06-11-2007 10:53 AM - edited 03-05-2019 04:38 PM
Hello,
I would like to route to/from my private vlan using an SVI. I have a Cat3560 and the config is below. However, when I try to ping to a router interface on the private vlan I do not get any response. The router i/f ip is 134.2.1.129/25 and is connected to port F0/1. Can anyone help me please? Config is below.
Thanks,
Kevin
vlan 32
name v32
private-vlan primary
private-vlan association 99
vlan 99
private-vlan community
interface FastEthernet0/1
switchport private-vlan host-association 32 99
switchport mode private-vlan host
spanning-tree portfast
interface Vlan32
ip address 134.2.1.133 255.255.255.128
private-vlan mapping 99
MetroSW1#ping 134.2.1.129
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 134.2.1.129, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
06-11-2007 11:27 AM
Can you check ACL at router?
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008013565f.shtml
It should pIng.
Regards,
Dharmesh Purohit
06-11-2007 11:40 AM
I have checked for any acls and there aren't any applied on the router or the switch. Furthermore, if I put another switchport as part of the private vlan then I can ping between them. This also works, if I configure the port as a promiscuous port for the private vlan. The problem comes into play when I map the private vlan to an SVI. Then I lose layer 3 connectivity.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: