Glen,

I agree that since there is nothing connected to the other three vlans, they should appear down.

However, vlan 2 does have something connected and it is not working correctly. I should be able to ping the device on vlan 2 and the device should be able to ping out to the Internet.

So far, all the vlan 2 does do correctly, is automatically assign IP addressing to the connected device.

Check the default gateway is correct on the device . If the device is a pc make sure all firewalls on the pc are turned off if trying to ping it ,if its on it won't ping . If the internet is out the default route check the other side and make sure you have static routes pointing back into the 3550 for the subnets defined on the 3550. Also on your 3550 make sure your ports are switchports and not routed ports . To make sure just do a interface range command on your access ports and type "switchport" . Best way to check is to issue a "show interface status" command.

Glen,

Thanks for sticking with this on a Holiday. The switch "was" scheduled to be deployed over this 4 day weekend.

The device connected to vlan 2, int 3 is a Macintosh. The firewall is enabled but it is a test machine (so I can ssh to it's UNIX capabilities) and we routinely ping, remotely login, etc.

It is configured to obtain an IP automatically, and it got

IP 192.168.100.3

subnet 255.255.255.0

gateway 192.168.100.1

It did NOT propagate DNS info though. I manually set it to the gateway IP.

The switch is configured with 208.67.222.222 208.67.220.220 (opendns.org servers)

This should NOT prevent it from pinging an IP address though, just prevent it from resolving names.

VLAN 2 through 5 (the ones we want routing) are configured as switchports, not routed ports.

Here is the result of "show interface status".

ieswitch#show interface status

Port Name Status Vlan Duplex Speed Type

Fa0/1 management connected 1 a-full a-100 10/100BaseTX

Fa0/2 watertower1 notconnect 2 auto auto 10/100BaseTX

Fa0/3 watertower2 connected 2 a-full a-100 10/100BaseTX

Fa0/4 spare notconnect 2 auto auto 10/100BaseTX

Fa0/5 schmidts notconnect 3 auto auto 10/100BaseTX

Fa0/6 flowerree notconnect 3 auto auto 10/100BaseTX

Fa0/7 spare notconnect 3 auto auto 10/100BaseTX

Fa0/8 parkrec notconnect 4 auto auto 10/100BaseTX

Fa0/9 handdee notconnect 4 auto auto 10/100BaseTX

Fa0/10 spare notconnect 4 auto auto 10/100BaseTX

Fa0/11 silverlake notconnect 5 auto auto 10/100BaseTX

Fa0/12 fortrock notconnect 5 auto auto 10/100BaseTX

Fa0/13 oildri notconnect 5 auto auto 10/100BaseTX

Fa0/14 spare notconnect 5 auto auto 10/100BaseTX

Fa0/15 spare notconnect 1 auto auto 10/100BaseTX

Fa0/16 spare notconnect 1 auto auto 10/100BaseTX

Fa0/17 spare connected 1 a-full a-100 10/100BaseTX

Fa0/18 spare notconnect 1 auto auto 10/100BaseTX

Fa0/19 agauto notconnect 1 auto auto 10/100BaseTX

Fa0/20 floydaboyd notconnect 1 auto auto 10/100BaseTX

Fa0/21 spare notconnect 1 auto auto 10/100BaseTX

Fa0/22 iebusiness1 notconnect 1 auto auto 10/100BaseTX

Fa0/23 iebusiness2 notconnect 1 auto auto 10/100BaseTX

Fa0/24 nlhealthclinic connected 1 a-full a-100 10/100BaseTX

Gi0/1 notconnect 1 auto auto unknown

Gi0/2 notconnect 1 auto auto unknown

If you can't ping a directly attached device then I would suspect the device itself . From the switch can you do a extended ping and source from vlan 2 and have it ping ? From the switch can you ping the far end of that default static route assuming it not a FW that might block ping ? From the mac what can't you do at this point? Can you ping the default gateway ? Can you ping the vlan 1 default gateway ? Can you ping the far end of that static route ? From the device on the far end of that static can you ping addresses on the 3550 that are up/up ?

Glen,

I have a second Macintosh connected at int 17, vlan 1. From it, I can ping the default gateway, the IP for vlan 1, int 1 on the switch. Everything works OK.

From the switch, I can ping the default gateway, I can even ping the vlan 2 asssigned IP

ieswitch#ping 192.168.100.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

I am going to drive up to the hilltop and try again from the Macintosh and see what I can/can't ping. I might try the network config without adding anything manually to the DNS settings.

Curiously, I can't ping Macintoshs from the switch. The one in vlan 1, int 17, I can't ping although I am remotely connected to it and using it without issue.

I have attached the config again. I'll be back in about an hour.

Hi , You will never be able to see the Vlan Configuration in the Sh IP Router Command. Determine the LAN and WAN. Command that Show Vlan, will show the LAN Divided Vlan . Show IP route works for only the route you have or hops which has connected

:- Correct me If I am wrong

I realize what you say. What I was trying to see was if it recognized the 4 subnets for 192.0.0.0.24

I would have expected to see a line in there that said.......

192.0.0.0/24 is subnetted, 4 subnets

This is what it does show....

Gateway of last resort is 67.xx.xx.1 to network 0.0.0.0

67.0.0.0/25 is subnetted, 1 subnets

C 67.xx.xx.0 is directly connected, Vlan1

C 192.168.100.0/24 is directly connected, Vlan2

S* 0.0.0.0/0 [1/0] via 67.xx.xx.1

I see nothing wrong with the 3550 config , it should work . The ping issue has to be something with the mac if you can get to it using ssh . If have a windows machine around to hook up you could try that too . Besides that not sure what else to tell you .

The Macs that we use are used often. I did connect them to another switch to insure there was no issue with them and they do work OK,

I am afraid since I did not see a configuration issue either, that there may be a hardware problem or some other issue on the switch.

I am going to give it one more try with a fresh IOS image and see what I can do.

Glen,

I reset the switch to default. I have reconfigured it OK. Same basic setup without the DHCP server.

Now, everything on the switch works. I can ping between two different end devices on two different vlans.

vlan 1 (default) still works fine, although it always did. I can ping out to the Internet.

The other 4 vlans, everything works internally, but not out to the Internet.

I am pursuing possibly adding static routes in the router above the 3550 to the vlan IPs. I am convinced now that the issue is between the router and the switch.

Glen,

Well, this trip up to the hill was informative....sort of.

vlan 2 could not ping it's gateway 192.168.100.1 from the external computer connected in int 3

switch could ping 192.168.100.1

after I tried to renew the lease, I got a self assigned IP address.

vlan 3 could not ping it's gateway from int 5 from external computer

switch could ping 192.168.120.1

vlan 4 same issue.......

vlan 5 however, got a good assigned IP address and the external computer connected at int 11 AND I can ping it's gateway 192.168.160.1 and the switch can ping it also.

However, despite that working, I still can not get the computer to ping out to anything.

I realize that now. The documents I have and previous use has been with IOS version 12.1.

This switch has 12.2 and there have been several instances where the documentation and the real ouput don't match.