cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1399
Views
15
Helpful
6
Replies

Switch 3850 forwaring issue

magdy fekry
Level 1
Level 1

Dears, today i face strange issue at Stack switch 3850

 

SW has int vlan 5  (it's the gateway for users vlan) , from user pc when trying to access any dst outsite vlan via http ===> it Redirect me to the SW login page "As attached image" even if this dst not reachable /reachable ,

also try with any other  vlan with the same issue .

 

Could anyone face the same issue before  ! 

 

6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

The switch does not have capabilities to redirect as per i know other than any WCCP configured.

 

can you post-show version and running-config to understand. also any high-level network diagram how switch and your network connecting to the internet. ?

 

what is the IP you aware of 8.8.9.6 as per the screenshot?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

magdy fekry
Level 1
Level 1

Thanks balaji for your reply,

 

the issue has been solved without any config change , and this is a strange issue.

just i un-provsion switch 3 from stack as i already remove it before by below command

 

#no switch 3 provision WS-C3850-12S

 

about above ip 8.8.9.6 it's any ip outside my network for test  as when i type any outside ip it redirect me to login page for this sw .

 

 

 

==========================IOS Version======================


Core#sh version
Cisco IOS XE Software, Version 16.06.04
Cisco IOS Software [Everest], Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9 -M), Version 16.6.4, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Sun 08-Jul-18 02:57 by mcpre


Cisco IOS-XE software, Copyright (c) 2005-2018 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.


ROM: IOS-XE ROMMON
BOOTLDR: CAT3K_CAA Boot Loader (CAT3K_CAA-HBOOT-M) Version 3.58, RELEASE SOFTWAR E (P)

GLAD0-CG01 uptime is 4 days, 3 hours, 5 minutes
Uptime for this control processor is 4 days, 3 hours, 9 minutes
System returned to ROM by Power Failure or Unknown
System image file is "flash:packages.conf"
Last reload reason: Power Failure or Unknown

 

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.


Technology Package License Information:

-----------------------------------------------------------------
Technology-package Technology-package
Current Type Next reboot
------------------------------------------------------------------
ipbasek9 Permanent ipbasek9

cisco WS-C3850-24T (MIPS) processor (revision AC0) with 853093K/6147K bytes of memory.
Processor board ID FOXXXXX
5 Virtual Ethernet interfaces
44 Gigabit Ethernet interfaces
8 Ten Gigabit Ethernet interfaces
2048K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
252000K bytes of Crash Files at crashinfo:.
252000K bytes of Crash Files at crashinfo-2:.
1611414K bytes of Flash at flash:.
1611414K bytes of Flash at flash-2:.
0K bytes of WebUI ODM Files at webui:.

Base Ethernet MAC Address : 00:7e:xXXXx
Motherboard Assembly Number : 73-1629XX
Motherboard Serial Number : XXXX
Model Revision Number : AC0
Motherboard Revision Number : B0
Model Number : WS-C3850-24T
System Serial Number : XXXXX


Switch Ports Model SW Version SW Image Mode
------ ----- ----- ---------- ---------- ----
* 1 32 WS-C3850-24T 16.6.4 CAT3K_CAA-UNIVERSALK9 INSTALL
2 20 WS-C3850-12S 16.6.4 CAT3K_CAA-UNIVERSALK9 INSTALL


Switch 02
---------
Switch uptime : 4 days, 3 hours, 9 minutes

Base Ethernet MAC Address : XXXXXX
Motherboard Assembly Number : XXXXXXX
Motherboard Serial Number : XXXXXXX
Model Revision Number : L0
Motherboard Revision Number : B0
Model Number : WS-C3850-12S
System Serial Number : XXXXXXXX

Configuration register is 0x102

Hello,

 

very odd indeed. What if you configure the below on that switch and put it back in the stack ?

 

no ip http server
no ip http secure-server

Hello George,

 

unfortunately, we use Switch 3 as standalone sw at production network and don't have another sw to add it on current stack .

 

**now, the issue is we don't know the root cause of this odd issue to deal with it if we face it again at another case **

 

anyway many thank george and balaji for yours help

 

 

Hello

"user pc when trying to access any dst outside vlan via http ===> it Redirect me to the SW login page"
Do you have any FW inpath of your wan access that could be proxying http traffic towards?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

magdy fekry
Level 1
Level 1

many thanks paul for your reply,

But PC==>SW==>WAN router  , there is no FW at the path ,really it's a very strange issue and t solved without config change .

 

 

Regards,,

Review Cisco Networking for a $25 gift card