10-07-2008 04:57 AM - edited 03-06-2019 01:48 AM
I just purchased a new Cisco 2811 router and a Catalyst 2960G switch for my office.
And after configuring it for few hours, found that the IP address I assigned to my vlan 1 in catalyst 2960G switch is having IP address conflict.
From the Cisco Network assistant, I found that there's 2 IP addresses showing on my router network topology. The router's FastEthernet interface is configured with IP address 192.9.200.1
At first I thought it was my some other devices is conflicting with my switch and apparently it was sourced from my Cisco 2811 router. This problem also occured in my old Cisco 1841 router.
Even after hard reset and reconfigure, it still gave the same problem. Any reason why such thing happened ?
Theretically and practically the router shouldn't occupy 2 IP addresses for an interface but how come it's happening in my case ?
Is it a nature of cisco 2811 router or something wrong with my configurations ? I start all over again using SDM to configure but it's still the same problem as well.
Someone please help me.
10-07-2008 05:31 AM
Definitely it is the configuration error.
Check the conflicting IP Addresses in both configurations.
HTH..rate if helpful..
10-07-2008 07:21 AM
I have checked both devices configurations and apparently there's no ip address of 192.9.200.2 in it. It's somehow strange. And I did the arp tracing and found that this conflict is sourced from the Cisco 2811 router itself. The configuration is as of below.
version 12.4
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service sequence-numbers
!
hostname PCSBRouter
!
boot-start-marker
boot-end-marker
!
no aaa new-model
clock timezone PCTime 8
!
!
ip cef
!
!
ip name-server 202.188.0.133
ip name-server 202.188.1.5
ip name-server 192.9.200.1
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip address-pool local
!
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
ip tcp synwait-time 10
!
!
!
!
!
interface FastEthernet0/0
description $ETH-WAN$
ip address 219.94.97.202 255.255.255.252
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
description $ETH-LAN$$ES_LAN$
ip address 192.9.200.1 255.255.0.0
no ip proxy-arp
ip nat inside
ip virtual-reassembly
duplex full
speed auto
!
interface BRI0/0/0
no ip address
encapsulation hdlc
shutdown
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 219.94.97.201
!
!
ip http server
ip http port 8000
no ip http secure-server
ip nat pool PCSB 192.9.200.1 192.9.255.255 netmask 255.255.0.0
ip nat source static tcp 192.9.200.3 3389 interface FastEthernet0/0 80
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.9.200.2 8001 interface FastEthernet0/0 8001
ip nat inside source static tcp 192.9.200.1 8000 interface FastEthernet0/0 8000
ip nat inside source static udp 192.9.200.3 4500 interface FastEthernet0/0 4500
ip nat inside source static udp 192.9.200.3 47 interface FastEthernet0/0 47
ip nat inside source static udp 192.9.200.3 1701 interface FastEthernet0/0 1701
ip nat inside source static tcp 192.9.200.202 83 interface FastEthernet0/0 83
ip nat inside source static tcp 192.9.200.3 47 interface FastEthernet0/0 47
ip nat inside source static tcp 192.9.200.3 1723 interface FastEthernet0/0 1723
ip nat inside source static udp 192.9.200.3 3389 interface FastEthernet0/0 3389
ip nat inside source static tcp 192.9.200.3 3389 interface FastEthernet0/0 3389
ip nat inside source static tcp 192.9.200.3 80 interface FastEthernet0/0 80
!
ip access-list extended PCSB
remark SDM_ACL Category=2
permit ip any any
!
logging trap debugging
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.9.0.0 0.0.255.255
access-list 101 permit ip any any
!
!
!
!
control-plane
!
!
!
voice-port 0/1/0
!
voice-port 0/1/1
!
voice-port 0/2/0
!
voice-port 0/2/1
!
The rest are ommitted due to security reasons.
Please help me check what's the issue with this. Please let me know if you need any extra informations.
10-07-2008 07:43 AM
You have given us the router config and it confirms that the address is configured on the FastEthernet interface:
ip address 192.9.200.1 255.255.0.0
Can you post the switch config so that we can confirm what address is it using?
If it is using the 192.9.200.1 address also then there certainly is an address conflict.
HTH
Rick
10-07-2008 05:02 PM
Below is my switch configurations.
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname PCSBSwitch
!
""Omitted""
!
""Omitted""
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
ip name-server 202.188.0.133
ip name-server 202.188.1.5
ip name-server 192.9.200.1
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface GigabitEthernet0/29
!
interface GigabitEthernet0/30
!
interface GigabitEthernet0/31
!
interface GigabitEthernet0/32
!
interface GigabitEthernet0/33
!
interface GigabitEthernet0/34
!
interface GigabitEthernet0/35
!
interface GigabitEthernet0/36
!
interface GigabitEthernet0/37
!
interface GigabitEthernet0/38
!
interface GigabitEthernet0/39
!
interface GigabitEthernet0/40
!
interface GigabitEthernet0/41
!
interface GigabitEthernet0/42
!
interface GigabitEthernet0/43
!
interface GigabitEthernet0/44
!
interface GigabitEthernet0/45
!
interface GigabitEthernet0/46
!
interface GigabitEthernet0/47
!
interface GigabitEthernet0/48
!
interface Vlan1
ip address 192.9.200.4 255.255.0.0
no ip route-cache
!
ip http server
ip http port 8001
!
control-plane
!
!
line con 0
line vty 0 4
""Omitted""
line vty 5 15
""Omitted""
Hope this configuration you request helps.
10-09-2008 05:44 AM
Anyone here can help me ?
I still can't solve this issue.
Someone please. The configuration of the switch as requested has been posted up.
Please help me.
10-09-2008 06:20 AM
I would think it would have to be a device hung off the switch. If you do a sh arp what does it tell you , does the mac address match to any device hung off the 2960 ? It could also be someone who is intermittently coming on and off the network.
10-09-2008 07:12 AM
I checked the arp tables and found that the IP address come from the Cisco 2811 router.
Do you mean that the session hanged or something ?
Coz this happened to my old Cisco 1841 router as well. I don't quite understand why such a thing can occur and after all there's no power failure nor surge in my server room at all and my servers weren't down.
This case is really kinda unexplained. I tried resetting both devices and reconfigure but the same problem will still come back. I have checked through my whole network and there's confirmed no IP address conflict occur at all. The conflict occurs from the router itself.
10-09-2008 07:22 AM
Hmm, I tried your method again and remotely restarted my router and it works again.
The arp tables seems to be updated and back to normal again.
Can someone explain to me why such a thing can occur ?
Does this happen when there's a power failure or incoming power unstable ?
10-09-2008 12:13 PM
I'm guessing the problem is in the following line:
ip nat pool PCSB 192.9.200.1 192.9.255.255 netmask 255.255.0.0
Shouldn't the IP addresses you have listed (192.9.200.1 through 192.9.255.255) be the external addresses that you are NATing to instead of internal addresses? The router could see this as an IP conflict because 192.9.200.4 is in the range of addresses that it is NATing to so it would "claim" that address.
10-09-2008 02:49 PM
DOes that mean that my IP address for the switch must not fall within the range of the cisco router nat pool ?
So may I know what is the actual practice it should be done ?
10-10-2008 06:10 AM
The answer to your first question is yes. You may want the switch address to land in your source list to be translated, but you don't want it in the nat pool range to be NATed to.
The NAT pool is used to define the public addresses that you will NAT to. Since you only have one public address in 219.94.97.202, you will want to just NAT to that interface IP address. You already have this setup with the following command:
ip nat inside source list 1 interface FastEthernet0/0 overload
Since you are already NATing to your outside interface you can remove the following command:
ip nat pool PCSB 192.9.200.1 192.9.255.255 netmask 255.255.0.0
For additional information you can visit the following URL:
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml
*Please rate post if this was helpful.*
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide