Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2749
Views
4
Helpful
26
Replies

Can't ping IP of new 9200L but can ping same-subnet IP on test device

Go to solution
athomas1
Level 1
Level 1

‎06-19-2023 03:45 AM

I'm in the process of commissioning some new 9200L switches on our network. I've created a new VLAN/ subnet for them which is working and I have L3 connectivity. However, when connected to the existing site network- currently as a spur but will eventually form a ring connection once all devices installed, I cannot ping the IP allocated to the 9200L from either same subnet or different subnet. The I only get a reply from ping test doing it from the L3 switch or when directly connected to the new 9200L switch from a laptop on LAN.

I know the 9200L is able to respond to ping as per latter point above, but because of this I am unable to test connectivity OR more importantly gain SSH connection from elsewhere on network. I'm out of ideas and could use a fresh perspective- hopefully I'm missing something silly!!

Grateful for any suggesstions.

L3 device is a 9300 with direct connection via fiber to 9200L.

Labels:
26 Replies 26

Go to solution
athomas1
Level 1
Level 1
In response to MHM Cisco World

‎06-20-2023 06:40 AM

The path between the 9300 and 9200L is in mode trunk anyway so it is allowed all VLANs same as the design on the other ring we have (still 2960s; there are not enough hours in the day, or days in the week!)

To my knowledge 'switchport mode trunk' should allow all VLANs by default? 'Switchport trunk allowed vlan' is only necessary when specifying explicit VLANs correct? There's no separate command to allow all vlans is there?

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to athomas1

‎06-20-2023 08:20 AM - edited ‎06-20-2023 08:34 AM

Show interface trunk 

I  each sw and check allow vlan'

Vtp with pruning can effect which vlan allow in trunk.

Also did you do steps I share exactly?

0 Helpful

Go to solution
athomas1
Level 1
Level 1
In response to MHM Cisco World

‎06-21-2023 03:14 AM

I have checked to ensure the DG for the mgmt VLAN is responding and i can ping it on the 9300 from the 9200L.

I have checked trunking status and none of the VLANs are being pruned, all are in STP forwarding state.

I did not share them exactly no, I so not have SVI setup, the trunk connections between 9300 and 9200L are in port-channel and LACP is active on the 9200L. I removed the port channel to observe LACP going into suspended and then back out again with the port-channel reinstated to ensure it was in affect.

One thing i need to do is update the firmware to latest recommeded version. Currently they have 16.12 that they were shipped with.

 

Any other ideas?

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to athomas1

‎06-21-2023 03:20 AM

have checked to ensure the DG for the mgmt VLAN is responding and i can ping it on the 9300 from the 9200L.

If you can ping mgmt vlan of 9200 so what is issue here ?

0 Helpful

Go to solution
athomas1
Level 1
Level 1
In response to MHM Cisco World

‎06-21-2023 03:47 AM

I can ping the mgmt IP of the 9200L from only the 9300.

I cannot ping it from a test device on another subnet, e.g. my own PC

I can however ping any other IP on that mgmt VLAN from my PC, just not the two that are assigned to the two 9200L that are located off the 9300L on their own spur.

I thought i had explained all this in the first post, but happy to clarify/ reiterate.

0 Helpful

Go to solution
mr.richardb
Level 1
Level 1
In response to athomas1

‎06-21-2023 03:55 AM

From this it looks like switching is working. (9300 and 9200L mgmt is in the same network(I assume))
"I cannot ping it from a test device on another subnet" and "can however ping any other IP on that mgmt VLAN from my PC, just not the two that are assigned to the two 9200L" shows that inter-vlan routing is not working. or the packets are not coming back from the 9200L. Can you share the running-config? or the relevant parts of it?

Richard

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to athomas1

‎06-21-2023 04:03 AM

connect PC to 9300 L3SW and do ping the mgmt VLAN of 9200, is this success?
the only thing that make this connection failed is you use in 9200 wrong default-gateway IP, you must use default-gateway IP of mgmt VLAN IP in L3SW 9300.

0 Helpful

Go to solution
mr.richardb
Level 1
Level 1

‎06-21-2023 04:12 AM - edited ‎06-21-2023 04:44 AM

Might or might not help but "ip default-gateway IP" and "ip route 0.0.0.0 0.0.0.0 IP" are not the same.
ip default-gateway is used when the switch is L2 only. (ip routing disabled)
ip route 0.0.0.0 ... is used mainly when the switch is L3  (ip routing enabled)

More info here: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/16448-default.html

Richard

Go to solution
athomas1
Level 1
Level 1
In response to mr.richardb

‎06-21-2023 08:40 AM

So firstly, it's now working, I have a ping reply.

Enabling 'ip routing' didn't not help or work, if anything it seems it made it worse.

What did work is to add 'ip default-gateway dg-ip' to the mgmt vlan interface, which is something I've never had to do before, so can only assume it's a difference in the ios for the 9200 vs 2960 models.

Strange thing is the ip default-gateway command doesn't appear when i do a show run of the mgmt vlan interface. It does however now show 'no ip route-cache' which i dont believe it did before.

Go to solution
MHM Cisco World
VIP
VIP
In response to athomas1

‎06-21-2023 08:45 AM - edited ‎06-21-2023 09:35 AM

my previous post 

""Sw 9200 have mgmt vlanx 

Sw 9300 l3sw have vlanx svi 

Points to check:-

The sw 9200 l2sw have defualt getaway toward vlanx svi in 9300 l3sw

The vlanx is allow in trunk along the path between sw9200 and sw9300

The vlanx svi is UP in sw9300 l3sw ""

If you try this first then sure you solve your issue two days ago.

anyway glad this issue solved

and for you never go to upgrade IOS until you 100% the issue solve with upgrade 

MHM 

 

0 Helpful

Go to solution
athomas1
Level 1
Level 1
In response to MHM Cisco World

‎06-21-2023 09:25 AM

I read your post and tried it, unfortunately because i had enabled 'ip routing' on the switch as per someone else's suggestion the result appeared unsuccessful. Having testing taking each bit out of the config and trying it, it seems ip routing had the affect of blocking the ping reply even with ip default-gateway inserted. It was not until mr.richardb pointed out the difference between the command to use for L3 and L2 that I knew to take it out again, at which point it started working.

So for me, this was the solution. I also have DGs setup on my L3 and was not familiar with SVIs. I have since researched them. This was another reason for me marking mr.richardb's post as the solution.

I thank you for your time and help with this problem...

However, as a 'beginner' Cisco Community member, remarks of 'wasting my time' (i see you have now edited your wording) is not going to help people like myself be confident in coming to ask for help. We are all here to learn from and help each other, which makes me wonder if you care more about helping someone to learn and improve their abilities, or being the person with the right answer.

I thank you again for your time and assistance.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to athomas1

‎06-21-2023 09:37 AM

Big sorry 
but I was really hope try exactly what I suggest before.
anyway 
sorry again and have nice day 
MHM 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card