Ontap 8.3 lif cannot ping gateway
Hi all, I have c-mode cluster with 1 node (DR filer). It's on subnet 172.16.230.0/24. Gateway is 172.16.230.1/24I created an intercluster LIF (172.16.230.35) to comm. with filer (production ) in another subnet. (10.1.198.0/24).I can ping 10.1.198.35. But I cannot ping the gateway 172.16.230.1 from the intercluster LIF on the DR-filer.I can also not ping from 10.1.198.35 (prod. filer) to 172.16.230.35 (dr filer) If I connect a laptop in the same subnet and give it 172.16.230.18, I can ping both ways. Thus, ping to 10.1.198.35, 172.16.230.1 and vice versa. Just as expected. So routing seems correct. BUT, if i ping from the laptop to the LIF (172.16.230.35) of the filer, I have no response, altough it's on the same subnet. So it looks like 'something' is preventing the LIF on the Dr-filer to respond to the ping(?) I spend hours of searching the internet but I'm completly lost now. If somebody could give me only a direction to search in, it would be great! Thanks!
Solved! Weird cabling issue... :-(
Similar Messages
-
Guest VLAN cannot ping gateway
Hi Sir,
I have an issue wherein my guest vlan cannot ping its gateway thus it cant go through the web auth page. I have been given an ip address with corresponding gateway, subnet and dns for the guest vlan. I have allowed all the vlans in the trunk port for wlc and ap connection.
wat do you think is the problem? hope you could help on this.
thanks.
Regards,
NeriHi Neri
The way this should work is that the client connects to the guest network and gets an IP address from DHCP. The DHCP configuration should include the default gateway and must include a DNS address.
When the client opens a web browser the browser tries to connect to the configured home page. This means that a DNS lookup is sent out and the controller intercepts it and forwards it on. Providing there is a response from the DNS server the controller will cause the client browser to re-direct to the web authentication login page.
It is therefore essential that the controller can see the DNS server. Forget the PING for now - DNS is a must. You can prove the rest of the system by ensuring the guest client has an IP address. Open the client browser and try and connect to http://1.1.1.1 (assuming your virtual interface on the controller is 1.1.1.1). If you get re-directed to the web authentication login page then the issue is a DNS issue.
Regards
Roger -
hi,
i have wlc directly connected to core switch in same subnet and same vlan,
core switch connected to othe edege switches and APs connected to them.
I cannot ping wlc from core switch, i dont know how but connected APs are working fine
and users are also able to browse.
Pls suggest on this/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}
(Cisco Controller) >show interface detailed management
Interface Name................................... management
MAC Address...................................... 88:43:e1:31:19:8b
IP Address....................................... 172.16.10.2
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 172.16.10.253
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Active Physical Port............................. LAG (29)
Primary Physical Port............................ LAG (29)
Backup Physical Port............................. Unconfigured
Primary DHCP Server.............................. 10.5.5.1
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
L2 Multicast..................................... Enabled
core#show mac-address address 88:43:e1:31:19:8b
Unicast Entries
vlan mac address type protocols port
-------+---------------+--------+---------------------+--------------------
4001 8843.e131.198b dynamic ip GigabitEthernet5/5 -
Cannot ping gateway once RE is plugged in?
setup utility didn't work, so i configured it manually.
set the same SSID as my wireless network, same channel, and setup the same WEP security as well. left the static IP the same, and made the gateway my router (192.168.1.1).
when i plug in the RE, signal boosts up as it should, but i lose network connectivity and can't ping the gateway. i can still ping the RE, but nothing else. this computer was set to a static address, so i put back to DHCP and rebooted. It picked up a valid IP, but still couldn't ping the gateway?!?
should've already known that linksys products can be extremely frustrating, but help me out!!
thankstry and change change few settings under the advanced wireless settings on router .....reduce the beacon to 50, reduce the RTS and fragmentation by 40 each....
Also verify that you are using the latest firmware on the router and RE... -
Linksys E1000 cannot ping gateway unless I unplug/replug WAN
I have been using this router for the last six months and never had a single problem. Then yesterday out of nowhere internet stopped working and I was not able ping my ISP gateway (both wired and wireless) [Received: Destination host not reachable on both Windows Vista / 7]. Rebooted the router but still no luck. Unplugged / Replugged the net connection from the WAN port and then finally ping was successful.
Now the weird this is every time I power on the router the Internet does not work and ISP Gateway seems not reachable, but if I unplug/replug the WAN connection the ping reply starts and internet works without any problem.
I have updated the firmware to the latest version (2.1.02 build 5May 6, 2011), disabled SPI firewall and tried changing the MTU value but still no luck.
Another unusual thing I have noticed is that during the router boot up the WAN port LED blinks a lot faster than usual. After I unplug/replug the wan connection the blinking rate seems to be normal.My ISP Gateway uses a completely different IP address 172.16.x.x, while my router has the default IP setup 192.168.1.1. The thing is I am able to ping the router IP, but not the ISP Gateway IP unless I unplug/replug WAN.
I googled around quite a bit yesterday and found that others have also had similar problem.
http://homecommunity.cisco.com/t5/Wireless-Routers/Power-Outage-Linksys-E1000-router-lights-blinking... -
I can SSH from the outside but cannot ping ISP gateway from 2911
Hello all,
I came across a rather strange issue. I am able to SSH to the device from my home but while I am consoled in, I cannot ping the ISP gateway or any other IP's. As expected, all trace-routes fail without hitting the gateway as the first hop. I have been reading about the NVI0 interface and I decided to use it. Most of the sample cofigs on here use the "old" ip nat inside / outside on the appropriate interfaces. What do you guys suggest?
Here is the running config. It is rather simple since i did not add all the access-lists except the ones I thought necessary to test the circuit. Please point out any mistakes or errors. Thanks in advance!
Current configuration : 1679 bytes
! Last configuration change at 04:05:17 UTC Fri Sep 12 2014
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname StandbyGZ-2911
boot-start-marker
boot-end-marker
enable secret 5 $1$BRaM$igChPMXLeHjgYR7EGk/Nb/
no aaa new-model
no ipv6 cef
no ip source-route
ip cef
no ip domain lookup
ip domain name StandbyGZ.local
ip name-server 211.136.20.203
ip name-server 211.139.136.68
multilink bundle-name authenticated
license udi pid CISCO2911/K9 sn FGL174410H9
username StandbyGZ secret 5 $1$CXWC$m6kqTGbf0HDLCvkfU7.RA/
ip ssh version 2
interface GigabitEthernet0/0
no ip address
shutdown
duplex auto
speed auto
interface GigabitEthernet0/1
description UPLINK TO CHINA MOBILE
ip address 183.x.x.x 255.255.255.128
ip access-group REMOTE-ADMIN-ACL in
no ip redirects
ip nat enable
duplex auto
speed auto
interface GigabitEthernet0/2
description CONNECTION TO LAN SWITCH 3650-CORE
ip address 10.10.1.254 255.255.254.0
no ip redirects
ip nat enable
duplex auto
speed auto
ip forward-protocol nd
no ip http server
no ip http secure-server
ip nat source list LAN-NAT-ACL interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 183.x.x.x
ip access-list standard LAN-NAT-ACL
permit 10.10.0.0 0.0.1.255
ip access-list extended REMOTE-ADMIN-ACL
permit tcp host 68.107.195.213 any eq 22 log
control-plane
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
transport input ssh
transport output ssh
scheduler allocate 20000 1000
end
StandbyGZ-2911# sh ip int br
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/1 183.x.x.x YES NVRAM up up
GigabitEthernet0/2 10.10.1.254 YES NVRAM up up
NVI0 183.x.x.x YES unset up up
StandbyGZ-2911#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is 183.233.184.129 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 183.233.184.129
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.10.0.0/23 is directly connected, GigabitEthernet0/2
L 10.10.1.254/32 is directly connected, GigabitEthernet0/2
183.233.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 183.x.x.x/25 is directly connected, GigabitEthernet0/1
L 183.x.x.x/32 is directly connected, GigabitEthernet0/1Hi Chris,
That is what how I am used to configure the NAT, but IOS 12.3 and on introduced interface NVI0, which according to cisco documentation should make applying the NAT statements "easier". IP nat enable has to be enabled on all interfaces and then NVI0 makes the "inside" and "outside" decisions. I was hoping that someone could clarify the real use of that NVI0 interface and if it causes problems. Apparently it cannot be removed from the config. -
Hi
Network:
One firewall where the IP address is the gateway for all the internal computers and server
From one if the internal computers I can ping the the gateway
From the server I can ping all the internal computers but I cannot ping the gateway
On the server I can ping:
- 127.0.0.1,
- the IP address on the server
- All the internal computers
A hint would be nice
Best Regards
John BArp -a
Interface: 10.0.0.2 on Interface 0x1000003
Internet Address Physical Address Type
10.0.0.1 10-7b-ef-3a-58-09 dynamic
10.0.0.26 00-01-e6-b4-e1-fe dynamic
Ipconfig /all
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : krogh01
Primary DNS Suffix . . . . . . . : Krogh.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Krogh.local
Ethernet adapter Inside:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-0B-CD-1C-7C-D9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 10.0.0.2
212.242.40.3
212.242.40.51
Ping 10.0.0.1
Pinging 10.0.0.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 10.0.0.1:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Ping 10.0.0.26
Pinging 10.0.0.26 with 32 bytes of data:
Reply from 10.0.0.26: bytes=32 time=1ms TTL=64
Reply from 10.0.0.26: bytes=32 time<10ms TTL=64
Reply from 10.0.0.26: bytes=32 time<10ms TTL=64
Reply from 10.0.0.26: bytes=32 time<10ms TTL=64
Ping statistics for 10.0.0.26:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
I can ping every computer on internal network without any problems, it is only the gateway I have problem with.
I have now made a ping session from a computer on the internal network:
Microsoft Windows [version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Alle rettigheder forbeholdes.
C:\Users\lh>ipconfig /all
Windows IP-konfiguration
Værtsnavn. . . . . . . . . . . . . . . . . . : NUC-lone
Primært DNS-suffiks. . . . . . . . . . . . . : Krogh.local
Nodetype . . . . . . . . . . . . . . . . . . : Hybrid
IP-routing aktiveret . . . . . . . . . . . . : Nej
WINS-proxy aktiveret . . . . . . . . . . . . : Nej
Søgeliste for DNS-suffiks. . . . . . . . . . : Krogh.local
Ethernet-netværkskort LAN-forbindelse:
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Intel(R) Ethernet Connection I
218-V
Fysisk adresse . . . . . . . . . . . . . . . : C0-3F-D5-61-7A-3A
DHCP aktiveret . . . . . . . . . . . . . . . : Ja
Automatisk konfiguration aktiveret . . . . . : Ja
Link-local-IPv6-adresse . . . . . : fe80::5c7a:dcbe:f8:7de7%11(Foretrukken)
IPv4-adresse . . . . . . . . . . . . . . . . : 10.0.0.113(Foretrukken)
Undernetmaske. . . . . . . . . . . . . . . . : 255.255.255.0
Rettigheden opnået . . . . . . . . . . . . . : 12. december 2014 03:15:59
Rettigheden udløber. . . . . . . . . . . . . : 19. december 2014 08:05:30
Standardgateway. . . . . . . . . . . . . . . : 10.0.0.1
DHCP-server. . . . . . . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 247480277
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-40-6D-C9-C0-3F-D5-61-7A-3A
DNS-servere. . . . . . . . . . . . . . . . . : 10.0.0.2
212.242.40.3
212.242.40.51
NetBIOS over Tcpip . . . . . . . . . . . . . : Aktiveret
Tunnel-netværkskort isatap.{B46FAFD6-A60A-48D9-967D-4081FAE7F6AE}:
Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netværkskort
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja
Tunnel-netværkskort Teredo Tunneling Pseudo-Interface:
Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interf
ace
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja
C:\Users\lh>ping 10.0.0.1
Pinger 10.0.0.1 med 32 byte data:
Svar fra 10.0.0.1: byte=32 tid=1ms TTL=64
Svar fra 10.0.0.1: byte=32 tid=1ms TTL=64
Svar fra 10.0.0.1: byte=32 tid=1ms TTL=64
Svar fra 10.0.0.1: byte=32 tid=1ms TTL=64
Ping-statistikker for 10.0.0.1:
Pakker: Sendt = 4, modtaget = 4, tabt = 0 (0% tab),
Beregnet tid for rundtur i millisekunder:
Minimum = 1ms, Maksimum = 1ms, Gennemsnitlig = 1ms
C:\Users\lh>
A hint would be nice :-)
Best Regards
John B -
Clients cannot ping the default gateway when connected to SSID
Here is my environment,
My controller is vWLC installed in ESXi which has to vNet Cards configured with all vlans(4095), then it is connected to a 3560 switch with trunk. The configuration of the switch interface is as belows:
LS3560CG#sh run int fa0/1
Building configuration...
Current configuration : 138 bytes
interface FastEthernet0/1
description To_WLC
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
end
The IP of management interface of WLC is 10.10.10.90, VLAN is 10, DHCP primary is 10.10.10.1 which is in the 3560, the DHCP pool is configured as blows:
LS3560CG#sh run int fa0/1
Building configuration...
Current configuration : 138 bytes
interface FastEthernet0/1
description To_WLC
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
end
The SSID is BYOD and I can connect the SSID and get the IP address such as 10.10.10.118/24, but for now, i cannot ping 10.10.10.1, but i can ping 10.10.10.90:
Can anyone help me with this? ThanksHi Scott
Correct! I have resolved this a few minutes earlier. I have assigned the vSwitch to Promiscuous Mode but forgot to switch it to "Accept", the default value is "Reject"
Thanks so much! -
Cisco 1941 Router-on-a-Stick w/ 11VLANs trunked to a Cisco 2960: From the Switch I can Ping a device in another VLAN, that device cannot ping back. Some devices can ping devices in other VLANs and the device in the other VLAN can successfully return the Ping. Have a look at the attached diagram.
Router Config:
show run
Building configuration...
Current configuration : 7224 bytes
! Last configuration change at 09:05:48 EDT Wed Aug 6 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname ROUTER
boot-start-marker
boot-end-marker
no aaa new-model
clock timezone EDT -8 0
ip cef
ip name-server 8.8.8.8
no ipv6 cef
multilink bundle-name authenticated
license udi pid CISCO1941/K9
object-group network Net_Obj_Group1
description This network group allows all 10.0.0.0 and Email Forwarder server through to the Plt PCs
205.191.0.0 255.255.0.0
10.0.0.0 255.0.0.0
object-group network Net_Obj_Group2
description This Network Group includes the Host IPs allowed through the Plant Router
host 10.194.28.23
host 10.194.28.25
host 10.194.28.26
host 10.194.28.27
host 10.194.28.28
host 10.194.28.29
host 10.194.28.37
host 10.194.28.39
host 10.194.28.40
host 10.194.28.70
host 10.194.28.130
host 10.194.28.131
host 10.194.28.132
host 10.194.28.133
host 10.194.28.134
host 10.194.28.135
host 10.194.28.136
host 10.194.28.137
host 10.194.28.138
host 10.194.28.139
host 10.194.28.140
host 10.194.28.141
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description Port Ge0/0 to IT Enterprise network Switch GE1/0/38
ip address 10.194.28.111 255.255.255.0
ip access-group 105 in
ip access-group 106 out
ip nat outside
ip virtual-reassembly in
shutdown
duplex full
speed auto
no mop enabled
interface GigabitEthernet0/1
description Port to Plant PCN-K/L24 Sw1 Port 0/24
no ip address
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1.102
description Port to VLAN 102
encapsulation dot1Q 102
ip address 192.168.102.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.104
description Port to VLAN 104
encapsulation dot1Q 104
ip address 192.168.104.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.105
description Port to VLAN 105
encapsulation dot1Q 105
ip address 192.168.105.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.106
description Port to VLAN 106
encapsulation dot1Q 106
ip address 192.168.106.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.107
description Port to VLAN 107
encapsulation dot1Q 107
ip address 192.168.107.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.111
description Port to VLAN 111
encapsulation dot1Q 111
ip address 192.168.111.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.117
description Port to VLAN 117
encapsulation dot1Q 117
ip address 192.168.117.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.121
description Port to VLAN 121
encapsulation dot1Q 121
ip address 192.168.121.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.125
description Port to VLAN 125
encapsulation dot1Q 125
ip address 192.168.125.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.150
description Port to to VLAN 150
encapsulation dot1Q 150
ip address 192.168.150.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.999
description Port to VLAN 999
encapsulation dot1Q 999
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip forward-protocol nd
ip http server
no ip http secure-server
ip nat inside source static 192.168.102.201 10.194.28.23
ip nat inside source static 192.168.121.201 10.194.28.25
ip nat inside source static 192.168.106.251 10.194.28.26
ip nat inside source static 192.168.107.245 10.194.28.27
ip nat inside source static 192.168.102.251 10.194.28.28
ip nat inside source static 192.168.150.201 10.194.28.29
ip nat inside source static 192.168.107.179 10.194.28.37
ip nat inside source static 192.168.111.201 10.194.28.39
ip nat inside source static 192.168.105.201 10.194.28.40
ip nat inside source static 192.168.106.21 10.194.28.70
ip nat inside source static 192.168.107.146 10.194.28.130
ip nat inside source static 192.168.107.156 10.194.28.131
ip nat inside source static 192.168.107.161 10.194.28.132
ip nat inside source static 192.168.107.181 10.194.28.133
ip nat inside source static 192.168.107.191 10.194.28.134
ip nat inside source static 192.168.106.202 10.194.28.135
ip nat inside source static 192.168.106.212 10.194.28.136
ip nat inside source static 192.168.117.190 10.194.28.137
ip nat inside source static 192.168.117.100 10.194.28.138
ip nat inside source static 192.168.106.242 10.194.28.139
ip nat inside source static 192.168.125.100 10.194.28.140
ip nat inside source static 192.168.125.99 10.194.28.141
ip nat outside source static 10.194.28.23 10.194.28.23
ip nat outside source static 10.194.28.25 10.194.28.25
ip nat outside source static 10.194.28.26 10.194.28.26
ip nat outside source static 10.194.28.27 10.194.28.27
ip nat outside source static 10.194.28.28 10.194.28.28
ip nat outside source static 10.194.28.29 10.194.28.29
ip nat outside source static 10.194.28.37 10.194.28.37
ip nat outside source static 10.194.28.39 10.194.28.39
ip nat outside source static 10.194.28.40 10.194.28.40
ip nat outside source static 10.194.28.70 10.194.28.70
ip nat outside source static 10.194.28.130 10.194.28.130
ip nat outside source static 10.194.28.131 10.194.28.131
ip nat outside source static 10.194.28.132 10.194.28.132
ip nat outside source static 10.194.28.133 10.194.28.133
ip nat outside source static 10.194.28.134 10.194.28.134
ip nat outside source static 10.194.28.135 10.194.28.135
ip nat outside source static 10.194.28.136 10.194.28.136
ip nat outside source static 10.194.28.137 10.194.28.137
ip nat outside source static 10.194.28.138 10.194.28.138
ip nat outside source static 10.194.28.139 10.194.28.139
ip nat outside source static 10.194.28.140 10.194.28.140
ip nat outside source static 10.194.28.141 10.194.28.141
ip route 0.0.0.0 0.0.0.0 10.194.28.1
access-list 105 permit ip object-group Net_Obj_Group1 object-group Net_Obj_Group2
access-list 106 permit ip object-group Net_Obj_Group2 object-group Net_Obj_Group1
dialer-list 1 protocol ip permit
control-plane
banner login ^CC
Login banner for Plant Router #01^C
banner motd ^CC
MOTD Banner for Plant Router^C
line con 0
password XXXXXXXXX
logging synchronous
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password XXXXXXXXX
logging synchronous
login
transport input all
scheduler allocate 20000 1000
ntp server 10.199.100.92
end
Switch Config:
sh ru
Building configuration...
Current configuration : 6513 bytes
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime localtime show-timezone
service password-encryption
hostname K24Sw01
boot-start-marker
boot-end-marker
no aaa new-model
clock timezone EDT -5
clock summer-time EDT recurring
udld aggressive
crypto pki trustpoint TP-self-signed-593746944
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-593746944
revocation-check none
rsakeypair TP-self-signed-593746944
4B58BCE9 44
quit
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
interface FastEthernet0
no ip address
interface GigabitEthernet0/1
description Trunk port for vlans 105, 111, 125 and 999 from K24Sw01 port Ge0/1 to P22Sw01 port Ge0/24
switchport trunk allowed vlan 105,111,125,999
switchport mode trunk
interface GigabitEthernet0/2
description Trunk port for vlans 150 and 999 from K24Sw01 port Ge0/2 to N25Sw01 port Ge0/26
switchport trunk allowed vlan 150,999
switchport mode trunk
interface GigabitEthernet0/3
description Trunk port for vlans 102, 104, 106, 107, 117 and 999 from K24Sw01 port Ge0/3 to K28Sw01 port Ge0/26
switchport trunk allowed vlan 102,104,106,107,117,999
switchport mode trunk
interface GigabitEthernet0/4
description Trunk port for vlans 102, 106, 107 and 999 from K24Sw01 port Ge0/4 to H23Sw01 port Ge0/26
switchport trunk allowed vlan 102,106,107,999
switchport mode trunk
interface GigabitEthernet0/5
description Trunk port for vlans 121, 125 and 999 from K24Sw01 port Ge0/5 to M21Sw01 port Ge0/24
switchport trunk allowed vlan 121,125,999
switchport mode trunk
interface GigabitEthernet0/6
description OPEN
spanning-tree portfast
interface GigabitEthernet0/7
description OPEN
spanning-tree portfast
interface GigabitEthernet0/8
description OPEN
spanning-tree portfast
interface GigabitEthernet0/9
description OPEN
spanning-tree portfast
interface GigabitEthernet0/10
description VLan 102 access port
switchport access vlan 102
spanning-tree portfast
interface GigabitEthernet0/11
description - VLan 104 access port
switchport access vlan 104
spanning-tree portfast
interface GigabitEthernet0/12
description - VLan 105 access port
switchport access vlan 105
spanning-tree portfast
interface GigabitEthernet0/13
description - VLan 106 access port
switchport access vlan 106
spanning-tree portfast
interface GigabitEthernet0/14
description - VLan 107 access port
switchport access vlan 107
spanning-tree portfast
interface GigabitEthernet0/15
description - VLan 111 access port
switchport access vlan 111
spanning-tree portfast
interface GigabitEthernet0/16
description - VLan 117 access port
switchport access vlan 117
spanning-tree portfast
interface GigabitEthernet0/17
description - VLan 121 access port
switchport access vlan 121
spanning-tree portfast
interface GigabitEthernet0/18
description - VLan 125 access port
switchport access vlan 125
spanning-tree portfast
interface GigabitEthernet0/19
description - VLan 150 access port
switchport access vlan 150
spanning-tree portfast
interface GigabitEthernet0/20
description - VLan 999 access port
switchport access vlan 999
spanning-tree portfast
interface GigabitEthernet0/21
description OPEN
spanning-tree portfast
interface GigabitEthernet0/22
description OPEN
spanning-tree portfast
interface GigabitEthernet0/23
description OPEN
spanning-tree portfast
interface GigabitEthernet0/24
description From ROUTER Gw ge0/1
switchport trunk allowed vlan 102,104-107,111,117,121,125,150,999
switchport mode trunk
interface GigabitEthernet0/25
interface GigabitEthernet0/26
interface Vlan1
no ip address
no ip route-cache
shutdown
interface Vlan102
ip address 192.168.102.253 255.255.255.0
interface Vlan104
no ip address
no ip route-cache
interface Vlan105
no ip address
no ip route-cache
interface Vlan106
no ip address
no ip route-cache
interface Vlan107
no ip address
no ip route-cache
interface Vlan111
no ip address
no ip route-cache
interface Vlan117
no ip address
no ip route-cache
interface Vlan121
no ip address
no ip route-cache
interface Vlan125
no ip address
no ip route-cache
interface Vlan150
no ip address
no ip route-cache
interface Vlan999
no ip address
no ip route-cache
ip default-gateway 192.168.102.1
ip http server
ip http secure-server
snmp-server engineID local 00000009020000019634C2C0
snmp-server community public RO
snmp-server location
snmp-server contact
banner motd ^CCC ADMIN USE ONLY! ^C
line con 0
session-timeout 10
password xxxxxx
logging synchronous
login
stopbits 1
line vty 0 4
session-timeout 10
password xxxxxxx
login
line vty 5 15
session-timeout 10
password xxxxxxxx
login
ntp server 10.199.100.92
end
K24Sw01#HI Mark,
Here is the my config:
Create sub-interfaces, set 802.1Q trunking protocol and ip address on each sub-interface
Router(config)#interface f0/0
Router(config-if)#no shutdown
(Note: The main interface f0/0 doesn’t need an IP address but it must be turned on)
Router(config)#interface f0/0.10
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
Router(config-subif)#interface f0/0.20
Router(config-subif)#encapsulation dot11 20
Router(config-subif)#ip address 192.168.20.1 255.255.255.0
(Note: In the “encapsulation dot1q 10″ command, 10 is the VLAN ID this interface operates in)
Configure VLAN
Switch(config)#vlan 10
Switch(config-vlan)#name SALES
Switch(config-vlan)#vlan 20
Switch(config-vlan)#name TECH
Set ports to access mode & assign ports to VLAN
Switch(config)#interface range fa0/1
Switch(config-if)#no shutdown
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 15
Switch(config-if)#interface range fa0/3
Switch(config-if)#no shutdown
Switch(config-if)#switchport mode access
Switch(config-if)# switchport access vlan 20
Switch(config-if)#interface range fa0/5
Switch(config-if)#no shutdown
Switch(config-if)#switchport mode trunk
1. Please check all your port are up.
2. Check the config once again.
3. Make sure the swicth and router connection port configured as trunk and it should be up.
This config is working for me,
Regards
Dont forget to rate helpful posts. -
Cannot ping/telnet/ssh to GigabitEthernet interface of Cisco AP2602
I have a Cisco 2602 (ios ver 15.0)
I can connect trough it's SSID normally but I can't access to the AP itself. From the AP cannot ping to gateway, even though the AP can be seen on cdp from the switch.
But my other AP Cisco 1140 (ios 12.4) can be accessed with the same configuration on the switch (switchport mode trunk, allowed vlan 1 & 2)
vlan 1 is for user, vlan 2 for management...
Below is the configuration of the gigabitethernet interface of the AP 2602
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface GigabitEthernet0.2
encapsulation dot1Q 2
ip address 10.32.2.98 255.255.255.0
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
interface BVI1
no ip address
no ip route-cache
ip default-gateway 10.32.2.1
please helpWith autonomous access point, the management has to be the native vlan. The issue is that your vlan 1 is native and that is for users, but your management is on vlan 2 which is management. This will not work as it is a requirement to keep management on a native vlan. You would have to move the users to a different vlan since vlan 1 is typically tagged so that you can define on the trunk port on the switch that vlan 2 is native.
-Scott -
Solaris 10 on M4000 sparc bge link down cannot ping to other
Hi all,
I setup solaris 10 on sun M4000 sparc server, every thing is good when install complete I cannot ping to Gateway from Solaris 10 OS, but on XSCF console I can ping to gateway
SPARCM4000# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
bge1: flags=1000803<UP,BROADCAST,MULTICAST,IPv4> mtu 1500 index 2
inet 172.16.3.235 netmask ffffff00 broadcast 172.16.3.255
ether 0:14:4f:3a:7b:5a
sppp0: flags=10010008d1<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST,IPv4,FIXEDMTU> mtu 1500 index 3
inet 192.168.224.2 --> 192.168.224.1 netmask ffffff00
ether 0:0:0:0:0:0
SPARCM4000#
Any body can help me?Thanks for quick reply
I've checked already all cables are connected and LEDs light ok, but I don't know whats wrong with M4000 box, Or on XSCF have any command to enables Ethernet cards?
for my XSCF LAN config is :
XSCF> shownetwork -a
xscf#0-lan#0
Link encap:Ethernet HWaddr 00:21:28:6E:88:10
inet addr:10.0.19.235 Bcast:10.0.19.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:62549 errors:0 dropped:0 overruns:0 frame:0
TX packets:2201 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5459443 (5.2 MiB) TX bytes:334404 (326.5 KiB)
Base address:0xe000
xscf#0-lan#1
Link encap:Ethernet HWaddr 00:21:28:6E:88:11
inet addr:172.16.3.223 Bcast:172.16.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12616 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1092370 (1.0 MiB) TX bytes:492 (492.0 B)
Base address:0xc000
XSCF> showroute -a
Destination Gateway Netmask Flags Interface
172.16.3.0 * 255.255.255.0 U xscf#0-lan#1
10.0.19.0 * 255.255.255.0 U xscf#0-lan#0
default 10.0.19.1 0.0.0.0 UG xscf#0-lan#0
Regards
Edited by: 986418 on Feb 7, 2013 5:18 PM -
WRT610N to TP-LINK SWITCH cannot ping printer on switch
I hope you can tell me what I have done wrong.
dslmodem ---> wrt610N ---->TP-LINK(5port) ---- HP 2600N printer, another to IOmega HD
I cannot see either the printer nor the HD. I cannot ping them.
The cables from the TP to the printer are blue, CAT5 cables. Does blue mean twisted pair?
The HP and IOmega have static IP addresses at 192.168.1.2 and 192.168.1.3 each.
The DHCP settings on the router allocate DHCP from 100-254 to avoid conflicts.
The firewall on the WRT610N is disabled.
Physical limitations permit only one CAT5 cable to the TPLINK box.
If I avoid the box and do this;
dslmodem ---> wrt610N ---->HP 2600N printer
I can ping it from both a Windows 7 and/or XP machine.
However, with the switch in place, I cannot ping it from the router nor any PC's connected to it. The PCs can ping each other.
Could someone please tell me what I am doing wrong?
Thank you in advance.The device is a TPLINK TL-SF1005D unmanaged 5 port switch. No visible settings or buttons.
The address handed out on other side of the TPLINK is 169.254.138.233
My network is 192.168.1.*
Hmm. This does not bode well.
Should I set up a routing table entry to talk to this switch?
The wire from the router is hooked to port 1 on the switch. Should it not pick up the right submask, entry from the router?
Thanks for all your help?
------------------------------------DUMP------------------------------------------------------
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\abbu>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : abbu-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ether
net Controller
Physical Address. . . . . . . . . : 54-42-49-02-CA-BC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d08e:934c:6554:8ae9%12(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.138.233(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 385885374
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-32-51-44-54-42-49-02-CA-BC
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 2C-81-58-FD-87-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.lan:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{6DD0B22D-C026-4940-9700-1362E8BA5673}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\abbu> -
Cannot ping RRAS Client from RRAS server.
I have recently created an RRAS pptp connection for an outside network. The RRAS client connects fine and can ping the RRAS server and every device on the RRAS servers local network. The RRAS server cannot ping the remote pptp client nor can any device on
the RRAS servers local network. RRAS is configured to be within the same subnet as the RRAS servers local network. On connection it pulls from a static IP pool.
Any help is truly appreciatedThe server is behind a nat device and for testing purposes i have disabled the firewall on both devices. Also I am having an issue where the pptp connection just stops accepting and sending data to the rras server but if you look at the active connections
the client never disconnects. I have attached ipconfig information
CLIENT
Windows IP Configuration
Host Name . . . . . . . . . . . . : Fellows-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
PPP adapter Welsh:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Welsh
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 172.16.128.66(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : BC-5F-F4-75-C5-AD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5418:aba9:4af2:1e12%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, March 26, 2014 8:35:58 AM
Lease Expires . . . . . . . . . . : Saturday, March 29, 2014 8:35:58 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 247226356
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-C3-16-85-BC-5F-F4-75-C5-AD
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{DF8CAC0D-588D-495A-9185-78C9992DC12F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:1c88:1312:b8c2:97a9(Pref
erred)
Link-local IPv6 Address . . . . . : fe80::1c88:1312:b8c2:97a9%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.{D8973397-8880-4110-A7F9-4D1F6A1C2E8C}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
SERVER
Windows IP Configuration
Host Name . . . . . . . . . . . . : IMS
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.16.128.65
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
VBD Client)
Physical Address. . . . . . . . . : 00-10-18-8D-BC-42
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
VBD Client) #2
Physical Address. . . . . . . . . : 00-10-18-8D-BC-40
Ethernet adapter Local Area Connection 4:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
VBD Client)
Physical Address. . . . . . . . . : 84-2B-2B-68-6A-FA
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
VBD Client) #2
Physical Address. . . . . . . . . : 84-2B-2B-68-6A-F9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.16.128.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.128.254
DNS Servers . . . . . . . . . . . : 172.16.128.254
75.75.75.75
NetBIOS over Tcpip. . . . . . . . : Disabled -
Cannot ping or telnet to new 2948G switch
I just installed a new 2948G switch and assigned the me1 interface an IP address... it's working fine (except for a small blip yesterday due to a duplicate IP address - oops)
I cannot ping the switch's IP address, nor can I telnet to it from the same subnet. if I console into the switch, i cannot ping anything FROM the switch. If I issue a "show arp" command I get NOTHING.
this doesn't make any sense. The switch is running CatOS4000.make sure the default gateway is correct . Also you cannot have both the SC0 interface and the ME1 interface active at the same time and the Sc0 is the active one by default because that is what most people use . Shutdown the SC0 interface if it is still active and make sure the ME is up . "set interface sc0 down" . A show interface command will show you the status of both these interfaces. "set int me1 up"
Also by using the me1 interface you are limiting the switch ,below is a little blurb out of the catos config guide.
The in-band (sc0) management interface is connected to the switching fabric and participates in all of the functions of a normal switch port, such as spanning tree, Cisco Discovery Protocol (CDP), and VLAN membership. The out-of-band management interfaces (me1 and sl0) are not connected to the switching fabric and do not participate in any of these functions. -
Cannot ping loopback - revisited
I don't really understand why the answer to the question worked before, but I have an almost identical problem. Here's the old discussion:
https://supportforums.cisco.com/discussion/11563226/cannot-ping-loopback
I can't ping the loopback on a Catalyst 2960.
I have a VLAN 33 on a 10.0.33.0 subnet. This is being routed over an 881 using an SVI (with 10.0.33.1) on the back side. I looked for the pings in Wireshark, but to my surprise they didn't exist! Then I captured again to see why I missed them, and subsequently discovered that the ARPs aren't being replied to by the loopback.
But this I don't think I understand. If the loopback IP address in on the same subnet as that assigned to the VLAN on the port coming into the switch, wouldn't it just switch the traffic over to the loopback interface? Why won't it answer the ARP request?
So then the other problem will be... If I don't use the same subnet for the loopback, how do I manage the switch via telnet/ssh over the network? It seemed like according to the other discussion, there would have to be some kind of other subnet for the loopback interface than what was already being advertised by the router for the VLAN SVI -- do I get that correctly?
Any ideas?Jeremy,
But then, if I do want to create a management VLAN for the express purpose of being able to manage the L2 devices via telnet/ssh, they need to have an IP address and that needs to be on the loopback interface, right?
No. The address will be assigned to the interface Vlan you create for the particular management VLAN. Assume 4 switches in your network, connected together via trunks. Let's say you have decided to have VLAN 1000 as your management VLAN. So each of your switches would then be configured as follows:
vlan 1000
name Management
interface Vlan1
shutdown
interface Vlan1000
ip address 10.255.255.<SwitchNumber> 255.255.255.0
no shutdown
ip default-gateway 10.255.255.254
This simple example assumes that all switches are already connected together via trunks so that VLAN 1000 can span all of them. Then, the interface Vlan (SVI) for VLAN 1 is shutdown, as the VLAN 1 is not going to be your management VLAN anymore, and instead, a SVI for VLAN 1000 is created and an IP address is assigned to it. Finally, each switch has its default gateway out of its management VLAN configured - assuming the router that also must be connected to the VLAN 1000 has its IP address 10.255.255.254.
As you your numbered sequence:
Correct.
Correct; be aware that you do not assign SVIs to VLANs. SVI is by its very definition associated with its (and only its) VLAN; e.g. interface Vlan 123 is automatically associated with VLAN 123 and can never, ever, be associated with any other VLAN
Correct.
Incorrect. Once the SVI has its IP address assigned, why would you want to put the address on some other interface? Loopback interfaces are mostly usable on routers which have many IP addresses so that the loopback interface can be used as a single IP for the entire router. However, Layer2 switches normally have only one IP address and that one is already enough for management purposes. There is no benefit gained by using loopback interfaces on Layer2 switches.
Regarding reading about management VLANs - I suppose that googling for it will produce myriads of results. Check out this one, for example:
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-management-vlan-interface
Best regards,
Peter
Maybe you are looking for
-
Wrong heatsink for my Pavilion P6180T?
Hello, I have a HP Pavilion P6180T that was purchased in 2009. Recently, the fan was running very loudly, so I opened the case to clean it. At a brief glance, I could tell that the plastic casing surrounding the heatsink and fan was broken. I hope
-
Problem if i use web.xml
hi, i am developing a project using servlets and jsp's, i am using JSTL for the jsp pages (c.tld) but it is not working if there is web.xml file with out this it is working fine i dont know what exacltly the problem plzz xove this problem cheers, Ale
-
Windows message:program does not react
I am using photoshop elements 11.Since a couple of weeks i frequently get the message:program does not react.
-
How Can I Turn Off Document Template
I need to remove the option of opening a new template when clicking on 'New' in a document library. I don't want to delete the content type itself, just remove it as an option. When I click 'New' I want the option of opening a clean Excel, Word, Powe
-
IPod restores itself every time it is plugged in
One day I plugged my iPod classic on my friends MacBook Pro for a quick charge and it deleted everything! Without even asking the iPod restored itself. Now everytime I plugg it in, no matter what computer, it restores itself. And even after it does t