Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problem with Catalyst 2960

Hi,

My name is Sandeep and I am facing very weird problem with my 2960 switch. I have configured my Juniper firewall interface with the ip 10.11.89.5/24 and connected it to 2960 switch port. The default VLAN created on switch is carrying ip address 10.11.89.1/24 and the default gateway is 10.11.89.5.

The problem is, I am unable to ping the gateway from switch but able to ping switch ip address and server ip address connected to switch.

I even change the cable suspecting that there might be problem with the cable.

Please help.

Regards,

Sandeep

11 REPLIES
New Member

Re: Problem with Catalyst 2960

Hi Sandeep,

Post your switch conf, please and confirm with port is connected your firewall on switch.

AB

New Member

Re: Problem with Catalyst 2960

Hi Antonio,

Thanks for your prompt reply

please find enclosed the config for switch and my firewall is connected to port fa 0/1. the status of the port is link up and connected.

Switch#sh run
Building configuration...

Current configuration : 1301 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport mode access
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 10.11.89.1 255.255.255.0
no ip route-cache
!
ip default-gateway 10.11.89.5
ip http server
!
control-plane
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end

Switch#

New Member

Re: Problem with Catalyst 2960

So your Default Gateway is your Firewall. I'm very sure there is a policy stopping your pings. the command "show ip int br" shows int fa0/1 as UP/UP? if so, then it is definetly your firewall and not the cisco or cable.

New Member

Re: Problem with Catalyst 2960

Hi Syed,

the result is showing up but there is no firewall rule need to configure for it.The same setup i have done in my Mumbai office but i didnt face this issue but i used Nortel Baystack switch for that.

Hall of Fame Super Gold

Re: Problem with Catalyst 2960

there is no firewall rule need to configure for it.

Explicit deny/deny applies.

New Member

Re: Problem with Catalyst 2960

Try force vlan tag to 1 with follow command

switchport access vlan 1

I´m not sure if that is the problem but as you are using a non-cisco equipment is better ensure

Try and see if change somehing

Antonio

New Member

Re: Problem with Catalyst 2960

Hi Antonio,

I have tried that previously but no success. Even i replace the switch itself but the same thing with the new one as well.

New Member

Re: Problem with Catalyst 2960

Try to change the encapsulation to dot1q on port connected to Juniper.

switchport trunk encapsulation dot1q

New Member

Re: Problem with Catalyst 2960

Hi sajid,

I tried to configure the suggested command but i am not getting that option. the version on the switch is Version 12.2(35)SE5. and it only allowed me to choose any from the allowed, native and pruning option.

New Member

Re: Problem with Catalyst 2960

Hi goldshield,

Do you need to be a trunk on this port. In this case your port is in mode access.

If you need change to

switchport mode trunk

Will pass all vlans.

Are u using vlans on juniper ??

Antonio

New Member

Re: Problem with Catalyst 2960

Hi Antonio,

No need to configure that port as a trunk port and i tried that option as well. Also I didnt configure VLAN on Juniper. It should work in access mode as it is L3.

802
Views
0
Helpful
11
Replies
CreatePlease login to create content