07-03-2008 07:34 AM - edited 03-05-2019 11:59 PM
Switch#sh run
Building configuration...
Current configuration : 2201 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
enable password xxxxxxxx
!
clock timezone mst -7
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface FastEthernet0/25
!
interface FastEthernet0/26
!
interface FastEthernet0/27
!
interface FastEthernet0/28
!
interface FastEthernet0/29
switchport access vlan 520
!
interface FastEthernet0/30
switchport access vlan 520
!
interface FastEthernet0/31
switchport access vlan 520
speed 100
duplex full
!
interface FastEthernet0/32
switchport access vlan 520
!
interface FastEthernet0/33
!
interface FastEthernet0/34
!
interface FastEthernet0/35
!
interface FastEthernet0/36
!
interface FastEthernet0/37
!
interface FastEthernet0/38
!
interface FastEthernet0/39
!
interface FastEthernet0/40
!
interface FastEthernet0/41
!
interface FastEthernet0/42
!
interface FastEthernet0/43
!
interface FastEthernet0/44
!
interface FastEthernet0/45
!
interface FastEthernet0/46
!
interface FastEthernet0/47
switchport access vlan 12
!
interface FastEthernet0/48
switchport access vlan 12
speed 10
duplex half
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 172.17.193.11 255.255.255.0
no ip route-cache
!
ip default-gateway 172.17.193.1
ip http server
!
line con 0
line vty 0 4
password xxxxx
login
line vty 5 15
password xxxxx
login
!
!
end
Switch#ping 172.17.193.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.193.11, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Switch#
Is there anything wrong with my config? I am pretty sure I assign an ip address to it in the correct fashion. Let alone pinging 172.17.193.11 from a workstation (172.17.193.100) on the same network, I can't even ping itself????
07-03-2008 08:22 AM
which is port connected to the workstation (172.17.193.100)?
07-03-2008 08:29 AM
FastEthernet0/29
07-03-2008 08:32 AM
!
interface Vlan1
no ip address 172.17.193.11 255.255.255.0
no ip route-cache
sh
!
interface Vlan520
ip address 172.17.193.11 255.255.255.0
no ip route-cache
no sh
!
07-03-2008 08:37 AM
FastEthernet0/29
07-03-2008 08:56 AM
Aleksey asked a key question when he asked what port the PC was connected to. And when it is FA0/29 which is assigned to VLAN520, then it reveals the issue which is that you need inter vlan routing. This is because the source is in 1 VLAN and the destination is in a different VLAN. To route between VLANs you need some layer 3 device to do inter vlan routing.
Aleksey's suggestion to move the switch IP address from VLAN1 to VLAN 520 is a short term solution which will allow the PC to ping the switch. I am not clear whether it is a good long term solution.
The switch is configured with multiple VLANs. Is it connected to something that can do inter vlan routing? If not then perhaps all the switch ports should be put into a single VLAN. If there is a device to do inter vlan routing then what kind of device is it and where is it connected?
HTH
Rick
07-03-2008 10:40 AM
What Aleksey pointed out to me is exactly how I want it anyhow. I could have sworn I did try to assign an IP to vlan 520 before but I must have configurd it wrong.
As you can see from the attachment, we have the ASA FW sitting at the bottom so I guess that's inter vlan routing right there?
Thanks for all your help.
07-03-2008 10:45 AM
if you can't ping the management interface from the switch, then I don't think the VLAN issue would cause the problem. My gut feeling n reading the original post was that you simply needed to do a
interface vlan 1
no shut
because it was never initially enabled
07-03-2008 10:57 AM
it looks like ASA is doing intervlan routing (between 520 and 12)
07-03-2008 11:16 AM
If I am understanding the drawing correctly the ASA is connected to VLAN 520 on FA0/32 which is an access port and is connected to VLAN 12 on FA0/47 which is also an access port. So the ASA would provide the layer 3 forwarding between these 2 VLANs. There are some interfaces which appear to be in the default VLAN 1 and these interfaces would not be routed.
And this means that the suggestion to move the IP address onto VLAN 520 is probably the correct solution.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: