Has anyone had experience with interVlan routing with their UC500's? I installed a UC500 in an existing network...heres the topology:
T1 connected to a 2621 (Gateway/Edge router) connected via fa0/1 to a PIX (WAN port). PIX connected via fa0/1 to a 2960 (distribution switch) in port Gi0/1. 2960 connects a few servers and a UC520 (connected via 2960's gi0/3* and UC's Fa0/0**...the WAN port). Two CE500 are daisy chained to the UC's uplink port (fa0/1/8) which is trunk mode encap dot1q.
* I have the Gi0/3 in trunk mode allowing all vlans and using dot1q
**The UC Fa0/0 is actually divided into sub interfaces 0/0.1, 0/0.100, and 0/0.200 which are the data (native), Cisco-Voice, and Cisco-Guest VLANs respectively. All are running dot1q encapsulation.
Here are the problems I'm experiencing...
I can access the CME GUI at 192.X.X.X/ccme.html, but I cannot access the CUE GUI at 10.1.10.1/Web. In addition, I cannot tftp a custom AA to the system...they keep failing. If I go to a CLI on the 2960 I can ping the 3 subnets of the 3 VLAN's. And the all of hosts can get out and ping the DG. But the workstations in the data vlan cannot ping the voice vlan. Truth is even though, I'm not a CCIE in routing and switching, I am a CCNA and can find my way around and I can't get this stupid UC500 to work well in an existing network.
Here's what I did. I made
Here's what I did.
I made my UC my default gateway for my internal network and then gave a "gateway of last resort" pointed at my pix.
I suspect that your
I suspect that your default-gateway does not know how to get to 10.1.10.1. Is your DG the PIX? If that is the case, there isn't much you can do other than add a static route to 10.1.10.1 in the PC you are trying to access CUE from. The alternative is to make the UC500 the DG for data, but the everything will route via the UC500 box which isn't optimal.
As far as your topology, I would do it differently next time. Don't use f0/0 at all unless you need to interface with an ISP. Make all your connections to the integrated switchports on the UC500, trunk all your VLANs and use L3 vlan interfaces, i.e. int vlan100, int vlan200, etc. Less pieces to the puzzle.
One more tip, you can also connect your CE500 switches directly to the 2960. There's not need to route traffic through the UC500 box unless the traffic is destined for UC500 (voice, CUE).
Let us know how it goes.
Cisco IP Communications Express Specialist
www.ketchumits.com
What is your PC's gateway IP
What is your PC's gateway IP address?
Maybe you should not use the WAN port of the UC500. Just turn it off and only use the inside interface. The PIX will provide protection from the internet?
Also in all routable devices place a route statement back to the UC500 as the next HOP for all subnets on the UC500.
John
NIKTEK LLC