Ping whole subnet

Stephen Sisson · ‎09-28-2012

Hello everyone,

My question that needs your expertise

We have two Cisco 3750 switches connected by trunk port - SW1 has Vlan 172.16.1.x and SW2 has a route 172.16.1.x to SW1.

IT staff is on SW2 Vlan 192.168.0.x and trying to ping computers/servers on the 172.16.1.x network and able to ping 172.16.1.2 the Vlan on SW1 but not able to ping any other host on that subnet.

I'm on SW2 able to ping 172.16.1.2 the Vlan on SW1 but not able to ping any other host on that subnet, on SW1 switch we are able to ping all host in the 172.16.1.x subnet.

Can someone help figure out this issue.

Thank you

Giuseppe Larosa · ‎09-28-2012

Hello Stephen,

check if there are any ACLs applied on the SVI configuration using

show run int Vlan X

if no ACLs are applied all hosts should be reachable unless they miss the default gateway in their TCP/IP stack configuration or they use a different device as default gateway,

Another possibility are software based firewalls that do not allow ping from different IP subnet that can be running on the end user PCs

Hope to help

Giuseppe

Stephen Sisson · ‎09-28-2012

Hello,

After checking both SW1/SW2 we have no ACL in place - we have two Checkpoint firewalls on the network with both subnets allowed, the only two places we can't ping from is SW2 and all IT related computers on the 192.168.0.x network.

Should we setup the same vlan on SW2 on the same subnet with 172.16.1.x - do you think this will fix the issue, or should we go to layer 3 and setup one port with a ip address and connect both switches like that?

Thanks