HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
LAN Routing
cancel
Showing results for 
Search instead for 
Did you mean: 

Connecting Two Networks--Current Status (a mess)

 
RackRack
Occasional Contributor

Connecting Two Networks--Current Status (a mess)

Hi Everyone! 

 

Ok i just got into my new job as a network admin for a small company that has two networks connected together but probably not in the best way. 

 

Here's the mess....

 

Network A 10.10.x.x Cisco 2821

Network B 192.168.x.x HP 5412zl

 

The port on the cisco end looks like it's configured with a 192.168.0.1 address. and the port on the 5412zl side is not a trunk and has no ip assigned to that port. There's a firewall behind the 5412 with address of 192.168.2.1. Every single device on the 192.168. side  including switches are setup with a gateway of the firewall (192.168.2.1). The gateway config of the port on the Cisco side is setup for 192.168.2.1(the firewall behind the hp 5412). Looks like the firewall receives traffic from the 10.10.x.x network it puts it behind the internal interface and treats it like internal 192.168 traffic. 

 

now...it's all working. Originally it looksl ike both sides were managed by two different departments. Because of cost they got rid of both of them and hired one person to manage both...TADA...me. LOL. 

 

I can't manage the 192.168 devices from the 10.10.x.x side. I have to log into a device over on the 192.168 side to take care of that.  I can't see any switch devices on the 192.168 side from the 10.10.x.x side. I think the setup currently needs to be changed. 

 

oh and both sides have their own internet connection. I just have devices on either side that need to see each other, file sharing, printing, and most importantly mangaging devices. 

 

My question:

 

1. How can i setup the cisco and Hp to handle the routing? 

2. Any reason why an admin would put an IP address of network B on a port on Network A side and give it the gateway of the firewall?

3. The 5412zl does routing, why would it not be used in current scenario?

4. there's about 15 switches on each side. Network B switches all have a gateway of the firewall...is that normal? Aren't switch gateways usually the next hop towards getting out? 

 

Any help would be great!! 

 

LG

 

4 REPLIES
ISoliman
Super Advisor

Re: Connecting Two Networks--Current Status (a mess)

can you please get the out put of "show ip route" from Cisco and the same or "show route" from HP 5400 switch please, and if possible from the firewall as well :)

 

 

What is the gateway of the devices in the 192 side, and what is the gateway of the devices in the 10. side ?

RackRack
Occasional Contributor

Re: Connecting Two Networks--Current Status (a mess)

i responded in private message. 

Matcol
Frequent Advisor

Re: Connecting Two Networks--Current Status (a mess)

Just to clarify

- the subnet mask on the HP-facing CIsco interface is at most /22, maybe it is /16?

- the 5412 has no VLAN interface addressed in the 10.10.0.0 network?

 

I assume the Cisco 2821 has routes like:

192.168.0.0 --> FW

0.0.0.0 --> Cisco network ISP

 

And maybe the HP network has something like:

0.0.0.0 --> FW

 

And the FW has

192.168.0.0--> HP network (Local)

10.10.0.0--> Cisco network (Local)

0.0.0.0--> HP network ISP

 

So what's happening is that the Cisco network is using the FW to reach the HP network.

 

Generally, FWs don't have the best throughput, so you should be using them to route between networks only if there is a security reason to do so.

 

DWNewman
Occasional Visitor

Re: Connecting Two Networks--Current Status (a mess)

Please forgive me for hijacking an old thread, but this situation is exactly what I need to do.

 

I currently have two seperate networks (company acqusition)

Network 1 is a Novell Open Enterprise (Suse Linux) configured on the 10.10.10.xx subnet with it's own internet connection using a Cisco ASA 5512x gateway

 

Network 2 is a Windows 2003 domain configured on the 192.168.x.x subnet with it's internet coming in through a Cisco ASA 5505 gateway

 

Both network have several netgear - HP - and extreme networks switches and / or routers (some of which are capable of vlans, but I'm a novice with vlans)

 

What I need is for computers on the 192.168 subnet to "see" the servers on the 10.10 subnet, and eventually to use the 10.10 internet connection.  I'm willing to learn whatever I need to learn, and to purchase whatever is needed, but I am looking for some direction so I don't waste any more time than I must.

 

What is the best (and / or easiest) way - other than changing everyone's ip range - to get these systems to see each other ?

 

Thanks for any assistance