cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1296
Views
0
Helpful
6
Replies

Switch connected to ASA can't be pinged from inside network

DaveU
Level 1
Level 1

We have two switches on our network which is unreachable when pinging from our servers.

 

Switch is on 192.168.5.x/24 subnet

Servers is on 192.168.1.x/24 subnet

 

The setup is ASA --> SW1 --> SW2 --> Servers. (See diagram uploaded)

 

Our goal is to make the switches reachable from our servers. I tried pinging the switch from ASA which i get replies but pinging the ASA from switch fails.

Everything works fine on the network, we just need to make the servers able to ping the switches.

 

 

 

 

 

 

1 Accepted Solution

Accepted Solutions

Hello

Why do you have two MGT vlans ?
192.168.5.0/24 - vlan 5
192.168.100.0/24 - vlan 100

On your switches you show as having two L3 interfaces in the above vlans , which isnt a problem but it isnt necessary.

As you OP mentioned communication between vlan 5(mgt) and Vlan10 (server vlan) i would suggest to use vlan 5 network as the gateway, apply the below and test again.

Switch1 & 2
conf t
ip default-gateway 192.168.5.1


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

6 Replies 6

Hello

Your switches dont have a default-gateway or a default route so outside it own vlans it wont be able to respond? -  Try adding this.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Which default-gateway should I add?

 

192.168.5.1 or 192.168.1.1 ?

Btw, What is the recommended way for me to do this? Should I add ip route or ip default-gateway?

Hello

Why do you have two MGT vlans ?
192.168.5.0/24 - vlan 5
192.168.100.0/24 - vlan 100

On your switches you show as having two L3 interfaces in the above vlans , which isnt a problem but it isnt necessary.

As you OP mentioned communication between vlan 5(mgt) and Vlan10 (server vlan) i would suggest to use vlan 5 network as the gateway, apply the below and test again.

Switch1 & 2
conf t
ip default-gateway 192.168.5.1


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

It worked! Thank you!

Netlabbuilder
Level 1
Level 1

I hope I correctly understand your network setup.

  • Your switches are simply L2 switches, thus you should have only one SVI (for the Switch/Network Management purpose). You should choose either SVI for VLAN 5 or SVI for VLAN 100, but not both to be used on your L2 switches (as in the configuration). The other SVI/VLAN should be removed/deleted from your L2 switches and on ASA.
  • Let us assume that you choose VLAN 5 and Interface VLAN 5 as your Network Management SVI/VLAN (as shown in the network diagram), you can use the IP address of 192.168.5.1 on ASA sub-interface G1/2.5 as the default-gateway for your switches (with command ip default-gateway 192.168.5.1).

 

Review Cisco Networking for a $25 gift card