02-21-2023 03:48 AM
Hi Folks
Reaching out to experts in the community to see if anybody has any ideas or, has perhaps come across this issue and knows of a quick fix. Technically, I've spent hours researching this, and tried a bunch of things, but nada so at this point, I am stumped ... maybe it's right in front of me, I just don't see it
Currently in process of replacing EOL switches with new CBS350 platform. Tried setting on installed firmware 3.0.0.69 and latest 3.2.0.84, same issue
Basic vlan 98 that routes to a 10.10.98.0/24 subnet, default gw 10.10.98.1
Single device connected to gi1/0/3 with IP address 10.10.98.11
From CBS350 unit, can ping default gateway on core subnet, can ping other 10.10.98.xxx devices, cannot ping local device attached to gi1/0/3 or ping from it, anywhere
Tried resetting switch a few times, using "vlan 98" and "int vlan 98" for VLAN settings, no luck. Funny thing is, all of our older switches with same settings are working just fine ... I can plug this device into a port there, and bingo, it all works
Any suggestions at this point, are greatly appreciated (sure hope somebody has come across this issue before :-))
Solved! Go to Solution.
02-22-2023 04:15 AM
Wow! karma hits back ... after adding the VLAN 98 ip address as suggested, I thought I would try to ping the device one more time before removing that configuration suggestion. The 10.10.98.11 device attached to the VLAN 98 enabled port now responds ...
So, this issue appears to work ONLY if you assign a valid IP# to a VLAN in trunk mode. I can work with this by reserving a standard IP# on each VLAN and adding that to our IT network policy - no issues in doing that
Thanks guys, for staying with it and suggesting different options - I've been muddling with this since SAT, so pleased it is resolved!
02-21-2023 04:04 AM - edited 02-21-2023 04:05 AM
- For starters , the gi1/0/3 port is configured as a trunk , 'client ports' , connecting a single host must have mode access with portfast (the latter advised) , combined in a single configuration command : switchport mode host (or switchport host) , check what works, but clear all other settings first too, with default int gi1/0/3 (if available). Then also put the port in the correct vlan as in switchport access vlan 98
M.
02-21-2023 05:13 AM
Thanks Marc,
No luck - reset switch (so back to factory defaults), set port up as suggested, still no connectivity
Any other ideas?
interface GigabitEthernet1/0/3
description "VLAN 98"
switchport access vlan 98
!
02-21-2023 05:29 AM
interface GigabitEthernet1/0/3
description "VLAN 98"
switchport access vlan 98
spanning-tree portfast <-- add this line
what is the device connected to this port ? (if windows post ipconfig /all output here ), check any Firewall in the PC
from switch can you check is the MAC addrress table on the ports ?
if this switch acting as layer 2, on the uplink device where layer3, can you post show ip arp (or check is the PC IP can see arp ?)
02-21-2023 09:43 AM
Thanks for response,
I originally had a Meraki AP which is configured for IP 10.10.98.11 but not seeing the network
I dropped a laptop on 10.10.98.11 IP instead, ipconfig/all shows
Physical Address: A0-CE-C8-60-13-2E
IPv4 Address: 10.10.98.11
Subnet Mask: 255.255.255.0
Default Gateway: 10.10.98.1
*no* Windows firewall active
I tried the switch port gi1/0/3 (ge3) with access mode in both Layer2 and Layer 3 mode
Verified the switch can see the laptop
EPPMLN-CORE4#show mac address-table | include gi1/0/3
98 a0:ce:c8:60:13:2e gi1/0/3 dynamic
I did add “spanning-tree portfast” as well
EPPMLN-CORE4#show ip arp inspection
IP ARP inspection is Disabled
IP ARP inspection is configured on following VLANs:
Verification of packet header is Disabled
IP ARP inspection logging interval is: 5 seconds
Interface Trusted
----------- -----------
02-21-2023 01:47 PM
where is 10.10.98.1 configured another switch ?
simple test on CBS350 create vlan interface on switch
interface vlan 98
ip address 10.10.98.XX 255.255.255.0 (any free IP in the subnet)
no shutdown
from switch ping to 10.10.98.1 - is this works?
02-22-2023 04:34 AM
This got me going to a solution. 10.10.98.1 is defined on the default gateway switch (SG500), so always able to ping that IP# if the local switch has the default-gateway set. Assigning VLAN 98 to a unique IP enabled that VLAN to respond to devices on this CBS350 switch. Great suggestion, and glad it worked out!
02-21-2023 11:30 AM
02-21-2023 10:25 AM
>....No luck - reset switch (so back to factory defaults), set port up as suggested, still no connectivity
- Disable the auto smartport 'feature' according to : https://www.cisco.com/c/en/us/support/docs/smb/switches/Cisco-Business-Switching/kmgmt-2797-smartport-best-practices-CBS.html , then configure the ports again as described in my first reply, check if that can help ,
M.
02-22-2023 04:10 AM
Yes, local vlan 98 with IP works
I disabled smartport on ALL ports and globally, and I was now able to bring the VLAN 98 up on a port, but still unable to ping a 10.10.98.11 device attached to that port. I know it's a valid device because I can take it to a SG350 switch, plug it into a trunk/vlan 98 port and it responds. I've convinced myself that it's something to do with the CBS350 firmware and currently trying to downgrade to earlier releases in steps to see which one actively supports the trunk vlan mode
EPPMLN-CORE4#config t
EPPMLN-CORE4(config)#int vlan 98
EPPMLN-CORE4(config-if)#ip address 10.10.98.130 255.255.255.0
EPPMLN-CORE4(config-if)#no shut
EPPMLN-CORE4(config-if)#end
EPPMLN-CORE4#ping 10.10.98.130
Pinging 10.10.98.130 with 18 bytes of data:
18 bytes from 10.10.98.130: icmp_seq=1. time=0 ms
18 bytes from 10.10.98.130: icmp_seq=2. time=0 ms
18 bytes from 10.10.98.130: icmp_seq=3. time=0 ms
18 bytes from 10.10.98.130: icmp_seq=4. time=0 ms
----10.10.98.130 PING Statistics----
4 packets transmitted, 4 packets received, 0% packet loss
round-trip (ms) min/avg/max = 0/0/0
02-22-2023 04:15 AM
Wow! karma hits back ... after adding the VLAN 98 ip address as suggested, I thought I would try to ping the device one more time before removing that configuration suggestion. The 10.10.98.11 device attached to the VLAN 98 enabled port now responds ...
So, this issue appears to work ONLY if you assign a valid IP# to a VLAN in trunk mode. I can work with this by reserving a standard IP# on each VLAN and adding that to our IT network policy - no issues in doing that
Thanks guys, for staying with it and suggesting different options - I've been muddling with this since SAT, so pleased it is resolved!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide