Kryption224
IS-IT--Management
I have a network already in place that has 3 offices. They connect by using Cisco's Pix and a VPN tunnel. Everything is talking and running fine in this setup. The default gateway is the Pix at each location, the last octet at the location for the Pix is 1.
HQ = 192.168.10.0/24
Br2= 192.168.20.0/24
Br3= 192.168.30.0/24
The problem that I am currently having is that I created a VLAN network at HQ.
VLAN 101 = 192.168.10.0/24
VLAN 102 = 172.16.22.0/27
VLAN 103 = 172.16.22.32/27
PIX e1 = 172.16.21.2/30
3550 f0/1 = 172.16.21.1/30
ip routing is enabled
The only network that I am trying to get up first is the 192 network. I will then move my users over to the other VLAN at a different time. I just need to get the users on to the Cisco equipment. the gateway at HQ VLAN 101 is 192.168.10.1.
I have added the other VLAN IP addresses to the crypto map at the other locations but I am only trying to get to the 192.168.10.0 network from those locations at the present time.
The internal network is working. I can ping and connect to others in the VLAN and access the internet. When I connected the VLAN to the PIX I could connect to the other locations using RDP, telnet, FTP and ssh. So I know what everything is configure to connect. I am pretty sure that my problem is routing related, but dont understand why? On the Pix I have a static route for inside 172.16.21.2 to 172.16.21.1 and added the route inside 192.168.10.0/24 to 172.16.21.1, is that right? Because the next hop from the Pix is to the switch f0/1 that is 172.16.21.1. And I am thinking that the 3550 Layer 2 & 3 routing port should route to the VLAN 101.
On the 3550 I have the static routes to the VLAN and 101 is on the 3550 so there is no trucking issues.
There is no access-l on the 3550 so every is permit.
Is there a route that is needed or something taken out that allow that traffic from the other locations to VLAN 101?
HQ = 192.168.10.0/24
Br2= 192.168.20.0/24
Br3= 192.168.30.0/24
The problem that I am currently having is that I created a VLAN network at HQ.
VLAN 101 = 192.168.10.0/24
VLAN 102 = 172.16.22.0/27
VLAN 103 = 172.16.22.32/27
PIX e1 = 172.16.21.2/30
3550 f0/1 = 172.16.21.1/30
ip routing is enabled
The only network that I am trying to get up first is the 192 network. I will then move my users over to the other VLAN at a different time. I just need to get the users on to the Cisco equipment. the gateway at HQ VLAN 101 is 192.168.10.1.
I have added the other VLAN IP addresses to the crypto map at the other locations but I am only trying to get to the 192.168.10.0 network from those locations at the present time.
The internal network is working. I can ping and connect to others in the VLAN and access the internet. When I connected the VLAN to the PIX I could connect to the other locations using RDP, telnet, FTP and ssh. So I know what everything is configure to connect. I am pretty sure that my problem is routing related, but dont understand why? On the Pix I have a static route for inside 172.16.21.2 to 172.16.21.1 and added the route inside 192.168.10.0/24 to 172.16.21.1, is that right? Because the next hop from the Pix is to the switch f0/1 that is 172.16.21.1. And I am thinking that the 3550 Layer 2 & 3 routing port should route to the VLAN 101.
On the 3550 I have the static routes to the VLAN and 101 is on the 3550 so there is no trucking issues.
There is no access-l on the 3550 so every is permit.
Is there a route that is needed or something taken out that allow that traffic from the other locations to VLAN 101?