cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6782
Views
4
Helpful
46
Replies

Unable to ping device outside the vlan

aasifsayyad
Level 1
Level 1

I have one equipment i.e attendance reader. Its worked very fine for few days but now it is not working properly.

I am not able to ping the same device outside the vlan.

Its pinging fine when I am ping the device from same vlan ip.

please suggest on this what should be the problem.

 

 

If I changed the IP address of the device it starts work properly.

46 Replies 46

tiwariharish44
Level 1
Level 1

Is intervlan routing configured in your network??? If not , then do it, till then  it won't ping outside your vlan

Yes its already configured in network. other devices are working fine except this attendance reader.

 

If I changed the IP address of the device it starts work properly.

Try checking the ARP cache to see if it has captured the MAC address of the remote device. If this is not happening, then some thing is wrong with the gateway.

Hii ,

 

I have also tried to clear the arp cache in core switch.

what else I can do with arp.

After clearing this still it is not working. gateway is set properly

 

If I changed the IP address of the device it starts work properly.

Hi,

Can you show the config of switch port?

 

di interface gi1/0/19
 GigabitEthernet1/0/19 current state: UP
 IP Packet Frame Type: PKTFMT_ETHNT_2, Hardware Address: 4431-9201-0ef2
 Description: GigabitEthernet1/0/19 Interface
 Loopback is not set
 Media type is twisted pair, Port hardware type is 1000_BASE_T
 100Mbps-speed mode, full-duplex mode
 Link speed type is autonegotiation, link duplex type is autonegotiation
 Flow-control is not enabled
 The Maximum Frame Length is 10240
 Broadcast MAX-ratio: 100%
 Unicast MAX-ratio: 100%
 Multicast MAX-ratio: 100%
 PVID: 72
 Mdi type: auto
 Port link-type: access
  Tagged   VLAN ID : none
  Untagged VLAN ID : 72
 Port priority: 0
Last clearing of counters:  Never
 Peak value of input: 1944 bytes/sec, at 2015-04-03 11:28:05
 Peak value of output: 762799 bytes/sec, at 2015-04-11 13:41:34
 Last 300 seconds input:  0 packets/sec 0 bytes/sec 0%
 Last 300 seconds output:  2 packets/sec 214 bytes/sec 0%
 Input (total):  109461 packets, 12820297 bytes
         107167 unicasts, 2294 broadcasts, 0 multicasts, 0 pauses
 Input (normal):  109461 packets, 12820297 bytes
         107167 unicasts, 2294 broadcasts, 0 multicasts, 0 pauses
 Input:  0 input errors, 0 runts, 0 giants, - throttles
         0 CRC, 0 frame, 0 overruns, 0 aborts
         - ignored, - parity errors
 Output (total): 62340621 packets, 7405401147 bytes
         5827628 unicasts, 49373567 broadcasts, 7139426 multicasts, 0 pauses
 Output (normal): 62340621 packets, 7405401147 bytes
         5827628 unicasts, 49373567 broadcasts, 7139426 multicasts, 0 pauses
 Output: 0 output errors, - underruns, - buffer failures
         0 aborts, 0 deferred, 0 collisions, 0 late collisions
         - lost carrier, - no carrier

Do a sh Mac address-table interface gig1/0/20

output should be the Mac of the attendance reader.

 

on the local switch and core switch type

show arp | i "ip add of attendance reader"

 

output should show ip and Mac of attendance reader

 

if not,  it's probably a man in the middle attack.

 

and if so, I would recommend dynamic arp inspection.

No mac address found on access port 1/0/20 where attendance reader is connected.

 

On core output is

It showing attendance readers mac address.

Now I see your response and my response.  Not sure why I'm not seeing them. 

I have experienced this on 3 different devices and two networks.  Hmm....

 

 

Do a show Mac address-table address 0017.6189.2b45

on your distribution switch.  Has it been learned on a port?  If so, what is connected to that port?  Is it the local switch where the reader resides?

no mac address found of command sh mac address-table gi1/0/20

with show arp command there no mac id found on local switch.

 

with sh arp  command on core switch there is mac id entry of attendance reader.

I received an email alert letting me know you responded back, but I'm not seeing it here, so I'm not sure why not, but ...Im wondering if something is going on with Cisco's web site, because I have been seeing this off and on since yesterday. ??

**************************************************

"No mac address found on access port 1/0/20 where attendance reader is connected, but on the core it shows the readers mac address"

**************************************************

On the core enter "show mac address-table address xxxx.xxxx.xxxx(reader's mac)

This will show the swithport where the mac was learned.  Port could be another switch.

You may need to walk the network with show cdp and show mac until you locate the port where that mac address was learned. 

 

May be duplicate mac/ arp poisoning/ ....

 

Do a 

sh mac address-table address 0017.6189.2b45 on the next access switch.  Which port learned the Mac and what is connected to that port?

I would create a monitor session and do a packet capture on the port that connects the attendance reader.  It should give a clue to what's happening.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: