cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2296
Views
5
Helpful
7
Replies

4900M can't access default gateway

rdbaker31
Level 1
Level 1

Hi All,

I am having trouble getting my newly installed 4900M(s) to access their default gateway. The 4900's are running IOS 12.2.53.SG2 and the default gateway, an ASA 5510 is running 8.3(1)1. I have connected a 2960 layer 2 switch to the ASA and it is able to ping the gateway address no problem so I'm confident it's not the firewall. However when I connect the 4900 to the firewall with the same default-gateway address configured, nothing. The 4900 is connecting to the ASA through a WS-X4908-10GE 8 port module using a TwinGig SFP adapter. The strange thing is the 4900 can ping other switches connected to it, but it just wont talk to the ASA. I have used ficticious IP's in the config extract below.

Here's what I believe to be the relevent config on the 4900;

4900-01#sh run
Building configuration...
!
hw-module module 3 port-group 4 select gigabitethernet
!
ip vrf mgmtVrf
!
vtp mode transparent
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 2254 priority 24576
!
vlan internal allocation policy ascending
!
vlan 2254
name Management_Vlan
!
interface FastEthernet1
ip vrf forwarding mgmtVrf
no ip address
speed auto
duplex auto
!
interface GigabitEthernet3/23
description to ASA5510 - E0/1
switchport trunk native vlan 2254
switchport mode trunk
!
interface Vlan2254
ip address 10.10.10.252 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.10.10.254
!

4900-01#

Any suggestions gratefully received.

7 Replies 7

Reza Sharifi
Hall of Fame
Hall of Fame

Hi,

When you ping local IP or the remote IP, are you using mgmtVrf in your ping command?

ping vrf mgmtVrf 10.10.10.252

HTH

Reza

never mind, you are not using the mgmt interface (sorry)

Reza

Reza Sharifi
Hall of Fame
Hall of Fame

what happens if you change the port from truk to access port?.

Hi Reza,

Thanks for the prompt response. Changing to an access port is not really an option I'm afraid. We want to run other subnets across the link hence using a trunk link.

Regards

R

Hi R,

So, are you running 802.1q trunk with sub-interfaces on the firewall?

Reza

   Are you sure you have ip routing turned on ??   To use a default static route like your config ip routing must be turned on otherwise use the ip default-gateway command for boxes with routing turned off.

Hi All,

Thanks for your responses. I have found the issue!

I needed to issue the 'switchport' command on interface Gi3/23

!

interface GigabitEthernet3/23
description to ASA5510 - E0/1

switchport                                    <=======
switchport trunk native vlan 2254
switchport mode trunk
!

Thanks again for you help.

Regards

R

Review Cisco Networking for a $25 gift card