07-27-2010 01:58 AM - edited 03-06-2019 12:12 PM
Hi,
My name is Sandeep and I am facing very weird problem with my 2960 switch. I have configured my Juniper firewall interface with the ip 10.11.89.5/24 and connected it to 2960 switch port. The default VLAN created on switch is carrying ip address 10.11.89.1/24 and the default gateway is 10.11.89.5.
The problem is, I am unable to ping the gateway from switch but able to ping switch ip address and server ip address connected to switch.
I even change the cable suspecting that there might be problem with the cable.
Please help.
Regards,
Sandeep
07-27-2010 02:42 AM
Hi Sandeep,
Post your switch conf, please and confirm with port is connected your firewall on switch.
AB
07-27-2010 03:01 AM
Hi Antonio,
Thanks for your prompt reply
please find enclosed the config for switch and my firewall is connected to port fa 0/1. the status of the port is link up and connected.
Switch#sh run
Building configuration...
Current configuration : 1301 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport mode access
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 10.11.89.1 255.255.255.0
no ip route-cache
!
ip default-gateway 10.11.89.5
ip http server
!
control-plane
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end
Switch#
07-27-2010 03:38 AM
So your Default Gateway is your Firewall. I'm very sure there is a policy stopping your pings. the command "show ip int br" shows int fa0/1 as UP/UP? if so, then it is definetly your firewall and not the cisco or cable.
07-27-2010 04:13 AM
Hi Syed,
the result is showing up but there is no firewall rule need to configure for it.The same setup i have done in my Mumbai office but i didnt face this issue but i used Nortel Baystack switch for that.
07-27-2010 03:33 PM
there is no firewall rule need to configure for it.
Explicit deny/deny applies.07-28-2010 01:09 AM
Try force vlan tag to 1 with follow command
switchport access vlan 1
I´m not sure if that is the problem but as you are using a non-cisco equipment is better ensure
Try and see if change somehing
Antonio
07-28-2010 01:28 AM
Hi Antonio,
I have tried that previously but no success. Even i replace the switch itself but the same thing with the new one as well.
07-28-2010 01:42 AM
Try to change the encapsulation to dot1q on port connected to Juniper.
switchport trunk encapsulation dot1q
07-28-2010 01:59 AM
Hi sajid,
I tried to configure the suggested command but i am not getting that option. the version on the switch is Version 12.2(35)SE5. and it only allowed me to choose any from the allowed, native and pruning option.
07-28-2010 02:07 AM
Hi goldshield,
Do you need to be a trunk on this port. In this case your port is in mode access.
If you need change to
switchport mode trunk
Will pass all vlans.
Are u using vlans on juniper ??
Antonio
07-28-2010 02:57 AM
Hi Antonio,
No need to configure that port as a trunk port and i tried that option as well. Also I didnt configure VLAN on Juniper. It should work in access mode as it is L3.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide