Switchport up and up but connection stil failing

Unanswered Question
Nov 8th, 2007

A user connected a 16 port switch into his desk port and the bpdu settings on the port changed state to errdisable. I've since changed the settings removing spanning-tree portfast and spanning-tree bpduguard enable and despite typing shutdown followed by no shutdown the user cannot connect (even with a direct connect not via his switch). Port status is currently up and up. If the user connects to another desk port (one where a switch was not previously connected) then dhcp works fine and his machine connects.

Current port settings are as follows:-

interface FastEthernet1/0/25

switchport access vlan 22

switchport mode access

switchport voice vlan 897

priority-queue out

mls qos trust dscp

no snmp trap link-status

no mdix auto

storm-control broadcast level 1.00

Any ideas on what else to try?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Kevin Dorrell Thu, 11/08/2007 - 03:34

Do you have DHCP inspection enabled, or do you have port security enabled on any of the ports on the switch. If so, check that the PC MAC address is not tied to any other port by port security.

Kevin Dorrell


paul_xedos Thu, 11/08/2007 - 04:36


Thanks for the reply.

DHCP inspection is not enabled and no port security.

It's very odd as this port has no errors and connecting a host causes link status to go up/up but in every other respect the link is effectively down as it can not connect out to a dhcp server or ping the g/way if statically assigned. If the same host connects to the neighboring port it is fine. I'm guessing a reload may fix it but as its part of a 7 switch stack I'm reluctant to take that option

lgijssel Thu, 11/08/2007 - 04:54

You can try to issue the command: clear interface FastEthernet1/0/25

Also verify extra that the port is not still in error-disabled state.

If all this does not help, a reload is the only realistic alternative.


nagel Thu, 11/08/2007 - 08:16

"Not able to ping gateway" suggests to me that the port no longer knows about vlan 22. Have you tried moving the port to the native vlan (usually 1). If that works - you may have had a situation in which the recently 'plugged' in switch has overwritten your vlan data base. By default I believe a new switch comes out of the box configured as a VTP server and it is possible for them to overwrite your entire vlan databse on all switches that are operating in VTP client mode. Have you done a sh vlan on your switch stack to verify that all of the vlans that you thought existed actuall do exist? Just my 2 cents worth - but I'm not exactly sure what a reload will accomplish.

paul_xedos Fri, 11/09/2007 - 03:41

Hi thanks for this, the vlan database is still intact forunately due to vtp having the domain name specified.

I've also checked the mac-address-table which is clear of any entries. I'll keep searching this forum trying any other suggestions and report back if I find a fix

glen.grant Thu, 11/08/2007 - 08:29

Did you try clearing the mac-table ? If you have removed portfast then it may be timing out , you would need to put portfast back on the port .


This Discussion