?
Solved

Cisco configuration on L2 WAN links

Posted on 2015-02-18
11
Medium Priority
?
264 Views
Last Modified: 2015-04-09
Hi Guys

We recently have a layer 2 service put in between multiple sites.

We have setup a range 192.168.7.0/25 on the router (eg. Router 1 - 192.168.7.1, Router 2 - 192.168.7.2, Router 3 - 192.168.7.3 etc)

At the main site, we have set to 192.168.7.254 (This is the cisco device, our core switch).

We are not able to ping each other for some reason. Unsure if this is the configuration issue or our WAN provider.

Can anyone advise?

Thanks!
0
Comment
Question by:goraek
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 18

Expert Comment

by:Akinsd
ID: 40618249
You may want to check with your ISP.

What type of connection do you have between the sites?

The only way your setup will work is if you have direct layer 2 connection between the sites (Ethernet Handoff)
If not, you will need layer 3 switches or routers, but then you'll have to use separate vlans at each site
0
 
LVL 33

Expert Comment

by:JustInCase
ID: 40618313
Of course that does not work. ISP must block any private IP on internet - it is mandatory. Check with your ISP for possibilities.

Maybe you can use Cisco L2 over L3
0
 
LVL 2

Author Comment

by:goraek
ID: 40618354
We have a Layer 2 connection between sites. Its basically an ethernet handoff.
There's no routing, so long we have a vlan setup and route them, we should be able to see it.

We have checked with them, and they say they can see MAC addresses flowing.

We have a Sonicwall at remote site, and a Cisco core switch. Obviously theres the NTU for bridging.

Unsure whats going on. Could be configuration issue? But cant seem to track it.
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
LVL 18

Assisted Solution

by:Akinsd
Akinsd earned 750 total points
ID: 40620851
Does VTP work? (Are the vlans propagated to the switches or did you create them manually on all switches)
What is allowed on the trunk ports?

It's also possible that what you have is Private Transport.
The ISP assigns a VLAN (transparent to your devices but configured on the firewall or edge router) for traffic redirection.
You will need a L3 switch at the remote sites for this though.

Check with your ISP and they can tell you if your setup can work or not.
If VTP does not work, then you will need separate vlans at remote sites
0
 
LVL 7

Accepted Solution

by:
Daniel Sheppard earned 750 total points
ID: 40621460
As you are saying Layer 2 (without defining exactly what service your ISP is providing: MPLS, VPLS, Metro Ethernet) here are a couple of questions:

- Is it a straight VLAN (You may need to tag all traffic on that VLAN) or is it QinQ?
- Check your MTU with your ISP, ping should work but when using QinQ I did have to drop the MTU by about 8 bytes (for one site only due to a third party backhaul for the ISP).
- Not strictly related to this, but when configuring our private MPLS, I ran into a problem with Multicast traffic being blocked (EIGRP would start the handshake but not fully come up).  Again, not strictly related but something to ensure.


If you only have a straight VLAN, it may be expecting the "native" VLAN (untagged traffic) or a specific tagged VLAN.  If this is the case, get your ISP to migrate to Q-in-Q (VLAN tunnelling).
0
 
LVL 2

Author Comment

by:goraek
ID: 40624911
Cool thanks, I've contacted the ISP, and its been escalated to their network engineer.

I'll keep you guys posted.
0
 
LVL 2

Author Comment

by:goraek
ID: 40714351
There was an issue with the ISP, VLAN wasnt configured at their end.
0
 
LVL 2

Author Comment

by:goraek
ID: 40714688
I've requested that this question be closed as follows:

Accepted answer: 0 points for goraek's comment #a40714351

for the following reason:

Resolved, ISP end.
0
 
LVL 7

Expert Comment

by:Daniel Sheppard
ID: 40714689
I pointed him to the ISP...
0
 
LVL 7

Expert Comment

by:Daniel Sheppard
ID: 40714718
Rather both myself and Akinsd pointed towards the ISP.  For differing reasons, but still points should be awarded.
0

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In short, I will be giving a guide on how to install UNMS on a virtual machine in hyper-v and change the default port for security (you don’t need to have a server, since Windows 10 supports hyper-v)
This article is about building a VRF-Aware site to site VPN tunnels in Cisco CSR1000V router with IOS XE. There are two VRF-Aware Policy Based IPsec VPN tunnels configured on CSR1000V router one with NAT and another without NAT.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question