cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1242
Views
0
Helpful
19
Replies

switch config help

gisdmis1968
Level 1
Level 1

i replaced a server1 but used the same ip. used a different name. now i can only connect to it in my building. from switches at the other campuses, they resolve the name to the correct ip but cannot ping the ip. the router resolves and pings it fine, but all the switches at the different campuses cant ping it.any advice ideas???

19 Replies 19

JORGE RODRIGUEZ
Level 10
Level 10

Hi, does the server have any fw turned on?

can you ping any other host from the same segment this server is on?

Jorge Rodriguez

it is a brand new server with basic config from dell. not for sure on the fw being turned on.

yes i can ping every server except this one from any switch.

well, make sure the server have correct defaul gateway and mask, also check the switchport settings such as speed duplex and vlan assigments the server should be under, have you checked all these ?

[edit] also check the server is not doing any kind of teaming, or if it is to be properly configured.

Jorge Rodriguez

yes all the config on the server is good,subnet,gateway,ect. it is the mailfilter running mimesweeper. which is working perfectly, except the PMM sends emails to users at the campuses with a url to view their spam. it doesnt connect. but works perfect within the building. all the config is exactly the same as the old server but the name. was mailfilter, now mailfilter2. ip and all config the same.

something must be blocking icmp and port 80 withing the server or some other acl on a router in the building, you indicated server config is good and sends emails, but accept no http connections or pings, can other servers in the same segment mailfiler2 is under ping and http to it? can you check these .

Jorge Rodriguez

yes from my pc in the same segment can ping it,remote to it, connect to the http. so can everyone else within the inside the building.

so nothing should be blocked on the server. could any firewall config effect anything?

sounds like firewall to me , are you certain there are not firewalls rule policy throughout the campus network , whats your network topology, is the building a branch connecting to a core network at another building where there may be firewalls?

[edit] any proxy servers outside building

Jorge Rodriguez

i am in the main building with the core network where the firewall is. the other campuses dont have any firewall there.we just have the one firewall. i didnt think they went through the firewall to get back to the main building, ithink they come back in through the router. i am new to this network,thrown into the lions with no documentation. and i do appreciate your help with this

I've been in that detective situation, can you look fw logs to rule it out, incidently , are you using the same IP address from old server or new IP address.

Look in the router for any acls, I have seen acls put in even from within trustet networks.

and don't worry, forum is here to help whenever we can.. and still thinking till run out of ideas.

Jorge Rodriguez

i am using the same ip but different server name. saw this in the firewall config:

name x.x.x.x mailfilter

static (inside,outside) tcp x.x.x.x smtp mailfilter smtp netmask 255.255.255.255 0 0

the new server has the same ip but named mailfilter2.

i couldnt put a no infront of the static line to delete it.

I do not think it would be the firewall because if you are using the same IP and there were any rules bound to it , it would go through, fw would not not check name but rather IP . Is this an ASA ? any logs you can see like denies, can you also look at the core router where VLANs are configired for ALL other building comming to yours.

Jorge Rodriguez

yeah thats why i used the same ip address to try to avoid having to change any firewall and router configs. sounded good in theory

is it possible the switches are still associating the ip address with the mac address of the old server?

what comes in mind would be a transparent firewall using acl to control mac addresses ,

any chances there would be fwsm in your core switch?, I bet your problem is a simple one to resolved eating both, it just does not make any sence other buildings can access other servers withing the same segment but not this one.. hope someone jumps in with other suggestions..

Jorge Rodriguez

how can i check to see if acl is controlling mac address?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco