01-18-2020 07:20 AM
Hi, I am having some trouble with intervlan routing on this Cisco 3850 switch. 2 PCs connected directly to switch cannot ping each other but can ping their respective default gateway. Am I missing something on this configuration?
PC on vlan 2020 has an ip of 10.20.30.10 Gi1/0/46 (can ping 10.20.30.1)
PC on vlan 2021 has an ip of 10.20.40.10 Gi1/0/47 (can ping 10.20.40.1)
!
version 16.6
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname Switch
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
no aaa new-model
switch 1 provision ws-c3850-48p
!
!
!
!
ip routing
!
!
!
!
no login on-success log
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-2852547312
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2852547312
revocation-check none
rsakeypair TP-self-signed-2852547312
!
!
crypto pki certificate chain TP-self-signed-2852547312
!
!
!
diagnostic bootup level minimal
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
!
redundancy
mode sso
!
!
transceiver type all
monitoring
!
vlan 2020
name TEST2020
!
vlan 2021
name TEST2021
!
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
description DHCP Snooping, EWLC control, EWCL data
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-system-critical
description System Critical and Gold
!
policy-map system-cpp-policy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
!
interface GigabitEthernet1/0/46
switchport access vlan 2020
switchport mode access
!
interface GigabitEthernet1/0/47
switchport access vlan 2021
switchport mode access
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2020
ip address 10.20.30.1 255.255.255.0
!
interface Vlan2021
ip address 10.20.40.1 255.255.255.0
!
ip forward-protocol nd
no ip http server
ip http authentication local
no ip http secure-server
!
!
!
!
01-19-2020 09:51 PM
I know you have stated you have disabled the firewall on each device, but have you double checked this? It looks a lot like that may be the cause. Do you have another device you can test with regards to end hosts?
Also what does 'show ip route' look like? The output of this will confirm that routing is enabled and the SVIs are up.
01-20-2020 03:21 AM
Out of interest do you get a response to ping if you ping the PC from the switch?
I'd try both a straight ping and ping sourced from the other SVI.
01-21-2020 09:25 AM
Running 16.6 I will try another image.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide