Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2852
Views
0
Helpful
27
Replies

Two switches on different network can't communicate.

tantony
Level 1
Level 1

‎10-11-2018 10:21 AM - edited ‎03-05-2019 10:58 AM

I'm starting a new discussion because I made some changes to my network.

 

I have a Juniper SRX550 firewall. Juniper is providing DHCP for networks 172.16.64.0/18 and 172.16.1280/18.

 

Cable goes from port 0/0/2, 172.16.64.1/18 Juniper to port 1 VLAN 1 to a Cisco 3560 switch with ip 172.16.64.2/18
Cable goes from port 0/0/3, 172.16.128.1/18 Juniper to port 1 VLAN 1 to a Cisco 3560 switch with ip 172.16.128.2/18

I have a WiFi router connected to the 172.16.64./ switch on port 23. The IP of WiFi router is 172.16.128.3/18.

 

I have IP Routing enabled on both switches. When I connect my laptops to both switches, I'm getting the correct DHCP and default gateways, but I'm not able to communicate across.

 

For example, if I'm on the 172.16.64.2 switch, I can't ping anything on the 172.16.128.0 network. I can only ping the default gateway.

 

I'll post configs from both switches.

Labels:
0 Helpful
27 Replies 27

Georg Pauwen
VIP
VIP

‎10-11-2018 10:25 AM

Hello,

 

from your description it sounds like you have one Vlan, Vlan 1, and different address spaces within that Vlan. Which doesn't work. What if you make one of the networks and corresponding switch belong to another Vlan, e.g. Vlan 2 ?

0 Helpful

tantony
Level 1
Level 1
In response to Georg Pauwen

‎10-11-2018 10:28 AM

This is the config from the 172.16.64.2 switch

hostname DNDO-Switch
!
!
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
!
!
interface FastEthernet0/23
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/24
 no switchport
 no ip address
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 172.16.64.2 255.255.192.0
!
interface Vlan3
 ip address 172.16.128.5 255.255.192.0
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
 no login
line vty 5 15
 no login
!
!
end

 

 

 

 

 

 

0 Helpful

tantony
Level 1
Level 1
In response to tantony

‎10-11-2018 10:29 AM

And this is from 172.16.128.2 switch

 

hostname Dev-Switch
!
!
no aaa new-model
vtp domain SCOTTSDALE
vtp mode transparent
ip subnet-zero
ip routing
no ip domain-lookup
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 14
 name default14
!
interface FastEthernet0/1
!
!
interface FastEthernet0/24
 no switchport
 no ip address
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 172.16.128.2 255.255.192.0
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 5 15
!
!
end

 

 

0 Helpful

tantony
Level 1
Level 1
In response to tantony

‎10-11-2018 10:31 AM

I also have a trunk cable between both switches both on ports 24.  Do I have it correctly?

0 Helpful

tantony
Level 1
Level 1
In response to tantony

‎10-11-2018 11:11 AM

Anybody?

0 Helpful

Georg Pauwen
VIP
VIP
In response to tantony

‎10-11-2018 11:21 AM

Hello,

 

you don't need the trunk between the switches. By enabling ip routing, your switches effectively become routers.

 

Change the configs as below. To which ports are the hosts connected that need to communicate ?

 

ostname DNDO-Switch
!
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
!
interface FastEthernet0/23
switchport access vlan 3
switchport mode access
!
interface FastEthernet0/24
no switchport
no ip address
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 172.16.64.2 255.255.192.0
!
ip classless
ip http server
!
control-plane
!
line con 0
line vty 0 4
no login
line vty 5 15
no login
!
end

-------------

hostname Dev-Switch
!
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
!
interface FastEthernet0/24
no switchport
no ip address
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan3
ip address 172.16.128.2 255.255.192.0
!
ip classless
ip http server
!
control-plane
!
line con 0
line vty 5 15
!
end

0 Helpful

tantony
Level 1
Level 1
In response to Georg Pauwen

‎10-11-2018 11:27 AM

I'll try it now

0 Helpful

Georg Pauwen
VIP
VIP
In response to tantony

‎10-11-2018 11:29 AM

Hello,

 

make sure the ports to which your hosts are connected are configured as below:

 

For Vlan 3 clients:

 

switchport mode access

switchport access vlan 3

spanning-tree portfast

 

For Vlan 1 clients:

 

switchport mode access

spanning-tree portfast

0 Helpful

tantony
Level 1
Level 1
In response to Georg Pauwen

‎10-11-2018 11:37 AM

I have a WiFi router connected to 172.16.64.2 switch on port 23 (VLAN 3).  I did the following step and it says "port fast should only be enabled on ports connected to a single host.  Connecting to hubs, switches, etc can cause temporary briding loops"

 

I have two laptops connected to each switch.  I'm getting the correct DHCP from the Juniper router.  

 

The laptop connected to 172.16.64.2 switch can ping the laptop on the 172.16.128.1 DHCP.  But the laptop connected to 172.16.128.2 switch can't ping the other laptop.

0 Helpful

Georg Pauwen
VIP
VIP
In response to tantony

‎10-11-2018 11:41 AM

Post a schematic drawing of your topology indicating what is connected to what, on which port, and where the two laptops are connected to that need to communicate with each other.

0 Helpful

tantony
Level 1
Level 1
In response to Georg Pauwen

‎10-11-2018 11:51 AM

NetGear diagram.png

0 Helpful

Georg Pauwen
VIP
VIP
In response to tantony

‎10-11-2018 11:59 AM

Hello,

 

which ports on the switches are the laptops connected to ? The switch configs need to look like this:

 

hostname DNDO-Switch
!
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
!
interface FastEthernet0/23
switchport mode access
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 172.16.64.2 255.255.192.0
!
ip classless
ip http server
!
control-plane
!
line con 0
line vty 0 4
no login
line vty 5 15
no login
!
end

-------------

hostname Dev-Switch
!
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport access vlan 3
spannin-tree portfast
!
interface FastEthernet0/24
shut
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan3
ip address 172.16.128.2 255.255.192.0
!
ip classless
ip http server
!
control-plane
!
line con 0
line vty 5 15
!
end

0 Helpful

tantony
Level 1
Level 1
In response to Georg Pauwen

‎10-11-2018 12:03 PM

on the 172.16.64.2 switch, laptop is connected to port 17, VLAN 1

on the 172.16.128.2 switch, laptop is connected to port 17, VLAN 1

 

I copied and pasted your config from earlier, I'll double check

0 Helpful

Georg Pauwen
VIP
VIP
In response to tantony

‎10-11-2018 12:14 PM

Configure the ports as below:

 

on the 172.16.64.2 switch, laptop is connected to port 17, VLAN 1

 

interface FastEthernet0/17
switchport mode access
spanning-tree portfast

 

on the 172.16.128.2 switch, laptop is connected to port 17, VLAN 3

 

interface FastEthernet0/17
switchport mode access

switchport access vlan 3
spanning-tree portfast

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card