Hi Kim: From the info you mention, I don't get clear if you are sure that the default route isn't working for the B3's. I mean, have you tried to sniff packets at the firewall internal segment to see if the data is getting there? Have you checked the fw logs? Another thing that you can try to rule out any issue w the fw is putting any switch or router on the same internal segment of the fw and pointing the default route to that device and see if the packets go the device. One good example, to check if the data goes the way it should is to ping anything within the range of the default route; if the packets are routed correctly, you should go to the arp table of that B3 switch and see the mac address of the router/switch or fw that manages the route to get to that destination.
If it works, then the conf is correct and maybe the issue is with firewall. Francisco J Garc��a���lvarez Administrador Redes Directo���a Info��ática Rama Judicial Puerto Rico (939)389-3059 [email protected] ----- Original Message ----- From: Kim Pedersen <[email protected]> To: Enterasys Customer Mailing List <[email protected]> Sent: Sun Jun 07 23:50:42 2009 Subject: Re: [enterasys] Vlan configuration issue. & Default GW Hi Michael, With last resort I presume you mean default route/gw? This is what I would like to accomplish, but I don't know the command that will do it, and have either misunderstood the documentation or been unable to find out which command to use. I did try and specify a default route by defining a static route as 0.0.0.0/0.0.0.0, but it didn't work out. I did not spend too much time on the whys as I felt I was on shaky ground trying a configuration that wasn't directly mentioned in the product documentation. I have included the router specific configuration below: ---------------------- C2(rw)->router(Config)#show running-config ! interface vlan 90 no shutdown ip address 192.168.90.250 255.255.255.0 interface vlan 91 no shutdown ip address 192.168.91.254 255.255.255.0 interface vlan 92 no shutdown ip address 192.168.92.250 255.255.255.0 interface vlan 93 no shutdown ip address 192.168.93.254 255.255.255.0 interface vlan 94 no shutdown ip address 192.168.94.250 255.255.255.0 interface vlan 95 no shutdown ip address 192.168.95.254 255.255.255.0 interface vlan 96 no shutdown ip address 192.168.96.250 255.255.255.0 interface vlan 99 no shutdown ip address 192.168.99.250 255.255.255.0 interface vlan 100 no shutdown ip address 192.168.100.250 255.255.255.0 ! router rip ---------------------- Regards, Kim Pedersen Pasetta, Michael wrote: Have you tried to add a route of last resort in the switches router configuration? ________________________________ From: Kim Pedersen To: Enterasys Customer Mailing List Sent: Sat Jun 06 21:23:38 2009 Subject: Re: [enterasys] Vlan configuration issue. & Default GW I have a question to add into this interesting thread, which adds a twist to Abhijit's scenario. I have a very similar setup to the diagram below, with the added difference that on my setup the IP addresses of the C3 switch on each of the VLANs (10,20 and 30) is set as the default gateway for the clients connected to the B3 switches. Above C3 switch in the diagram below, I have a firewall / internet router on VLAN 40, and I would like the C3 switch to route all non-local traffic to this firewall. I have been unable to get this to work, as the default route command on the C3 switch seems only to work for the C3 switch itself, and not for any routed networks. Does anyone have experience with this? Regards, Kim Pedersen CNCS Ltd. Pal, Abhijit IN CCU SISL wrote: Hello, I am describing the scenario. Five B3 switches will be connected with one C3 switch. Each B3 SW will be used as L2 SW and they will be in separate Vlan. One server which will be in separate vlan, will be directly connected to C3 switch. Now in C3 SW Vlan routing will happen. Attaching the worst Diagram came out of my best effort. What should I do? Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID: +91 33 2339 9396 Board:+91 33 2339 9000 Fax: +91 33 2339 9001 * --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] * --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] * --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] ----------------------------------------- Aviso de confidencialidad: Este correo electr��nico y cualquier documento adjunto contiene informa��ón propietaria, confidencial o privilegiada que pertenece a la Rama Judicial. Se advierte que cualquier divulgac���n, distribu��ón, copia o acc���n relacionada al contenido de esta comunicac���n, sin la autoriza��ón del remitente e��á totalmente prohibida. Si usted no es el destinatario, debe destruir este mensaje y notificar al remitente o a la Oficina de Seguridad de los Sistemas al (787) 641-6363, Ext. 2775. La Rama Judicial ha tomado las precauciones necesarias para asegurar el en���o del correo elec��ónico, libre de virus o contenido malicioso. No obstante, no podemos asegurar que ��í sea, por lo cual no nos hacemos responsables de cualquier da��o atribuible al caso. ----------------------------------------- Confidentiality Note: This e-mail and any other document attached contain proprietary, confidential or privileged information that appertains to the Judicial Branch. You are to become aware that any dissemination or disclosure, distribution, copying or the taking of any action in reliance on the contents of this communication is strictly forbidden without the consent of the sender. If you are not the intended recipient, you should destroy this message and should notify the sender or the Systems Security Office at (787) 641-6363 Ext. 2775. The Judicial Branch has taken the necessary precautions to ensure the remittance of e-mail communications free of virus or any other malicious contents. However, we cannot assure that this could be the case, for which we disclaim any responsibility of any damage attributable thereto. --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
