cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
807
Views
0
Helpful
2
Replies

1711 VLAN issue?

jerry.roy
Level 1
Level 1

I believe there may be an incompatibility between the Cisco and the 3Com that’s causing these issues.

When I ping from the 1711 I get the following whether or not we are in half duplex or full duplex or speed 10 or 100 mbps. Notice every third packet is dropped. If I source from the LAN 192.168.1.1 I can still ping and get the same problems. A user on the LAN from his workstation can only get to some of the IP's on the DMZ (63.145.181.64/27) see 2 Below he is unable to get a ping response from.

LAN Interface (VLAN1) 192.168.1.1/24

DMZ (VLAN2) 63.x.x.66/27

Internet 67.x.x.194/29

I have confirmed there is only one Default gateway on these devices. Some are dell servers and some are Cobalt raq3's and 4's.

LFL-1711-LAN#ping

Protocol [ip]:

Target IP address: 63.x.x.67

Repeat count [5]: 500

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 500, 100-byte ICMP Echos to 63.145.181.67, timeout is 2 seconds:

!!!!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!

Success rate is 67 percent (124/184), round-trip min/avg/max = 1/1/4 ms

LFL-1711-LAN#

Select menu option (physicalInterface/ethernet):

LFL-1711-LAN#ping

Protocol [ip]:

Target IP address: 63.x.x.89

Repeat count [5]: 5000

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 5000, 100-byte ICMP Echos to 63.145.181.89, timeout is 2 seconds:

!!!!!.!!.!!.!!.!!.!!.!!.!!.!!.!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!!.!

Success rate is 59 percent (151/253), round-trip min/avg/max = 1/1/4 ms

ip subnet-zero

!

!

no ip domain lookup

ip domain name ****forless.com

ip dhcp excluded-address 192.168.1.1 192.168.1.20

!

ip dhcp pool 192.168.1.0/24

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

domain-name ****less.com

dns-server 63.147.112.162 !

!

ip cef

ip audit po max-events 100

no vlan accounting

no ftp-server write-enable

!

!

!

!

!

no crypto isakmp enable

!

!

!

interface FastEthernet0

description INTERNET

ip address 67.100.97.194 255.255.255.248

ip access-group Wan_2_Local in

ip nat outside

duplex auto

speed auto

no cdp enable

!

interface FastEthernet1

switchport access vlan 2

no ip address

duplex full

speed 100

no cdp enable

!

interface FastEthernet2

switchport access vlan 2

no ip address

duplex full

speed 100

no cdp enable

!

interface FastEthernet3

no ip address

duplex full

speed 100

no cdp enable

!

interface FastEthernet4

no ip address

duplex full

speed 100

no cdp enable

!

interface Vlan2

description DMZ

ip address 63.145.181.66 255.255.255.224

!

interface Vlan1

description $ETH-SW-LAUNCH$

ip address 192.168.1.1 255.255.255.0

ip nat inside

!

ip classless

ip route 0.0.0.0 0.0.0.0 67.100.97.193

!

ip nat inside source list NAT interface FastEthernet0 overload

!

!

!

ip access-list extended NAT

permit ip 192.168.1.0 0.0.0.255 any

ip access-list extended Wan_2_Local

permit tcp any any eq 22

!

!

!

line con 0

logging synchronous

transport preferred all

transport output all

line 1

stopbits 1

speed 115200

flowcontrol hardware

line aux 0

line vty 0 4

privilege level 15

password 123456

logging synchronous

login authentication ssh

transport preferred all

transport input ssh

transport output all

2 Replies 2

b.hsu
Level 5
Level 5

Check the VLAN information on both the devices

erhoehne
Level 1
Level 1

Hi Jerry,

Are you sure the DMZ workstations the LAN workstations are trying to reach but can't are in the correct vlan? Do you have any other switches daisy chained off any of the interfaces of the 1711 above? You mentioned something about 3com above, but didn't go into any detail.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: