DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Strange routing issue

  • jdgs
  • Topic Author
  • User is blocked
  • User is blocked
More
10 Feb 2016 14:12 #1 by jdgs
Strange routing issue was created by jdgs
Hello, I am having a strange routing issue, which I cannot quite get my head around, and hoping someone will be able to make some suggestions.

We have an existing site which has the following setup:

2 x networks, voice and phone, voice: 192.168.93.0/24, phone 192.168.94.0/24.
Firewall is a ZyXel USG 100, ip addr 192.168.93.250. Standard LAN setup for 93 network.
Switch is a Layer3 Cisco 3750 which has two VLANs set up, VLAN 93 and VLAN 94. An SVI is set up 192.168.93.252 and 192.168.94.252 respectively.
Static route exists on USG100 which directs any traffic bound for 192.168.94.0 to 192.168.93.252.
This allows for PCs to reach the management of the phone system on the 94 network.
We also have a VPN to datacentre, where the call monitoring and reporting software lives.

All of this worked perfectly, no problems, however the USG needed replacing, so we have replaced with a Vigor 2960. This was set up exactly the same as the USG, on 192.168.93.250, and connected to the switch on an access port for VLAN93. We also created a static route the same as the USG to direct traffic bound for 192.168.94.0 to 192.168.93.252.

Everything works perfectly, however we were unable to get this traffic to pass across the VPN tunnel. On further investigation, I found that when I try to ping either the SVI on the 94 network, or a host on the 94 network from the Draytek, the traffic does not reach it's destination, but drops at 93.252. The strange thing is, when I run the same ping or traceroute from a PC via the Draytek, it routes without issue. Please find examples below:

Traceroute from PC (192.168.93.112) to Phone Server (192.168.94.2):

Tracing route to 192.168.94.2 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms 192.168.93.250
2 <1 ms <1 ms <1 ms 192.168.93.252
3 <1 ms <1 ms <1 ms 192.168.94.2

Trace complete.


Traceroute from Draytek (192.168.93.250) to Phone Server (192.168.94.2):

Vigor2960> traceroute 192.168.94.2 lan1
traceroute to 192.168.94.2 (192.168.94.2) from 192.168.93.250, 30 hops max, 38 by
1 192.168.93.252 (192.168.93.252) 12.059ms 1.004ms 0.904ms
2 * * *
3 * * *
4 * * *

I suspect the fact that the Draytek cannot seem to reach 192.168.94.2 may explain why the traffic will not route across the VPN.

Hoping someone here can shed some light, as I am banging my head against a brick wall at the moment.

Thanks in advance.

Please Log in or Create an account to join the conversation.