03-19-2013 11:35 PM - edited 03-07-2019 12:21 PM
Dear all,
I have one issue on Vlan in Cisco 3750X switches , I have 2 Offices , I am sitting at corp OFfice and i have one 3750 ( 10.10.1.36)Switch at my location , in my remote office i have one more switch 3750 ( 10.10.33.1) and i am able to access the both vlan IPS with out any issue , now i have some network components in Vlan33 ( 10.10.33.1) at my remote office . i am able to ping 10.10.33.1 IP from my corp office , but i am not able to ping any network devices in 10.10.33.5 example : 10.10.33.5 is my Cyberoam IP at remote location and i am not able to ping , i have taken a trace route and not able to find the issue as i am not much femilar , can any one help me to ping 10.10.33.5 at remote location devicec
I am giving the Configuration for both locaitons below :
10.10.1.36 - Corp Office 3750 Switch:
sh run
L3-#sh running-config
Building configuration...
Current configuration : 7876 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname L3-xxxxxxCORP
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$bWSD$QmOwxaGh8d5cymqI25L62.
!
!
!
no aaa new-model
clock timezone IST 5 30
switch 1 provision ws-c3750x-24
system mtu routing 1500
authentication mac-move permit
ip subnet-zero
ip routing
ip dhcp excluded-address 10.10.1.1 10.10.1.200
!
ip dhcp pool xxxxxx
network 10.10.1.0 255.255.255.0
default-router 10.10.1.36
dns-server 10.10.1.27
!
!
ip dhcp snooping
!
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 90 10
mls qos srr-queue input threshold 1 8 16
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 67 33
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0
mls qos srr-queue input cos-map queue 2 threshold 1 2
mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7
mls qos srr-queue input cos-map queue 2 threshold 3 3 5
mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 32
mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48
mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56
mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 138 138 92 138
mls qos queue-set output 1 threshold 2 138 138 92 400
mls qos queue-set output 1 threshold 3 36 77 100 318
mls qos queue-set output 1 threshold 4 20 50 67 400
mls qos queue-set output 2 threshold 1 149 149 100 149
mls qos queue-set output 2 threshold 2 118 118 100 235
mls qos queue-set output 2 threshold 3 41 68 100 272
mls qos queue-set output 2 threshold 4 42 72 100 242
mls qos queue-set output 1 buffers 10 10 26 54
mls qos queue-set output 2 buffers 16 6 17 61
mls qos
!
crypto pki trustpoint TP-self-signed-268234624
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-268234624
revocation-check none
rsakeypair TP-self-signed-268234624
!
!
crypto pki certificate chain TP-self-signed-268234624
certificate self-signed 01
30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32363832 33343632 34301E17 0D393330 33303130 30303133
335A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3236 38323334
36323430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
BECDC14B 3960D06F D89E19FC A3FBFC1D 9A45F9A0 616102E5 43752F18 D3DB85F8
F3EA57C1 0F3F4DD7 C69F3282 B69D4F6B D1C81606 94DC3B5D 859C53C4 0EF7186A
F80AC9B4 89AA534B 5D53CF6B 78776D54 A09CBC3D CBBC0DFC 6E1B0F71 644004E1
72EE852D 8169EEDE 2BDF7A4A 01705696 30AD6CA8 59C163F6 31EE46B7 C2F0EAD5
02030100 01A36F30 6D300F06 03551D13 0101FF04 05300301 01FF301A 0603551D
11041330 11820F4C 332D5048 4F454E49 58434F52 502E301F 0603551D 23041830
168014A3 8C351A53 F1DB7867 F0171FEE AC0EE876 38CAE730 1D060355 1D0E0416
0414A38C 351A53F1 DB7867F0 171FEEAC 0EE87638 CAE7300D 06092A86 4886F70D
01010405 00038181 00B5FB94 20EC547C 90962FD9 1F675E6F 34D7000B AC167B93
4AFEC67E C0BF6E5D B8442C20 BDFDFCE6 A23E5CDE A7808161 20D2E8DC F0898B55
0B69CE1F 893DDF6D AEF4E646 7B455893 5A12DAE0 F920BB03 BC7B2E9F F7333672
0970F89C 7CC3E792 1A3C5812 2384D23C BBE4E215 0102A1BD 90C4A1C8 B1BCDC09
3889D58C 5803C89C 70
quit
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
description "Uplink to xxxxxxx-Call"
switchport access vlan 102
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
bandwidth 2048
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface Vlan1
ip address 10.10.1.36 255.255.255.0
ip helper-address 10.10.1.36
no ip redirects
!
interface Vlan101
no ip address
!
interface Vlan102
description Inspiredge
ip address 10.10.2.36 255.255.255.0
ip access-group xxx_VLAN102 in
!
interface Vlan103
ip address 10.10.3.36 255.255.255.0
!
interface Vlan104
ip address 10.10.4.36 255.255.255.0
!
interface Vlan105
description voip
ip address 10.10.5.36 255.255.255.0
!
interface Vlan106
ip address 10.10.6.36 255.255.255.0
!
interface Vlan107
ip address 10.10.7.36 255.255.255.0
!
interface Vlan108
ip address 10.10.8.36 255.255.255.0
!
interface Vlan109
ip address 10.10.9.36 255.255.255.0
!
interface Vlan175
description *** xxxx VLAN ***
no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.1.43
ip route 10.10.0.0 255.255.255.0 10.10.1.199
ip route 10.10.25.0 255.255.255.0 10.10.1.35
ip route 10.10.26.0 255.255.255.0 10.10.1.35
ip route 10.10.32.0 255.255.255.0 10.10.1.199
ip route 10.10.33.0 255.255.255.0 10.10.1.199
ip route 10.10.34.0 255.255.255.0 10.10.1.199
ip route 10.10.35.0 255.255.255.0 10.10.1.199
ip route 172.16.20.0 255.255.255.0 10.10.1.35
ip route 192.168.1.0 255.255.255.0 10.10.1.35
ip route 192.168.6.0 255.255.255.0 10.10.1.35
ip route 192.168.99.0 255.255.255.0 10.10.1.35
ip http server
ip http secure-server
!
ip access-list extended TSO_VLAN102
deny ip 10.10.2.0 0.0.0.255 10.10.1.0 0.0.0.255
permit ip any any
!
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
password xxxxxxxxx
login
line vty 5 15
login
!
ntp clock-period 36025048
ntp server xxx.xxx.xxx.xxx
end
L3-#
10.10.0.1 : Remote Location Switch
sh run
xxxxx-VSEZ-CORE#sh running-config
Building configuration...
Current configuration : 7346 bytes
!
! Last configuration change at 11:39:29 IST Wed Mar 20 2013 by phoenixra
! NVRAM config last updated at 13:13:18 IST Fri Mar 15 2013 by phoenixra
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname xxxxxx-xxxx-CORE
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$xTAZ$fYA/jP2oNQaNyupFUIP9t1
!
username xxxxxxxxx privilege 15 secret 5 $1$R/J7$DXXlKRgNcO0M5GiEANt7i1
!
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
aaa session-id common
clock timezone IST 5 30
switch 1 provision ws-c3750x-24
system mtu routing 1500
authentication mac-move permit
ip subnet-zero
ip routing
!
!
!
mls qos map policed-dscp 24 26 46 to 0
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 90 10
mls qos srr-queue input threshold 1 8 16
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 67 33
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0
mls qos srr-queue input cos-map queue 2 threshold 1 2
mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7
mls qos srr-queue input cos-map queue 2 threshold 3 3 5
mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 32
mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48
mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56
mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 138 138 92 138
mls qos queue-set output 1 threshold 2 138 138 92 400
mls qos queue-set output 1 threshold 3 36 77 100 318
mls qos queue-set output 1 threshold 4 20 50 67 400
mls qos queue-set output 2 threshold 1 149 149 100 149
mls qos queue-set output 2 threshold 2 118 118 100 235
mls qos queue-set output 2 threshold 3 41 68 100 272
mls qos queue-set output 2 threshold 4 42 72 100 242
mls qos queue-set output 1 buffers 10 10 26 54
mls qos queue-set output 2 buffers 16 6 17 61
mls qos
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
class-map match-all AutoQoS-VoIP-RTP-Trust
match ip dscp ef
class-map match-all AutoQoS-VoIP-Control-Trust
match ip dscp cs3 af31
!
!
policy-map AutoQoS-Police-SoftPhone
class AutoQoS-VoIP-RTP-Trust
set dscp ef
police 320000 8000 exceed-action policed-dscp-transmit
class AutoQoS-VoIP-Control-Trust
set dscp cs3
police 32000 8000 exceed-action policed-dscp-transmit
!
!
!
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
shutdown
!
interface GigabitEthernet1/0/1
description "Connected to Cyberoam Port A"
switchport access vlan 33
!
interface GigabitEthernet1/0/2
description "Connected to 892 Router"
switchport access vlan 31
bandwidth 100000
duplex full
!
interface GigabitEthernet1/0/3
description TATA-ISP-10Mbps-Uplink
switchport access vlan 40
!
interface GigabitEthernet1/0/4
description xxxx-ISP-10Mbps-Uplink-xxxxx
switchport access vlan 40
!
interface GigabitEthernet1/0/5
switchport access vlan 34
!
interface GigabitEthernet1/0/6
switchport access vlan 34
!
interface GigabitEthernet1/0/7
description "Uplink To TSO-POE"
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
description "TATA-10MBPS-SONICWALL"
switchport access vlan 40
!
interface GigabitEthernet1/0/10
switchport access vlan 32
!
interface GigabitEthernet1/0/11
switchport access vlan 31
!
interface GigabitEthernet1/0/12
switchport access vlan 31
!
interface GigabitEthernet1/0/13
description "Phoenix-Dev 1142"
switchport access vlan 31
!
interface GigabitEthernet1/0/14
switchport access vlan 31
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
switchport access vlan 41
!
interface GigabitEthernet1/0/20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/21
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/22
switchport access vlan 32
!
interface GigabitEthernet1/0/23
description "Unit 1 Uplink to ITES"
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/24
switchport access vlan 31
!
interface GigabitEthernet1/1/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan31
description xxxx-DC
ip address 10.10.0.1 255.255.255.0
!
interface Vlan32
description VSEZ-ITES
ip address 10.10.32.1 255.255.255.0
!
interface Vlan33
description Infrastructure
ip address 10.10.33.1 255.255.255.0
!
interface Vlan34
description xxxxxx
ip address 10.10.34.1 255.255.255.0
!
interface Vlan35
description xxx
ip address 10.10.35.1 255.255.255.0
ip access-group Block_VLAN_35_in in
ip access-group Block_VLAN_35_out out
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.33.5
ip route 10.10.0.0 255.255.255.0 10.10.0.3
ip route 10.10.1.0 255.255.255.0 10.10.0.3
ip route 10.10.5.0 255.255.255.0 10.10.0.3
ip route 10.10.25.0 255.255.255.0 10.10.0.3
ip http server
no ip http secure-server
!
ip access-list extended Block_VLAN_35_in
deny ip 10.10.35.0 0.0.0.255 10.10.32.0 0.0.0.255
deny ip 10.10.35.0 0.0.0.255 10.10.33.0 0.0.0.255
deny ip 10.10.35.0 0.0.0.255 10.10.34.0 0.0.0.255
permit ip any any
ip access-list extended Block_VLAN_35_out
deny ip 10.10.32.0 0.0.0.255 10.10.35.0 0.0.0.255
deny ip 10.10.34.0 0.0.0.255 10.10.35.0 0.0.0.255
permit ip any any
deny ip 10.10.33.0 0.0.0.255 10.10.35.0 0.0.0.255
!
ip sla enable reaction-alerts
!
!
line con 0
line vty 5 15
!
ntp clock-period 36020690
ntp server xxx.xxx.xxx.xxx
end
xxxxxx-VSEZ-CORE#
Traceroute from Corp Office Switch :
C:\Users\xxxxx>tracert 10.10.33.1
Tracing route to 10.10.33.1 over a maximum of 30 hops
1 12 ms 1 ms 1 ms 10.10.1.36
2 2 ms 2 ms 2 ms 10.10.1.199
3 13 ms 11 ms 7 ms 10.10.24.2
4 10 ms 13 ms 10 ms 10.10.33.1
Trace complete.
Tracertroute from Corp Office Switch to Network Device ( Cyberoam) 10.10.33.5 :
C:\Users\xxxxx>tracert 10.10.33.5
racing route to 10.10.33.5 over a maximum of 30 hops
1 1 ms 1 ms 1 ms 10.10.1.36
2 1 ms 1 ms 1 ms 10.10.1.199
3 8 ms 7 ms 7 ms 10.10.24.2
4 14 ms 11 ms 7 ms 10.10.0.1
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.
Trace complete.
Please help me to fix this issue.
Thanks
Hari
03-20-2013 05:00 AM
what is the default gateway of the devices in the 10.10.33.0 network (it should be 10.10.33.1) and for the Cyberoam it should have a route pointing back to the switch (i.e ip route 10.10.1.0 255.255.255.0 10.10.33.1) because it seems that the Cyberoam does not how to respond for the ICMP requests comming from the 10.10.1.0 subnet
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide