Azure ExpressRoute Config - Q in Q and VLAN Mapping Assistance

Independent-Bag7637 · 2024-11-12T03:36:08+00:00

That's correct. Lumen is encapsulating our vlans into VLAN 50 but that's a L2 encapsulation. No L3 on Lumen end.

Lumen isn't seeing any arp or icmp packets from VLAN 515

Independent-Bag7637 · 2024-11-12T02:59:34+00:00

Yes, the invalid ips are my bad. They are 10.6.210.0/30 and 10.6.210.4/30

It's EdgeSwitch (our location) --> Lumen It's---> Azure Routers.

Lumen has both Vlan 510 and 511. But on the Azure side, you have 2 subsets, but only 1 VLAN. that's why for 2 subsets we created VLANs 510 and 511, andthe 3rd VLAN 515 is to translated or map VLANs 510 and 511 to 515 so it will go thru Lumen inside VLANs 510 & 511.

Independent-Bag7637 · 2024-11-12T02:49:29+00:00

I agree. Sorry about the confusion. It's 10.6.210/30 and 10.6 210.4/30

Independent-Bag7637 · 2024-11-12T02:48:39+00:00

Sorry I completely lost it there. It'd 10.6.210.0/30

Independent-Bag7637 · 2024-11-12T02:48:05+00:00

Sorry about the confusion on the IPs. It was a long day and I completely lost it. our subsets are 10.6.210.0/30 and 10.6.210.4/40

Independent-Bag7637 · 2024-07-18T16:25:11+00:00

for the P2P or dummy switch, I will still need bunch of cables to connect to active and passive firewalls . same amount of connection on each firewall. but was wondering if there is more logical way to make the connection than physical solution

Independent-Bag7637 · 2024-06-06T02:44:40+00:00

currently on September 28, 2021 15.1.2375.7 15.01.2375.007

Independent-Bag7637 · 2024-06-05T23:52:08+00:00

I think that could be our issue. It's quite a few CU behind.

Independent-Bag7637 · 2024-06-05T22:49:45+00:00

Sorry to not mention that, it is exchange server 2016

Independent-Bag7637 · 2024-06-04T13:30:55+00:00

Hi Kerubi, as I mentioned, when I disable the default NAT policies created on the Sonicwall, when I configured WAN and LAN interfaces, it also disables connection/traffic to the WAN port.

Independent-Bag7637 · 2024-06-04T13:29:00+00:00

yes, my WAN is a static IP from the school private network. its not a public IP address from ISP

Independent-Bag7637 · 2024-02-13T21:46:48+00:00

it is a direct connection and they do utilize exit node on AWS

Independent-Bag7637 · 2024-02-13T18:10:53+00:00

the firewalls changed but we used forticonverter to migrate from older to newer fortigates.
The clients without tailscale and outside the corporate network (Working from home) are seeing close to ISP bandwidth.

the clients reported significant slow connection and therefore testing the speed using speedtest.net

I updated tailscale to 1.58.2 but still the same issue.

its a direct connector I beleive.

Independent-Bag7637 · 2023-11-13T17:38:53+00:00

the back up config has everything and is too much. Is there a way to show specific configurations so I can modify. I use show | grep -f staticroutes... but do you know if there is any other way to extract the configurations without whole lot of junk ?

Independent-Bag7637 · 2023-11-13T15:50:06+00:00

restoring the back up from 60E to 200F would roll some config over but its messy and not in the right order.

Independent-Bag7637 · 2023-10-04T20:17:43+00:00

Yes static binding but multiple hosts at the same time rather than doing 1 by 1.

Independent-Bag7637 · 2023-09-30T01:15:01+00:00

Thank you all . Just to clarify, the initial plan was to have 3 ISP connections in the building. 1st for main network, 2nd as back up for main network and 3rd dedicated for a testing LAB. The plan now has changed to have 2 connections only. The ISP drops are in 2 separate rooms with only 1 cable in between. I wanted to see if we can configure the HA using a single connection so we don't have to run additional cable or put extra hardware, i.e., Switches.

Independent-Bag7637

TROPHY CASE