SRW248G4P - dhcp relay?

Similar Questions

• E4200 - DHCP relay

  I'm looking to get a new wireless router, so I am able to stream HD movies from my server to a media center PC.  I currently have a WRT54G running DD - WRT.  I have a firewall 5GT of Juniper as my gateway interface that manages all DHCP addresses.  I reserved IP addresses for each wireless device in my house and the WRT54G is configured for DHCP relay to these devices.

  Is there a way to activate the E4200 relay my 5GT to host DHCP traffic?  Thank you.

  I would set up the E4200 as simple access point. Then you don't need any DHCP relay because everything is in the same local network, anyway.

• 7048 routing/DHCP relay with 5548

  Hello

  I have a problem with the 5548 do not relay the query DHCP for PXE (SCCM), 5548 is connected to 7048 (trunk). We shop Cisco, this is the first time that I am using DELL. Any help is appreciated.

  --------7048--------
  
  !Current Configuration:!System Description "PowerConnect 7048, 4.2.2.3, VxWorks 6.6"!System Software Version 4.2.2.3!System Operational Mode "Normal"!configuregvrp enablevlan databasevlan 2,10-11,21,50-52,156vlan routing 1 1vlan routing 10 2vlan routing 21 3vlan routing 50 4vlan routing 51 5vlan routing 52 6vlan routing 156 7vlan routing 2 8vlan routing 11 9vlan association subnet 10.112.0.0 255.255.252.0 10vlan association subnet 10.112.4.0 255.255.255.0 11vlan association subnet 10.116.4.0 255.255.252.0 21slot 1/0 5    ! PowerConnect 7048slot 1/1 11   ! SFP+ Cardslot 1/2 9    ! CX4 Cardslot 2/0 6    ! PowerConnect 7048Pslot 2/1 11   ! SFP+ Cardslot 2/2 9    ! CX4 Cardstackmember 1 5    ! PCT7048member 2 6    ! PCT7048Pip routingip route 0.0.0.0 0.0.0.0 192.168.1.58ip route 10.0.0.0 255.0.0.0 192.168.1.58interface vlan 1exitinterface vlan 2ip address 192.168.1.57 255.255.255.252ip local-proxy-arpno ip redirectsexitinterface vlan 10ip address 10.112.0.1 255.255.252.0no ip redirectsexitinterface vlan 11ip address 10.112.4.1 255.255.255.0ip helper-address 10.112.1.50ip local-proxy-arpno ip redirectsexitinterface vlan 21ip address 10.116.4.1 255.255.252.0ip helper-address 10.112.1.50ip helper-address 10.112.1.51exitinterface Te1/1/2description 'F2_NTR_4'gvrp enablespanning-tree portfastswitchport mode trunkdot1x port-control force-authorizedexit
  
  ------5548------
  
  vlan databasevlan 10-11,21exit
  
  gvrp enable
  
  ip dhcp relay enable
  
  stack master unit 1!interface vlan 1 ip address dhcp!interface vlan 10 ip address 10.112.0.4 255.255.252.0 ip dhcp relay enable ip proxy-arp
  
  interface gigabitethernet1/0/18 spanning-tree portfast switchport access vlan 21
  
  ip route 0.0.0.0 0.0.0.0 10.112.0.1
  
  interface tengigabitethernet1/0/1 description F2_NTM gvrp enable spanning-tree portfast auto switchport mode trunkSW version 4.1.0.1 (date  05-Apr-2012 time  15:03:04)
  
  Gigabit Ethernet Ports=============================no shutdownspeed 1000duplex fullnegotiationflow-control onmdix autono back-pressurespanning-treespanning-tree mode RSTP
  
  qos basicqos trust coseee enable
  

  SCCM PXE server is fine, tested on Cisco gear.
  

  It's weird, PXE starts working when I hard code the fiber connecting switches to full-duplex, even if they show the full duplex in automatic. Thanks for your help.

• DHCP Snooping without configured DHCP relay

  Hello

  We use DHCP Snooping with DHCP relay successfully configured... but I was wondering if the DHCP-Snooping function is also working on a (composed by different switches) L2 network where the DHCP server is on the same VLAN as the client?

  I know that server must be in a VLAN dedicated but segmentation VLAN server DHCP - client is scheduled in a second step...

  Thanks for your suggestions!

  Hi Omar,.

  The DHCP server can be on the same VLAN as the customers, no problem with that.

  You must configure the port on the DHCP server as being approved with the following commands:

  conf t

  IP dhcp snooping

  IP dhcp snooping vlan x

  interface fastethernet x / y

  IP dhcp snooping trust

  FastEthernet x / is the port where the DHCP server must be located.

  Cheers:

  István

• Firmware 1.4.0.88 for SG300-52 seems to break DHCP relay

  My VLAN to end my switches, so I use a DHCP relay with Option82 to distribute addresses for the subnet of the VIRTUAL LAN. After the transition from 1.3.7.18 to 1.4.0.88, DHCP isn't being delivered on my VLAN. Does anyone else have this problem?

  I'm just creating DHCP relay for the first time with my SG 300-28, 1.4.0.88 firmware and noticed that the DHCPDISCOVER promulgated by the relay had the same source and destination (67) port, while the original DHCPDISCOVER used 67 & 68. In addition the 1.3.7.18 firmware is not exchange these autour:

  Excerpts from Wireshark:

  1.4.088-

  Original DHCPDISCOVER to the customer:

  User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

  Relayed SG300 DHCPDISCOVER:

  User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)

  This seems a bit suspect to me

  1.3.7.18

  Original DHCPDISCOVER to the customer:

  User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

  Relayed SG300 DHCPDISCOVER:

  User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

  I am not sure that this is your problem (it does not solve my problem), but I want to underline the thought

• RV180 DHCP Relay

  Hello

  Apologies if Im posting in the wrong place, but I am after some help.

  What Im trying to do is:

  Internet connection - router homepage (for normal home internet) - RV180

  RV180:

  2 VLAN (1-10) - which provide IP addresses for my lab at home (DC, server ESXi)

  The other addresses DHCP "Relay" between the House 2 router devices (NAS and a PC box)

  VLan 1 is set to DHCP relay

  VLan 10 is defined on the DHCP server, configured to give IP addresses in the range 192.168.10. *.

  The home router is running OpenWRT if that makes a difference

  Is it possible to get DHCP traffic on the WAN port to VLAN 1?

  Thank you

  DMO

  Hello

  "Is it possible to get DHCP traffic on the WAN port to VLAN 1.

  No - since vlan10 and vlan1 are connected directly - and the RfC TCP/IP does not allow this - the router forwards traffic via the directly connected interface.

• SG300 insert option82 in DHCP relay

  Hey guys, anyone having trouble getting a SG300 series pass to insert information from option82? I have Working DHCP relay between two VLANs successfully, however, I want to identify where the client is connected in order to define their preferences for optimal routing.

  switch-20-0#show ip dhcp relay
  DHCP relay is Enabled
  Option 82 is Enabled
  Maximum number of supported VLANs without IP Address is 256
  Number of DHCP Relays enabled on VLANs without IP Address is 1
  DHCP relay is not configured on any port.
  DHCP relay is enabled on Vlans: 20
  Active: 20
  Inactive:
  Servers: 192.168.0.2
  

  I have to you missing something simple. Any help, or even "Hey have you tried' type answers very much appreciated!

  Hi Jonathan,.

  To my knowledge, you have everything configured properly. I would try to set up packet capture on the switch to the position to interface to the DHCP server to see if the information is included in the DHCP Discover message.

  -Good Trent

  * Please note the useful messages! **

• DHCP relay does not not in in-band mode

  Hi Faisal,.

  wireless client does not have dhcp via a CAS server server ip address,.

  Here's the scenario,

  1. inband case network configuration:

  Trust interface (for protected network)	Untrusted interface (network management)
  IP address Subnet mask Default gateway Set the management VLAN ID: Through VLAN ID managed network	IP address Subnet mask Default gateway Set the management VLAN ID: Through VLAN ID protected network

  2. wireless customers in vlan rogue who is 104 and I traced the vlan 104-400 (trust vlan)

  VLAN vlan untrusted trusted

  140                                                        400

  3 run subent

  ip subent                                                                               vlan

  10.161.136.5 / 255.255.248.0 140

  10.161.136.5 is the trusted ip subnet VLANs 400

  4. Enter ARP is not configured

  in switch, reliable and trusted ports are configured as port trunk and permit reliable and trusted VLAN respectively.

  When we move the client VLAN 400 wireless manually obtain ip address but when wireless client is in vlan 140 its not get ip address and in the configuration of the approved switch and ports not reliable are trunk port and using the vlan native is 1

  WLC pass port is port trunk and allowed for all the VLANS

  do I need to configure the ARP entries or what other configurations are required to work CASES like a DHCP relay.

  Thank you

  Laxman,

  Three things:

  -If it's in VGW, approved and non-approved interfaces must have the same IP address

  -Uncheck "the passage through the VLAN ' on both sides

  S ' away from VLAN 1 if possible!

  HTH,

  Faisal

• WRVS4400Nv2 DHCP Relay on 2nd VLAN

  Hello

  Here's what I'm trying to understand:

  My network is set up such that I have a wireless network in the VLAN 1, which is the main network we use.  The subnet is 10.5.1.x.

  My goal is to set up a wireless network completely isolated comments, but it would work better.  What I'm trying to do now, is that I created a VLAN separated (VLAN 2, ranging 10.5.2.x IP) and activated DHCP on the WRVS4400N.  However, in comments network, he is always picking up a 10.5.1.x IP which will be distributed by the server DHCP (10.5.1.5, Win 2003) and yet all traffic to our private network routing.

  Here's what I put:

  Wireless > security settings > network (SSID 2) comments

  • Wireless Isolation (between w/o SSID VLAN): enabled
  • Insulation (within SSID) wireless: enabled

  Setup > LAN > VLAN 1

  • Router IP 10.5.1.1, CAMERA IP WiFi 10.5.1.3
  • DHCP relay for 10.5.1.5

  Setup > LAN > VLAN 2

  • 10.5.2.1 IP router
  • DHCP enabled for the subnet 10.5.2.x
  • Relay DHCP option is grayed out (don't know why)

  Setup > Advanced Routing

  • Routing inter - VLAN: disabled

  A way to solve this problem would be nice.  I don't want traffic through our internal network.  Ideally, if I get Windows server to distribute addresses of 10.5.2.x, it would be perfect, but I do not know how to configure it for such.

  If anyone has any ideas, that would be great-thanks!

  Matt

  Yes... Here is an answer I got Cisco engineering support:

  The issue you reported is a known problem.
  Engineering and development are aware of this problem and provided the following information:

  DESCRIPTION OF THE PROBLEM:
  If the WRVS4400N is configured with multiple VLANs, and these VLANs are mapped to different SSIDS, the user cannot use an external DHCP server to provide IP scopes for these VLANS.
  Hosts connected to two SSID will get the native DHCP server IP address only.
  The workaround for this is to use the DHCP server integrated for all the VLANS defined on the WRVS4400N.

  Note: This is not a bug but rather a limitation of product. The developer confirmed that the WRVS4400N works as expected.

  A difficulty regarding:
  Because of the wireless switch port and the trunk by using different chipset, it is not possible to provide a fix for this problem.
  In the future, engineering & product Dev teams will try to use the same chip set (same provider).
  This feature has been targeted for the next new product.  No solution will be on the current hardware.

  Note: If this function is vital for your deployment and you want to recover the cost of the WRVS4400N, please send the serial number and a copy of your proof of purchase and we will gladly provide a refund.

  Best regards

  Alex Delano

• DHCP relay for users (ASA) SSL VPN

  I have ASA 5520 vpn endpoint. Before asa, there are firewalls which translates the public ip address to the private sector and to pass SSL traffic to ASA. I have configured DHCP relay to get the IP address for the DHCP in Windows Server users:

  dhcprelay Server 10.100.2.101 on the inside

  dhcprelay activate vpn

  dhcprelay setroute vpn

  and it does not work. with the local pool, it works fine. Should I do something else? When I turn on debugging it has not any activity.

  You try to assign the IP address to the SSL vpn client using the DHCP server?

  If so, you don't need these commands contained in your message.

  Basically, you need to set dhcp server in tunnel-group and dhcp-network-scope in group policy.

  Here is an example of Ipsec client. Setup must be the same.

  http://www.Cisco.com/en/us/partner/products/ps6120/products_configuration_example09186a0080a66bc6.shtml

• 6.1.4 NSX upgrade to 6.2.0: DLR fails to upgrade with DHCP relay message

  Hey all, in the middle of an upgrade of non-prod to a greenfield 6.1.4 6.2. Did the Manager NSX, and follow-up of all controllers. Then after the VMware recommended upgrade sequence, I did the GSS. Then began the DLR. When you try to upgrade the DLR, I received an error message

  The "Upgrade Version" operation failed for the entity with the following error message.

  [DHCP] To enable DHCP Relay, DR instance must be created with a single connected LIF.

  

  Also, the router now displays status in the NSX edges pane: "failed to create/update edgeAssist interface for edge edge-3.» 404 not found. »

  

  So I tried erase the configuration of DHCP on the DLR with the button relay remove, no dice. Tried to redeploy, fail with the same message. Tried to force synchronization, changes in status to "impossible to force synchronization. NSX Edge edge-3 is in poor condition. Try the operation again. The DHCP configuration disappears, but the change seems never commit, because when I browse the bracing or routing section and browse to the DHCP relay page, the original configuration is still there. It is a simple DLR with no configured HA. I have attached the newspapers of DLR tech support in case there is any support curious people out there. Note, vCenter 6.0.0 2741530, ESXi 5.5 Patch 5 reissue 2718055.

  He was just going to remove the DLR and re-create it since it's a lab, but if it wasn't a lab I just want to know why it's a failure.

  After reading more carefully, I apparently missed a step in the upgrade (hosts). I suggest that whoever does the upgrade follows the upgrade guide in pubs located here: 6.2 NSX VMware vSphere Documentation Center

  • Manager of NSX upgrade to 6.2
  • Upgrade of the Cluster controller NSX to 6.2, check the status of cluster control
  • Upgrade the cluster hosts for NSX 6.2
  • 6.2 the NSX border upgrade
  • Guest Introspection to NSX 6.2 update
  • Remove the NSX data security and redeploy

  So I tried a lot of things to work myself back from that. I tried to upgrade the hosts but that didn't fly, esx-vxlan has been blocked to version 5.5.0 - 0.0.2691051. To return to a viable State in the end I had to nuke basically the GSS, logical switches, DLR, TZ, manually uninstall the NSX vibs and unsubscribe manager the NSX to vCenter in the cluster take-off of the State of "uninstall." From there, re - install the 5.5.0 - esx-vxlan 0.0.2983935 (6.2) vibs on the cluster worked OK, and I rebuilt the gateway routing and dashboard. So read before making anywhere near prod. : )

• (Strange) problem with X 3000 DHCP relay functionality

  Hello

  I have a home network consisting of a Linux box running dhcpd server, connected to the X 3000 wireless router, connected - in turn - to the Repeater RE1000 and - finally - a DHCP client computer.

  As I run my own DHCP server, I configured X 3000 to be a relay.

  I get a very strange behavior. Specifically, the DHCP client present a package DISCOVER, which happens on the server (via the relay or router), the server responds with a package OFFER for the relay, but then - bizarelly! -the relay or router sends the OFFER NO response to the client, but the server!

  Needless to say, in this case the client does not register with the network.

  I captured packets with wireshark running on the server, and you can find them here:

  http://DL.dropbox.com/u/13536552/Linksys-problem/captured-packets.txt

  Can someone shed some light on this?

  P.S. No Linksys has professional technical support online?

  I highly recommend to connect servers only ethernet cable. A wireless link is still an unreliable link and should not be used for essential services like dhcp servers.

  Some routers have issues with broadcast traffic after the first group key renewal. That could well be the X 3000 shows the same problem. The only thing you could do is to then call Linksys technical support...

• Help with DHCP relay

  I inherited a network with a dhcp/DC with two network cards, 1 for the data network and the other for the vlan voice.

  I know this is an unsupported configuration, and I want to get rid of the adapter for the vlan voice. I have to make sure that dhcp is working on the vlan voice.

  Network is made up of a stack of PowerConnect 70xx switces.

  My question is what must be configured on the stack. There are so many options... IP helper, relay DHCP, ect...

  If the switch is in mode Layer 2, then use l2relay DHCP commands. If it is in Layer 3 mode, then you use the controls to support IP. If in layer 3 mode make sure VLANS routing is turned on.

  Console #config

  Console (config) #ip Routing

  Console (config) #interface vlan 2

  Console (config-if-vlan2) #routing

  Console (config-if-vlan2) #exit

  Console (config) #interface vlan 3

  Console (config-if-vlan3) #routing

  Console (config-if-vlan3) #exit

  Console (config) #interface vlan 4

  Console (config-if-vlan4) #routing

  Console (config-if-vlan4) #end

  Hope this helps,

  Thank you.

• Several VLANS and DHCP relay on two stacked switch SGE2000-G5

  We were put to the task of securing a small desktop system managed that is currently set up with a standard switch for each of the offices (with different companies) to see each other and in some cases, access to each of the other documents on the network.

  Obviously, this is far from adequate set up and our goal is to isolate each office using VIRTUAL networks, but share a common internet connection provided by managed offices.  We have two switches for layer 3 Cisco SGE2000-G5, but we are new on Cisco equipment and VLAN, so we are not quite sure on how to implement this.  DHCP must be provided by a router, there is no server.  We are open to suggestions on the router as we still buy a.

  I hope that someone may be useful.

  Thank you very much

  Jim

  Hi Jim,.

  SGE2000 switches you are using must be able to handle this without issue. What type of router you are using? As long as you have a router that will take in charge VLAN / several subnets, it should be a simple configuration.

  Here's a quick run down of the measures to be implemented. (using vlan1 and vlan2)

  On the router, create a vlan / subnet 2 and set the port to connect to your shared resources with the two VLAN 1 and 2 switch. (it will be untagged, two will be marked)

  On the switch, create vlan2 and do the same for the port connected to the router. (vlan1 marked and tagged vlan2)

  Now for each switch port that you want to assign the port access and vlan1 and vlan2. (this vlan will be without a label)

  If your router allows, disable routing inter - vlan. If this isn't the case, you must create rules to block traffic from one network to the other.

  All this happens under the assumption that your router can support VLAN and can also make DHCP for this VLAN.

  Hope this information helps

• 2911 w/security - VPN with DHCP Relay to Win2K8, routing fail

  Hello

  I have a 2911 router and tries to terminate a VPN inside.

  I want to do this is before the DHCP request to a Server 2008 inside.

  I actually received this part to work.  But it seems to be, 2911 router is not set the VPN clients on a VLAN internal associated with the range of network, the DHCP server is to give.  Or all least, does not have a flow of information between the IP address of the VPN Client and the router itself.

  (washed config below)

  Example: VPN Client obtains the IP address of 10.101.55.10.  The router has a loop (or subinterface in my last iteration of the config) address of 10.101.55.1.

  And yet, when my VPN client connects, I am not able to ping to an IP that my router has.  I can ping myself (10.101.55.10), but I only ping the router in any way which.

  Does anyone have any ideas?

  -----

  Paste config

  -----

  !
  ! Last configuration change at 04:48:18 UTC Friday 25 March 2011 by x
  !
  version 15.0
  horodateurs service debug datetime msec
  Log service timestamps datetime msec
  encryption password service
  !
  host name x
  !
  boot-start-marker
  boot-end-marker
  !
  logging buffered 51200 warnings
  enable secret 5 x
  !
  AAA new-model
  !
  !
  AAA authentication login default local radius group
  AAA authentication login userauthen local
  AAA authorization groupauthor LAN
  !
  !
  !
  !
  !
  AAA - the id of the joint session
  !
  !
  !
  !
  No ipv6 cef
  IP source-route
  IP cef
  !
  !
  !
  !
  property intellectual name x
  !
  Authenticated MultiLink bundle-name Panel
  !
  !
  !
  Crypto pki trustpoint TP-self-signed-3088527431
  enrollment selfsigned
  name of the object cn = IOS - Self - signed - certificate - 3088527431
  revocation checking no
  rsakeypair TP-self-signed-3088527431
  !
  !
  TP-self-signed-3088527431 crypto pki certificate chain
  certificate self-signed 01
  3082024B 308201B 4 A0030201 02020101 300 D 0609 2A 864886 F70D0101 04050030
  2 060355 04031326 494F532D 53656 C 66 2 AND 536967 6E65642D 43657274 31312F30
  69666963 33303838 35323734 6174652D 3331301E 31393532 OF 30323236 170 3131
  31375A 17 0D 323030 31303130 30303030 305A 3031 06035504 03132649 312F302D
  4F532D53 5369676E 656C662D 43 65727469 66696361 74652 33 30383835 65642D
  32373433 3130819F 300 D 0609 2A 864886 01050003, 818, 0030, 81890281 F70D0101
  8100BB8B DCF74C9C 5068AF8B 17458225 C2C3702C 416CE391 6EA8991B D3CFFA1A
  62FCA661 566A30C5 2ADE1CBF 558335F9 E9811663 819FA2E9 BEEC77CD 768A 5829
  437E90FA 17F50DDE 94B52B67 96E1E8FC E4E7A12C 07E67582 342774 5 DF956CC8
  FAB6BA34 AB2D79B0 771D8D88 40FDDC34 9F5A0145 4A18B252 037DCDE1 8A114B84
  010001A 3 73307130 1 130101 FF040530 030101FF 301E0603 0F060355 0F190203
  551 1104 17301582 1341434 C 50475231 74657374 2E636F6D 301F0603 2E61636C
  551 2304 18301680 14929613 69D7A350 EA595EC1 C1520246 C00CAB37 A2301D06
  04160414 92961369 D7A350EA 595EC1C1 520246C 03551D0E 0 0CAB37A2 300 D 0609
  2A 864886 04050003 81810077 CBE5CA04 9D75B036 CF639BEC EFD03A3C F70D0101
  FB1390E6 5DC1DBF9 7311123D 9A 018140 2509EADC 9F03747E 3D12F993 BB69D424
  AEA4E0A6 75AF5209 4BD15BE0 92BDA0F1 C74245AF C41DB154 E443F8AD 3605EBE3
  F293D601 10 C 07520 FCB38B3E 6AC9AE74 AE9CB2A2 A80CED34 1FE185CF 24B1A689
  A9E1CF15 F3041A8E CE12C914 C53EEA
  quit smoking
  udi pid CISCO2911/K9 sn x license
  !
  !
  VTP version 2
  user name x
  !
  redundancy
  !
  !
  property intellectual ssh time 60
  property intellectual ssh version 2
  !
  !
  crypto ISAKMP policy 3
  BA 3des
  preshared authentication
  Group 2
  !
  crypto ISAKMP policy 5
  preshared authentication
  Group 2
  ISAKMP crypto key address 0.0.0.0 dmvpnkey 0.0.0.0
  ISAKMP crypto nat keepalive 20
  !
  the group x crypto isakmp client configuration
  x key
  DNS 10.0.0.6 10.0.0.3
  area x
  10.3.0.3 DHCP server
  GIADDR DHCP 10.101.55.1
  netmask 255.255.255.0
  !
  !
  Crypto ipsec transform-set esp-3des esp-sha-hmac VPNSET
  Crypto ipsec transform-set esp-3des esp-sha-hmac dmvpnset
  !
  Crypto ipsec profile dmvpnprof
  Set transform-set dmvpnset
  !
  !
  dynamic-map crypto vpn-dynmap 10
  game of transformation-VPNSET
  !
  !
  customer vpnclientmap of authentication crypto map list vpnusers
  card crypto isakmp authorization list groupauthor vpnclientmap
  client configuration address card crypto vpnclientmap answer
  vpnclientmap 10 card crypto-isakmp ipsec vpn Dynamics-dynmap
  !
  !
  !
  !
  !

  !
  !
  interface GigabitEthernet0/0
  Telus MPLS description
  IP 10.101.2.1 255.255.255.252
  IP virtual-reassembly
  Shutdown
  automatic duplex
  automatic speed
  !
  !
  interface GigabitEthernet0/1
  AllNorth hand VPN description
  DHCP IP address
  NAT outside IP
  IP virtual-reassembly
  automatic duplex
  automatic speed
  vpnclientmap card crypto
  !
  !
  interface GigabitEthernet0/2
  Description main trunk to LAN internal
  no ip address
  automatic duplex
  automatic speed
  !
  !
  interface GigabitEthernet0/2.4
  encapsulation dot1Q 4
  IP 10.101.4.1 255.255.255.0
  IP helper 10.3.0.3
  IP nat inside
  IP virtual-reassembly
  !
  interface GigabitEthernet0/2.10
  encapsulation dot1Q 10
  IP 10.101.10.1 255.255.255.0
  !
  interface GigabitEthernet0/2.50
  encapsulation dot1Q 50
  IP 10.101.50.1 255.255.255.0
  !
  interface GigabitEthernet0/2.55
  encapsulation dot1Q 55
  IP 10.101.55.1 255.255.255.0
  !
  interface GigabitEthernet0/2.99
  encapsulation dot1Q 99
  IP 10.101.99.1 255.255.255.0
  !
  interface FastEthernet0/0/0
  switchport access vlan 4
  !
  !
  interface FastEthernet0/0/1
  !
  !
  interface FastEthernet0/0/2
  switchport access vlan 10
  !
  !
  interface FastEthernet0/0/3
  switchport mode trunk
  !
  !
  interface Vlan1
  no ip address
  !
  !
  !
  Router eigrp 1
  Network 10.250.1.2 0.0.0.0
  !
  router ospf 100
  Log-adjacency-changes
  0.0.0.0 network 10.101.2.2 area 0
  !
  VPN IP local pool 10.151.56.1 10.151.56.20
  IP forward-Protocol ND
  !
  no ip address of the http server
  no ip http secure server
  !
  IP nat inside source nat route map - this interface GigabitEthernet0/1 overload
  IP route 10.3.0.0 255.255.255.0 10.101.4.2
  !
  allowed to access-list 23 x
  access-list 23 allow 10.0.0.0 0.255.255.255
  access-list 100 permit udp any host x eq isakmp
  access-list 100 permit esp any host x
  access-list 100 permit gre any x host
  access-list 100 permit tcp any host x eq telnet
  access-list 104. allow ip 10.101.4.0 0.0.0.255 any
  access-list 104. allow ip 10.101.55.0 0.0.0.255 any
  access-list 130 allow ip 10.0.0.0 0.255.255.255 10.101.55.0 0.0.0.255
  !
  !
  !
  !
  nat permit - this route map 10
  corresponds to the IP 104
  !
  !
  x SNMP-server community
  !
  control plan
  !
  !
  !
  Line con 0
  line to 0
  line vty 0 4
  access-class 23 in
  Synchronous recording
  transport input telnet ssh
  line vty 5 15
  access-class 23 in
  transport input telnet ssh
  !
  Scheduler allocate 20000 1000
  end

  Yes, it looks like you might have as a subnet of more large covered in your routing protocols internal hence set up 'reverse-road '.

  Good to hear it works now. Kindly, please mark this post as responded while others can learn from this post. Thank you.