Router-----Switch A-----Unmanaged Switch/Media Converter-------------------------------------------Unmanaged Switch/Media Converter-----PLCs
Switch A is also connected to Switch B, C, D, etc.
The network has multiple VLANs and the router has an interface for each. None of the switches do routing, thus each request for a different VLAN must go back through the router. The problem is that we just brought a new location online via Switch A (using VLAN2). The PLCs at the end are what we're having trouble with. The far end (where the PLCs are located) has no problems. Traffic works both ways at that side. They can get anywhere they want on the local LAN (VLAN1, VLAN2, etc.) and even go past our router and onto the corporate WAN. The problem is with the near side. No device on VLAN1 can access/ping any of the PLCs. Switch A itself can't even ping the PLCs (unless I add a VLAN2 interface to the switch). Other devices throughout the network on VLAN2 can access the PLCs. Switch A can access other devices on VLAN2 though (just not the PLCs). The router can access the PLCs (this is probably because it does have a VLAN2 interface). I have seen in the past where certain unmanaged equipment doesn't play well with trunking (or multiple VLAN) enabled and we've had to force that interface to VLAN2 only. I swapped out the unmanaged switch/media converter on the near end (out of desperation), but the problem remains. I have tried several variations of switchport mode access, trunk, dynamic desirable. Any suggestions would be appreciated. Thanks.
Form your explanation, Switch A-----Unmanaged Switch/Media Converter-------------------------------------------Unmanaged Switch/Media Converter-----PLCs
they are all in vlan 1 and now you have a new site that connects to switch A and it is in vlan 2. Also the router routes between the vlans and all the other devices are just layer-2 or even layer-1 (media converters). If this is the case and you only have one link between switch A and the router than that is the only place you need to have a trunk with sub-interfaces (1 for vlan1 and 1 for vlan 2). All the other links should be configured as access ports.
If I am not understanding you explanation correctly, can you put a quick diagram together and post it?
The PLC circled in purple can access everything on the network, however, only VLAN2 switches (and PCs, etc.) can access it. Switch A is connected to Switch E via a fiber module (trunked) and everything can access the PLC at the end of it (VLAN2) fine. The media converter/unmanaged switch is connected to Switch A via Ethernet Port 44. I am trying to determine if my switch config is wrong or if the meida converter is causing an issue. I can connect my laptop directly to the media converter and assign it a static IP on VLAN2 and see the PCs. I can also plug my laptop into Switch A with the same static IP on VLAN2 and see the PC. It's only when I'm on VLAN1 that I can't see the PLC.
Plese see attached diagram
Can you post the configs for switch A, B and the router?
Also what port connect the router to switch A and what port connect switch A to B?
I will post the configs in just a bit when I can. GigabitEthernet0/0 on the router (2911) connects to FastEthernet0/1 on the switch (3550). The port is trunked on the switch. The network is more complex than my drawing. I was just showing the basic design. For example, there are three more switches connected to Switch A that the drawing doesn't show. I left them out because I don't think they have anything to do with the "problem". But to answer your question, Switch B (just the generic name for one of the other four) is connected via it's FastEthernet0/1 (3560) to FastEthernet0/46 on Switch A. The ports are trunked on both switches.
When I issue the command "encapsulation dot1Q 1" it drops to the next line without an error message, looking like it takes the command. But a 'sh run' displays that the line is still "encapsulation dot1Q 1 native". So I did a "no encapsulation dot1Q 1 native" and lost connection to the device (like I thought I might). I was able to access it again via another interface and then issue a "encapsulation dot1Q 1". However, a 'sh run' reveals that the line actually says "encapsulation dot1Q 1 native" again. It seems like it won't allow me to drop the 'native'. Also, I know that it isn't best practice to use VLAN1. All of our other sites have it disabled, but for whatever reason, this location is using it. I would like to find the quickest way to disable it and move the rest of the LAN to another VLAN, but that hasn't been my top priority. However, if achieving that goal would assist me in fixing this issue, then maybe I should move it up on my priority list.
I have started this thread to get some ideas about migrating away from VLAN1...
The issue has been resolved. The problem was that the PLCs on the far end had been statically assigned an IP Address and a Subnet Mask, but not a Default Gateway. This wasn't the direction we were leaning at all, but I'm glad it's been resolved :)