Solved

default gateway

Posted on 2014-03-11
8
326 Views
Last Modified: 2014-03-26
I have this scenario. I have the alarm system on vlan10 with 10.10.10.100/24 subnet. Below is the snapshot of my network:

MPLS<-->Core switch2<-->access switch1<--alarm system.

 The alarm system doesn't need to be routed within my internal network. switch1 has DG as 10.10.200.1 (vlan200). my core is a layer 3 switch has SVI 200 with 10.10.200.1.

 
What is the DG for my alarm system?

Thanks
0
Comment
Question by:leblanc
  • 4
  • 3
8 Comments
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
If it really does not need to route, the you don't need to code one unless it requires you to.

If you have to code one and you really, really don't want/need it to route then code it as a IP address that does not exist  and document that IP address should NEVER be used.

However, just remember the alarm system does not have a valid default route, you have NO network access to it unless you are using a host that is on the same IP subnet.
0
 
LVL 17

Expert Comment

by:pergr
Comment Utility
... or if you use SOURCE NAT when connecting remotely to that network.
0
 
LVL 1

Author Comment

by:leblanc
Comment Utility
A DG needs to be configured for the alarm system. I have the alarm systems and its devices in its own vlan 200 (10.10.200.0/24). So I setup the DG as 10.10.200.1 which is the HSRP IP address for my 2 cores switches (10.10.200.2 and 10.10.200.3). I think that sounds correct. Any thoughts?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
Comment Utility
If it need a route configured then it SHOULD o be an IP address on the same subnet, 10.10.10.0/24.

Some L3 switches will supporting being a router for a subnet it is not part of, but some devices require their default route to be on the same subnet as they are on.

To do this "correctly" you should configure a HSRP setup no your core switch for the 10.10.10.0/24 subnet and point the alarm system to that.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Author Comment

by:leblanc
Comment Utility
Yes. That is what I got. I configured hsrp on my core switches with 10.10.10.1 like I mentioned in my previous thread. Thx
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
Please re-read your  previous posts.  You seem to be interchanging VLAN's and subnets.

In your original post you stated the alarm system was on VLAN 10, 10.10.10.0/24 and you had VLAN 200, 10.10.200.0/24.

In your prior  post you stated you were going to configure the alarm system to point 10.10.200.1, which is NOT the subnet you originally stated the alarm system is on.

I pointed this out and then you stated, yes, that is what I said 10.10.10.0/24?

So which is it, is the alarm system on 10.10.10.0/24 or on 10.10.200.0/24?  

If it is on 10.10.10.0/24, what default router did you code for it?
0
 
LVL 1

Author Comment

by:leblanc
Comment Utility
Yes sorry. They keep changing the subnets on me. Let say that the alarm system is 10.10.10.0/24. I have the DG as 10.10.10.1. My cores have hsrp as 10.10.10.1 and each of the core has 10.10.10.9 and 10.10.10.10 as the SVI IP address.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 500 total points
Comment Utility
That will work.  O.K, just wanted to make sure everything was correct.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
FTP output from Wireshak 6 47
L2 to EIGRP slow migration? 27 56
Eigrp versus OSPF in a ring topology 3 42
EIGRP Full Mesh 2 28
What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now