Solved: cisco 2950-24 switch management problem

horvaia · ‎04-30-2004

Hi,

I have problem while i want to reach my switch from

the internet. The problem is from the switch

I'm not able to ping even the default-gw too. It

seems none of the packets go out from the switch

itself. Very strange.

Switch IOS: c2950-i6q4l2-mz.121-20.EA1a.bin

Router IOS: c2600-is-mz.122-23a.bin

Does anybody have any idea?

Here are the configs:

router (2610):

interface Ethernet0/0

description uplink to switch [sw 0/1]

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

no ip mroute-cache

full-duplex

!

interface Ethernet0/0.100

encapsulation dot1Q 100

ip address 192.168.4.165 255.255.255.252

no cdp enable

!

interface Ethernet0/0.200

encapsulation dot1Q 200

ip address 192.168.11.81 255.255.255.240

no cdp enable

!

interface Ethernet0/0.450

description switch management

encapsulation dot1Q 450

ip address 192.168.4.169 255.255.255.252

no cdp enable

switch (2950-24):

ip subnet-zero

!

ip name-server 213.134.0.9

ip name-server 213.134.0.10

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

interface FastEthernet0/1

description trunk > switch

switchport mode trunk

speed 10

duplex full

!

interface FastEthernet0/2

switchport access vlan 100

!

interface FastEthernet0/3

switchport access vlan 200

!

interface Vlan450

ip address 192.168.4.170 255.255.255.252

no ip unreachables

no ip route-cache

!

ip default-gateway 192.168.4.169

no ip http server

Thanks,

Andras

sstudsdahl · ‎05-03-2004

You need to add the VLAN450 to the vlan database in order for it to become active. Even though you have the "interface vlan 450" defined, it will not function until the actual vlan is defined. Try adding VLAN450 and that will most likely solve your problems.

View solution in original post

sstudsdahl · ‎04-30-2004

Try adding the native keyword to your encapsulation for vlan 450. It should look like:

interface Ethernet0/0.450

description switch management

encapsulation dot1Q 450 native

ip address 192.168.4.169 255.255.255.252

no cdp enable

Also, on your trunk port on the 2950, add the command:

"switchport trunk native vlan 450"

This will change the native VLAN from VLAN 1 to VLAN 450 for all frames that are not tagged with a dot1q ID.

horvaia · ‎05-03-2004

Hi,

Thanks for your idea. I tried it but it did not

work. I experienced the same problem. I'm able

to ping the router ip from the router and i'm able

to ping the switch vlan450 ip from the switch itself. But when I try to reach the switch from the

router it doesn't work. There isn't any ACL on the

interfaces. I just simply see an incomplete arp entry in the router arp table

(and of course in the switch arp table regarding the router ip). And there

is an another strange thing. Because there is the interface vlan450 in the switch but

when i issue the show vlan

command i can't see it. what is the problem?

see the outputs:

sstudsdahl · ‎05-03-2004

You need to add the VLAN450 to the vlan database in order for it to become active. Even though you have the "interface vlan 450" defined, it will not function until the actual vlan is defined. Try adding VLAN450 and that will most likely solve your problems.

horvaia · ‎05-04-2004

Thanks !!!

It has solved the problem!