cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
433
Views
0
Helpful
4
Replies

ASA 5505 connected to WS-C3560G-48PS

latintrpt
Level 1
Level 1

Hello,

I recently removed a catalyst 2950 switch code version: c2950-i6q4l2-mz.121-13.EA1

I had an ASA 5505 connected as a switchport access to the 2950 on port 44.  We will call the VLAN that the ASA sits on: VLAN 404.  The 2950 had a trunk to our catalyst 6509 distribution switch carrying that VLAN 404.  We also have a another VLAN for computers that sits on: VLAN 129, this is a standard DHCP vlan and it accounted for the rest of the switchports.  The 2950 also has this trunked to our 6509 distribution switch.

Everything was working fine with that setup.

After replacing the 2950 with a 3560 we started running into problems.  The 3560 was configured the same exact way as the 2950.  What was happening is that computers that sat on VLAN 129 started experiencing packet loss and were unable to work.  It's as though the ASA was taking over the switch. 

Is there a protocol that is enabled by defult on the 3560 that would do this?

Thanks, hope that makes sense

4 Replies 4

cadet alain
VIP Alumni
VIP Alumni

Hi,

Can you post 3560 config and explain exactly what is happening in this VLAN 129.

Regards.

Alain.

Don't forget to rate helpful posts.

zain_gabon
Level 1
Level 1

Hi, check both 3560 and 6509 trunk configurations, don't forget the encapsulation, because on 2950 when configuring the trunk, we don't specify the encapsulation,and on 3560, you need to specify it,

if you can only post the both switch trunk configurations

I have checked both sides, switch trunk encapsulation dot1q is setup.

Thanks

---------------------------------------------------------------------------------------------------------------------------------

Here is an output of the 2950: (WORKING)

cat2950a>en

Password:

cat2950a#sh run

Building configuration...

Current configuration : 9416 bytes

!

! Last configuration change at 10:07:30 CENTRAL Thu Nov 3 2011 by

!

version 12.1

no service pad

service timestamps debug datetime localtime

service timestamps log datetime localtime

service password-encryption

!

hostname cat2950a

!

aaa new-model

aaa authentication login default line

aaa authentication login radius-logins group radius line

enable secret 5

!

clock timezone CENTRAL -6

clock summer-time CENTRAL_DST recurring 2 Sun Mar 2:00 1 Sun Nov 2:00

ip subnet-zero

no ip domain-lookup

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

interface FastEthernet0/1

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/2

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/3

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/4

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/5

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/6

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/7

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/8

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/9

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/10

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/11

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/12

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/13

switchport access vlan 129

switchport mode access

no ip address

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/14

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/15

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/16

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/17

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/18

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/19

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/20

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/21

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/22

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/23

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/24

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/25

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/26

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/27

switchport access vlan 129

switchport mode access

no ip address

duplex full

speed 100

spanning-tree portfast

!

interface FastEthernet0/28

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/29

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/30

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/31

description video monitoring pharm

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/32

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/33

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/34

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/35

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/36

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/37

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/38

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/39

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/40

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/41

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/42

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/43

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/44

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/45

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/46

switchport access vlan 129

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/47

switchport access vlan 404

switchport mode access

no ip address

spanning-tree portfast

!

interface FastEthernet0/48

description Network UPS

switchport access vlan 500

switchport mode access

no ip address

duplex half

speed 10

spanning-tree portfast

!

interface GigabitEthernet0/1

switchport trunk native vlan 500

switchport trunk allowed vlan 129,404,500

switchport mode trunk

switchport nonegotiate

no ip address

!

interface GigabitEthernet0/2

switchport trunk native vlan 500

switchport trunk allowed vlan 129,404,500

switchport mode trunk

switchport nonegotiate

no ip address

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan500

ip address 172.18.77.18 255.255.255.0

no ip route-cache

!

ip default-gateway 172.18.77.1

no ip http server

---------------------------------------------------------------------------------------------------------------------------------

Here is the ouput of the 3560: (NOT WORKING)

c3560g#sh run

Building configuration...

Current configuration : 9275 bytes

!

version 12.2

no service pad

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname c3560g

!

enable secret 5

!

aaa new-model

aaa authentication login default line

aaa authentication login radius-logins group radius line

!

aaa session-id common

clock timezone CST -6

clock summer-time CDT recurring

system mtu routing 1500

ip subnet-zero

no ip domain-lookup

!

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/2

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/3

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/4

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/5

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/6

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/7

switchport access vlan 129

switchport mode access

speed 100

duplex full

!

interface GigabitEthernet0/8

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/9

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/10

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/11

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/12

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/13

switchport access vlan 129

switchport mode access

speed 10

duplex half

spanning-tree portfast

!

interface GigabitEthernet0/14

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/15

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/16

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/17

switchport access vlan 129

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface GigabitEthernet0/18

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/19

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/20

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/21

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/22

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/23

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/24

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/25

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/26

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/27

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/28

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/29

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/30

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/31

description special video monitoring pharmacy

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/32

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/33

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/34

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/35

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/36

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/37

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/38

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/39

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/40

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/41

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/42

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/43

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/44

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/45

switchport access vlan 129

switchport mode access

shutdown

spanning-tree portfast

!

interface GigabitEthernet0/46

description ap-craniofacial

switchport access vlan 701

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/47

description privprac-WHC

switchport access vlan 404

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/48

switchport access vlan 129

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/49

description dista

switchport trunk encapsulation dot1q

switchport trunk native vlan 500

switchport trunk allowed vlan 129,404,500

switchport mode trunk

switchport nonegotiate

!

interface GigabitEthernet0/50

description cat2950b

switchport trunk encapsulation dot1q

switchport trunk native vlan 500

switchport trunk allowed vlan 129,404,500

switchport mode trunk

switchport nonegotiate

!

interface GigabitEthernet0/51

!

interface GigabitEthernet0/52

!

interface Vlan1

no ip address

shutdown

!

interface Vlan500

ip address 172.18.77.18 255.255.255.0

no ip route-cache

!

ip default-gateway 172.18.77.1

ip classless

no ip http server

!

l

Hi,

can you try clearing the arp cach on the ASA.

Alain.

Don't forget to rate helpful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: