05-12-2020 11:57 AM
The senior IT person for our company recently passed away from, wait for it, COVID-19. I have been tasked with taking over.
I am the network and hardware guy but I didn't handle any of the Cicso we have. I don't have a lot of experience with it but I am learning now. I have researched this for about 2 weeks now and haven't had any success. We are adding an industry-specific piece of equipment that must be on the correct vlan.
The switch is a 3750x.
The issue I am having is using a single open port on the switch. We have 3 vlans:
10.2.0.0
10.2.2.0
10.2.3.0
When I plug into this port, I get an address from the DHCP server on 10.2.2.0
I want the port to be on the 10.2.0.0 vlan and I thought I was successful in adding it. But even after that, I get an address from the 10.2.2.0 network and can't access anything on the 10.2.0.0 vlan.
However, the devices on the 10.2.0.0 vlan are able to communicate with the 10.2.2.0. Just this port can't do it.
My goal is to make this port on the 10.2.0.0 vlan and successfully communicate with both the 10.2.0.0 and 10.2.2.0 networks.
How can I check this and find what is causing this from happening? I really appreciate it.
05-20-2020 10:56 AM
05-20-2020 11:06 AM
Thanks for the clarification. I am surprised at this line in the config that you posted
switchport access vlan 90
Is it still the case that if you have the PC use DHCP that it gets an IP address for vlan 2? And still the case that if your manually configure the PC with an address for vlan 9 that it can not connect to anything?
05-20-2020 11:10 AM
I am sorry, that was my typo. I didn't paste it in, I actually typed it. But it is actually vlan 9.
Sorry for the confusion.
05-20-2020 11:22 AM
Thank for the clarification. I am still trying to figure out the inconsistencies/contradictions of a port that seems assigned to vlan 9 getting address in vlan 2, and if manually configured with an address for vlan 9 then not being able to connect to anything. Can you check the log messages on this switch and verify that when you removed the cable that the switch logs show this interface going down and then back up?
05-20-2020 12:55 PM
Thank you again for your attention. Please see the following:
*Mar 1 21:24:46.230: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/20, changed state to down
000487: *Mar 1 21:24:46.230: %ILPOWER-5-POWER_GRANTED: Interface Gi1/0/20: Power granted
000488: *Mar 1 21:24:54.920: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/20, changed state to up
000489: *Mar 1 21:24:55.935: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/20, changed state to up
000490: *Mar 1 21:25:15.162: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/20, changed state to down
000491: *Mar 1 21:25:16.169: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/20, changed state to down
000492: *Mar 1 21:25:18.576: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/20, changed state to up
000493: *Mar 1 21:25:19.583: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/20, changed state to up
000494: *Mar 1 21:25:22.259: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/20, changed state to down
000495: *Mar 1 21:25:23.274: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/20, changed state to down
000496: *Mar 1 21:25:25.707: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/20, changed state to up
05-20-2020 01:11 PM
Thank you for the output. In trying to reconcile the inconsistencies I was hoping that it might be something like maybe being actually on a different switch. But the output is clear that it is on the expected switch and it is 1/0/20. And the config is clear that this port is assigned to vlan 9. So why is it not getting the expected IP address ???
Would you post the configuration of interface vlan 2 and of interface vlan 9? Where is the dhcp that assigns the addresses? Is it on the switch? Is it on a dedicated dhcp server?
05-20-2020 02:06 PM
It appears that the switch is handling DHCP.
#show interface vlan 2
Vlan2 is up, line protocol is up
Hardware is EtherSVI, address is 6c41.6a35.dbc2 (bia 6c41.6a35.dbc2)
Internet address is 10.2.2.0/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 2/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 15000 bits/sec, 18 packets/sec
5 minute output rate 48000 bits/sec, 5 packets/sec
1403961 packets input, 126155304 bytes, 0 no buffer
Received 0 broadcasts (33586 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
765731 packets output, 327720390 bytes, 0 underruns
0 output errors, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
#show interface vlan 9
Vlan9 is up, line protocol is up
Hardware is EtherSVI, address is 6c41.6a35.dbc3 (bia 6c41.6a35.dbc3)
Internet address is 10.2.0.0/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:20, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
9867 packets input, 821753 bytes, 0 no buffer
Received 0 broadcasts (45 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
62776 packets output, 4023930 bytes, 0 underruns
0 output errors, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
05-20-2020 02:47 PM - edited 05-21-2020 11:08 AM
If the Switch handing over DHCP IP on VLAN 2 and VLAN 9
as i have posted in the first post.
if you looking user need to get IP address from VLAN 9 that is 10.2.0.0/24 or VLAN 2 10.2.2.0/24
you need to allocate the switch port that VLAN.
EDIT :
After reviewing the ports back and forth, i would like see complete configuration of the switch.
show run
ipconfig /all from PC
show ip arp from switch.
05-20-2020 02:50 PM
Thanks for the output. Unfortunately what I asked for was the configuration of the vlan interfaces and not the show interface output. With the possibility that DHCP is handled by the switch it might be easier if I just ask you to post the running configuration of the switch.
05-20-2020 04:42 PM - edited 05-20-2020 04:47 PM
Hello
curious are you positive that pc isn't hardcoded with an ip address?
Have you tested another device in the same port do you get the same result?
Are the dhcp server scopes correct meaning they are not overlapping with the ip ranges on the rtr ?
05-22-2020 02:15 PM
I would like to thank you all for the direction in which I should focus. I am currently offsite and will return on Tuesday at which time I will follow up and let you know which of these suggestions were beneficial.
Thank you again for your time and attention to this, I really appreciate your help.
respectfully
05-23-2020 08:32 AM
You are welcome. When you are able please do send the outputs that we have requested.
05-28-2020 08:05 AM
Here is the full configuration.
show running-config
Building configuration...
Current configuration : 12221 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service sequence-numbers
service unsupported-transceiver
!
hostname xxxx-xx
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
switch 1 provision ws-c3750x-48p
system mtu routing 1500
ip routing
ip dhcp excluded-address 10.168.92.1 10.168.92.15
ip dhcp excluded-address 10.168.100.1
!
ip dhcp pool VOICE
network 10.168.92.0 255.255.255.0
default-router 10.168.92.2
option 150 ip 10.168.92.11 10.168.92.12
dns-server 10.2.0.4
!
ip dhcp pool PUBLIC-WIFI
network 192.168.100.0 255.255.255.0
default-router 192.168.100.1
dns-server 10.2.0.4
!
!
ip dhcp snooping Vlan 9
ip dhcp snooping
ip multicast-routing distributed
no ip igmp snooping
!
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 70 30
mls qos srr-queue input threshold 1 80 90
mls qos srr-queue input priority-queue 2 bandwidth 30
mls qos srr-queue input cos-map queue 1 threshold 2 3
mls qos srr-queue input cos-map queue 1 threshold 3 6 7
mls qos srr-queue input cos-map queue 2 threshold 1 4
mls qos srr-queue input dscp-map queue 1 threshold 2 24
mls qos srr-queue input dscp-map queue 1 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue input dscp-map queue 1 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue input dscp-map queue 2 threshold 3 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
mls qos srr-queue output dscp-map queue 1 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue output dscp-map queue 1 threshold 3 46 47
mls qos srr-queue output dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 2 threshold 1 26 27 28 29 30 31 34 35
mls qos srr-queue output dscp-map queue 2 threshold 1 36 37 38 39
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue output dscp-map queue 4 threshold 1 8 9 11 13 15
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
mls qos queue-set output 1 threshold 1 100 100 50 200
mls qos queue-set output 1 threshold 2 125 125 100 400
mls qos queue-set output 1 threshold 3 100 100 100 400
mls qos queue-set output 1 threshold 4 60 150 50 200
mls qos queue-set output 1 buffers 15 25 40 20
mls qos
!
crypto pki trustpoint TP-self-signed-1781914496
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1781914496
revocation-check none
rsakeypair TP-self-signed-1781914496
!
!
crypto pki certificate chain TP-self-signed-1781914496
certificate self-signed 01
30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373831 39313434 3936301E 170D3933 30333031 30303031
32365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37383139
31343439 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100F17D B95D6802 7420EDFD 561BD3A1 984B1438 7659B3D2 56B7371E 9317999C
1AA29040 3BF643E2 DB75D10E 56F98640 EED9E1F7 9AA75275 2D695C99 F3CE19F3
D4DA8FA7 D096429B 3D952F5F 931B0DA1 426A1B9A BD8A9408 D5E6CBC0 AFEE8B74
0295073C 0B42BCD5 8F1BBB42 3AA7F2D9 0E8325FD 8E3FBF05 296D27BD 92EDC067
970B0203 010001A3 6D306B30 0F060355 1D130101 FF040530 030101FF 30180603
551D1104 11300F82 0D726F73 692D7374 6B2D7377 312E301F 0603551D 23041830
168014BC 894B3C68 39E9FF1E 3E02BC13 FAB9ED0E 4671DF30 1D060355 1D0E0416
0414BC89 4B3C6839 E9FF1E3E 02BC13FA B9ED0E46 71DF300D 06092A86 4886F70D
01010405 00038181 00592323 301AA865 D20F74FA 11894A4D 661625E8 66C9F127
6A476AD4 AA2DE3F8 00CB53AE AC8B4F0E 0095CDB9 C145DE7E 97C3711C 990E5056
CA118C0B 7BEDF7E6 9CFFFDEF C02D5581 14031A5B C4196538 C8B3D6B0 6FCCA5EA
373B9DD4 13A4D629 CB4F563A BC624D14 B60E38DE BFA836E9 E9554BDE 761DCF08
7C8A73E4 1F7FA6EC E9
quit
spanning-tree mode pvst
spanning-tree extend system-id
auto qos srnd4
!
!
!
!
vlan internal allocation policy ascending
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk native vlan 250
switchport mode trunk
!
interface Port-channel20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
shutdown
!
interface GigabitEthernet1/0/1
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access Vlan 9
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/18
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/19
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/20
switchport access Vlan 9
spanning-tree portfast
!
interface GigabitEthernet1/0/21
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/22
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/23
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/24
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/25
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/26
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/27
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/29
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/30
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/31
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/32
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/33
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/34
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/35
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/36
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/37
switchport access Vlan 9
spanning-tree portfast
!
interface GigabitEthernet1/0/38
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/39
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/40
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/41
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/42
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/43
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/44
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/45
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/0/46
switchport access Vlan 9
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/47
switchport access Vlan 1
!
interface GigabitEthernet1/0/48
switchport access Vlan 2
switchport voice Vlan 1
spanning-tree portfast
!
interface GigabitEthernet1/1/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 250
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/1/2
switchport trunk encapsulation dot1q
switchport trunk native vlan 250
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/1/3
switchport trunk encapsulation dot1q
switchport trunk native vlan 250
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/1/4
switchport trunk encapsulation dot1q
switchport trunk native vlan 250
switchport mode trunk
channel-group 1 mode active
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan1
ip address 10.168.92.2 255.255.255.0
ip pim passive
ip multicast ttl-threshold 120
!
interface Vlan2
ip address 10.2.2.2 255.255.255.0
!
interface Vlan 9
ip address 10.2.0.0 255.255.255.0
!
interface Vlan10
ip address 192.168.100.1 255.255.255.0
ip access-group public-wifi in
!
interface Vlan250
ip address 192.168.250.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.2.2.1
ip route 192.168.91.0 255.255.255.0 10.2.2.1
ip route 192.168.93.0 255.255.255.0 10.168.92.250
ip http server
ip http authentication local
ip http secure-server
ip pim rp-address 10.168.92.5
ip pim send-rp-discovery Vlan1 scope 120
!
ip access-list extended public-wifi
permit tcp 192.168.100.0 0.0.0.255 host 10.2.0.4 eq domain
permit udp 192.168.100.0 0.0.0.255 host 10.2.0.4 eq domain
deny ip 192.168.100.0 0.0.0.255 10.2.0.0 0.0.0.255
deny ip 192.168.100.0 0.0.0.255 192.168.91.0 0.0.0.255
deny ip 192.168.100.0 0.0.0.255 10.2.2.0 0.0.0.255
permit ip any any
!
!
!
line con 0
line vty 0 4
login local
length 0
line vty 5 15
login local
!
end
05-28-2020 08:43 AM
05-28-2020 08:46 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: