03-24-2015 11:15 AM - edited 03-07-2019 11:14 PM
so.... I have a computer connected to a 2960 on F0/7 - IP 10.70.64.151 - VLAN 1. The 2960 is connected to a 3750 on ports g1/0/11-12. The 3750 is connected to another computer on G1/0/7 - IP 10.30.0.2 - VLAN2. I have two vlans on each. I can ping from switch to switch on both vlans. I have a trunk setup between the two switches. I can ping both computers from the switches. I can't ping the computers from each other. ip routing is enabled on the 3750. I'm not sure what I'm missing but I could sure use some help. Please see below configs. I snipped a little bit but most ports are configured identically so I removed a bunch to save space. Thanks!
3750x
hostname 3750-sw01 ! boot-start-marker boot-end-marker ! enable password 7 1234567890 ! aaa new-model ! ! aaa authentication login default enable ! ! ! aaa session-id common clock timezone PST -8 0 clock summer-time PDT recurring system mtu routing 1500 ip routing ! ! no ip domain-lookup ip domain-name test.net ip multicast-routing distributed ip igmp snooping querier ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! vlan internal allocation policy ascending ! lldp timer 5 lldp run ! ! ! ! ! interface Port-channel1 description 2960-sw01 switchport trunk encapsulation dot1q switchport mode trunk ! ! interface FastEthernet0 no ip address no ip route-cache cef no ip route-cache shutdown ! ! interface GigabitEthernet1/0/6 switchport mode access ! interface GigabitEthernet1/0/7 description ucrypt management switchport access vlan 2 switchport mode access ! interface GigabitEthernet1/0/8 switchport mode access ! interface GigabitEthernet1/0/9 switchport mode access ! interface GigabitEthernet1/0/10 switchport mode access ! interface GigabitEthernet1/0/11 switchport mode access ! interface GigabitEthernet1/0/12 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/13 description port-channel1 switchport trunk encapsulation dot1q switchport mode trunk channel-group 1 mode on ! interface GigabitEthernet1/0/14 description port-channel1 switchport trunk encapsulation dot1q switchport mode trunk channel-group 1 mode on ! ! interface Vlan1 ip address 10.70.64.31 255.255.255.0 ip helper-address 10.70.64.11 ! interface Vlan2 ip address 10.30.0.1 255.255.255.0 ! no ip http server ip http secure-server ! ip route 0.0.0.0 0.0.0.0 10.70.64.1 ! logging esm config ! ! ! alias exec sib show ip int brief alias exec sal sh access-list alias exec sir sh ip route ! line con 0 privilege level 15 line vty 0 4 privilege level 15 password 7 12345467890 length 0 line vty 5 15 privilege level 15 password 7 12345467890 ! ntp server 129.6.15.28 end
2960
hostname 2960-sw01 ! boot-start-marker boot-end-marker ! enable password 7 1234567890 ! aaa new-model ! ! aaa authentication login default enable ! ! ! aaa session-id common clock timezone CST -6 0 clock summer-time CDT recurring system mtu routing 1500 ! ! no ip domain-lookup ip domain-name test.net ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending lldp timer 5 lldp run ! ! ! interface Port-channel1 description uplink to MDF switchport mode trunk ! interface FastEthernet0/1 switchport mode access spanning-tree portfast ip igmp max-groups 2 ip igmp max-groups action replace ! interface FastEthernet0/2 switchport mode access spanning-tree portfast ip igmp max-groups 2 ip igmp max-groups action replace ! interface FastEthernet0/3 switchport mode access spanning-tree portfast ip igmp max-groups 2 ip igmp max-groups action replace ! interface FastEthernet0/4 switchport mode access spanning-tree portfast ip igmp max-groups 2 ip igmp max-groups action replace ! interface FastEthernet0/5 switchport mode access spanning-tree portfast ip igmp max-groups 2 ip igmp max-groups action replace ! interface FastEthernet0/6 switchport mode access spanning-tree portfast ip igmp max-groups 2 ip igmp max-groups action replace ! interface FastEthernet0/7 switchport mode access spanning-tree portfast ip igmp max-groups 2 ip igmp max-groups action replace ! ! interface GigabitEthernet0/1 description port-channel1 uplink switchport mode trunk channel-group 1 mode on ! interface GigabitEthernet0/2 description port-channel1 uplink switchport mode trunk channel-group 1 mode on ! interface Vlan1 ip address 10.70.64.48 255.255.252.0 ! interface Vlan2 ip address 10.30.0.6 255.255.255.0 ! ip default-gateway 10.70.64.1 no ip http server ip http secure-server ! ! ! ! line con 0 line vty 0 4 privilege level 15 password 7 1234567890 line vty 5 15 privilege level 15 password 7 1234567890 ! ntp server 129.6.15.28 end
03-24-2015 02:27 PM
I don't want to mess with the ASA if at all possible.
Can you try adding a host route to the PC you RDP into eg. -
"route add -host 10.0.30.2 netmask 255.255.255.255 gw 10.70.64.31 dev eth0"
note it will be something like that but you may need to lookup the exact syntax.
This shouldn't stop your remote connectivity working, it should hopefully just send traffic for the server to the 3750 as it's default gateway and then it can route to the server.
Jon
03-24-2015 02:45 PM
will try that now. I think the problem boils down to the fact that the 5505s are layer 2 and that's where I'm running into problems.
03-25-2015 03:41 AM
So it didn't work ?
Jon
03-25-2015 08:32 AM
Sorry, just got in the office. It totally worked. I got the IP changed back and everything's fine now. Thanks for all the help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide