05-24-2011 05:49 AM - edited 03-07-2019 12:39 AM
hi,
i have wlc directly connected to core switch in same subnet and same vlan,
core switch connected to othe edege switches and APs connected to them.
I cannot ping wlc from core switch, i dont know how but connected APs are working fine
and users are also able to browse.
Pls suggest on this
Solved! Go to Solution.
05-25-2011 05:57 AM
core# ping
Protocol [ip]:
Target IP address: 172.16.10.2
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: yes
Source address or interface: Vlan 4001
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
By the way, what model is your core swtch?
05-25-2011 06:00 AM
core#ping
Protocol [ip]:
Target IP address: 172.16.10.2
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: yes
Source address or interface: vlan 4001
% Invalid source
Source address or interface: vlan 4001
% Invalid source
Source address or interface:
its 4506E
05-25-2011 06:03 AM
You need to run it on the switch with the 172.16.10.253 ip address (for vlan 4001).
05-25-2011 06:18 AM
i dont understand,
i am in the switch
05-25-2011 06:26 AM
If I understand your setup correctly, this is what you have:
interface Vlan4001
ip address 172.16.10.253 255.255.255.0
What I'm recommending is that you ping the WLC, and source that ping from interface Vlan4001 (172.16.10.253), this is what I'm attempting to have you do so that we can verify that the Management interface can be pinged from its local network (172.16.10.0/24).
According to your output, vlan 4001 doesn't exist on your core switch (or it doesn't like the way the name was entered), so I'm confused a bit on how this is set up for certain. But, if my assumptions are correct, let's try it this way, to simplify things using the SVI ip instead of its name:
core# ping
Protocol [ip]:
Target IP address: 172.16.10.2
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: yes
Source address or interface: 172.16.10.253
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Message was edited by: Antonio Knox
05-25-2011 10:21 PM
Dear Antonio,
Core switch has an interface that looks like this -
core#show running-config interface vlan 10
Building configuration...
Current configuration : 121 bytes
!
interface Vlan10
ip address 172.16.10.253 255.255.255.0
no ip route-cache
end
core#show vlan id 4001
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
4001 Public_wireless active Gi2/1, Gi2/3, Gi2/4, Gi2/5, Gi2/6, Gi3/1, Gi3/2, Gi3/3, Gi3/4, Gi3/5, Gi3/6
Gi5/4, Gi5/5, Gi6/1, Gi6/5, Gi6/6, Gi6/7, Gi6/8, Gi6/9, Gi6/10, Gi6/11
Gi6/12, Gi6/13, Gi6/14, Gi6/15, Gi6/16, Gi6/17
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
4001 enet 104001 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
05-26-2011 04:54 AM
It makes sense to me now. The reason you can't ping WLC Management (172.16.10.2) is because the ip address is within the 172.16.10.0/24 range, which is configured to Vlan 10. The interface that connects to WLC Management is GI5/5 (an access port)
interface GigabitEthernet5/5
switchport access vlan 4001
switchport mode access
media-type rj45
end
which is set to vlan 4001 (which undoubtedly is a vlan configured with a different ip address space, you can verify this by locating interface Vlan4001 on your network). The wireless clients work because the port is configured to vlan 4001, whose vlan interface I would assume is addressed for wireless guest access.
core#show vlan id 4001
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
4001 Public_wireless
You cannot configure the access port for one vlan and have a host address behind it with an ip address that belongs to another vlan and make it work. Only Vlan 4001 host ip addresses will ping from behind Gig5/5 as it is configured.
I hope that this makes sense for you.
Added note: You may want to consider changing Gig5/5 to a trunk port.
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080665cdf.shtml#wlc
Message was edited by: Antonio Knox
05-27-2011 12:44 AM
HI Antonio,
Thanks for making me undaerstand this.
Jst one more doubt, can a user without any vlan defined(default vlan), ping the wlc which is in vlan 4001?
05-27-2011 04:46 AM
If a trunk was properly configured on gi5/5 you should be able to ping from an ip address in the 172.6.10.0/24 range.
Sent from Cisco Technical Support iPhone App
05-27-2011 10:24 PM
thank you antonio.....
Really appreciate your help.
03-27-2013 03:56 PM
Hi did you ever solve this ssue. I have the exact problem with my cisco WLC?
03-25-2014 07:35 PM
I have the same problem, the below config on the core switch works in all my 10 previous configs, but this new 2504 7.0.220
interface GigabitEthernet1/0/6
switchport access vlan 15
switchport mode access
Changed to Trunk and it is working:
interface GigabitEthernet1/0/6
switchport trunk encapsulation dot1q
switchport mode trunk
06-21-2019 03:26 PM
I faced this issue too. I was using the WLC 5508 on another network. When I went to repurpose it. I defaulted the switch. During trouble shooting, I looked at the running-config after I configured it and noticed all the ports were disabled. As I stated this was previously working before I defaulted it.
So I am assuming that in FW ver 8.5.140. they disable the ports by default?
anyways I enabled the ports & it was working again.
<<Cisco Controller> >config port adminmode all enabled
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: