ip address 172.16.20.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 20 ip 172.16.20.254
    standby 20 priority 80
    standby 20 preempt
    !
    interface Vlan21
    ip address 172.16.21.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 21 ip 172.16.21.254
    standby 21 priority 80
    standby 21 preempt
    !
    interface Vlan24
    ip address 172.16.24.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 24 ip 172.16.24.254
    standby 24 priority 80
    standby 24 preempt
    !
    interface Vlan26
    ip address 172.16.26.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 26 ip 172.16.26.254
    standby 26 priority 80
    standby 26 preempt
    !
    interface Vlan30
    ip address 172.16.30.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 30 ip 172.16.30.254
    standby 30 priority 80
    standby 30 preempt
    !
    interface Vlan35
    ip address 172.16.35.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 35 ip 172.16.35.254
    standby 35 priority 80
    standby 35 preempt
    !
    interface Vlan36
    ip address 172.16.36.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 36 ip 172.16.36.254
    standby 36 priority 80
    standby 36 preempt
    !
    interface Vlan38
    description vlan fuer water waste
    ip address 172.16.38.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 38 ip 172.16.38.254
    standby 38 priority 80
    standby 38 preempt
    !
    interface Vlan40
    ip address 172.16.40.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 40 ip 172.16.40.254
    standby 40 priority 80
    standby 40 preempt
    !
    interface Vlan42
    ip address 172.16.42.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 42 ip 172.16.42.254
    standby 42 priority 80
    standby 42 preempt
    !
    interface Vlan44
    ip address 172.16.44.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 44 ip 172.16.44.254
    standby 44 priority 80
    standby 44 preempt
    !
    interface Vlan45
    ip address 172.16.45.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 44 ip 172.16.45.254
    standby 44 priority 80
    standby 44 preempt
    standby 45 priority 80
    standby 45 preempt
    !
    interface Vlan52
    ip address 172.16.52.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 52 ip 172.16.52.254
    standby 52 priority 80
    standby 52 preempt
    !
    interface Vlan64
    ip address 172.16.64.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 64 ip 172.16.64.254
    standby 64 priority 80
    standby 64 preempt
    !
    interface Vlan65
    ip address 172.16.65.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 65 ip 172.16.65.254
    standby 65 priority 80
    standby 65 preempt
    !
    interface Vlan66
    ip address 172.16.66.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 66 ip 172.16.66.254
    standby 66 priority 80
    standby 66 preempt
    !
    interface Vlan67
    ip address 172.16.67.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 67 ip 172.16.67.254
    standby 67 priority 80
    standby 67 preempt
    !
    interface Vlan128
    ip address 172.16.128.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 128 ip 172.16.128.254
    standby 128 priority 80
    standby 128 preempt
    !
    interface Vlan129
    ip address 172.16.129.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 129 ip 172.16.129.254
    standby 129 priority 80
    standby 129 preempt
    !
    interface Vlan253
    ip address 172.16.253.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    shutdown
    standby 253 ip 172.16.253.254
    standby 253 priority 80
    standby 253 preempt
    !
    interface Vlan254
    ip address 172.16.0.252 255.255.255.0
    ip helper-address 172.16.0.60
    no ip redirects
    standby 254 ip 172.16.0.254
    standby 254 priority 80
    standby 254 preempt
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 172.16.0.10
    ip route 172.16.52.0 255.255.255.0 172.16.0.12
    ip http server
    !
    !
    line con 0
    stopbits 1
    line vty 0 4
    password *****
    login
    !
    end
    Stefan M. Dohn, Feb 21, 2004
    #1
    1. Advertising

  2. In article <c18fq0$edr$>,
    "Stefan M. Dohn" <> wrote:

    > Hello, I want to know if I made the correct ip routing entries for the
    > following situation:
    > 1) ALL Trafic should go to 172.16.0.10 the firewall in our 172.16.0.0
    > subnet.
    > 2) ALL Traffic for the Subnet 172.16.52.0 should go through the router
    > 172.16.0.12
    > our VPN Gateway for the 172.16.52.0 Subnet.


    This static route won't work because Vlan52 is directly connected to
    this subnet, and connected routes always take precedence over static
    routes. If you're supposed to go through a VPN to get to this subnet,
    why do you have it listed as a VLAN on the router? Remove that VLAN
    interface and things should work as planned.

    --
    Barry Margolin,
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    Barry Margolin, Feb 22, 2004
    #2
    1. Advertising

  3. "Barry Margolin" <> schrieb im Newsbeitrag
    news:...
    > In article <c18fq0$edr$>,
    > "Stefan M. Dohn" <> wrote:
    >
    > > Hello, I want to know if I made the correct ip routing entries for the
    > > following situation:
    > > 1) ALL Trafic should go to 172.16.0.10 the firewall in our 172.16.0.0
    > > subnet.
    > > 2) ALL Traffic for the Subnet 172.16.52.0 should go through the router
    > > 172.16.0.12
    > > our VPN Gateway for the 172.16.52.0 Subnet.

    >
    > This static route won't work because Vlan52 is directly connected to
    > this subnet, and connected routes always take precedence over static
    > routes. If you're supposed to go through a VPN to get to this subnet,
    > why do you have it listed as a VLAN on the router? Remove that VLAN
    > interface and things should work as planned.


    Yes, thank you for your answer !
    The situation is as follow:
    The subnet 52 ist a vlan which goes through the VPN.
    The VPN can route the VLAN through the other end of the tunnel.
    At the other end is a Cisco Vlan switch which is configured for the vlan 52.
    What must i change to reflect this situation in the Catalyst Router Config ?
    Help would be apreciated !
    Stefan M. Dohn, Feb 22, 2004
    #3
  4. In article <c1aohi$gnn$>,
    "Stefan M. Dohn" <> wrote:

    > "Barry Margolin" <> schrieb im Newsbeitrag
    > news:...
    > > In article <c18fq0$edr$>,
    > > "Stefan M. Dohn" <> wrote:
    > >
    > > > Hello, I want to know if I made the correct ip routing entries for the
    > > > following situation:
    > > > 1) ALL Trafic should go to 172.16.0.10 the firewall in our 172.16.0.0
    > > > subnet.
    > > > 2) ALL Traffic for the Subnet 172.16.52.0 should go through the router
    > > > 172.16.0.12
    > > > our VPN Gateway for the 172.16.52.0 Subnet.

    > >
    > > This static route won't work because Vlan52 is directly connected to
    > > this subnet, and connected routes always take precedence over static
    > > routes. If you're supposed to go through a VPN to get to this subnet,
    > > why do you have it listed as a VLAN on the router? Remove that VLAN
    > > interface and things should work as planned.

    >
    > Yes, thank you for your answer !
    > The situation is as follow:
    > The subnet 52 ist a vlan which goes through the VPN.
    > The VPN can route the VLAN through the other end of the tunnel.
    > At the other end is a Cisco Vlan switch which is configured for the vlan 52.
    > What must i change to reflect this situation in the Catalyst Router Config ?
    > Help would be apreciated !


    You should only have the VLAN interface on the device at the other end
    of the VPN tunnel. Remove it from this router, and just use the static
    route.

    --
    Barry Margolin,
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    Barry Margolin, Feb 22, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ed M

    Routing question

    Ed M, Oct 20, 2003, in forum: Cisco
    Replies:
    1
    Views:
    412
    Barry Margolin
    Oct 20, 2003
  2. Dmitry

    Routing question

    Dmitry, Nov 25, 2003, in forum: Cisco
    Replies:
    1
    Views:
    1,788
    Claude LeFort
    Nov 25, 2003
  3. zher
    Replies:
    2
    Views:
    8,947
  4. joeblow
    Replies:
    3
    Views:
    1,225
    Philip D'Ath
    Mar 14, 2005
  5. Sied@r
    Replies:
    3
    Views:
    8,438
    Sied@r
    Oct 20, 2005
Loading...

Share This Page