VLAN connectivity problem

Unanswered Question
Mar 4th, 2010

I have a user is from our hr department and is being house with the purchasing dept.  On the Cisco switch(3750), I configured the port that user's PC is connected to, to be on his vlan - vlan105, and everyone else is on vlan110.  This department where he's at is across the street from the main office, and the building connects to the main office via wireless bridges (Cisco 1410).  The problem I am having with is that user's PC cannot ping his gateway of his vlan - 10.100.105.1, which is back at the core switch (Cisco 6506).  Yet if I do an ip scan from the PC, it can see all the devices on his vlan and can ping those devices, but not the gateway.  From the core switch, I can sometimes ping his PC - 10.100.105.20.  I have connected another PC to his port, to see if its not the NIC on the user's PC, but I get the same results. Everyone that is on the 110 vlans, has no problems

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Thu, 03/04/2010 - 13:12

Hello Jdleon,

are the wireless bridges capable to carry  802.1Q frames?

if they are 802.1Q trunk you need to check if there is a native vlan mismatch on the different devices on the path:

vlan 105 has to be permitted on C3750 uplink, carried on the wireless link, accepted on the C6500.

The same has to happen for frames coming  on the opposite direction.

>> Yet if I do an ip scan from the PC, it can see all the devices on his  vlan and can ping those devices, but not the gateway.

This would lead to consider the link operational and well configured.

check with sh ip arp on C6500 what MAC address (if one) is associated to that PC IP address

compare it with PC NIC MAC address are they the same?

If they don't match what is the MAC address learned on C6500, try to see if you can find it in your network.

also more important question, regardless of gateway ping results, is that PC capable to talk to devices in other IP subnets or not?

Hope to help

Giuseppe

jdleon Thu, 03/04/2010 - 13:51

are the wireless bridges capable to carry  802.1Q frames?

yes they are.

check with sh ip arp on C6500 what MAC address (if one) is associated to that PC IP address

compare it with PC NIC MAC address are they the same?

Yes the MAC address associated is the same as the NIC MAC.

also more important question, regardless of gateway ping results, is that PC capable to talk to devices in other IP subnets or not?

I forgot to mention, sometimes the PC is able to communicate to the gateway, and it is able to to talk to other devices in other subnets.  When it does not communcate to the gateway, it can only communicate with the devices on the 105 vlan.

I have also taken a laptop and connected it to the port which the PC is connected, and I get the same results.

Kevin Dorrell Fri, 03/05/2010 - 07:35

Did you have sticky port security installed anywhere?  Is it possible that some switch is still expecting to see his MAC address on his old port?

Kevin Dorrell

Luxembourg

jdleon Mon, 03/08/2010 - 13:10

Did you have sticky port security installed anywhere?  Is it possible that some switch is still expecting to see his MAC address on his old port?

No, I do not have sticky port security installed.  No other switch is expecting to see his MAC address, because the PC is new.

Actions

This Discussion

Related Content