Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1333
Views
0
Helpful
8
Replies

Cannot ping two host using SVIs?

petey1984
Level 1
Level 1

‎11-03-2012 12:11 PM - edited ‎03-07-2019 09:50 AM

Hello I have setup two ports with two host conencted to them one with address 10.1.70.2/24 and the other is 10.1.80.2/24. I created two SVIs(VLAN70 = 10.1.70.1/24 and VLAN80 = 10.1.80.1/24).

However I am unable to ping the two hosts. Each host can ping each of the SVIs but cannot ping each other.

Please help, the following are my configs:

Current configuration : 1637 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname SW1

!

!

no aaa new-model

no ip subnet-zero

ip routing

!

!

!

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface FastEthernet0/1

shutdown

!

interface FastEthernet0/2

shutdown

!

interface FastEthernet0/3

switchport access vlan 70

switchport mode access

!

interface FastEthernet0/4

switchport access vlan 80

switchport mode access

!

interface FastEthernet0/5

!

interface Vlan70

ip address 10.1.70.1 255.255.255.0

!

interface Vlan80

ip address 10.1.80.1 255.255.255.0

!

ip classless

ip http server

ip http secure-server

!

!

control-plane

!

!

line con 0

line vty 0 4

privilege level 15

password password

no login

line vty 5 15

privilege level 15

password password

no login

!

end

Have I configured it correctly? Ip routing is enable but am still unable to get the hosts to ping each other.

All host are configured correctly with their ip add and default gateway.

Please help??

Labels:
0 Helpful
8 Replies 8

Reza Sharifi
Hall of Fame
Hall of Fame

‎11-03-2012 12:51 PM

Hi,

Did you also create the layer-2 vlan for each one

config t

vlan 70

name test vlan

vlan 80

name test1 vlan

one more thing

do the hosts have firewall software on them that could be blocking ping?

HTH

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Reza Sharifi

‎11-03-2012 12:58 PM

I wonder why the original poster has this in the config

no ip subnet-zero

I believe that modern Best Practice is to enable subnet zero.

But I do not believe that this has anything to do with the problem that is asked about in this thread.

I believe that Reza makes a good point in asking about whether the layer 2 vlan was actually created.

It the original poster confirms that the vlans are correctly created, then I would suggest that a very common source of this kind of problem is that the PCs may have a firewall enabled that does not permit ping to the PC. So I would suggest a test in which the original poster goes into both PCs and disables any firewall that may be running.

HTH

Rick

HTH

Rick
0 Helpful

petey1984
Level 1
Level 1
In response to Reza Sharifi

‎11-03-2012 01:01 PM

Hi Reza,

Yes I have configured the layer 2 vlans, as you can see:

SW1#show vlan

VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

1    default                          active    Fa0/1, Fa0/2, Fa0/5, Fa0/6

                                                Fa0/7, Fa0/8, Fa0/9, Fa0/10

                                                Fa0/11, Fa0/12, Fa0/13, Fa0/14

                                                Fa0/15, Fa0/16, Fa0/17, Fa0/18

                                                Fa0/19, Fa0/20, Fa0/21, Fa0/22

                                                Fa0/23, Fa0/24, Gi0/1, Gi0/2

2    VLAN0002                         active

3    VLAN0003                         active

10   management                       active

70   testsvi70                        active    Fa0/3

80   testsvi80                        active    Fa0/4

1002 fddi-default                     act/unsup

1003 token-ring-default               act/unsup

1004 fddinet-default                  act/unsup

1005 trnet-default                    act/unsup

Hey Richard I will check the hosts and try disabling the firewall to see if that resolves the issue....

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to petey1984

‎11-03-2012 01:51 PM

Hi Peter,

Window 7 has firewall enabled by default.  You would need to go and disable the services for it.

see below link:

http://windows.microsoft.com/is-IS/windows7/Turn-Windows-Firewall-on-or-off

HTH

0 Helpful

Jeff Van Houten
Level 5
Level 5

‎11-03-2012 04:14 PM

What model switch is it?

Sent from Cisco Technical Support iPad App

0 Helpful

Sebastian Hughes
Cisco Employee
Cisco Employee

‎11-04-2012 01:35 PM

If you debug ICMP are the pings leaving the switch? Also have you tried to Wireshark the PCs to see if they are recovering the ping?

Sent from Cisco Technical Support iPad App

0 Helpful

glen.grant
VIP Alumni
VIP Alumni
In response to Sebastian Hughes

‎11-04-2012 05:17 PM

  I agree with Reza , if you ping the default gateways from the clients but just not to the client , this is most likely a windows firewall or any other type of software FW that it needs to be turned off.

0 Helpful

eLiAsAn41
Level 1
Level 1
In response to glen.grant

‎11-05-2012 03:03 AM

Hi Peter,

I suggest for troubleshooting this you need another L2 Switch. Then make a Trunk connection from your L2 Switch to your L3 Switch. Then try to ping the hosts. You should have the VLANs also on the L2 Switch.

Make sure to disable firewall on the hosts

Thanks,

Eli

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card