Meraki

Community

Shared Network dilemma

AlexGregoire
Here to help
‎Jul 9 2019 1:32 PM
‎Jul 9 2019 1:32 PM

Shared Network dilemma

I have branch office using a 10.0.0.0/24 LAN subnet with a Meraki MX appliance. The LAN connects back to the home office on VPN and everything works great. The problem is that they share physical space with a cooperative 2nd office that I'm not the admin of, and the two offices share printers and a local NAS file server. The 2nd network is a SonicWall on a flat network LAN of 192.168.0.0/24 with no VLANs defined.

 

The previous Cisco 1841 router simply did this to make it work:

interface FastEthernet0/0

description 2ND LAN Interface

ip address 192.168.0.135 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip virtual-reassembly

duplex auto

speed auto

 

I've tried defining the 2nd network as VLAN 2 with the correct LAN & same IP, verified the physical port connection, made sure the port is trunking, but no joy. I've got to be missing an obvious solution here because it's not supposed to be this hard. (or so I'm told)

0 Kudos
6 Replies 6
SoCalRacer
Kind of a big deal
‎Jul 9 2019 2:14 PM
‎Jul 9 2019 2:14 PM

Check the per-port VLAN settings. The port they are connected to will need to have VLAN 2 set as the native VLAN.

In response to SoCalRacer
AlexGregoire
Here to help
‎Jul 9 2019 7:34 PM
‎Jul 9 2019 7:34 PM

"they" = I'm assuming this is the bridging port from our network to theirs. Which is yes, the bridging port is set to VLAN 2. Or does every port that services a 10.0.0.0 client who needs access to the file server in 192.168.0.0 needs to be set to VLAN 2 as the native?
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 9 2019 3:47 PM
‎Jul 9 2019 3:47 PM

Was the 1841 used only for your people, or was it also shared?

In response to PhilipDAth
AlexGregoire
Here to help
‎Jul 9 2019 7:36 PM
‎Jul 9 2019 7:36 PM

The 1841 was used only for our network, LAN 10.0.0.0. Clients on their network, 192,168.0.0., could print to 10.0.0.0 printers.

0 Kudos
Raj66
Meraki Employee
Meraki Employee
‎Jul 10 2019 7:53 AM
‎Jul 10 2019 7:53 AM

Hi @AlexGregoire ,

 

If the Sonicwall doesn't support VLANs, then we need to send the traffic untagged for the Sonicwall to be able to understand it. Make sure the port on the MX is configured as a trunk port with native vlan 2. It is also worth to check the port config on the Sonicwall side to match what we have on our side.

 

How are they routing traffic to the 10.0.0.0/24 network? Do they have a static route configured on the Sonicwall to send that traffic to MX? If so, we need to make sure we are using the same interface IP on the MX as they have configured as next hop on the Sonicwall.

 

Cheers!

 

Raj

 

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it
In response to Raj66
AlexGregoire
Here to help
‎Jul 10 2019 1:41 PM
‎Jul 10 2019 1:41 PM

The 2nd network's admin (a contractor) says that while the SonicWall can do VLANs, they're not configured for it. I confirmed the static LAN IP and their static routing is still 192.168.0.135 as before with the Cisco, so using the same settings on Meraki should work. <br>Troubleshooting late yesterday he attempted to sidestep the VLAN tagging issue by making a VLAN 2 on his router with the subnet 192.168.1.0/24, bridge interface IP 192.168.1.135, and having it static route everything from 192.168.0.0/24 both ways, leaving the original network unchanged and un-disrupted. Still no joy.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.