Spanning vlans to a new router

[DrGreen26]

Hi Everyone,

I have an interesting issue that even Cisco is having problems with helping me figure out.

we recently connected as remote building via a cisco 1300 wirless bridge so that they can be directly connected to the corporate network via being isolated.

At the remote end, we installed a VOIP gateway router which is connected via an 802.1q trunk port to a 1300 bridge, that brdige communicates with another bridge and then to a cisco switch using 802.1q again.

I was able to place the new router into the VTP domain and the vtp database did populate on the new router.

What I don't understand is when I configure any of the ports on the 9 port ethernet switch to a specific vlan, I cannot communicate on that vlan.

This is important that I get this resolved as I need to expand 6 vlans to this location to support the following:

1. the local lan
2. Secured wireless network
3. Wireless VoiP network
4. Open Internet wireless access

The wireless network will have a native vlan trunk port and support 3 separate vlans for the 2 data and 1 voice channel.

Any thoughts, I can upload the router configuration if needed as well as the wifi and switch configs.

Thanks

Mark C. Greenwood, CNE


With more than 10 years experience to share.

 

[jneiberger]

Can we see the config on your VoIP gateway router with the ethernet module?

John

 

[DrGreen26]

Here it is...

version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HHRT01
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$LH6k$Bx/3H.mNpR30CwSgKrYSM/
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
aaa new-model
!
!
aaa authentication fail-message ^CCLogin failed. Try again."^C
aaa authentication login default local group tacacs+ line
aaa accounting update newinfo
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
aaa session-id common
ip subnet-zero
ip cef
!
!
!
!
ip domain name nmh.nmrhs.net
ip name-server 10.15.200.31
ip name-server 10.5.1.2
no ftp-server write-enable
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no spanning-tree vlan 35
no spanning-tree vlan 40
no spanning-tree vlan 42
no spanning-tree vlan 45
no spanning-tree vlan 50
no spanning-tree vlan 55
no spanning-tree vlan 60
no spanning-tree vlan 63
no spanning-tree vlan 64
no spanning-tree vlan 65
no spanning-tree vlan 70
no spanning-tree vlan 75
no spanning-tree vlan 80
no spanning-tree vlan 85
no spanning-tree vlan 90
no spanning-tree vlan 95
no spanning-tree vlan 99
no spanning-tree vlan 100
no spanning-tree vlan 105
no spanning-tree vlan 110
no spanning-tree vlan 120
no spanning-tree vlan 199
no spanning-tree vlan 200
no spanning-tree vlan 201
no spanning-tree vlan 210
no spanning-tree vlan 220
no spanning-tree vlan 250
no spanning-tree vlan 300
no spanning-tree vlan 305
no spanning-tree vlan 400
no spanning-tree vlan 401
no spanning-tree vlan 402
no spanning-tree vlan 403
no spanning-tree vlan 404
no spanning-tree vlan 405
no spanning-tree vlan 450
no spanning-tree vlan 452
no spanning-tree vlan 454
no spanning-tree vlan 999
vtp file HHVTP

username mgreenwood privilege 15 password 0 qcqyqd34
username rwaterson privilege 15 password 0 telephone
!
!
!
!
interface FastEthernet0/0
description Trunk to Hospital
ip address 10.6.10.250 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/0.25
encapsulation dot1Q 25
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/3/0
switchport access vlan 25
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/3/1
switchport access vlan 25
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/3/2
switchport access vlan 25
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/3/3
switchport access vlan 25
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/3/4
switchport access vlan 25
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/3/5
!
interface FastEthernet0/3/6
!
interface FastEthernet0/3/7
!
interface FastEthernet0/3/8
description trunk port connection to NMH
switchport mode trunk
duplex full
speed 100
!
interface Vlan1
no ip address
!
ip default-gateway 10.6.10.254
ip classless
ip route 0.0.0.0 0.0.0.0 10.6.10.254
ip route 10.5.1.0 255.255.255.0 10.6.10.254
ip route 10.15.60.0 255.255.255.0 10.15.10.254
ip route 10.15.60.0 255.255.255.0 10.6.10.254
ip route 10.15.200.0 255.255.255.0 10.6.10.254
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
logging 10.15.200.37
logging 10.15.200.58
logging 10.15.60.249
access-list 5 permit 10.15.60.11
access-list 5 permit 10.15.60.10
access-list 5 permit 10.15.60.12
access-list 5 permit 10.15.60.112
access-list 5 permit 10.15.60.117
access-list 5 permit 10.15.60.111
access-list 5 permit 10.15.60.110
access-list 5 permit 10.15.60.80
access-list 5 permit 10.15.60.249
access-list 5 permit 10.15.200.37
access-list 5 permit 10.15.200.58
snmp-server community hockeytown RO 5
snmp-server community stanley RW 5
snmp-server location Hospitality House
snmp-server chassis-id Hospitality House Gateway Router
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps tty
snmp-server enable traps xgcp
snmp-server enable traps envmon
snmp-server enable traps flash insertion removal
snmp-server enable traps icsudsu
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps ds0-busyout
snmp-server enable traps ds1-loopback
snmp-server enable traps aaa_server
snmp-server enable traps atm subif
snmp-server enable traps bgp
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps cnpd
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps dial
snmp-server enable traps dsp card-status
snmp-server enable traps entity
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps hsrp
snmp-server enable traps ipmobile
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps pppoe
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps rtr
snmp-server enable traps syslog
snmp-server enable traps l2tun session
snmp-server enable traps vtp
snmp-server enable traps voice poor-qov
snmp-server enable traps dnis
snmp-server host 10.15.200.250 hockeytown
snmp-server host 10.15.200.251 hockeytown
snmp-server host 10.15.200.37 hockeytown
snmp-server host 10.15.200.58 hockeytown
snmp-server host 10.15.60.249 hockeytown
snmp-server host 10.15.60.80 hockeytown
!
!
tacacs-server host 10.15.200.20
tacacs-server host 10.15.200.18
tacacs-server timeout 3
tacacs-server directed-request
tacacs-server key #jujitsu@#
tacacs-server dns-alias-lookup
!
control-plane
!
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/0/2
!
voice-port 0/0/3
!
!
!
!
!
line con 0
exec-timeout 20 0
password 7 03475A020D062543
line aux 0
line vty 0 4
exec-timeout 20 0
privilege level 15
password 7 03475A020D062543
transport input telnet ssh
line vty 5 15
privilege level 15
transport input telnet ssh
!
ntp authentication-key 123 md5 0257570E5F525A751D 7
ntp clock-period 17179955
ntp peer 10.5.1.254
end

----------vtp domain status----------------
VTP Version : 2
Configuration Revision : 96
Maximum VLANs supported locally : 256
Number of existing VLANs : 58
VTP Operating Mode : Server
VTP Domain Name : nmrhs
VTP Pruning Mode : Enabled
VTP V2 Mode : Enabled
VTP Traps Generation : Enabled
MD5 digest : 0xEE 0x8F 0xDD 0x96 0x05 0xBF 0x56 0x86
Configuration last modified by 10.6.1.122 at 6-28-05 13:21:26
Local updater ID is 10.6.10.250 on interface Fa0/0 (first interface found)

Mark C. Greenwood, CNE


With more than 10 years experience to share.

 

[jneiberger]

So, I guess you'll be changing those passwords and community strings, as well as your TACACS+ key, huh? ;-) Are you a Red Wings fan?

Let me make sure I understand the problem. Is it that once you configure a non-default VLAN on one of those switchports, you can no longer communicate on that switchport?

 

[DrGreen26]

The problem stems that if I put a swtich port into a vlan, it does not communicate whatsoever. When I create an interface vlan on the router, then i can ping the device and that device can ping the router, but then it causes problems with my core switch as routing loops end up occuring since our core 6513 has all the vlans programmed on it.

I am not worried about the enable password or tacacs, the config was utilize using an old template and all will be changed once it is up and running correctly.

Thanks for your help though I do appreciate it.

Mark

Mark C. Greenwood, CNE


With more than 10 years experience to share.

 

[Ru55ell]

What is the command your using on the switch to put it on the VLAN? Pleas show us the command lines. Show the output from a "show vlan" from the sw and router. show output from "show VTP detail".