Thank you gpauwen,

In this network

Laptops from vlan3 cannot ping other laptops in vlans 1 and2(It is working correctly). so what happens here?

Just in second floor, vlan 1 can ping vlan 2 but in that floor vlan 2 cannot ping vlan1(why?),it is confusing

there may be a problem with vlan 2 or it is just a packet tracer bug?

Hello,

if you have different Vlans, you need layer 3 interfaces to route between them. As stated, your IP addressing allows for only one Vlan. So in order for the devices in Vlan 3 to be able to communicate with devices in Vlan 1, you need:

interface Vlan1

ip address 192.168.1.1 255.255.255.0

interface Vlan3

ip address 192.168.3.1 255.255.255.0

Your laptops then need addresses from the respective Vlans.

dear gpauwen,

I think you didn't get my mean.

i don't want vlans with different Ids to be able to communicate with each other:

I want this

vlan 1 should just ping vlan 1 in different floors(it shouldnot ping vlan 2 or vlan 3 in any floors).

vlan 2 should just ping vlan 2 in different floors (it shouldnot ping vlan 1 or vlan 3 in any floors))

vlan 3 should just ping vlan 3 in different floors.(it shouldnot ping vlan 1 or vlan 3 in any floors))

vlan3 works correctly (pings from vlan 3  received  successfully in vlan 3 in other floors and vlans 1 and 2 cannot receive them although they have the same subnet masks and network address)

But vlan 1(from floor 1 2 3) can ping vlan 2( just in floor 2) while I don't want this to happen and its logically wrong.

to check it please do these tests:

1. ping from vlan 1 in floor 1 to vlan 2 in floor 1(it would fail and this is true)
2. ping from vlan 1 in floor 3 to vlan 2 in floor 3(this would work correctly and ping will be failed)
3. ping from vlan 1 in floor 1 2 and 3 to vlan 2 in floor 2(this is will be successful while it should be failed this is my question : why it is successful while it should fail) there is something wrong with vlan 2 or vlan 2 in second floor.

Hello,

I tried to ping Laptop-PT mng21 (Vlan 2) from Laptop-PT acc1 (Vlan 1), and the ping succeeds, but I am not sure if what I am pinging is actually the Laptop in Vlan 2, since Laptop-PT Laptop11 has the same IP address (both have 192.168.1.10).

mng21

C:\>ipconfig

FastEthernet0 Connection:(default port)

Link-local IPv6 Address.........: FE80::: 20A:41FF:FE08:5972
IP Address......................192.168.1.10
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 0.0.0.0

Laptop11

C:\>ipconfig

FastEthernet0 Connection:(default port)

Link-local IPv6 Address.........: FE80::260:2FFF:FE83:84B8
IP Address......................: 192.168.1.10
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 0.0.0.0

it doesn't matter that all laptops are in the same subnetmask. The problem is that I have defined vlans in all switches and these vlans should not ping vlans with different numbers, but as you see they do. vlan settings are true, I have checked it again and again. To check the ports in each vlan just keep courser on each switch and you will see which port is in which vlan or just use"show vlan brief" command in switches privilege mode. check it and you will find that every setting is done correctly  but what causes successful pings to second floor's vlan2 from vlan 1? this is the main question I believe that this is a packet tracer bug. where should I report it?

To prove my point, remove the link from the hub to Laptop11, and then try to ping 192.168.1.10 from acc1 in Vlan 1. It won't work, and it is not supposed to.

 Thanks for your consideration gpauwen

You are right. when I change the ip of laptop11, everything works fine but what causes that problem when they both have the same ip?may you explain it a little more,please?

Yes, that's right.

The only question that remains is this: packets passing through trunks are tagged with vlan Ids(we know that vlan 1 packets are not tagged because it is the management vlan and it is natural that laptop11 gets this vlan's packets successfully) but what happens about vlan2 packets aren't they tagged using .1q or isl? (as you see vlan 3 pings to laptop11 fails.)