cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
690
Views
0
Helpful
9
Replies

PAYCLOCK BOX AND ARP

Hi pros,

Before all thank you for taking your time to help a fellow out.! Real Koodoos to you all.

Here it's... my having issue with a small payclock box that an outsourcing HR company send to our HR. The network design is quite simple:

Cisco 3750 stack( 4 SW) ----> Cisco ASA 5606x with DMZ

That DMZ vlan is the only SVI not create in the 3750 Stack switches. The stack sw  just sees that as a layer 2 vlan. Now  when I add that clock on that vlan, I can't ping even though I can anything else on that vlan.

Further troubleshooting shows that the switch does not even have the MAC address of the device under its port! I tried a static arp assignment but still no change! Reboot the stack and the ASA still no dice! I have the company to send another device, they've tested before sending it out! And no change! I am out of ideas!

Ideas, suggestions are welcome.

Thank,

9 Replies 9

Hello,

what brand/type is the payclock box ?

Hi Georg,

It's a ZK clock with facial and finger print.

Thanks,

Hello,

is your 3750 a PoE switch ? If so, power over Ethernet (auto) is enabled by default on switch ports. Try and turn it off with the interface command:

power inline never

The only other setting that could be relevant is the flowcontrol, which is set to 'receive off' by default. Try and enable it with the interface command:

flowcontrol receive on

Hi Georg,

Yes, all the switches in the stack is PoE... and yes, the power is enable by default. I have never thought of changing but don't see how it will prevent the switches from learning the MAC of the connected device.

Also I have configured a laptop with the same IP, connected on the same port... it works just fine. Nonetheless, I will give your suggestion a try.

Thanks for the help,

Hello
How are you suppose to administer these devices? What other means of connecting to this device do you have- Serial/USB etc..?

Do they even support icmp or do this or even tcp/ip require enabling before it can used over the network?



res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hi Paul,

Thanks for the help....

Well i was not aware about the device untill the HR could not figured out! And i quickly found out they were more than just added to the network! NAT is required, ACL to open up Specific port is required!

Due to the fact, i don't suppose to manage it myself... The outsourcing HR supposed to manage it, so i decide to put it on a DMZ and open up to only their DC IP Pool.

And this is where the drama started. In the internal network everything is fine, i can ping it and outsource company can ping it, and their application can reach open up ports. 

But when mode to the DMZ, can't ping it neither from internal network nor outside! ACL is in place... packet tracer shows traffic flows from one interface to another fine, no problem... Device can be ping from the DMZ interface of the ASA(same subnet). Put can't not ping from the switch or any other subnet. The switch/internal subnet can ping another device on the same DMZ.

Hello

So you do have connectivity between your inside vlans and dmz vlan but just not to this device attched the dmz vlan?

How does this box receive its addressing? 

Can you connect to another device attached to the same port as this 

Clock box?

Have you check the cabling-does it require a cross over cable although the switchs should be mdix aware 

Speed/duplex setting?

res

paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hi Paul,

have checked the speed/duplex and they're a good.... even tried auto, still no dice.

Box set with static IP. Also I tried DHCP, it did get an IP but I still can't ping it!

Unplug that box, and assigned the IP to a laptop... And I have full connectivity!

Thanks,

Jean Paul,

what brand/type is the box ?

Review Cisco Networking for a $25 gift card