Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Problems in communication of two 2950 Switches

Hello,

The problem that we have is the following :

We have two ip ranges, a 10.0.32/24 ip range (GOOD net) and a real ip net (lets say DMZ).

All machines of GOOD are connected to one Switch (S1), located in room 1 (R1)

All machines of DMZ are connected to another Switch (S2) located in room 2 (R2)

On the S2 a linux box containing Firewall/routing rules is connected, that also connects to the Internet. (BAD).

The two switches are connected to each other with the proper cable.

GOOD machines can communicate with DMZ.

GOOD machines can communicate with BAD.

DMZ machines can communicate with GOOD.

DMZ machines can communicate with BAD.

No VLANS or nothing are set on the switches.

However, the problem is that there is the need to put a GOOD machine on S2, and a DMZ machine on S1 (

This has the effect that the Good machine on S2 can not communicate with anyone.

The same is for the DMZ machine also.

In a previous configuration where one switch was a 2950 and the second was a 1900, everything worked fine.

Now that both switches are Catalyst 2950 (24 port) with version 12.1(13)EA1 this schema does not work.

Any ideas?

5 REPLIES
New Member

Re: Problems in communication of two 2950 Switches

Hi,

Can you confirm that all ports are in the default vlan 1?

Also, have you checked the switch forwarding table to see if you can see the relevant mac addresses of the devices from the correct ports. (use show mac-address-table)

Have the machines already been active on the network before being moved and worked alright?

New Member

Re: Problems in communication of two 2950 Switches

First of all, thanks for the reply.

The show mac-address-table in both switches shows that everything (except of course CPU) is under the vlan 1.

The machines have been working correctly, and if are switched in the rooms (and switches) work fine and see the network.

New Member

Re: Problems in communication of two 2950 Switches

When a machine has been moved to the new switch, and you try to ping another device on the network, can you see the mac address showing correctly under the forwarding table? If so can you check the other switch and see if it can see the machine on vlan 1 on the inter-switch port.

If not, try clearing both mac-address-tables and see if you can get connectivity across the switches.

New Member

Re: Problems in communication of two 2950 Switches

I am not very sure about the mac address showing

correctly. I will check it.

But issuing a clear mac-address-table dynamic on both switches did not give me connectivity.

One other thing that might help you on that is that

ping SW2 from a SW1 machine does not give any reply

the same if pinging SW1 from an SW2 machine.

Also I have no reply when i issue a ping between the two switches.

But pinging directly machines and not switches gives replies.

New Member

Re: Problems in communication of two 2950 Switches

Implementing Private VLAN with Protected ports concept can help you resolve your problem. Pls. have a look at the below given URL.

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008013565f.shtml

96
Views
0
Helpful
5
Replies
CreatePlease to create content