cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

568
Views
0
Helpful
4
Replies
Highlighted
Beginner

native vlan unreachable

Hi.

I made following schema.

ASA5505 + sec plus license

e0/0 -access VLAN2-> uplink

e0/1 - trunk .1q -> switch

e0/2 - access VLAN9

e0/3 - access VLAN9

e0/4 - access VLAN9

e0/5 - access VLAN9

e0/6 - access VLAN9

e0/7 - access VLAN9

native VLAN was reassigned from 1 to 9

native VLAN for trunk is 9

I configured 7 VLANs with different security levels. Some of them inside, some DMZ.

problem is I'm not able to ping switch with ip 172.19.214.194(VLAN9) from ASA but I can ping device in VLAN-3-1.1only one way I can ping device in vlan 9from ASA if I connect ASA port for example e0/5 to switch ports vlan9 member but some STP issues appears.

Could you help?

Thank you.

4 REPLIES 4

Re: native vlan unreachable

Hi ,

Did you change also the native vlan of the switch port ?

The only port that is connected to the switch is 0/1 ?

Dan

Beginner

Re: native vlan unreachable

yes i changed switch native vlan.

This is Enterasys C3 switch.

trunk from ASA e0/1 connected to port ge.1.48

set vlan egress 9 ge.1.48 untagged
set vlan egress 9 ge.1.47 untagged
set host vlan 9

another ASA port e 0/5 (vlan9) connected to switch port ge.1.47 (vlan9)

native vlan reassigned at the switch too (underlined)

if I disconnect link ASA e0/5 switch ge.1.47 I can not ping each other. ASA<->Enterasys switch.

spantree is disabled ast both ports:

set spantree portadmin  ge.1.47 disable
set spantree portadmin  ge.1.48 disable

Thank you.

Re: native vlan unreachable

Hi ,

Have you checked the MAC address of the ASA's vlan9 on the switch ? Is it on ge.1.47 is it on ge.1.48 ?

Also on ASA : show switch mac-address-table ,can you see the MAC address of the SVI of the switch ?

Dan

Beginner

Re: native vlan unreachable

ASA mac (c84c.75f4.1e12)

Enterasys (001f.4579.1da0)

enterasys

CAQCMT-TD-SW01(su)->show mac address c8-4c-75-f4-1e-12

MAC Address       FID  Port          Type

----------------- ---- ------------- --------

C8-4C-75-F4-1E-12 1    ge.1.48       Learned

C8-4C-75-F4-1E-12 3    ge.1.48       Learned

C8-4C-75-F4-1E-12 4    ge.1.48       Learned

C8-4C-75-F4-1E-12 5    ge.1.48       Learned

C8-4C-75-F4-1E-12 9    ge.1.47       Learned

CAQCMT-TD-SW01(su)->

ASA

CAQCMT-TD-FW01# sh switch mac-address-table
Legend: Age - entry expiration time in seconds

   Mac Address  | VLAN |       Type       | Age | Port
-------------------------------------------------------

----------omitted for briefly.---------------

001f.4579.1da0 | 0009 |     dynamic      | 287 | Et0/5
----------omitted for briefly.---------------

Total Entries: 79

CAQCMT-TD-FW01#

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards