Like Mike said it could be a multitude of things but my first guess would be that the switch you are unable to telnet to does not have a default gateway configured.

Vlan 100 is active.

Vlan 1 is shutdown.

its a 4507

Yes I have a default gateway.

I can ping all other switches except for the 4507.

Routing being done by a 3550 L3 switch

hi

i would suggest to go by step by step troubleshooting procedure to isolate the exact point which stucks up the communication.

just try to find out whether ur able to reach ur wkstation from the L3 switch and also the (4507)switch from ur L3 switch.

tht shuld help u out to solve ur problem.

regds

Is there a trunk between the 4507 and the rest of the network? Maybe that link is not trunking, possibly because of the config on the 4507?

Kevin Dorrell

Luxembourg

If you can not ping the switch, then there is some IP connectivity problem and that is what is preventing you from telnetting to the switch.

Can the 4507 ping its configured gateway?

can the 4507 ping anything beyond its gateway?

It might be very helpful to post the relevant parts of the config of the 4507.

HTH

Rick

indeed there is some ip connectivity problem. Please post your config and we can help further.

mike

Okay Ill try and answer these as best as possible

Kevin - I have trunks running between all switches Yes. I can telnet into the 3550 (Core) then telnet into the 4507 from there. If I try to telnet to 4507 Then I have the problem.

Would the port my computer is plugged into on the 4507 have to be "switchport native vlan" to the management vlan?

Rick - I cannot ping the switch from my computer (not sure about from the 3550 ill test after lunch)

Mike - ill post the config after lunch :)

It is good to know that you can telnet into the 4507 from the 3550. I think it makes it more likely that the issue is something about the definition of the default gateway on the 4507. It would be especially helpful if you would post the config.

When you do telnet to the 4507 from the 3550 can you ping from the 4507 to other addresses on the 3550 or addresses beyond the 3550? Can you ping from the 4507 to the address of your PC?

HTH

Rick

Heres a basic run down of my config

And about pings I have ICMP blocked. Before when I allowed it I couldn't ping the 4507, but I could ping all other switches on the network from my computer. And im pretty sure I could ping the 4507 from the 3550 (cant remember so dunno)

but heres the config, pieces of it anyways.

----------------------------------------------

version 12.1

no service pad

service timestamps debug datetime localtime

service timestamps log datetime localtime

boot system flash bootflash:

logging buffered 50000 debugging

clock timezone cst -6

clock summer-time cst recurring

ip subnet-zero

no ip source-route

no ip domain-lookup

spanning-tree extend system-id

redundancy

mode rpr

main-cpu

auto-sync standard

interface GigabitEthernet1/1

interface GigabitEthernet1/2

interface GigabitEthernet2/1

interface GigabitEthernet2/2

interface GigabitEthernet3/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

interface GigabitEthernet4/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

duplex full

speed 100

interface GigabitEthernet4/2

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

qos trust cos

spanning-tree portfast

interface GigabitEthernet4/15

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

qos trust cos

spanning-tree portfast

interface GigabitEthernet4/16

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

qos trust cos

spanning-tree portfast

interface GigabitEthernet4/17

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

qos trust cos

spanning-tree portfast

interface GigabitEthernet4/18

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

qos trust cos

spanning-tree portfast

interface GigabitEthernet4/19

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

qos trust cos

spanning-tree portfast

interface Vlan100

ip address (IP of the Management Domain)

no ip redirects

no ip unreachables

no ip route-cache

no ip mroute-cache

ip default-gateway (The 3550 Management IP)

ip classless

ip route profile

ip route 0.0.0.0 0.0.0.0 141.242.129.254

ip http server

ip pim rp-address 10.0.0.1

line con 0

line vty 0 4

line vty 5 15

In your attempt to be cautious you have withheld some information that might be significant. In particular by not showing the IP address on vlan100 and the IP address of the default-gateway you do not allow us to see one of the things that is a likely source of these symptoms.

I do notice that there are no parameters listed on line vty 0 4. I would expect at least a password to be configured. VTYs with no password will usually prevent telnet unless aaa authentication is configured - which I do not see in your config.

HTH

Rick

Yeah I know about the Vlan100 and Default gateway but im almost 100 percent sure it won't help

Since the Gateway is setup just like it is on all the other switches and same with the Vlan100.

I think it has something to do the way we have trunking setup.

And login/password access is there I just, as you've already mentioned, removed it.

Appreciate the help though. I haven't really had time to work on this problem either. Too busy on other projects/problems :(.

I was able to sit down and work on this again.

My new findings are

1) I can ping the 4507 from other switches that I telnet into.

2) I can ping those other switches from my computer from the command prompt and recieve a reply. I do not recieve anything from the 4507.

When I debugged ICMP on the 4507 it shows it recieving the packets and replying to my computer but my computer displays that no packets are being recieved.