Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3422
Views
0
Helpful
23
Replies

Can ping all devices on a network except devices in a vlan. Can ping those from the core

blee-advds
Level 1
Level 1

‎03-30-2017 09:23 AM - edited ‎03-08-2019 09:59 AM

I Have a network  that consists of a 3750 48 port  Ethernet (core), 3750 Fiber(layer 2) trunked on gi2/0/25 to gi1/0/1 all vlans 1,10,20,30,40-41,50-51 allowed.

I have had no issues. Added the 8th 2960 created vlan 41 and 51 added to the trunk. VTP is enabled and populates all VLANS in all switches. This issue comes when I add devices to the 2960 change ports to access mode for vlan 51. If Im plugged into the switch ( if on the CLI I cannot ping locally) I can ping and  access devices I can also ping the gateway. There is a default gateway on the layer 2  2960.. If I ping from the core I can reach the devices plugged into the 2960 and ping them. If i'm on another vlan I cannot. SVI for vlan 51 is 172.20.51.1 255.255.255.0 see switch configs below.

~~~~~~~~~~~~~~~~~~~~~~~~Core~~~~~~~~~~~~~~~~~~~~~

Current configuration : 5447 bytes
!
! Last configuration change at 12:30:44 EST Tue Mar 28 2017 by ADS
! NVRAM config last updated at 12:16:50 EST Tue Mar 28 2017 by ADS
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime
no service password-encryption
service sequence-numbers
!
hostname Core-Ethernet
!
switch 2 provision ws-c3750e-24td
system mtu routing 1500
ip subnet-zero
ip routing
no ip domain-lookup
ip name-server 8.8.8.8
!
login on-success
!
!
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
!
vlan access-map enabe 10
action forward
!
vlan internal allocation policy ascending
!
!
interface FastEthernet0
no ip address
no ip mroute-cache
speed 100
duplex full
!
interface GigabitEthernet2/0/1
switchport access vlan 20
switchport trunk allowed vlan 1,10,20,30,40,50
switchport mode access
shutdown
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/2
switchport access vlan 40
switchport mode access
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/3
switchport access vlan 40
switchport mode access
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/4
switchport access vlan 40
switchport mode access
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/5
switchport access vlan 20
switchport mode access
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/6
switchport access vlan 40
switchport mode access
shutdown
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/7
switchport access vlan 40
switchport mode access
shutdown
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/8
switchport access vlan 20
switchport mode access
shutdown
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/9
switchport access vlan 40
switchport mode access
shutdown
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/10
switchport access vlan 40
switchport mode access
shutdown
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/11
switchport access vlan 40
switchport mode access
shutdown
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/12
switchport access vlan 40
switchport mode access
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/13
switchport access vlan 10
switchport mode access
shutdown
!
interface GigabitEthernet2/0/14
shutdown
!
interface GigabitEthernet2/0/15
switchport access vlan 20
switchport mode access
shutdown
!
interface GigabitEthernet2/0/16
shutdown
!
interface GigabitEthernet2/0/17
description uplink to firewall
no switchport
ip address 192.168.1.5 255.255.255.0
!
interface GigabitEthernet2/0/18
switchport access vlan 10
switchport mode access
shutdown
!
interface GigabitEthernet2/0/19
switchport access vlan 20
switchport mode access
speed auto 1000
duplex full
spanning-tree portfast
!
interface GigabitEthernet2/0/20
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet2/0/21
description APS-1-2
switchport access vlan 20
spanning-tree portfast
!
interface GigabitEthernet2/0/22
description APS-1-1
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet2/0/23
switchport access vlan 20
switchport mode access
spanning-tree portfast
no ip igmp snooping tcn flood
!
interface GigabitEthernet2/0/24
switchport access vlan 20
switchport mode access
shutdown
spanning-tree portfast
!
interface GigabitEthernet2/0/25
description Connection to SW1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30,40,41,50,51
switchport mode trunk
!
interface GigabitEthernet2/0/26
shutdown
!
interface GigabitEthernet2/0/27
switchport mode access
!
interface GigabitEthernet2/0/28
!
interface TenGigabitEthernet2/0/1
!
interface TenGigabitEthernet2/0/2
!
interface Vlan1
no ip address
no ip mroute-cache
!
interface Vlan10
description Management
ip address 172.20.10.1 255.255.255.0
no ip mroute-cache
!
interface Vlan20
description Servers
ip address 172.20.20.1 255.255.255.0
no ip mroute-cache
!
interface Vlan30
description Workstations
ip address 172.20.30.1 255.255.255.0
no ip mroute-cache
!
interface Vlan40
description AccessControl
ip address 172.20.40.1 255.255.255.0
no ip mroute-cache
!
interface Vlan41
ip address 172.20.41.1 255.255.255.0
!
interface Vlan50
description Surveilance
ip address 172.20.50.1 255.255.255.0
no ip mroute-cache
!
interface Vlan51
ip address 172.20.51.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.254
ip http server
ip http authentication local
ip http secure-server
ip http path admin
!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Fiber switch~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Core-Fiber-SW1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$wzKd$2npFO4UtlTthMi2EgWI.I1
enable password Advanc3d
!
username ******* privilege 15 secret 5 
username ****** privilege 15 nohangup secret 5 
no aaa new-model
clock timezone EST -5 0
switch 1 provision ws-c3750x-12s
system mtu routing 1500
!
!
ip domain-lookup source-interface FastEthernet0
ip device tracking
login on-success
vtp interface 172.20.10.1
!
!
crypto pki trustpoint TP-self-signed-1998594304
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1998594304
revocation-check none
rsakeypair TP-self-signed-1998594304
!
!

quit
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
!
!
diagnostic schedule Switch 1 test 1 daily 0:00 cardindex 3 jobindex 1
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
shutdown
speed 100
duplex full
!
interface GigabitEthernet1/0/1
description to ethernet-core
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,40,41,50,51
switchport mode trunk
!
interface GigabitEthernet1/0/2
description to fl1-s1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,40,50
switchport mode trunk
!
interface GigabitEthernet1/0/3
description to llparking
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,40,50
switchport mode trunk
!
interface GigabitEthernet1/0/4
description to ST-FL4-SW1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,40,50
switchport mode trunk
!
interface GigabitEthernet1/0/5
shutdown
!
interface GigabitEthernet1/0/6
description to ST-FL8-SW1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,40,50
switchport mode trunk
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
description NT 1st floor
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,41,51
switchport mode trunk
!
interface GigabitEthernet1/0/9
description NT1stfloor
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,41,51
switchport mode trunk
!
interface GigabitEthernet1/0/10
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,41,51
switchport mode trunk
!
interface GigabitEthernet1/0/11
description NT 1st Floor
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,41,51
switchport mode trunk
!
interface GigabitEthernet1/0/12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,30,41,51,1001-1005
switchport mode trunk
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface Vlan1
description inet access vlan
no ip address
no ip route-cache cef
no ip route-cache
!
interface Vlan10
description Management
ip address 172.20.10.3 255.255.255.0
no ip route-cache cef
no ip route-cache
!
interface Vlan20
description Servers
no ip address
no ip route-cache cef
no ip route-cache
!
interface Vlan30
description Workstation
no ip address
no ip route-cache cef
no ip route-cache
!
interface Vlan40
description AccessControl
no ip address
no ip route-cache cef
no ip route-cache
!
interface Vlan41
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
!
interface Vlan50
description Surveilance
no ip address
no ip route-cache cef
no ip route-cache
!
interface Vlan51
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache

!

!
ip default-gateway 172.20.10.1
i
ip default-network 172.20.10.0
!

~~~~~~~~~~~~~~~~~~~~2960 Config~~~~~~~~~~~~~~~~~~~~~~~~

NT-FL1-SW1#show run
Building configuration...

Current configuration : 5411 bytes
!
! Last configuration change at 23:05:23 EST Sun Feb 28 1993 by ADS
!
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service sequence-numbers
!
hostname NT-FL1-SW1
!
boot-start-marker
boot-end-marker
!
enable secret 5 
enable password 
!
username ADS privilege 15 secret 5 
no aaa new-model
clock timezone EST -5 0
switch 1 provision ws-c2960s-24ts-l
!
!
login on-success
!
!
crypto pki trustpoint TP-self-signed-1221195648
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1221195648
revocation-check none
rsakeypair TP-self-signed-1221195648
!
!
crypto pki certificate chain TP-self-signed-1221195648
certificate self-signed 01

quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
errdisable recovery interval 30
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface FastEthernet0
no ip address
!
interface GigabitEthernet1/0/1
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 51
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 51
switchport mode access
!
interface GigabitEthernet1/0/13
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/14
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/15
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/16
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/17
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/18
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/20
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/21
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/22
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/23
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/24
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/25
switchport trunk allowed vlan 1,10,20,30,40,41,50,51,
switchport mode trunk
!
interface GigabitEthernet1/0/26
switchport mode trunk
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 172.20.10.13 255.255.255.0
!
interface Vlan51
no ip address
!
ip default-gateway 172.20.10.1
ip http server
ip http authentication local
ip http secure-server
!
logging esm config
!

Labels:
0 Helpful
23 Replies 23

Austin Sabio
Level 4
Level 4
In response to blee-advds

‎04-03-2017 05:03 PM

Post show run interface Gi1/0/7 on Core-Fiber-SW1.

0 Helpful

Austin Sabio
Level 4
Level 4
In response to Austin Sabio

‎04-03-2017 05:09 PM

Also, jump on NT-FL1-SW1 and do show cdp nei gi 1/0/26 detail.

0 Helpful

blee-advds
Level 1
Level 1
In response to Austin Sabio

‎04-03-2017 05:20 PM

I did change port G1/0/7 als0 reset that port and moved it back but did not reset vlans today.

I went on NTFL1 and did a show CDP neighbors detail.

still cannot ping. from client in different vlan.

Preview file
2 KB
0 Helpful

Austin Sabio
Level 4
Level 4
In response to blee-advds

‎04-03-2017 05:21 PM

Post show run interface Gi1/0/7 on Core-Fiber-SW1.

0 Helpful

blee-advds
Level 1
Level 1
In response to Austin Sabio

‎04-03-2017 05:25 PM

show run

Preview file
1 KB
0 Helpful

Austin Sabio
Level 4
Level 4
In response to blee-advds

‎04-03-2017 05:31 PM

Everything looks normal. can you check the logs on NT-FL1-SW1? try to assign vlan 51 to an access port on the core, fiber switch and another floor switch and see if it works. 

0 Helpful

Austin Sabio
Level 4
Level 4
In response to Austin Sabio

‎04-03-2017 05:33 PM

+1 post show arp on the core and show mac address on NT-FL1-SW1. 

0 Helpful

blee-advds
Level 1
Level 1
In response to Austin Sabio

‎04-03-2017 05:44 PM

here it is in 1 file.

Preview file
7 KB
0 Helpful

Austin Sabio
Level 4
Level 4
In response to blee-advds

‎04-03-2017 06:05 PM

It looks good. If you assign vlan 51 to an access port on another switch and it works. Then, we know its only this switch. I would reload the switch "NT-FL1-SW1" and upgrade the code. 

0 Helpful
Customers Also Viewed These Support Documents