Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
639
Views
0
Helpful
4
Replies

im having networking problems with my 2960 switch.

dolanduck.
Level 1
Level 1

‎10-01-2019 07:56 PM

i cant get my switch to ping anything outside or its default gateway and i have a default gateway enabled and told it where it is.

im using a layer 3 switch to allow inter vlan routing and my layer 2 switch is connected to it and im using vtp to transfer over vlans.

trunking is working

i have dhcp on a router and thats working hosts get ip addresses and they can ping anything outside with nat. but nothing in my network can ping my 2960 switch or it can ping anything outside

i made 4 vlans 2 blue, 3 red, 99 for management and 666 for native vlan.

here are my running configs

S2#show run

Building configuration...

 

Current configuration : 6109 bytes

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname S2

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$XIvx$hr5ICUXrgqjTG5S6yInhF.

!

username admin1 privilege 15 secret 5 $1$IH.P$SL3UsuDpER92iFKtPl6CD1

username admin2 privilege 10 secret 5 $1$5A6/$U7Z3KJtz.irw8bdKsSXL30

username admin3 secret 5 $1$CtaI$7bvNR4EIuHN94x7WGRk2f/

!

!

no aaa new-model

system mtu routing 1500

!

!

ip domain-name aperture.com

!

!

crypto pki trustpoint TP-self-signed-183918976

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-183918976

revocation-check none

rsakeypair TP-self-signed-183918976

!

!

crypto pki certificate chain TP-self-signed-183918976

certificate self-signed 01

30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030

30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 31383339 31383937 36301E17 0D393330 33303130 30303134

305A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F

532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3138 33393138

39373630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100

DDA9913E 6C93B796 76DFA5A4 08C3A513 BABCFE54 8F873516 F8FFD767 15A50167

85DBB526 CA1F8244 B9087492 0D9BC71E EAACAC5A 72FB5882 15FC44BB 4BE29943

E087FC81 A3544B94 843465FD 69AB03B0 A2ABC464 521C89BA F0428A94 C666285B

8FFB971D 04BD0B37 C613522E D585558E CC344631 FA0BF964 A6545098 22C63437

02030100 01A36F30 6D300F06 03551D13 0101FF04 05300301 01FF301A 0603551D

11041330 11820F53 322E6170 65727475 72652E63 6F6D301F 0603551D 23041830

1680141D 7EBBBBB1 47AF5E4A 3F3BB52A 68A914DB 27FDB830 1D060355 1D0E0416

04141D7E BBBBB147 AF5E4A3F 3BB52A68 A914DB27 FDB8300D 06092A86 4886F70D

01010405 00038181 0051F384 77A7215B D50306A0 E1546827 D8D6C48C 7E491B97

640D2425 B618577B B216382B 2224AAEC 2F798688 BE3DDAE1 CD998D7B DB6E0110

CA9FBC4D 7DFDC96E 4C5ADEF2 CDBADFCB FC891573 88D8D4F2 896F4750 B121CD5A

B671DB56 36A54AA7 40336FBA DC65E115 C86EA605 BDA38C22 194D5808 BCEA243F

BE4A301C 1A416B55 47

quit

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

ip ssh time-out 10

ip ssh authentication-retries 2

ip ssh version 2

!

!

interface FastEthernet0/1

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging time 1440

switchport port-security violation restrict

switchport port-security mac-address sticky

!

interface FastEthernet0/2

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/3

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/4

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/5

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/6

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/7

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/8

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/9

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/10

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/11

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/12

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security aging type inactivity

switchport port-security mac-address sticky

!

interface FastEthernet0/13

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/14

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/15

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/16

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/17

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/18

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/19

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/20

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/21

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/22

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/23

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/24

switchport access vlan 3

switchport mode access

!

interface GigabitEthernet0/1

switchport trunk native vlan 666

switchport trunk allowed vlan 2,3,99

!

interface GigabitEthernet0/2

!

interface Vlan1

ip address dhcp

!

interface Vlan99

ip address 10.0.0.4 255.255.255.248

!

ip default-gateway 10.0.0.1

ip http server

ip http secure-server

vstack

!

line con 0

line vty 0 4

login local

transport input ssh

line vty 5 15

login local

transport input ssh

!

end

my main switch layer 3

S1(config)#do show run

Building configuration...

 

Current configuration : 4117 bytes

!

! No configuration change since last restart

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname S1

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$CAti$IkIrCyM87BCyxoV5Cedag0

!

username admin1 privilege 15 secret 5 $1$eHpa$MKoqacmICiI98NnKyWlZK/

username admin2 privilege 10 secret 5 $1$vtqZ$/uztJVndMfpAXHh0iQ7wO0

username admin3 secret 5 $1$XUHo$ipZsIPMKuhvoM2chf7yTg1

!

!

no aaa new-model

switch 1 provision ws-c3750g-24ts

system mtu routing 1500

ip routing

ip domain-name aperture.com

ip name-server 10.0.0.10

!

!

!

!

crypto pki trustpoint TP-self-signed-115115904

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-115115904

revocation-check none

rsakeypair TP-self-signed-115115904

!

!

crypto pki certificate chain TP-self-signed-115115904

certificate self-signed 01

30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030

30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 31313531 31353930 34301E17 0D393330 33303130 30303230

375A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F

532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3131 35313135

39303430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100

B3FCCDC4 F94BEBB5 90003CF6 CF596E80 533B34CE D05BC161 D16D0133 4D382BDD

2E636AAD D9AF3E4B F2158EDB 051C2B54 9D85717C 4F5D75AA 0473DEE7 D77CD61C

48CD0F59 9EA8FFA1 73981A57 3E669591 BF123C17 86E725F6 3447985A BCFF61EA

0BA0BA49 E3FFD97D F410E8D4 20170D48 B68C4D84 4E9A0063 BAA553BC 0D32F497

02030100 01A36F30 6D300F06 03551D13 0101FF04 05300301 01FF301A 0603551D

11041330 11820F53 312E6170 65727475 72652E63 6F6D301F 0603551D 23041830

1680144C 3335FB83 5CB31B6A AC7754BF AE6296BB B09E4730 1D060355 1D0E0416

04144C33 35FB835C B31B6AAC 7754BFAE 6296BBB0 9E47300D 06092A86 4886F70D

01010405 00038181 0020C567 CF0DE671 AB8F2506 D6E5A4DF 896DBB4E BE0D716E

B65D265E BCCF4E51 14B18312 334B700B C7A2B454 FAF7F1C2 0178F4BA DC205BDA

0A91886B A8D52B7A 07A60497 15C5F2E5 B2CC4D1A 419DDD4F 1F27ABAD 781B3E84

8D8AFD70 6CA855CE 4F261487 B6703C4E F2DF0773 66B42940 33152FBA 5C8A8153

2F114F5B B51785CA F9

quit

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

ip ssh time-out 10

ip ssh authentication-retries 2

ip ssh version 2

!

!

!

interface GigabitEthernet1/0/1

!

interface GigabitEthernet1/0/2

!

interface GigabitEthernet1/0/3

!

interface GigabitEthernet1/0/4

!

interface GigabitEthernet1/0/5

!

interface GigabitEthernet1/0/6

!

interface GigabitEthernet1/0/7

!

interface GigabitEthernet1/0/8

!

interface GigabitEthernet1/0/9

!

interface GigabitEthernet1/0/10

!

interface GigabitEthernet1/0/11

!

interface GigabitEthernet1/0/12

!

interface GigabitEthernet1/0/13

!

interface GigabitEthernet1/0/14

!

interface GigabitEthernet1/0/15

!

interface GigabitEthernet1/0/16

!

interface GigabitEthernet1/0/17

!

interface GigabitEthernet1/0/18

!

interface GigabitEthernet1/0/19

!

interface GigabitEthernet1/0/20

!

interface GigabitEthernet1/0/21

!

interface GigabitEthernet1/0/22

!

interface GigabitEthernet1/0/23

description connects to R2

no switchport

ip address 10.0.0.2 255.255.255.248

!

interface GigabitEthernet1/0/24

switchport trunk native vlan 666

switchport trunk allowed vlan 2,3,99

switchport mode dynamic desirable

!

interface GigabitEthernet1/0/25

!

interface GigabitEthernet1/0/26

!

interface GigabitEthernet1/0/27

!

interface GigabitEthernet1/0/28

!

interface Vlan1

no ip address

!

interface Vlan2

ip address 192.168.0.1 255.255.255.0

ip helper-address 10.0.0.10

!

interface Vlan3

ip address 192.168.1.1 255.255.255.0

ip helper-address 10.0.0.10

!

interface Vlan99

no ip address

!

ip default-gateway 10.0.0.1

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.1

ip http server

ip http secure-server

!

!

!

!

vstack

!

line con 0

line vty 0 4

login local

transport input ssh

line vty 5 15

login local

transport input ssh

!

ntp clock-period 36029008

ntp server 10.0.0.1

end

Labels:
0 Helpful
4 Replies 4

luis_cordova
VIP Alumni
VIP Alumni

‎10-01-2019 08:09 PM

Hi @dolanduck.  ,

 

Your 10.0.0.0 network is configured between the switch and the router with a routed port, so the network assigned to vlan 99 must be different.
Try this:

Switch L2

interface Vlan99

ip address 10.0.0.10 255.255.255.248

!

ip default-gateway 10.0.0.9

 

Switch L3

interface Vlan99

ip address 10.0.0.9 255.255.255.248

!

no ip default-gateway


Then, you just have to make sure that the vlan 99 network (10.0.0.8/29) is routed on your devices

 

Regards

 

0 Helpful

dolanduck.
Level 1
Level 1
In response to luis_cordova

‎10-02-2019 03:34 AM - edited ‎10-02-2019 04:30 AM

but i have ip routing enabled shouldn't it allow me to connect to vlan 99. just like router on a stick.

0 Helpful

cmarva
Level 4
Level 4
In response to dolanduck.

‎10-02-2019 04:55 AM

but there's no ip address on your vlan 99 interface on your L3 switch.

0 Helpful

dolanduck.
Level 1
Level 1
In response to cmarva

‎10-02-2019 05:12 AM

Because im trying to ping r2. I connect s1 uing the interface

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card