jennajdev
asked on
Cisco 3400 Metro Switch Configuration help
Wondering is someone can help me out here. We just had a Cogent Layer 3 fiber service dropped into our office and they told us to get a Cisco 3400 Layer 3 Switch to work with the service. We picked up the Cisco ME-3400-24TS-A switch. I have upgraded the FW to the latest MetroIPAccess build.
We have two blocks of ip's from Cogent (ip's changed to mask the real ones), they provided the following
178.204.251.44/30
178.204.251.45 (Cogent Router)
178.204.251.46 (Our Router IP and attached to FasterEthernet 0/1 on Cisco)
255.255.255.252
They also provided a second block with the following ips
178.213.182.128/25
255.255.255.128
I have successfully configured FastEthernet 0/1 to work with the assigned router and ip address and I can ping all ip's outside our network and I can connect to the switch from the outside via the .46 ip. I used a static route :
ip route 0.0.0.0 0.0.0.0 178.204.251.45
So questions now, how do I get the second block of ip's to work? I am assuming I need to assign an ip on the switch to be my gateway ip for the 138.213.182.128 and route the ip traffic to the cogent router 178.204.251.45
How do I setup the rest of the ethernet ports so that I can just plug a firewall into any port and assign a static ip from the 138.213.182.128/25 I know I have to run a no shutdown command and no switch on the ports I want to use.
Please let me know if you need anymore info to help out!
Thanks so much
We have two blocks of ip's from Cogent (ip's changed to mask the real ones), they provided the following
178.204.251.44/30
178.204.251.45 (Cogent Router)
178.204.251.46 (Our Router IP and attached to FasterEthernet 0/1 on Cisco)
255.255.255.252
They also provided a second block with the following ips
178.213.182.128/25
255.255.255.128
I have successfully configured FastEthernet 0/1 to work with the assigned router and ip address and I can ping all ip's outside our network and I can connect to the switch from the outside via the .46 ip. I used a static route :
ip route 0.0.0.0 0.0.0.0 178.204.251.45
So questions now, how do I get the second block of ip's to work? I am assuming I need to assign an ip on the switch to be my gateway ip for the 138.213.182.128 and route the ip traffic to the cogent router 178.204.251.45
How do I setup the rest of the ethernet ports so that I can just plug a firewall into any port and assign a static ip from the 138.213.182.128/25 I know I have to run a no shutdown command and no switch on the ports I want to use.
Please let me know if you need anymore info to help out!
Thanks so much
ASKER
I got it working using a VLAN setting the ip of the vlan to 178.213.182.129 so that it would be the route/gateway of that subnet. I then added the vlan all the ports except 0/1 as that one is used for the fiber connection. I can now add servers/firewalls with public ip's from the 178.213.182.128/25 block.
However I am having a big issue with this setup hopefully you can help, I can not access any devices on the vlan from each other. So if I have two firewalls one 178.213.182.130 the other 178.213.182.254 I can not ping them or access them. I can ping them both from the switch and from outside the network. When I do a tracert from one of the firewalls to the other it never leaves the firewall, it bounces twice on the firewall and dies.... Not sure where to go on this one please help.
However I am having a big issue with this setup hopefully you can help, I can not access any devices on the vlan from each other. So if I have two firewalls one 178.213.182.130 the other 178.213.182.254 I can not ping them or access them. I can ping them both from the switch and from outside the network. When I do a tracert from one of the firewalls to the other it never leaves the firewall, it bounces twice on the firewall and dies.... Not sure where to go on this one please help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
On the switch you need to configure one port as routed port:
no switchport
ip address x.x.x.x
no shut
and assign a second IP from the range to the ASA. ASA will have the default route the address on the switch.