2 vlans on cat2950 switch problem

Unanswered Question
Sep 18th, 2009

Hello,


i am having a problem with cat2950 vlan config and i would appreciate your help please.

when i issue no shut for vlan 20 that place vlan 50 in shutdown

any idea why? please let me know if you need more details.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Jon Marshall Fri, 09/18/2009 - 10:47

Mohammed


Presumably you are talking about the L3 vlan interface ie.


int vlan 20

shut/no shut


int vlan 50

shut/no shut


The reason this is happening is because the 2950 is a L2 switch so you can only have 1 L3 vlan interface active at any one time. You can have multiple L2 vlans ie.


"sh vlan" will show the L2 vlans


but you can only have one active L3 vlan interface.


If you want to have multiple L3 vlan interfaces active and route between them you need a L3 capable switch ie.


3560/3750/4500/4948/6500


Jon

glen.grant Fri, 09/18/2009 - 11:25

The SVI on layer 2 switch is to manage the switch only and has "no" routing capability .

Leo Laohoo Fri, 09/18/2009 - 16:16

Unfortunately, the 2940/2950 series switches will support only one (1) active VLAN Management interface active. It will allow normal VLAN traffic to the second or succeeding VLANs. For example, say you have two VLANs, 20 and 50. Both of them have an IP address. Aside from VLAN 1, only one of either 20 or 50 can remain up/up and the other will be down/down but the switch can pass traffic to both 20 and 50.


Does this make any sense?

Lucien Avramov Fri, 09/18/2009 - 16:21

And here is the documentation mentioning this:


http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_25_fx/configuration/guide/swupgrad.html


The Catalyst 2950 switch supports only one management VLAN. You can use this global configuration command to change it:


cluster management-vlan vlan-id


This command communicates the management VLAN when the switch is configured for clustering.

mhasabal Tue, 09/29/2009 - 11:12

Lucien,


is there any way i can send you my router and switch config for review please.

Lucien Avramov Tue, 09/29/2009 - 12:12

so what do you want me to look at? do you still have the vlan issue? Have you removed the vlans as we suggested?

mhasabal Tue, 09/29/2009 - 12:17

i was hoping that you can take a look at the switch config

i still have the data and voice vlan but from what i understand the cat2950 switches will support only one (1) active VLAN Management interface active. It will allow normal VLAN traffic to the second or succeeding VLANs. For example, say you have two VLANs, 20 and 50. Both of them have an IP address. Aside from VLAN 1, only one of either 20 or 50 can remain up/up and the other will be down/down but the switch can pass traffic to both 20 and 50.

Lucien Avramov Tue, 09/29/2009 - 12:19

Yes your understanding is correct. Config looks ok for that, I just checked.

Any issues ?

mhasabal Tue, 09/29/2009 - 12:33

my pc is connected to port 17 on the switch and when i do a :

ping 172.20.1.254 (router)


Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.20.1.254, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)



from the pc ping 172.20.1.254 (router) i get all 4 replies back.


sh ip int brief (only shown the up/up)

Interface IP-Address OK? Method Status Protocol

Vlan1 unassigned YES manual administratively down down

Vlan20 192.168.2.253 YES manual administratively down down

Vlan50 172.20.1.253 YES manual up up

FastEthernet0/17 unassigned YES unset up up

GigabitEthernet0/1 unassigned YES unset up up

Lucien Avramov Tue, 09/29/2009 - 13:12

you need to disable the windows firewall on your pc.

Some A/V softwares also have a FW component like symantec.


Most of them block icmp.


As you can ping from the pc to the router, you have a FW issue on the PC.

Actions

This Discussion