vlan access from outside vlan access port

Unanswered Question
Jun 22nd, 2010
User Badges:

hi


one 4507R switch having vtp domain with many vlans (vlan 20 vlan 30 , vlan 40 vlan 50 .....etc..) with ip interfaces and all other swithes 3500, 2600 series are connected by trunk link and vtp client with vlan access port and all system and server are communicating without any problems. native vlan is with any ip address and for switch management using a different mgt vlan as vlan 10  with seperate dedicated ip network address scheme. ip routing is enabled.


one 2650 switch is connected to the 4507 R switch by trunk link dot1q only mgt vlan 10 with the same mgt ip network but no switchport access vlan  (any), no vtp client, when client PC is connected the switch (port in default access mode without any vlan) when PC is given one particular vlan's ip say vlan 30  (x.128.2.142/24) it can communicate all other PC in other VLANS in other swiches but if given any other vlans IP to the PC (as for e. g. vlan 40,  ip  address as  x.128.3.221/24) the PC can't communicate to none of the other PC in other vlan and other switch.



please let me know the logic why


kbchoudhury

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ganesh Hariharan Tue, 06/22/2010 - 23:02
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

hi


one 4507R switch having vtp domain with many vlans (vlan 20 vlan 30 , vlan 40 vlan 50 .....etc..) with ip interfaces and all other swithes 3500, 2600 series are connected by trunk link and vtp client with vlan access port and all system and server are communicating without any problems. native vlan is with any ip address and for switch management using a different mgt vlan as vlan 10  with seperate dedicated ip network address scheme. ip routing is enabled.


one 2650 switch is connected to the 4507 R switch by trunk link dot1q only mgt vlan 10 with the same mgt ip network but no switchport access vlan (any), no vtp client, when client PC is connected the switch (port in default access mode without any vlan) when PC is given one particular vlan's ip say vlan 30  (x.128.2.142/24) it can communicate all other PC in other VLANS in other swiches but if given any other vlans IP to the PC (as for e. g. vlan 40,  ip  address as  x.128.3.221/24) the PC can't communicate to none of the other PC in other vlan and other switch.



please let me know the logic why


kbchoudhury


Hi kbchoudhury,


Kindly share few details how many vlans are configured on cisco 2960 and on trunk all vlans are allowed and ip default network command is configured towards the cisco 4507 switch interface ip .


Ganesh.H

kb.choudhury Wed, 06/23/2010 - 10:41
User Badges:

Thanks for your help,  13 vlans are configured other then native and default vlans as vtp client in 2960 , all vlans are allowed in trunk link and ip default network ip in 2960 from vlan interface ip  in 4507 but the observation is same even if i remove all vlan and ip default gateway and left only trunk link to 4507,

for our security policy i am restricted from providing you the detail configuration, but i can let you know what you like to know other then exact ip address

--- kb choudhury

glen.grant Wed, 06/23/2010 - 12:55
User Badges:
  • Purple, 4500 points or more

   If there is no access vlan assigned then by default it's in vlan 1 .  Is there a SVI defined for vlan 1 on the 4500 ?   If not then there is a possibility that somewhere  someone has physically bridged say vlan 1 and vlan 30 together.

Thats the only way I could see what you are describing.  Without seeing the configs on each end of the link it is purely speculation.

kb.choudhury Wed, 06/23/2010 - 15:18
User Badges:

thanks for the reply,


no SVI is defined in vlan 1, and i already tried by defining a different ip network SVI  in vlan 1 of the VTP domain switch 4507 to eliminate this point and this is why with vlan 30 only ?


i don't think that somewhere  someone has physically bridged vlan 1 and vlan 30 together. please let me give idea how find that one from so many switches.


--  kb choudhury

Actions

This Discussion