Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1671
Views
0
Helpful
18
Replies

No internet connection in client side after replacing 3750 with 3850 switch

pnawaskhan
Level 1
Level 1

‎04-21-2019 06:27 AM

Recently we brought a Cisco 3850 switch to replace our 3750 core switch which is having additional Cisco 2960 switches connected through Fiber cable.

I did all the configuration from my Cisco 3850 switch as my Cisco 3750 switch. The internet is connected through cyberoam 200ing firewall with 3750 switch. all the client SVI will get internet thorough their own gateway IP's.

     when i replace with Cisco 3850 the clients are not connecting to internet. But 3850 is connected to internet. but the client is are not connecting to the internet. If i give the gateways in the client to firewall interface ip then it is connecting to internet. Any help highly appreciated.

We have two vlans

1.Vlan 172 - 172.16.2.0 255.255.252.0 and gateway 172.16.2.1

2.vlan 173 - 192.168.100.0 255.255.255.0 and gateway 192.168.100.1

Firewall interface IP is 172.16.2.252

Switch ip is 172.16.2.1

Thanks in advances. Please find the attached file for config detail.

 

Labels:
0 Helpful
18 Replies 18

pnawaskhan
Level 1
Level 1
In response to paul driver

‎04-25-2019 05:55 AM

Dear Sir

      Thanks for your reply. but check the latest config with below statements such as show config, show vlan, show internfeces vlan and ip route with this

 

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2019.04.25 12:25:58 =~=~=~=~=~=~=~=~=~=~=~=


User Access Verification

Password:
Central-SW>en
Password:
Central-SW#show f conf
Central-SW#show configuration
Using 10875 out of 2097152 bytes
!
! Last configuration change at 13:12:33 UTC Wed Apr 24 2019
!
version 16.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname Central-SW
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 $1$bBFw$XmVoAKzO7qnM796U.PgUw/
--More--  !
--More--  no aaa new-model
--More--  switch 1 provision ws-c3850-48t
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  crypto pki trustpoint TP-self-signed-3800458157
--More--   enrollment selfsigned
--More--   subject-name cn=IOS-Self-Signed-Certificate-3800458157
--More--   revocation-check none
--More--   rsakeypair TP-self-signed-3800458157
--More--  !
--More--  !
--More--  crypto pki certificate chain TP-self-signed-3800458157
--More--   certificate self-signed 01 nvram:IOS-Self-Sig#5.cer
--More--  !
--More--  license boot level lanbasek9
--More--  diagnostic bootup level minimal
--More--  spanning-tree mode rapid-pvst
--More--  spanning-tree extend system-id
--More--  !
--More--  !
--More--  !
--More--  redundancy
--More--   mode sso
--More--  !
--More--  !
--More--  !
--More--  class-map match-any system-cpp-police-topology-control
--More--   description Topology control
--More--  class-map match-any system-cpp-police-sw-forward
--More--   description Sw forwarding, SGT Cache Full, LOGGING
--More--  class-map match-any system-cpp-default
--More--   description DHCP snooping, show forward and rest of traffic
--More--  class-map match-any system-cpp-police-sys-data
--More--   description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed
--More--  class-map match-any system-cpp-police-punt-webauth
--More--   description Punt Webauth
--More--  class-map match-any system-cpp-police-forus
--More--   description Forus Address resolution and Forus traffic
--More--  class-map match-any system-cpp-police-multicast-end-station
--More--   description MCAST END STATION
--More--  class-map match-any system-cpp-police-multicast
--More--   description Transit Traffic and MCAST Data
--More--  class-map match-any system-cpp-police-l2-control
--More--   description L2 control
--More--  class-map match-any system-cpp-police-dot1x-auth
--More--   description DOT1X Auth
--More--  class-map match-any system-cpp-police-data
--More--   description ICMP_GEN and BROADCAST
--More--  class-map match-any system-cpp-police-control-low-priority
--More--   description ICMP redirect and general punt
--More--  class-map match-any system-cpp-police-wireless-priority1
--More--   description Wireless priority 1
--More--  class-map match-any system-cpp-police-wireless-priority2
--More--   description Wireless priority 2
--More--  class-map match-any system-cpp-police-wireless-priority3-4-5
--More--   description Wireless priority 3,4 and 5
--More--  class-map match-any non-client-nrt-class
--More--  class-map match-any system-cpp-police-routing-control
--More--   description Routing control
--More--  class-map match-any system-cpp-police-protocol-snooping
--More--   description Protocol snooping
--More--  !
--More--  policy-map port_child_policy
--More--   class non-client-nrt-class
--More--   bandwidth remaining ratio 10
--More--  policy-map system-cpp-policy
--More--   class system-cpp-police-data
--More--   police rate 200 pps
--More--   class system-cpp-police-sys-data
--More--   police rate 100 pps
--More--   class system-cpp-police-sw-forward
--More--   police rate 1000 pps
--More--   class system-cpp-police-multicast
--More--   police rate 500 pps
--More--   class system-cpp-police-multicast-end-station
--More--   police rate 2000 pps
--More--   class system-cpp-police-punt-webauth
--More--   class system-cpp-police-l2-control
--More--   class system-cpp-police-routing-control
--More--   police rate 1800 pps
--More--   class system-cpp-police-control-low-priority
--More--   class system-cpp-police-wireless-priority1
--More--   class system-cpp-police-wireless-priority2
--More--   class system-cpp-police-wireless-priority3-4-5
--More--   class system-cpp-police-topology-control
--More--   class system-cpp-police-dot1x-auth
--More--   class system-cpp-police-protocol-snooping
--More--   class system-cpp-police-forus
--More--   class system-cpp-default
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  !
--More--  interface GigabitEthernet0/0
--More--   vrf forwarding Mgmt-vrf
--More--   no ip address
--More--   negotiation auto
--More--  !
--More--  interface GigabitEthernet1/0/1
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/2
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/3
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/4
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/5
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/6
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/7
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/8
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/9
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/10
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/11
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/12
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/13
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/14
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/15
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/16
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/17
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/18
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/19
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/20
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/21
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/22
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/23
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/24
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/25
--More--   switchport access vlan 173
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/26
--More--   switchport access vlan 173
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/27
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/28
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/29
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/30
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/31
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/32
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/33
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/34
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/35
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/36
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/37
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/38
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/39
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/40
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/41
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/42
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/43
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/44
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/45
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/46
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/47
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/0/48
--More--   switchport access vlan 172
--More--   switchport mode access
--More--  !
--More--  interface GigabitEthernet1/1/1
--More--   switchport access vlan 172
--More--   switchport trunk allowed vlan 172,173
--More--   switchport mode trunk
--More--  !
--More--  interface GigabitEthernet1/1/2
--More--   switchport access vlan 172
--More--   switchport trunk allowed vlan 172,173
--More--   switchport mode trunk
--More--  !
--More--  interface GigabitEthernet1/1/3
--More--   switchport access vlan 172
--More--   switchport trunk allowed vlan 172,173
--More--   switchport mode trunk
--More--  !
--More--  interface GigabitEthernet1/1/4
--More--   switchport access vlan 172
--More--   switchport trunk allowed vlan 172,173
--More--   switchport mode trunk
--More--  !
--More--  interface TenGigabitEthernet1/1/1
--More--  !
--More--  interface TenGigabitEthernet1/1/2
--More--  !
--More--  interface TenGigabitEthernet1/1/3
--More--  !
--More--  interface TenGigabitEthernet1/1/4
--More--  !
--More--  interface Vlan1
--More--   no ip address
--More--  !
--More--  interface Vlan172
--More--   ip address 172.16.2.1 255.255.252.0
--More--  !
--More--  interface Vlan173
--More--   ip address 192.168.100.1 255.255.255.0
--More--  !
--More--  interface Vlan216
--More--   ip address 192.168.216.1 255.255.255.0
--More--  !
--More--  ip forward-protocol nd
--More--  ip http server
--More--  ip http authentication local
--More--  ip http secure-server
--More--  ip ftp username nawaskhan
--More--  ip ftp password qanitha_2013
--More--  ip route 0.0.0.0 0.0.0.0 172.16.2.252
--More--  ip route 172.16.10.0 255.255.255.0 172.16.2.252
--More--  ip route 192.168.100.0 255.255.255.0 172.16.2.252
--More--  ip route 192.168.216.0 255.255.255.0 172.16.2.252
--More--  !
--More--  ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
--More--   permit tcp any any eq 22
--More--   permit tcp any any eq 465
--More--   permit tcp any any eq 143
--More--   permit tcp any any eq 993
--More--   permit tcp any any eq 995
--More--   permit tcp any any eq 1914
--More--   permit tcp any any eq ftp
--More--   permit tcp any any eq ftp-data
--More--   permit tcp any any eq smtp
--More--   permit tcp any any eq pop3
--More--  ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
--More--   permit udp any any range 16384 32767
--More--   permit tcp any any range 50000 59999
--More--  ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
--More--   permit tcp any any range 2300 2400
--More--   permit udp any any range 2300 2400
--More--   permit tcp any any range 6881 6999
--More--   permit tcp any any range 28800 29100
--More--   permit tcp any any eq 1214
--More--   permit udp any any eq 1214
--More--   permit tcp any any eq 3689
--More--   permit udp any any eq 3689
--More--   permit tcp any any eq 11999
--More--  ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
--More--   permit tcp any any range 2000 2002
--More--   permit tcp any any range 5060 5061
--More--   permit udp any any range 5060 5061
--More--  ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
--More--   permit tcp any any eq 443
--More--   permit tcp any any eq 1521
--More--   permit udp any any eq 1521
--More--   permit tcp any any eq 1526
--More--   permit udp any any eq 1526
--More--   permit tcp any any eq 1575
--More--   permit udp any any eq 1575
--More--   permit tcp any any eq 1630
--More--   permit udp any any eq 1630
--More--   permit tcp any any eq 1527
--More--   permit tcp any any eq 6200
--More--   permit tcp any any eq 3389
--More--   permit tcp any any eq 5985
--More--   permit tcp any any eq 8080
--More--  !
--More--  !
--More--  !
--More--  control-plane
--More--   service-policy input system-cpp-policy
--More--  !
--More--  !
--More--  no vstack
--More--  !
--More--  line con 0
--More--   password c1sc0
--More--   login
--More--   stopbits 1
--More--  line aux 0
--More--   stopbits 1
--More--  line vty 0 4
--More--   password class
--More--   login
--More--  line vty 5 15
--More--   password class
--More--   login
--More--  !
--More--  !
--More--  wsma agent exec
--More--  !
--More--  wsma agent config
--More--  !
--More--  wsma agent filesys
--More--  !
--More--  wsma agent notify
--More--  !
--More--  !
--More--  ap dot11 airtime-fairness policy-name Default 0
--More--  ap group default-group
--More--  ap hyperlocation ble-beacon 0
--More--  ap hyperlocation ble-beacon 1
--More--  ap hyperlocation ble-beacon 2
--More--  ap hyperlocation ble-beacon 3
--More--  ap hyperlocation ble-beacon 4
--More--  end
--More--  
Central-SW#show vlan

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
172 Users active Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/4, Gi1/0/5, Gi1/0/6
Gi1/0/7, Gi1/0/8, Gi1/0/9
Gi1/0/10, Gi1/0/11, Gi1/0/12
Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/23, Gi1/0/24
Gi1/0/27, Gi1/0/28, Gi1/0/29
Gi1/0/30, Gi1/0/31, Gi1/0/32
Gi1/0/33, Gi1/0/34, Gi1/0/35
Gi1/0/36, Gi1/0/37, Gi1/0/38
Gi1/0/39, Gi1/0/40, Gi1/0/41
Gi1/0/42, Gi1/0/43, Gi1/0/44
Gi1/0/45, Gi1/0/46, Gi1/0/47
Gi1/0/48, Gi1/1/1, Gi1/1/2
Gi1/1/3, Gi1/1/4
173 Mutkamil_SERVER active Gi1/0/25, Gi1/0/26
216 ERP_SERVER active
--More--  1002 fddi-default act/unsup
--More--  1003 token-ring-default act/unsup
--More--  1004 fddinet-default act/unsup
--More--  1005 trnet-default act/unsup
--More--  
--More--  VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
--More--  ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
--More--  1 enet 100001 1500 - - - - - 0 0
--More--  172 enet 100172 1500 - - - - - 0 0
--More--  173 enet 100173 1500 - - - - - 0 0
--More--  216 enet 100216 1500 - - - - - 0 0
--More--  1002 fddi 101002 1500 - - - - - 0 0
--More--  1003 tr 101003 1500 - - - - - 0 0
--More--  1004 fdnet 101004 1500 - - - ieee - 0 0
--More--  1005 trnet 101005 1500 - - - ibm - 0 0
--More--  
--More--  Remote SPAN VLANs
--More--  ------------------------------------------------------------------------------
--More--  

Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------

Central-SW#
Central-SW#show ip rou
Central-SW#show ip route
Extended Host Mode is enabled
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is 172.16.2.252 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 172.16.2.252
172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks
C 172.16.0.0/22 is directly connected, Vlan172
L 172.16.2.1/32 is directly connected, Vlan172
S 172.16.10.0/24 [1/0] via 172.16.2.252
192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.100.0/24 is directly connected, Vlan173
L 192.168.100.1/32 is directly connected, Vlan173
S 192.168.216.0/24 [1/0] via 172.16.2.252
Central-SW#show ip int
Central-SW#show ip interface br
Central-SW#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up down
Vlan172 172.16.2.1 YES NVRAM up up
Vlan173 192.168.100.1 YES NVRAM up up
Vlan216 192.168.216.1 YES NVRAM up down
GigabitEthernet0/0 unassigned YES unset down down
GigabitEthernet1/0/1 unassigned YES unset down down
GigabitEthernet1/0/2 unassigned YES unset down down
GigabitEthernet1/0/3 unassigned YES unset down down
GigabitEthernet1/0/4 unassigned YES unset down down
GigabitEthernet1/0/5 unassigned YES unset down down
GigabitEthernet1/0/6 unassigned YES unset down down
GigabitEthernet1/0/7 unassigned YES unset down down
GigabitEthernet1/0/8 unassigned YES unset down down
GigabitEthernet1/0/9 unassigned YES unset down down
GigabitEthernet1/0/10 unassigned YES unset up up
GigabitEthernet1/0/11 unassigned YES unset down down
GigabitEthernet1/0/12 unassigned YES unset down down
GigabitEthernet1/0/13 unassigned YES unset down down
GigabitEthernet1/0/14 unassigned YES unset down down
GigabitEthernet1/0/15 unassigned YES unset down down
GigabitEthernet1/0/16 unassigned YES unset down down
--More--  GigabitEthernet1/0/17 unassigned YES unset down down
--More--  GigabitEthernet1/0/18 unassigned YES unset down down
--More--  GigabitEthernet1/0/19 unassigned YES unset up up
--More--  GigabitEthernet1/0/20 unassigned YES unset down down
--More--  GigabitEthernet1/0/21 unassigned YES unset down down
--More--  GigabitEthernet1/0/22 unassigned YES unset down down
--More--  GigabitEthernet1/0/23 unassigned YES unset down down
--More--  GigabitEthernet1/0/24 unassigned YES unset down down
--More--  GigabitEthernet1/0/25 unassigned YES unset up up
--More--  GigabitEthernet1/0/26 unassigned YES unset down down
--More--  GigabitEthernet1/0/27 unassigned YES unset down down
--More--  GigabitEthernet1/0/28 unassigned YES unset down down
--More--  GigabitEthernet1/0/29 unassigned YES unset down down
--More--  GigabitEthernet1/0/30 unassigned YES unset down down
--More--  GigabitEthernet1/0/31 unassigned YES unset down down
--More--  GigabitEthernet1/0/32 unassigned YES unset down down
--More--  GigabitEthernet1/0/33 unassigned YES unset down down
--More--  GigabitEthernet1/0/34 unassigned YES unset down down
--More--  GigabitEthernet1/0/35 unassigned YES unset down down
--More--  GigabitEthernet1/0/36 unassigned YES unset down down
--More--  GigabitEthernet1/0/37 unassigned YES unset down down
--More--  GigabitEthernet1/0/38 unassigned YES unset down down
--More--  GigabitEthernet1/0/39 unassigned YES unset down down
--More--  GigabitEthernet1/0/40 unassigned YES unset down down
--More--  GigabitEthernet1/0/41 unassigned YES unset down down
--More--  GigabitEthernet1/0/42 unassigned YES unset up up
--More--  GigabitEthernet1/0/43 unassigned YES unset down down
--More--  GigabitEthernet1/0/44 unassigned YES unset up up
--More--  GigabitEthernet1/0/45 unassigned YES unset down down
--More--  GigabitEthernet1/0/46 unassigned YES unset up up
--More--  GigabitEthernet1/0/47 unassigned YES unset down down
--More--  GigabitEthernet1/0/48 unassigned YES unset up up
--More--  GigabitEthernet1/1/1 unassigned YES unset down down
--More--  GigabitEthernet1/1/2 unassigned YES unset down down
--More--  GigabitEthernet1/1/3 unassigned YES unset down down
--More--  GigabitEthernet1/1/4 unassigned YES unset down down
--More--  Te1/1/1 unassigned YES unset down down
--More--  Te1/1/2 unassigned YES unset down down
--More--  Te1/1/3 unassigned YES unset down down
--More--  Te1/1/4 unassigned YES unset down down
Central-SW#show ip vlan         in
Central-SW#show int
Central-SW#show interfaces vlan
Central-SW#show interfaces vlan 172
Vlan172 is up, line protocol is up
Hardware is Ethernet SVI, address is 003c.1098.7b5c (bia 003c.1098.7b5c)
Internet address is 172.16.2.1/22
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:13, output hang never
Last clearing of "show interface" counters never
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 16000 bits/sec, 25 packets/sec
5 minute output rate 11000 bits/sec, 10 packets/sec
10921 packets input, 1054486 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
4572 packets output, 662605 bytes, 0 underruns
0 output errors, 2 interface resets
0 unknown protocol drops
--More--   0 output buffer failures, 0 output buffers swapped out
Central-SW#
Central-SW#show interfaces vlan 172 3
Vlan173 is up, line protocol is up
Hardware is Ethernet SVI, address is 003c.1098.7b4e (bia 003c.1098.7b4e)
Internet address is 192.168.100.1/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:08:03, output hang never
Last clearing of "show interface" counters never
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
134 packets input, 11872 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
2 packets output, 120 bytes, 0 underruns
0 output errors, 2 interface resets
0 unknown protocol drops
--More--   0 output buffer failures, 0 output buffers swapped out
Central-SW#show in
Central-SW#show int
Central-SW#show interfaces vlan                      exit

0 Helpful

pnawaskhan
Level 1
Level 1
In response to paul driver

‎04-25-2019 06:10 AM

and also i have internet connection with my 3850 switch if i have my clients with firewall interface 172.16.2.252 as gateway. If only it is not working when i give the switch ip 172.16.2.1. with the below config.

 If you say any problem it is my old setting from 3750 switch is still in production environment and working with switch ip 172.16.2.1 as client gateway.

0 Helpful

Jaderson Pessoa
VIP Alumni
VIP Alumni
In response to pnawaskhan

‎04-25-2019 06:50 AM

when you turn on your 3850 and client has gateway with 172.16.2.1, they are able to ping 172.16.2.1 and 172.16.2.252?
Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful

paul driver
VIP
VIP
In response to Jaderson Pessoa

‎04-25-2019 07:22 AM - edited ‎04-25-2019 07:36 AM

Hello

First of all you don’t need

ip route 192.168.100.0 255.255.255.0 172.16.2.252

As this subnet is on the core sw so why do you want to be routing that towards your Fw?

 

You have not confirmed if your clients able to ping the core switch svi addressing?

 

Do you have clients on both vlans 172&173 

 

If so then you should have your clients DG on vlan 172 and 173 point to the core svi interfaces

 

Lastly I see you vlan 172 subnet is a /22 (255.255.252.0) if this correct? 

 

Make sure you have the correct addressing applied and this is correct on the Fw/core and dhcp scopes 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card