Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
604
Views
0
Helpful
1
Replies

Unable to Access VLAN IP Pool

Hari Kumar Raja
Level 1
Level 1

‎03-19-2013 11:35 PM - edited ‎03-07-2019 12:21 PM

Dear all,

I have one issue on Vlan in Cisco 3750X switches , I have 2 Offices  , I am sitting at corp OFfice and i have one 3750 ( 10.10.1.36)Switch at my location , in my remote office i have one more switch 3750 ( 10.10.33.1) and i am able to access the both vlan IPS with out any issue , now i have some network components in Vlan33 ( 10.10.33.1) at my remote office . i am able to ping 10.10.33.1 IP from my corp office , but i am not able to ping any network devices in 10.10.33.5 example : 10.10.33.5 is my Cyberoam IP at remote location and i am not able to ping , i have taken a trace route and not able to find the issue as i am not much femilar , can any one help me to ping 10.10.33.5 at remote location devicec

I am giving the Configuration for both locaitons below :

10.10.1.36 - Corp Office 3750 Switch:

sh run

L3-#sh running-config

Building configuration...

Current configuration : 7876 bytes

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname L3-xxxxxxCORP

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$bWSD$QmOwxaGh8d5cymqI25L62.

!

!

!

no aaa new-model

clock timezone IST 5 30

switch 1 provision ws-c3750x-24

system mtu routing 1500

authentication mac-move permit

ip subnet-zero

ip routing

ip dhcp excluded-address 10.10.1.1 10.10.1.200

!

ip dhcp pool xxxxxx

   network 10.10.1.0 255.255.255.0

   default-router 10.10.1.36

   dns-server 10.10.1.27

!

!

ip dhcp snooping

!

mls qos map cos-dscp 0 8 16 24 32 46 48 56

mls qos srr-queue input bandwidth 90 10

mls qos srr-queue input threshold 1 8 16

mls qos srr-queue input threshold 2 34 66

mls qos srr-queue input buffers 67 33

mls qos srr-queue input cos-map queue 1 threshold 2 1

mls qos srr-queue input cos-map queue 1 threshold 3 0

mls qos srr-queue input cos-map queue 2 threshold 1 2

mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7

mls qos srr-queue input cos-map queue 2 threshold 3 3 5

mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15

mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7

mls qos srr-queue input dscp-map queue 1 threshold 3 32

mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23

mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48

mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56

mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63

mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31

mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47

mls qos srr-queue output cos-map queue 1 threshold 3 5

mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7

mls qos srr-queue output cos-map queue 3 threshold 3 2 4

mls qos srr-queue output cos-map queue 4 threshold 2 1

mls qos srr-queue output cos-map queue 4 threshold 3 0

mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47

mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31

mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55

mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63

mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23

mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39

mls qos srr-queue output dscp-map queue 4 threshold 1 8

mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15

mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7

mls qos queue-set output 1 threshold 1 138 138 92 138

mls qos queue-set output 1 threshold 2 138 138 92 400

mls qos queue-set output 1 threshold 3 36 77 100 318

mls qos queue-set output 1 threshold 4 20 50 67 400

mls qos queue-set output 2 threshold 1 149 149 100 149

mls qos queue-set output 2 threshold 2 118 118 100 235

mls qos queue-set output 2 threshold 3 41 68 100 272

mls qos queue-set output 2 threshold 4 42 72 100 242

mls qos queue-set output 1 buffers 10 10 26 54

mls qos queue-set output 2 buffers 16 6 17 61

mls qos

!

crypto pki trustpoint TP-self-signed-268234624

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-268234624

revocation-check none

rsakeypair TP-self-signed-268234624

!

!

crypto pki certificate chain TP-self-signed-268234624

certificate self-signed 01

  30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 32363832 33343632 34301E17 0D393330 33303130 30303133

  335A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F

  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3236 38323334

  36323430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100

  BECDC14B 3960D06F D89E19FC A3FBFC1D 9A45F9A0 616102E5 43752F18 D3DB85F8

  F3EA57C1 0F3F4DD7 C69F3282 B69D4F6B D1C81606 94DC3B5D 859C53C4 0EF7186A

  F80AC9B4 89AA534B 5D53CF6B 78776D54 A09CBC3D CBBC0DFC 6E1B0F71 644004E1

  72EE852D 8169EEDE 2BDF7A4A 01705696 30AD6CA8 59C163F6 31EE46B7 C2F0EAD5

  02030100 01A36F30 6D300F06 03551D13 0101FF04 05300301 01FF301A 0603551D

  11041330 11820F4C 332D5048 4F454E49 58434F52 502E301F 0603551D 23041830

  168014A3 8C351A53 F1DB7867 F0171FEE AC0EE876 38CAE730 1D060355 1D0E0416

  0414A38C 351A53F1 DB7867F0 171FEEAC 0EE87638 CAE7300D 06092A86 4886F70D

  01010405 00038181 00B5FB94 20EC547C 90962FD9 1F675E6F 34D7000B AC167B93

  4AFEC67E C0BF6E5D B8442C20 BDFDFCE6 A23E5CDE A7808161 20D2E8DC F0898B55

  0B69CE1F 893DDF6D AEF4E646 7B455893 5A12DAE0 F920BB03 BC7B2E9F F7333672

  0970F89C 7CC3E792 1A3C5812 2384D23C BBE4E215 0102A1BD 90C4A1C8 B1BCDC09

  3889D58C 5803C89C 70

  quit

spanning-tree mode pvst

spanning-tree etherchannel guard misconfig

spanning-tree extend system-id

!

!

!

!

vlan internal allocation policy ascending

!

!

!

interface FastEthernet0

no ip address

no ip route-cache cef

no ip route-cache

no ip mroute-cache

!

interface GigabitEthernet1/0/1

!

interface GigabitEthernet1/0/2

!

interface GigabitEthernet1/0/3

!

interface GigabitEthernet1/0/4

!

interface GigabitEthernet1/0/5

!

interface GigabitEthernet1/0/6

!

interface GigabitEthernet1/0/7

!

interface GigabitEthernet1/0/8

!

interface GigabitEthernet1/0/9

!

interface GigabitEthernet1/0/10

!

interface GigabitEthernet1/0/11

!

interface GigabitEthernet1/0/12

!

interface GigabitEthernet1/0/13

!

interface GigabitEthernet1/0/14

!

interface GigabitEthernet1/0/15

!

interface GigabitEthernet1/0/16

!

interface GigabitEthernet1/0/17

!

interface GigabitEthernet1/0/18

description "Uplink to xxxxxxx-Call"

switchport access vlan 102

!

interface GigabitEthernet1/0/19

!

interface GigabitEthernet1/0/20

!

interface GigabitEthernet1/0/21

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/22

!

interface GigabitEthernet1/0/23

!

interface GigabitEthernet1/0/24

bandwidth 2048

!

interface GigabitEthernet1/1/1

!

interface GigabitEthernet1/1/2

!

interface GigabitEthernet1/1/3

!

interface GigabitEthernet1/1/4

!

interface TenGigabitEthernet1/1/1

!

interface TenGigabitEthernet1/1/2

!

interface Vlan1

ip address 10.10.1.36 255.255.255.0

ip helper-address 10.10.1.36

no ip redirects

!

interface Vlan101

no ip address

!

interface Vlan102

description Inspiredge

ip address 10.10.2.36 255.255.255.0

ip access-group xxx_VLAN102 in

!

interface Vlan103

ip address 10.10.3.36 255.255.255.0

!

interface Vlan104

ip address 10.10.4.36 255.255.255.0

!

interface Vlan105

description voip

ip address 10.10.5.36 255.255.255.0

!

interface Vlan106

ip address 10.10.6.36 255.255.255.0

!

interface Vlan107

ip address 10.10.7.36 255.255.255.0

!

interface Vlan108

ip address 10.10.8.36 255.255.255.0

!

interface Vlan109

ip address 10.10.9.36 255.255.255.0

!

interface Vlan175

description *** xxxx VLAN ***

no ip address

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.1.43

ip route 10.10.0.0 255.255.255.0 10.10.1.199

ip route 10.10.25.0 255.255.255.0 10.10.1.35

ip route 10.10.26.0 255.255.255.0 10.10.1.35

ip route 10.10.32.0 255.255.255.0 10.10.1.199

ip route 10.10.33.0 255.255.255.0 10.10.1.199

ip route 10.10.34.0 255.255.255.0 10.10.1.199

ip route 10.10.35.0 255.255.255.0 10.10.1.199

ip route 172.16.20.0 255.255.255.0 10.10.1.35

ip route 192.168.1.0 255.255.255.0 10.10.1.35

ip route 192.168.6.0 255.255.255.0 10.10.1.35

ip route 192.168.99.0 255.255.255.0 10.10.1.35

ip http server

ip http secure-server

!

ip access-list extended TSO_VLAN102

deny   ip 10.10.2.0 0.0.0.255 10.10.1.0 0.0.0.255

permit ip any any

!

ip sla enable reaction-alerts

!

!

line con 0

line vty 0 4

password xxxxxxxxx

login

line vty 5 15

login

!

ntp clock-period 36025048

ntp server xxx.xxx.xxx.xxx

end

L3-#

10.10.0.1 : Remote Location Switch

sh run

xxxxx-VSEZ-CORE#sh running-config

Building configuration...

Current configuration : 7346 bytes

!

! Last configuration change at 11:39:29 IST Wed Mar 20 2013 by phoenixra

! NVRAM config last updated at 13:13:18 IST Fri Mar 15 2013 by phoenixra

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname xxxxxx-xxxx-CORE

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$xTAZ$fYA/jP2oNQaNyupFUIP9t1

!

username xxxxxxxxx privilege 15 secret 5 $1$R/J7$DXXlKRgNcO0M5GiEANt7i1

!

!

aaa new-model

!

!

aaa authentication login default local

!

!

!

aaa session-id common

clock timezone IST 5 30

switch 1 provision ws-c3750x-24

system mtu routing 1500

authentication mac-move permit

ip subnet-zero

ip routing

!

!

!

mls qos map policed-dscp  24 26 46 to 0

mls qos map cos-dscp 0 8 16 24 32 46 48 56

mls qos srr-queue input bandwidth 90 10

mls qos srr-queue input threshold 1 8 16

mls qos srr-queue input threshold 2 34 66

mls qos srr-queue input buffers 67 33

mls qos srr-queue input cos-map queue 1 threshold 2 1

mls qos srr-queue input cos-map queue 1 threshold 3 0

mls qos srr-queue input cos-map queue 2 threshold 1 2

mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7

mls qos srr-queue input cos-map queue 2 threshold 3 3 5

mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15

mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7

mls qos srr-queue input dscp-map queue 1 threshold 3 32

mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23

mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48

mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56

mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63

mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31

mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47

mls qos srr-queue output cos-map queue 1 threshold 3 5

mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7

mls qos srr-queue output cos-map queue 3 threshold 3 2 4

mls qos srr-queue output cos-map queue 4 threshold 2 1

mls qos srr-queue output cos-map queue 4 threshold 3 0

mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47

mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31

mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55

mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63

mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23

mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39

mls qos srr-queue output dscp-map queue 4 threshold 1 8

mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15

mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7

mls qos queue-set output 1 threshold 1 138 138 92 138

mls qos queue-set output 1 threshold 2 138 138 92 400

mls qos queue-set output 1 threshold 3 36 77 100 318

mls qos queue-set output 1 threshold 4 20 50 67 400

mls qos queue-set output 2 threshold 1 149 149 100 149

mls qos queue-set output 2 threshold 2 118 118 100 235

mls qos queue-set output 2 threshold 3 41 68 100 272

mls qos queue-set output 2 threshold 4 42 72 100 242

mls qos queue-set output 1 buffers 10 10 26 54

mls qos queue-set output 2 buffers 16 6 17 61

mls qos

!

!

spanning-tree mode pvst

spanning-tree etherchannel guard misconfig

spanning-tree extend system-id

!

!

!

!

vlan internal allocation policy ascending

!

!

class-map match-all AutoQoS-VoIP-RTP-Trust

match ip dscp ef

class-map match-all AutoQoS-VoIP-Control-Trust

match ip dscp cs3  af31

!

!

policy-map AutoQoS-Police-SoftPhone

class AutoQoS-VoIP-RTP-Trust

  set dscp ef

  police 320000 8000 exceed-action policed-dscp-transmit

class AutoQoS-VoIP-Control-Trust

  set dscp cs3

  police 32000 8000 exceed-action policed-dscp-transmit

!

!

!

interface FastEthernet0

no ip address

no ip route-cache cef

no ip route-cache

no ip mroute-cache

shutdown

!

interface GigabitEthernet1/0/1

description "Connected to Cyberoam Port A"

switchport access vlan 33

!

interface GigabitEthernet1/0/2

description "Connected to 892 Router"

switchport access vlan 31

bandwidth 100000

duplex full

!

interface GigabitEthernet1/0/3

description TATA-ISP-10Mbps-Uplink

switchport access vlan 40

!

interface GigabitEthernet1/0/4

description xxxx-ISP-10Mbps-Uplink-xxxxx

switchport access vlan 40

!

interface GigabitEthernet1/0/5

switchport access vlan 34

!

interface GigabitEthernet1/0/6

switchport access vlan 34

!

interface GigabitEthernet1/0/7

description "Uplink To TSO-POE"

!

interface GigabitEthernet1/0/8

!

interface GigabitEthernet1/0/9

description "TATA-10MBPS-SONICWALL"

switchport access vlan 40

!

interface GigabitEthernet1/0/10

switchport access vlan 32

!

interface GigabitEthernet1/0/11

switchport access vlan 31

!

interface GigabitEthernet1/0/12

switchport access vlan 31

!

interface GigabitEthernet1/0/13

description "Phoenix-Dev 1142"

switchport access vlan 31

!

interface GigabitEthernet1/0/14

switchport access vlan 31

!

interface GigabitEthernet1/0/15

!

interface GigabitEthernet1/0/16

!

interface GigabitEthernet1/0/17

!

interface GigabitEthernet1/0/18

!

interface GigabitEthernet1/0/19

switchport access vlan 41

!

interface GigabitEthernet1/0/20

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/21

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/22

switchport access vlan 32

!

interface GigabitEthernet1/0/23

description "Unit 1 Uplink to ITES"

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/24

switchport access vlan 31

!

interface GigabitEthernet1/1/1

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/1/2

!

interface GigabitEthernet1/1/3

!

interface GigabitEthernet1/1/4

!

interface TenGigabitEthernet1/1/1

!

interface TenGigabitEthernet1/1/2

!

interface Vlan1

no ip address

shutdown

!

interface Vlan31

description xxxx-DC

ip address 10.10.0.1 255.255.255.0

!

interface Vlan32

description VSEZ-ITES

ip address 10.10.32.1 255.255.255.0

!

interface Vlan33

description Infrastructure

ip address 10.10.33.1 255.255.255.0

!

interface Vlan34

description xxxxxx

ip address 10.10.34.1 255.255.255.0

!

interface Vlan35

description xxx

ip address 10.10.35.1 255.255.255.0

ip access-group Block_VLAN_35_in in

ip access-group Block_VLAN_35_out out

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.33.5

ip route 10.10.0.0 255.255.255.0 10.10.0.3

ip route 10.10.1.0 255.255.255.0 10.10.0.3

ip route 10.10.5.0 255.255.255.0 10.10.0.3

ip route 10.10.25.0 255.255.255.0 10.10.0.3

ip http server

no ip http secure-server

!

ip access-list extended Block_VLAN_35_in

deny   ip 10.10.35.0 0.0.0.255 10.10.32.0 0.0.0.255

deny   ip 10.10.35.0 0.0.0.255 10.10.33.0 0.0.0.255

deny   ip 10.10.35.0 0.0.0.255 10.10.34.0 0.0.0.255

permit ip any any

ip access-list extended Block_VLAN_35_out

deny   ip 10.10.32.0 0.0.0.255 10.10.35.0 0.0.0.255

deny   ip 10.10.34.0 0.0.0.255 10.10.35.0 0.0.0.255

permit ip any any

deny   ip 10.10.33.0 0.0.0.255 10.10.35.0 0.0.0.255

!

ip sla enable reaction-alerts

!

!

line con 0

line vty 5 15

!

ntp clock-period 36020690

ntp server xxx.xxx.xxx.xxx

end

xxxxxx-VSEZ-CORE#

Traceroute from Corp Office Switch :

C:\Users\xxxxx>tracert 10.10.33.1

Tracing route to 10.10.33.1 over a maximum of 30 hops

  1    12 ms     1 ms     1 ms  10.10.1.36

  2     2 ms     2 ms     2 ms  10.10.1.199

  3    13 ms    11 ms     7 ms  10.10.24.2

  4    10 ms    13 ms    10 ms  10.10.33.1

Trace complete.

Tracertroute from Corp Office Switch to Network Device ( Cyberoam) 10.10.33.5 :

C:\Users\xxxxx>tracert 10.10.33.5

racing route to 10.10.33.5 over a maximum of 30 hops

1     1 ms     1 ms     1 ms  10.10.1.36

2     1 ms     1 ms     1 ms  10.10.1.199

3     8 ms     7 ms     7 ms  10.10.24.2

4    14 ms    11 ms     7 ms  10.10.0.1

5     *        *        *     Request timed out.

6     *        *        *     Request timed out.

7     *        *        *     Request timed out.

8     *        *        *     Request timed out.

9     *        *        *     Request timed out.

10     *        *        *     Request timed out.

11     *        *        *     Request timed out.

12     *        *        *     Request timed out.

13     *        *        *     Request timed out.

14     *        *        *     Request timed out.

15     *        *        *     Request timed out.

16     *        *        *     Request timed out.

17     *        *        *     Request timed out.

18     *        *        *     Request timed out.

19     *        *        *     Request timed out.

20     *        *        *     Request timed out.

21     *        *        *     Request timed out.

22     *        *        *     Request timed out.

23     *        *        *     Request timed out.

24     *        *        *     Request timed out.

25     *        *        *     Request timed out.

26     *        *        *     Request timed out.

27     *        *        *     Request timed out.

28     *        *        *     Request timed out.

29     *        *        *     Request timed out.

30     *        *        *     Request timed out.

Trace complete.

Please help me to fix this issue.

Thanks

Hari

Labels:
0 Helpful
1 Reply 1

ahmadamr85
Level 1
Level 1

‎03-20-2013 05:00 AM

what is the default gateway of the devices in the 10.10.33.0 network (it should be 10.10.33.1) and for the Cyberoam it should have a route pointing back to the switch (i.e ip route 10.10.1.0 255.255.255.0 10.10.33.1) because it seems that the Cyberoam does not how to respond for the ICMP requests comming from the 10.10.1.0 subnet

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card