Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4005
Views
0
Helpful
9
Replies

Can't ping router across trunk link

bdhenderson
Level 1
Level 1

‎03-26-2013 08:26 PM - edited ‎03-07-2019 12:30 PM

I setup a lab in GNS3 and I can't figure out why I can't ping R7 from ASA1. Here's my GNS3 topology:Untitled.png

R5 has subinterfaces Fa0/1.10 and Fa0/1.2 in VLANs 10 and 2 respectively and is connected to Fa0/5 on SW3

ASA1 has subinterfaces g0.7 and g0.8 in VLANs 7 and 8 respectively and is connected to Fa0/10 on SW3.

R7 has interface Fa0/1 in VLAN7 and is connected to SW4 on Fa0/7.

SW3 and SW4 are 3640s with a NM-16ESW module. SW3 and SW4 are both connected on Fa0/15 and is doing dot1 trunking.

From ASA1 I can ping any IP address on R5 but I can't pung R7 at all.

Here are my configs, any help would be appreciated.

ASA1

ciscoasa# show run int g0.7

!

interface GigabitEthernet0.7

vlan 7

nameif dmz7

security-level 25

ip address 10.7.7.10 255.255.255.0

authentication key eigrp 200 ***** key-id 1

authentication mode eigrp 200 md5

summary-address eigrp 200 0.0.0.0 0.0.0.0 5

ciscoasa# show run int g0.8

!

interface GigabitEthernet0.8

vlan 8

nameif DMZ8

security-level 50

ip address 10.8.8.10 255.255.255.0

ospf message-digest-key 1 md5 *****

ospf authentication message-digest

ciscoasa# show run int g1

!

interface GigabitEthernet1

nameif inside

security-level 100

ip address 10.2.2.10 255.255.255.0

rip authentication mode md5

rip authentication key ***** key_id 1

R5

R5#show run int f0/1.2

Building configuration...

Current configuration : 188 bytes

!

interface FastEthernet0/1.2

encapsulation dot1Q 2

ip address 10.2.2.5 255.255.255.0

ip rip authentication mode md5

ip rip authentication key-chain kc1

no snmp trap link-status

end

R5#show run int f0/1.10

Building configuration...

Current configuration : 121 bytes

!

interface FastEthernet0/1.10

encapsulation dot1Q 10

ip address 10.1.1.1 255.255.255.0

no snmp trap link-status

end

R7

R7#show run int f0/1

Building configuration...

Current configuration : 93 bytes

!

interface FastEthernet0/1

ip address 10.7.7.7 255.255.255.0

duplex auto

speed auto

end

SW3

SW3#show run int f0/15

Building configuration...

Current configuration : 105 bytes

!

interface FastEthernet0/15

switchport trunk native vlan 24

switchport mode trunk

no ip address

end

SW3#show vlan-switch br

VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

1    default                          active    Fa0/0, Fa0/1, Fa0/2, Fa0/3

                                                Fa0/6, Fa0/8, Fa0/9, Fa0/13

2    VLAN0002                         active    Fa0/11

7    VLAN0007                         active    Fa0/7

8    VLAN0008                         active

10   VLAN0010                         active    Fa0/14

24   VLAN0024                         active    Fa0/4, Fa0/12

1002 fddi-default                     active

1003 token-ring-default               active

1004 fddinet-default                  active

1005 trnet-default                    active

SW4

SW4#show run int f0/15

Building configuration...

Current configuration : 105 bytes

!

interface FastEthernet0/15

switchport trunk native vlan 24

switchport mode trunk

no ip address

end

SW4#show vlan-sw br

VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

1    default                          active    Fa0/0, Fa0/1, Fa0/2, Fa0/3

                                                Fa0/4, Fa0/5, Fa0/6, Fa0/9

                                                Fa0/10, Fa0/11, Fa0/12, Fa0/13

                                                Fa0/14

2    VLAN0002                         active

7    VLAN0007                         active    Fa0/7

8    VLAN0008                         active    Fa0/8

10   VLAN0010                         active

24   VLAN0024                         active

1002 fddi-default                     active

1003 token-ring-default               active

1004 fddinet-default                  active

1005 trnet-default                    active


Labels:
0 Helpful
9 Replies 9

InayathUlla Sharieff
Cisco Employee
Cisco Employee

‎03-26-2013 08:44 PM

Hi Bran,

It would been a worth if you could had attach the .gns file so that everyone can do there own way of testing and provided you the result.

Anyways to move forward we need to identify were exactly the packet is getting dropped:

1- I assume that ASA1 is able to ping all the routers except R7 is that right?

2- If yes then if SW4 able to ping the R7?

3- Is R7 able to reach SW4 or any other routers on the segment?

4- If you trace the ip address of R7 from ASA1 what is the last hop you see?

Kindlly share the info so that it is helpfull for further diag.

HTH

Regards

Inayath

0 Helpful

bdhenderson
Level 1
Level 1
In response to InayathUlla Sharieff

‎03-26-2013 08:58 PM

Where would the .gns file be located? I can provide the .net file and the various configs from my project folder if that's what you meant (link).

1- I assume that ASA1 is able to ping all the routers except R7 is that right?

2- If yes then if SW4 able to ping the R7?

3- Is R7 able to reach SW4 or any other routers on the segment?

4- If you trace the ip address of R7 from ASA1 what is the last hop you see?

1. The ASA can ping all routers conntected to SW3 (R4 and R5)

2. I was not able to ping SW4 from R7

3. R7 is unable to reach any other devices on the network. I tried setting up SW4 with an IP address in the same subnet as R7 and I was still unable to ping SW4

4. The trace never makes it past the 1st hop.

Here's how they're connected:

ASA1 Gi0.7 (10.7.7.10/24) ----> SW3 <----TRUNK----> SW4 ------> R7 Fa0/1 (10.7.7.7/24)

0 Helpful

InayathUlla Sharieff
Cisco Employee
Cisco Employee
In response to bdhenderson

‎03-26-2013 09:48 PM

Hi Bran,

Sorry yes I was looking for the .net file. Could you please share the same on google drive or any other locaiton i am not able to download this file from the locaiton you provided.

Regards

Inayath

0 Helpful

InayathUlla Sharieff
Cisco Employee
Cisco Employee
In response to bdhenderson

‎03-26-2013 10:14 PM

Hi,

Can you please put the configuraiton file of SW3 & SW$?

Thanks

Inayath

0 Helpful

bdhenderson
Level 1
Level 1
In response to InayathUlla Sharieff

‎03-26-2013 10:16 PM

The configs for all of the deivces are in the config folder. They all end in cfg    

0 Helpful

InayathUlla Sharieff
Cisco Employee
Cisco Employee
In response to bdhenderson

‎03-26-2013 11:02 PM

Hi Brandon,

I just had a quick look at the files and I can say that it will not work as you are suspecting.

The devices doesnt really works as complete switch functionality hence you are seeing this issue.

To get it complet work advertise complet network addressing via igp and then you should be good to go.

Regards

Inayath

0 Helpful

bdhenderson
Level 1
Level 1
In response to InayathUlla Sharieff

‎03-27-2013 05:21 AM

I can't advertise any routes because it seems the 3640's can't pass any traffic across the trunk ports.

0 Helpful

bdhenderson
Level 1
Level 1

‎03-27-2013 07:53 PM

I've figured out what the problem was on the switch. SW3 Fa0/10 was configured as an access port and not a trunk.

Adding this config makes me be able to ping every device from the ASA.

interface FastEthernet0/10

switchport access vlan 7

switchport mode trunk

no ip address

end

0 Helpful
Customers Also Viewed These Support Documents