Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ERS 5650 Routing Issues 2

Status
Not open for further replies.
pronei

pronei

Vendor
Mar 11, 2008
1,010
US
Need Help Connecting ERS5650 to Watchguard Firewall

Watchguard Firewall Interface = 192.168.136.1
Port 1/47 is Watchguard port, VLANs 136,169,187. DefaultVlanID=136

PCs in the .136 subnet can talk to the Watchguard

None of the other VLANs can talk to the Watchguard - That is the problem.

The only way I could get .136 to talk to Watchguard was via Static Route of 0.0.0.0/0.0.0.0 192.168.136.1

How do I get the other VLANs to talk to the Watchguard's 192.168.136.1 interface on port 1/47?

Here is my routing table:

Code: 
Dest	Mask	NextHop	HopOrMetric	Interface	Proto	PathType	Pref	
0.0.0.0	0.0.0.0	192.168.136.1	1	DATA	static	iB	5
192.168.116.0	255.255.255.0	192.168.116.1	1	WLAN_DATA	local	dB	0
192.168.117.0	255.255.255.0	192.168.117.1	1	WLAN_VOIP	local	dB	0
192.168.133.0	255.255.255.0	192.168.133.1	1	DATA_ADMIN	local	dB	0
192.168.134.0	255.255.255.0	192.168.134.1	1	DATA_WAREHOUSE	local	dB	0
192.168.135.0	255.255.255.0	192.168.135.1	1	DATA_SERVICE	local	dB	0
192.168.136.0	255.255.255.0	192.168.136.2	1	DATA	local	dB	0
192.168.147.0	255.255.255.0	192.168.147.1	1	VOICE	local	dB	0
192.168.169.0	255.255.255.0	192.168.169.1	1	TEST	local	dB	0
192.168.171.0	255.255.255.0	192.168.171.1	1	MGMT	local	dB	0
192.168.180.0	255.255.255.0	192.168.180.1	1	SERVER	local	dB	0
192.168.187.0	255.255.255.0	192.168.187.1	1	VOIP_SERVERS	local	dB	0



 
Sort by date Sort by votes
Do you have routes in the watchguard for the other networks pointing to 192.168.136.2, which I assume is your interface address on the ERS?
 
Upvote 0 Downvote
Assuming you only have a single interface on the watchguard (192.168.136.1)

On ERS5650
Remove all vlans apart from 136 from 1/47. As you only have the one interface on watchguard.

Make sure routing is enabled globally.

Keep the default route with next-hop of watchguard.

On Watchguard
You will need to add static routes with the next-hop of 192.168.136.2 for all the subnets that exist on the ERS5650. This will allow the traffic to get back.

An easier way would be to enable a routing protocol between the two devices RIP or OSPF which would remove the need for static routes.
 
Upvote 0 Downvote
Thank you both (star for each), resolved.. just had to add a watchguard entry that states 192.168.187.0/24 next hop 192.168.136.2 Metric 0 (Wouldn't work with any other metric).

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

lneto
  • Locked
  • Question
inter vlan routing
Replies
0
Views
209
lneto
lneto
Marcin Stasiek
  • Locked
  • Question
Looking for latest firmware for AVAYA ERS4550T-PWR
Replies
0
Views
251
Marcin Stasiek
Marcin Stasiek
VRRyan
  • Locked
  • Question
Nortel 5520-48T-PWR Console Issues
Replies
0
Views
145
VRRyan
VRRyan
PPrash
  • Locked
  • Question
Nortel / Avaya 5500 ERS port spanning tree blocking logs
Replies
0
Views
69
PPrash
PPrash
PPrash
  • Locked
  • Question
Nortel/ Avaya Boss & Diag files for ERS switches
Replies
0
Views
70
PPrash
PPrash

Part and Inventory Search

Sponsor

Back
Top