Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco 3400 Metro Switch Configuration help

Posted on 2010-11-24
3
Medium Priority
?
1,192 Views
Last Modified: 2012-05-10
Wondering is someone can help me out here.  We just had a Cogent Layer 3 fiber service dropped into our office and they told us to get a Cisco 3400 Layer 3 Switch to work with the service.  We picked up the Cisco ME-3400-24TS-A switch.  I have upgraded the FW to the latest MetroIPAccess build.

We have two blocks of ip's from Cogent (ip's changed to mask the real ones), they provided the following

178.204.251.44/30
178.204.251.45 (Cogent Router)
178.204.251.46 (Our Router IP and attached to FasterEthernet 0/1 on Cisco)
255.255.255.252

They also provided a second block with the following ips
178.213.182.128/25
255.255.255.128

I have successfully configured FastEthernet 0/1 to work with the assigned router and ip address and I can ping all ip's outside our network and I can connect to the switch from the outside via the .46 ip.  I used a static route :
ip route 0.0.0.0 0.0.0.0 178.204.251.45

So questions now, how do I get the second block of ip's to work?  I am assuming I need to assign an ip on the switch to be my gateway ip for the 138.213.182.128 and route the ip traffic to the cogent router 178.204.251.45

How do I setup the rest of the ethernet ports so that I can just plug a firewall into any port and assign a static ip from the 138.213.182.128/25  I know I have to run a no shutdown command and no switch on the ports I want to use.

Please let me know if you need anymore info to help out!

Thanks so much
0
Comment
Question by:jennajdev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 9

Expert Comment

by:DanJ
ID: 34212552
You got a second block of IPs as the first one is only for the switch and their PE router. The second block is for your organization.
On the switch you need to configure one port as routed port:
no switchport
ip address x.x.x.x
no shut

and assign a second IP from the range to the ASA. ASA will have the default route the address on the switch.
0
 

Author Comment

by:jennajdev
ID: 34217933
I got it working using a VLAN setting the ip of the vlan to 178.213.182.129 so that it would be the route/gateway of that subnet.  I then added the vlan all the ports except 0/1 as that one is used for the fiber connection.  I can now add servers/firewalls with public ip's from the 178.213.182.128/25 block.  

However I am having a big issue with this setup hopefully you can help, I can not access any devices on the vlan from each other.  So if I have two firewalls one 178.213.182.130 the other 178.213.182.254 I can not ping them or access them.  I can ping them both from the switch and from outside the network.  When I do a tracert from one of the firewalls to the other it never leaves the firewall, it bounces twice on the firewall and dies.... Not sure where to go on this one please help.
0
 
LVL 9

Accepted Solution

by:
DanJ earned 2000 total points
ID: 34218121
this is the default mode for the uni-vlan and is called isolated. for communication between ports enable community mode fro the vlan

conf t
vlan vlan_number
uni-vlan community
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
Make the most of your online learning experience.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question