Hi

set up loggiong monitor debug
acl was modified.

And I set up debug ip packet 101.

192.168.50.2 -> 192.168.50.1 when Ping is sent
The following log is created.

*Aug 25 02:09:11.842: IP: s=192.168.50.2 (Vlan1), d=192.168.50.1 (nil), len 60, input feature, MCI Check(109), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Aug 25 02:09:11.842: IP: s=192.168.50.2 (Vlan1), d=192.168.50.1 (nil), len 60, rcvd 2
*Aug 25 02:09:11.842: IP: s=192.168.50.2 (Vlan1), d=192.168.50.1 (nil), len 60, stop process pak for forus packet
*Aug 25 02:09:11.842: IP: tableid=0, s=192.168.50.1 (local), d=192.168.50.2 (Vlan1) nexthop=192.168.50.2, routed via FIB

However, 192.168.50.2->192.168.50.3 is still not generated.

Thanks

is ip route-cache enabled on the interface?

how about pinging from 192168.50.2 to 192.168.60.2 ? do you see debug output?

Hi

There is no ip route-cache command on the interface to which the PC is connected (Gi 1/0/1).

Instead, I put ip route-cache in the vlan interface.

When I ping from 192.168.50.2 to 192.168.60.2, no debug message is displayed.

Thanks

Can you post complete running configuration, along with show version.

show run, show debug, show ver are attached.

Thanks

Look at the config : i found couple of them not correct.

as per the diagram you have device has IP address .2

1. But as per the configuration the VLAN has .2 IP adress as below :

2. You have 2 different Extend ACL for different source and destination.

3. are you debugging correct ACL with debug ip packet ACL details  to get correct outcome.

4. Can you post end device config  (by typing ipconfig /all ? ) they should point to gateway .2 IP address of VLAN interface.

interface Vlan1
ip address 192.168.50.2 255.255.255.0
!
interface Vlan2
ip address 192.168.60.2 255.255.255.0
!
ip forward-protocol nd
ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.50.1
!
!
ip access-list extended 101
10 permit ip 192.168.50.0 0.0.0.255 192.168.50.0 0.0.0.255
ip access-list extended 102
10 permit ip 192.168.50.0 0.0.0.255 192.168.60.0 0.0.0.255

make necessary changes and test and advise what you see ?

Note : another Observation i noticed was you have LITE IOS Image, i have never worked on that, as per LITE Image concern, ACL has Limitation (not sure, i only going with document)

I have tested with your scenario in my LAB all works as expected. - those are IP SERVICE advanced image, and Cat 9300 or higher - just to confirm.

1.But as per the configuration the VLAN has .2 IP adress as below:

Sorry, the diagram and IP have changed for the first time.
I will attach the modified diagram again.
Port 1 PC-50.3
Port 2 PC-60.3

Ping from 50.3 to 50.2/60.2 creates a log
Ping from 60.3 to 50.2/60.2 creates a log

However, 50.3 and 60.3 ping each other and no log is generated.

2.You have 2 different Extend ACL for different source and destination.

The reason for creating two ACLs is

The 101 ACL is what you want to debug when you ping between 50.3 and 50.4.
The 102 ACL is what I want to debug when I ping from 50.3 to 60.3.

3. are you debugging correct ACL with debug ip packet ACL details to get correct outcome.

yes..

4.Can you post end device config (by typing ipconfig /all?) They should point to gateway .2 IP address of VLAN interface.

It is difficult to capture, but I guarantee that I did it twice with the gateway address.
All devices communicate with each other Ping (50.3<->60.3)

Note: another Observation i noticed was you have LITE IOS Image, i have never worked on that, as per LITE Image concern, ACL has Limitation (not sure, i only going with document)

The 9200 seems to have all OS names with LITE.
The 9300 does not have a LITE on all OS names.

Thanks