Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2299
Views
0
Helpful
7
Replies

2960X not learning Mac Addresses on interface

mumbles202
Level 5
Level 5

‎09-22-2021 11:46 AM

I'm connecting an interface off of a firewall onto port 41 of a 2960x running 15.0(2)EX5 with a very generic configuration:

 

interface GigabitEthernet0/41
switchport access vlan 200
switchport mode access

 

When I issue a "show mac address-t int gi 0/41" nothing is being populated.  However, if I switch the settings and change the vlan assigned to vlan 1, the mac address of the firewall does show up on the switch.  I've tried looking for a bug id that might explain this but haven't found 1 yet.  The switch is basically flat but from what i can see it has no mac address information for anything other than vlan 1, even through devices are currently attached in other vlans. 

 

2960x_2#sh run int gi 0/41
Building configuration...

Current configuration : 89 bytes
!
interface GigabitEthernet0/41
 switchport access vlan 200
 switchport mode access
end

2960x_2#sh mac ad
2960x_2#sh mac address-table int gi 0/41
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
2960x_2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
2960x_2(config)#int gi 0/41
2960x_2(config-if)#sw
2960x_2(config-if)#switchport ac
2960x_2(config-if)#switchport access v
2960x_2(config-if)#switchport access vlan 1
2960x_2(config-if)#end
2960x_2#show mac ad
2960x_2#show mac address-table int gi 0/41
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
2960x_2#show mac address-table int gi 0/41
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
2960x_2#
2960x_2#show mac address-table int gi 0/41
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    1122.3355.d914    DYNAMIC     Gi0/41
Total Mac Addresses for this criterion: 1
Labels:
0 Helpful
7 Replies 7

Reza Sharifi
Hall of Fame
Hall of Fame

‎09-22-2021 11:59 AM

Does VLAN 200 exist on the switch?

what is the output of "sh vlan"?

HTH

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎09-22-2021 12:01 PM

have you created VLAN 200 ? check show VLAN command to see if the VLAN exists, if not create vlan 200 and allocate the port to vlan and test it.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mumbles202
Level 5
Level 5
In response to balaji.bandi

‎09-22-2021 01:58 PM

yes, vlan 200 exists on the switch: 

 

------------------ show vlan ------------------
200 Guest_Traffic active Gi0/41, Gi0/43

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to mumbles202

‎09-22-2021 02:36 PM

what is the end device ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mumbles202
Level 5
Level 5
In response to balaji.bandi

‎09-23-2021 06:35 AM

End device is a FortiGate firewall with 1 port set as a standalone interface.  After troubleshooting some last night this might be more on that side as I can replicate the issue on another 2960x as well as a switch from another vendor.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to mumbles202

‎09-23-2021 08:17 AM

i have come across this issue my case was like this :

 

if the device belong to VLAN 200 (i took as your vlan example) - and Fortinet have IP address from VLAN 200 ( with VLAN SVI as Gateway) - then the Interface belong to VLAN 200 can see the MAC address ?

 

VLAN 1 any way you see MAC address?  So please what is the IP address of the Fortinet FW

 

Note : this is one of the use case i have come acrss so may be not in your case.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mumbles202
Level 5
Level 5
In response to balaji.bandi

‎10-01-2021 03:24 PM

So I did some more testing and found the following after changing the vlan id to be correct:

 

1.) I'm learning a mac address of ac12.f001.3600 (where the 3600 has also shown as 3100, 3300 and 3500 when checking it at different times)

2.) I learn the mac address of the FortiGate if I connect a device in vlan 200 and have it do a dhcp discovery; it remains in the mac address table of the switch until the end device disconnects

3.) when the device in the vlan disconnects the mac address in the for the FortiGate disappears shortly after

4.) show lldp neighbor from either device (Cisco switch or FortiGate) shows the other device connected w/ the correct mac address.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card