Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
0
Helpful
2
Replies

Cannot Ping L2 Management Except From Directly Connect L3 Device

Brennon Duffy
Level 1
Level 1

‎04-04-2023 12:36 PM

Just as the title says I have the following topology.

BrennonDuffy_0-1680636454332.png

I cannot ping the Vlan255 SVI on any of the access switches from any device other than DO-CORE-1 and DO-CORE-2.

I have EIGRP running and have reachability to every IP other than the three SVI's mentioned. I'll provide configs for DO-WAN-1, DO-CORE-1, and DO-ASW-1 below as the others are pretty similar.

 

DO-WAN-1#sh run
Building configuration...

Current configuration : 3789 bytes
!
! Last configuration change at 19:29:16 UTC Tue Apr 4 2023
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DO-WAN-1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
key chain EIGRP
key 2
key-string EIGRP_PASSWORD
!
!
!
redundancy
!
no cdp log mismatch duplex
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
description ***FROM ACCESS PORT G0/0 TO DO-CORE-1 G0/0***
ip address 100.100.100.1 255.255.255.252
ip authentication mode eigrp 1 md5
ip authentication key-chain eigrp 1 EIGRP
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
!
router eigrp 1
network 10.10.10.0 0.0.0.255
network 10.10.11.0 0.0.0.255
network 10.10.12.0 0.0.0.255
network 10.10.13.0 0.0.0.255
network 10.10.14.0 0.0.0.255
network 10.10.255.0 0.0.0.255
network 100.100.100.0 0.0.0.3
network 100.100.100.4 0.0.0.3
network 100.100.100.8 0.0.0.3
passive-interface default
no passive-interface GigabitEthernet0/0
eigrp router-id 4.4.4.4
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
!
ipv6 ioam timestamp
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
transport input none
!
no scheduler allocate
!
end

 

DO-CORE-1#sh run
Building configuration...

Current configuration : 8970 bytes
!
! Last configuration change at 19:13:03 UTC Tue Apr 4 2023
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname DO-CORE-1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
key chain EIGRP
key 2
key-string EIGRP_PASSWORD
key chain HSRP
key 1
key-string HSRP_PASSWORD
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
no switchport
ip address 100.100.100.5 255.255.255.252
ip authentication mode eigrp 1 md5
ip authentication key-chain eigrp 1 EIGRP
!
interface Port-channel2
description ***FROM TRUNK PORT-CHANNEL2 G1/0-1 TO DO-ASW-1 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
!
interface Port-channel4
description ***FROM TRUNK PORT-CHANNEL4 G1/2-3 TO DO-ASW-2 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
!
interface Port-channel6
description ***FROM TRUNK PORT-CHANNEL6 G2/0-1 TO DO-ASW-3 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/0
description ***FROM ACCESS PORT G0/0 TO DO-WAN-1 G0/0***
no switchport
ip address 100.100.100.2 255.255.255.252
ip authentication mode eigrp 1 md5
ip authentication key-chain eigrp 1 EIGRP
negotiation auto
!
interface GigabitEthernet0/1
description ***FROM DO-CORE-2 G0/1-2***
no switchport
no ip address
negotiation auto
channel-group 1 mode active
!
interface GigabitEthernet0/2
description ***FROM DO-CORE-2 G0/1-2***
no switchport
no ip address
negotiation auto
channel-group 1 mode active
!
interface GigabitEthernet0/3
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet1/0
description ***FROM TRUNK PORT-CHANNEL2 G1/0-1 TO DO-ASW-1 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 2 mode active
!
interface GigabitEthernet1/1
description ***FROM TRUNK PORT-CHANNEL2 G1/0-1 TO DO-ASW-1 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 2 mode active
!
interface GigabitEthernet1/2
description ***FROM TRUNK PORT-CHANNEL4 G1/2-3 TO DO-ASW-2 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 4 mode active
!
interface GigabitEthernet1/3
description ***FROM TRUNK PORT-CHANNEL4 G1/2-3 TO DO-ASW-2 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 4 mode active
!
interface GigabitEthernet2/0
description ***FROM TRUNK PORT-CHANNEL6 G2/0-1 TO DO-ASW-3 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 6 mode active
!
interface GigabitEthernet2/1
description ***FROM TRUNK PORT-CHANNEL6 G2/0-1 TO DO-ASW-3 G0/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 6 mode active
!
interface GigabitEthernet2/2
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
no negotiation auto
!
interface GigabitEthernet2/3
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
no negotiation auto
!
interface GigabitEthernet3/0
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
no negotiation auto
!
interface GigabitEthernet3/1
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
no negotiation auto
!
interface GigabitEthernet3/2
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
no negotiation auto
!
interface GigabitEthernet3/3
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
no negotiation auto
!
interface Vlan10
description ***IT Department***
ip address 10.10.10.252 255.255.255.0
standby 10 ip 10.10.10.254
standby 10 timers msec 200 msec 750
standby 10 priority 120
standby 10 preempt delay minimum 180
standby 10 authentication md5 key-chain HSRP
!
interface Vlan11
description ***ACCOUNTING***
ip address 10.10.11.252 255.255.255.0
standby 11 ip 10.10.11.254
standby 11 timers msec 200 msec 750
standby 11 priority 120
standby 11 preempt delay minimum 180
standby 11 authentication md5 key-chain HSRP
!
interface Vlan12
description ***USER***
ip address 10.10.12.252 255.255.255.0
standby 12 ip 10.10.12.254
standby 12 timers msec 200 msec 750
standby 12 priority 120
standby 12 preempt delay minimum 180
standby 12 authentication md5 key-chain HSRP
!
interface Vlan13
description ***VOICE***
ip address 10.10.13.252 255.255.255.0
standby 13 ip 10.10.13.254
standby 13 timers msec 200 msec 750
standby 13 preempt delay minimum 180
standby 13 authentication md5 key-chain HSRP
!
interface Vlan14
description ***IOT***
ip address 10.10.14.252 255.255.255.0
standby 14 ip 10.10.14.254
standby 14 timers msec 200 msec 750
standby 14 preempt delay minimum 180
standby 14 authentication md5 key-chain HSRP
!
interface Vlan255
ip address 10.10.255.1 255.255.255.0
standby 255 ip 10.10.255.254
standby 255 timers msec 200 msec 750
standby 255 preempt delay minimum 180
standby 255 authentication md5 key-chain HSRP
!
!
router eigrp 1
network 10.10.10.0 0.0.0.255
network 10.10.11.0 0.0.0.255
network 10.10.12.0 0.0.0.255
network 10.10.13.0 0.0.0.255
network 10.10.14.0 0.0.0.255
network 10.10.255.0 0.0.0.255
network 100.100.100.0 0.0.0.3
network 100.100.100.4 0.0.0.3
network 100.100.100.8 0.0.0.3
passive-interface default
no passive-interface Port-channel1
no passive-interface GigabitEthernet0/0
eigrp router-id 2.2.2.2
!
ip forward-protocol nd
!
ip http server
!
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
!
!
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
!
line con 0
line aux 0
line vty 0 4
login
!
!
end

 

D0-ASW-1#sh run
Building configuration...

Current configuration : 6169 bytes
!
! Last configuration change at 19:25:43 UTC Tue Apr 4 2023
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname D0-ASW-1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel2
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
!
interface Port-channel3
description ***FROM TRUNK PORT-CHANNEL3 G0/2-3 TO DO-CORE-2 G1/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/0
description ***FROM TRUNK PORT-CHANNEL2 G0/0-1 TO DO-CORE-1 G1/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 2 mode active
!
interface GigabitEthernet0/1
description ***FROM TRUNK PORT-CHANNEL2 G0/0-1 TO DO-CORE-1 G1/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 2 mode active
!
interface GigabitEthernet0/2
description ***FROM TRUNK PORT-CHANNEL3 G0/2-3 TO DO-CORE-2 G1/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 3 mode active
!
interface GigabitEthernet0/3
description ***FROM TRUNK PORT-CHANNEL3 G0/2-3 TO DO-CORE-2 G1/0-1***
switchport trunk allowed vlan 10-14,255
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport mode trunk
switchport nonegotiate
negotiation auto
channel-group 3 mode active
!
interface GigabitEthernet1/0
switchport access vlan 10
negotiation auto
!
interface GigabitEthernet1/1
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet1/2
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet1/3
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet2/0
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet2/1
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet2/2
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet2/3
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet3/0
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet3/1
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet3/2
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface GigabitEthernet3/3
description ***UNUSED***
switchport access vlan 999
switchport mode access
switchport nonegotiate
shutdown
negotiation auto
!
interface Vlan255
description ***MANAGEMENT***
ip address 10.10.255.3 255.255.255.0
!
ip default-gateway 10.10.255.254
ip forward-protocol nd
!
ip http server
!
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
!
!
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
!
line con 0
line aux 0
line vty 0 4
login
!
!
end

 

Labels:
0 Helpful
2 Replies 2

Flavio Miranda
VIP
VIP

‎04-04-2023 01:47 PM

Hi

 On the access switch, instead this  " ip default-gateway 10.10.255.254"  use this  " ip route 0.0.0.0 0.0.0.0 10.10.255.254"

0 Helpful

MHM Cisco World
VIP
VIP

‎04-04-2023 01:59 PM

can you traceroute from WAN to SVI in access SW ??

0 Helpful
Customers Also Viewed These Support Documents