cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1176
Views
0
Helpful
3
Replies

Unable to Ping OUTSIDE from any source VLAN from Switch 2 (2 3650's)

Marquise09
Level 1
Level 1

Hello All,

 

I've installed 2 3560's in a environment to implement redundancy and better increase their network performance. Ive successfully configured both switches with  baseline configurations, created port channel between the two, and I also implemented HSRP on the uplinks to the Sonicwall firewall to provide redundancy. Here's the issue when I try to ping outside (8.8.8.8) from switch 20 from a source VLAN 20 from switch two  I get no replies, but when I do a normal ping 8.8.8.8 from the switch I can get out. This all stemmed from when I was testing and I connected a host to switch one and done a ping I got the error (reply from 192.168.20.2: Destination Net Unreachable) but when I disconnected the port channel it worked. I know for a fact it's something screwed up with switch two I just dont know what. Below are my configs for switch 1 and 2. Thanks for all the advice. 

PS: It was doing this with and without the ACL's applied, btw

SWITCH 1 Config:
Current configuration : 18963 bytes
!
! Last configuration change at 17:16:05 UTC Sat Oct 28 2017 by synadmin
!
version 16.3

vrf definition Mgmt-vrf
!
address-family ipv4
exit-address
!
no aaa new-model
facility-alarm critical exceed-action shutdown
switch 1 provision ws-c3650-48ps
!
!
!
!
ip routing
!
!
!

no ip domain lookup
!
crypto pki trustpoint TP-self-signed-3915501769
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3915501769
revocation-check none
rsakeypair TP-self-signed-391550176
license boot level ipbasek9
diagnostic bootup level minimal
spanning-tree mode rapid-pvst
spanning-tree logging
spanning-tree extend system-id
!
redundancy
mode sso
!
!
track 1 interface GigabitEthernet1/0/3 line-protocol
!
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, SGT Cache Full, LOGGING
class-map match-any system-cpp-default
description DHCP snooping, show forward and rest of traffic
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-control-low-priority
description ICMP redirect and general punt
class-map match-any system-cpp-police-wireless-priority1
description Wireless priority 1
class-map match-any system-cpp-police-wireless-priority2
description Wireless priority 2
class-map match-any system-cpp-police-wireless-priority3-4-5
description Wireless priority 3,4 and 5
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
policy-map system-cpp-policy
class system-cpp-police-data
police rate 200 pps
class system-cpp-police-sys-data
police rate 100 pps
class system-cpp-police-sw-forward
police rate 1000 pps
class system-cpp-police-multicast
police rate 500 pps
class system-cpp-police-multicast-end-station
police rate 2000 pps
class system-cpp-police-punt-webauth
class system-cpp-police-l2-control
class system-cpp-police-routing-control
police rate 1800 pps
class system-cpp-police-control-low-priority
class system-cpp-police-wireless-priority1
class system-cpp-police-wireless-priority2
class system-cpp-police-wireless-priority3-4-5
class system-cpp-police-topology-control
class system-cpp-police-dot1x-auth
class system-cpp-police-protocol-snooping
class system-cpp-police-forus
class system-cpp-default
!
!
!
!
!
!
!
!

interface Port-channel1
switchport trunk native vlan 777
switchport trunk allowed vlan 20,21,31,40,50,60,70,80,90,100,110,130
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
description Port-channel-uplink-to-ENS-SYN-VA-SW2
switchport trunk native vlan 777
switchport trunk allowed vlan 20,21,31,40,50,60,70,80,90,100,110,130
switchport mode trunk
switchport nonegotiate
channel-protocol pagp
channel-group 1 mode auto non-silent
!
interface GigabitEthernet1/0/2
description Port-channel-uplink-to-ENS-SYN-VA-SW2
switchport trunk native vlan 777
switchport trunk allowed vlan 20,21,31,40,50,60,70,80,90,100,110,130
switchport mode trunk
switchport nonegotiate
channel-protocol pagp
channel-group 1 mode auto non-silent
!
interface GigabitEthernet1/0/3
no switchport
ip address 10.0.0.2 255.255.255.252
!
interface GigabitEthernet1/0/4
description IP_Cameras-ENS-SYN-VA-SW1
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/5
description IP_Cameras-ENS-SYN-VA-SW1
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/6
description IP_Cameras-ENS-SYN-VA-SW1
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/7
description IP_Cameras-ENS-SYN-VA-SW1
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 40
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/9
description Network_Tools-ENS-SYN-VA-SW1
switchport access vlan 21
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/10
description Network_Tools-ENS-SYN-VA-SW1
switchport access vlan 21
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 40
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/12
description IT_Services-ENS-SYN-VA-SW1
switchport access vlan 31
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/13
description IT_Services-ENS-SYN-VA-SW1
switchport access vlan 31
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/14
description IT_Services-ENS-SYN-VA-SW1
switchport access vlan 31
switchport mode access
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
description Management-ENS-SYN-VA-SW1
switchport access vlan 80
switchport mode access
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
description Wireless-ENS-SYN-VA-SW1
switchport access vlan 100
switchport mode access
!
interface GigabitEthernet1/0/19
description Wireless-ENS-SYN-VA-SW1
switchport access vlan 100
switchport mode access
!
interface GigabitEthernet1/0/20
description Wireless-ENS-SYN-VA-SW1
switchport access vlan 100
switchport mode access
!
interface GigabitEthernet1/0/21
description Wireless-ENS-SYN-VA-SW1
switchport access vlan 100
switchport mode access
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
!
interface GigabitEthernet1/0/48
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface Vlan1
no ip address
shutdown
!
interface Vlan20
ip address 192.168.20.3 255.255.255.0
ip helper-address 10.0.0.1
standby 20 ip 192.168.20.1
standby 20 preempt
standby 20 track 1 decrement 10
!
interface Vlan21
ip address 192.168.21.2 255.255.255.0
ip helper-address 10.0.0.1
ip access-group Zelda in
standby 21 ip 192.168.21.1
standby 21 priority 110
standby 21 preempt
standby 21 track 1 decrement 15
!
interface Vlan31
ip address 192.168.31.2 255.255.255.0
ip helper-address 10.0.0.1
standby 31 ip 192.168.31.1
standby 31 priority 110
standby 31 preempt
standby 31 track 1 decrement 15
!
interface Vlan40
ip address 192.168.40.3 255.255.255.0
ip helper-address 10.0.0.1
ip access-group ISR_Servers in
standby 40 ip 192.168.40.1
standby 40 preempt
standby 40 track 1 decrement 10
!
interface Vlan50
ip address 192.168.50.3 255.255.255.0
ip helper-address 10.0.0.1
ip access-group Prisms_Server in
standby 50 ip 192.168.50.1
standby 50 preempt
standby 50 track 1 decrement 10
!
interface Vlan60
ip address 192.168.60.2 255.255.255.0
ip helper-address 10.0.0.1
standby 60 ip 192.168.60.1
standby 60 priority 110
standby 60 preempt
standby 60 track 1 decrement 15
!
interface Vlan70
ip address 192.168.70.3 255.255.255.0
ip helper-address 10.0.0.1
ip access-group IGIS_LicenseServers in
standby 70 ip 192.168.70.1
standby 70 preempt
standby 70 track 1 decrement 10
!
interface Vlan80
ip address 192.168.80.2 255.255.255.0
ip helper-address 10.0.0.1
standby 80 ip 192.168.80.1
standby 80 priority 110
standby 80 preempt
standby 80 track 1 decrement 15
!
interface Vlan90
ip address 192.168.90.3 255.255.255.0
ip helper-address 10.0.0.1
standby 90 ip 192.168.90.1
standby 90 preempt
standby 90 track 1 decrement 10
!
interface Vlan100
ip address 192.168.100.2 255.255.255.0
ip helper-address 10.0.0.1
standby 100 ip 192.168.100.1
standby 100 priority 110
standby 100 preempt
standby 100 track 1 decrement 15
!
interface Vlan110
ip address 192.168.110.3 255.255.255.0
ip helper-address 10.0.0.1
standby 110 ip 192.168.110.1
standby 110 preempt
standby 110 track 1 decrement 10
!
interface Vlan130
ip address 192.168.130.2 255.255.255.0
ip helper-address 10.0.0.1
standby 130 ip 192.168.130.1
standby 130 priority 110
standby 130 preempt
standby 130 track 1 decrement 15
!
router ospf 100
router-id 192.168.80.2
redistribute connected subnets
redistribute static subnets
passive-interface default
no passive-interface Vlan80
no passive-interface GigabitEthernet1/0/3
no passive-interface Port-channel1
network 10.0.0.0 0.0.0.3 area 0
network 192.168.80.0 0.0.0.255 area 0
network 192.168.0.0 0.0.255.255 area 1
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
permit tcp any any eq 22
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq 995
permit tcp any any eq 1914
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq smtp
permit tcp any any eq pop3
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
permit udp any any range 16384 32767
permit tcp any any range 50000 59999
ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any range 6881 6999
permit tcp any any range 28800 29100
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any eq 11999
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
permit tcp any any eq 1527
permit tcp any any eq 6200
permit tcp any any eq 3389
permit tcp any any eq 5985
permit tcp any any eq 8080
ip access-list extended Crystal_Castle
remark Primary Domain Controller
permit tcp any host 192.168.241.253
ip access-list extended Gauntlet
remark Gauntlet - Tape Backup
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.27 log
ip access-list extended IGIS_LicenseServers
remark IGIS LicenseServers - IGIS ArcGIS License Servers
permit udp any host 224.0.0.2
remark IGIS LicenseServers - IGIS ArcGIS License Servers
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.82 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.222 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.70.11 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.70.12 log
permit tcp 192.168.70.0 0.0.0.255 any
ip access-list extended ISR_Servers
remark ISR Servers
permit udp any host 224.0.0.2
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.251 log
permit tcp 192.168.70.0 0.0.0.255 host 192.168.241.251 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.249 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.33 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.58 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.76 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.30 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.31 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.41 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.37 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.53 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.34 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.243 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.11 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.12 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.13 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.14 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.15 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.16 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.17 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.18 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.19 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.20 log
permit tcp 192.168.31.0 0.0.0.255 any
permit tcp 192.168.40.0 0.0.0.255 any
ip access-list extended Prisms_Server
remark Prisms Server access
permit udp any host 224.0.0.2
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.230 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.160 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.37 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.21 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.22 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.25 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.11 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.12 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.13 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.14 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.15 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.16 log
permit tcp 192.168.31.0 0.0.0.255 any
permit tcp 192.168.50.0 0.0.0.255 any
ip access-list extended Zelda
remark Zelda - Acronis Backup Server & Spiceworks Server
permit udp any host 224.0.0.2
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.252 log
permit tcp 192.168.21.0 0.0.0.255 host 192.168.241.252 log
permit tcp 192.168.21.0 0.0.0.255 host 192.168.21.11 log
permit tcp 192.168.21.0 0.0.0.255 any
remark Zelda - Acronis Backup Server & Spiceworks Server
!
!
!
control-plane
service-policy input system-cpp-policy
!
!

line con 0
logging synchronous
login local
stopbits 1
line aux 0
stopbits 1
line vty 0 4
logging synchronous
login local
transport input ssh
line vty 5 15
login
!
!
!
!
!
!
!
ap dot11 airtime-fairness policy-name Default 0
ap group default-group
ap hyperlocation ble-beacon 0
ap hyperlocation ble-beacon 1
ap hyperlocation ble-beacon 2
ap hyperlocation ble-beacon 3
ap hyperlocation ble-beacon 4
end

 

 

SWITCH 2 Config:


version 16.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no platform punt-keepalive disable-kernel-core
!
hostname ENS-SYN-VA-SW2
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered warnings

no aaa new-model
facility-alarm critical exceed-action shutdown
switch 1 provision ws-c3650-48ps
!ip routing
!

no ip domain lookup
!
crypto pki trustpoint TP-self-signed-3279604794
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3279604794
revocation-check none
rsakeypair TP-self-signed-3279604794
!
!
quit


license boot level ipbasek9
diagnostic bootup level minimal
spanning-tree mode rapid-pvst
spanning-tree logging
spanning-tree extend system-id
!
!

!
redundancy
mode sso
!
!
track 1 interface GigabitEthernet1/0/3 line-protocol
!
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, SGT Cache Full, LOGGING
class-map match-any system-cpp-default
description DHCP snooping, show forward and rest of traffic
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-control-low-priority
description ICMP redirect and general punt
class-map match-any system-cpp-police-wireless-priority1
description Wireless priority 1
class-map match-any system-cpp-police-wireless-priority2
description Wireless priority 2
class-map match-any system-cpp-police-wireless-priority3-4-5
description Wireless priority 3,4 and 5
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
policy-map system-cpp-policy
class system-cpp-police-data
police rate 200 pps
class system-cpp-police-sys-data
police rate 100 pps
class system-cpp-police-sw-forward
police rate 1000 pps
class system-cpp-police-multicast
police rate 500 pps
class system-cpp-police-multicast-end-station
police rate 2000 pps
class system-cpp-police-punt-webauth
class system-cpp-police-l2-control
class system-cpp-police-routing-control
police rate 1800 pps
class system-cpp-police-control-low-priority
class system-cpp-police-wireless-priority1
class system-cpp-police-wireless-priority2
class system-cpp-police-wireless-priority3-4-5
class system-cpp-police-topology-control
class system-cpp-police-dot1x-auth
class system-cpp-police-protocol-snooping
class system-cpp-police-forus
class system-cpp-default
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
description Port-channel-uplink-to-ENS-SYN-VA-SW1
switchport trunk native vlan 777
switchport trunk allowed vlan 20,21,31,40,50,60,70,80,90,100,110,130
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
description Port-channel-uplink-to-ENS-SYN-VA-SW1
switchport trunk native vlan 777
switchport trunk allowed vlan 20,21,31,40,50,60,70,80,90,100,110,130
switchport mode trunk
switchport nonegotiate
channel-protocol pagp
channel-group 1 mode desirable
!
interface GigabitEthernet1/0/2
description Port-channel-uplink-to-ENS-SYN-VA-SW1
switchport trunk native vlan 777
switchport trunk allowed vlan 20,21,31,40,50,60,70,80,90,100,110,130
switchport mode trunk
switchport nonegotiate
channel-protocol pagp
channel-group 1 mode desirable
!
interface GigabitEthernet1/0/3
description Uplink-to-SonicWall-TZ500
no switchport
ip address 10.0.0.6 255.255.255.252
!
interface GigabitEthernet1/0/4
switchport access vlan 20
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security mac-address sticky a44c.c846.9618
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/18
switchport access vlan 40
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/19
switchport access vlan 50
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/20
switchport access vlan 50
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/21
switchport access vlan 60
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/22
switchport access vlan 60
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/23
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/24
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/25
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/26
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/27
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/29
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/30
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/31
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/32
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/33
switchport access vlan 70
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/34
switchport access vlan 90
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/35
switchport access vlan 90
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/36
switchport access vlan 90
switchport mode access
switchport voice vlan 130
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security
spanning-tree portfast
!
interface GigabitEthernet1/0/37
shutdown
!
interface GigabitEthernet1/0/38
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/39
shutdown
!
interface GigabitEthernet1/0/40
shutdown
!
interface GigabitEthernet1/0/41
shutdown
!
interface GigabitEthernet1/0/42
shutdown
!
interface GigabitEthernet1/0/43
shutdown
!
interface GigabitEthernet1/0/44
shutdown
!
interface GigabitEthernet1/0/45
shutdown
!
interface GigabitEthernet1/0/46
shutdown
!
interface GigabitEthernet1/0/47
shutdown
!
interface GigabitEthernet1/0/48
shutdown
!
interface GigabitEthernet1/1/1
shutdown
!
interface GigabitEthernet1/1/2
shutdown
!
interface GigabitEthernet1/1/3
shutdown
!
interface GigabitEthernet1/1/4
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan20
ip address 192.168.20.2 255.255.255.0
ip helper-address 10.0.0.5
ip access-group Zelda in
standby 0 priority 110
standby 20 ip 192.168.20.1
standby 20 priority 110
standby 20 preempt
standby 20 track 1 decrement 15
!
interface Vlan21
ip address 192.168.21.3 255.255.255.0
ip helper-address 10.0.0.5
ip access-group Zelda in
standby 21 ip 192.168.21.1
standby 21 preempt
standby 21 track 1 decrement 10
!
interface Vlan31
ip address 192.168.31.3 255.255.255.0
ip helper-address 10.0.0.5
standby 31 ip 192.168.31.1
standby 31 priority 110
standby 31 preempt
standby 31 track 1 decrement 10
!
interface Vlan40
ip address 192.168.40.2 255.255.255.0
ip helper-address 10.0.0.5
ip access-group ISR_Servers in
standby 40 ip 192.168.40.1
standby 40 priority 110
standby 40 preempt
standby 40 track 1 decrement 15
!
interface Vlan50
ip address 192.168.50.2 255.255.255.0
ip helper-address 10.0.0.5
ip access-group Prisms_Server in
standby 50 ip 192.168.50.1
standby 50 priority 110
standby 50 preempt
standby 50 track 1 decrement 15
!
interface Vlan60
ip address 192.168.60.3 255.255.255.0
ip helper-address 10.0.0.5
standby 60 ip 192.168.60.1
standby 60 preempt
standby 60 track 1 decrement 10
!
interface Vlan70
ip address 192.168.70.2 255.255.255.0
ip helper-address 10.0.0.5
ip access-group IGIS_LicenseServers in
standby 70 ip 192.168.70.1
standby 70 priority 110
standby 70 preempt
standby 70 track 1 decrement 15
!
interface Vlan80
ip address 192.168.80.3 255.255.255.0
ip helper-address 10.0.0.5
standby 80 ip 192.168.80.1
standby 80 preempt
standby 80 track 1 decrement 10
!
interface Vlan90
ip address 192.168.90.2 255.255.255.0
ip helper-address 10.0.0.5
standby 90 ip 192.168.90.1
standby 90 priority 110
standby 90 preempt
standby 90 track 1 decrement 15
!
interface Vlan100
ip address 192.168.100.3 255.255.255.0
ip helper-address 10.0.0.5
standby 100 ip 192.168.100.1
standby 100 preempt
standby 100 track 1 decrement 10
!
interface Vlan110
ip address 192.168.110.2 255.255.255.0
ip helper-address 10.0.0.5
standby 110 ip 192.168.110.1
standby 110 priority 110
standby 110 preempt
standby 110 track 1 decrement 15
!
interface Vlan130
ip address 192.168.130.3 255.255.255.0
ip helper-address 10.0.0.5
standby 130 ip 192.168.130.1
standby 130 preempt
standby 130 track 1 decrement 10
!
router ospf 100
router-id 192.168.80.3
redistribute connected subnets
redistribute static subnets
passive-interface default
no passive-interface Vlan80
no passive-interface GigabitEthernet1/0/3
no passive-interface Port-channel1
network 10.0.0.0 0.0.0.3 area 0
network 10.0.0.4 0.0.0.3 area 0
network 192.168.80.0 0.0.0.255 area 0
!
ip forward-protocol nd
ip http server
ip http secure-server
!
!
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
permit tcp any any eq 22
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq 995
permit tcp any any eq 1914
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq smtp
permit tcp any any eq pop3
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
permit udp any any range 16384 32767
permit tcp any any range 50000 59999
ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any range 6881 6999
permit tcp any any range 28800 29100
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any eq 11999
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
permit tcp any any eq 1527
permit tcp any any eq 6200
permit tcp any any eq 3389
permit tcp any any eq 5985
permit tcp any any eq 8080
ip access-list extended Crystal_Castle
remark Primary Domain Controller
permit tcp any host 192.168.241.253
ip access-list extended Gauntlet
remark Gauntlet - Tape Backup
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.27 log
ip access-list extended IGIS_LicenseServers
remark IGIS LicenseServers - IGIS ArcGIS License Servers
permit udp any host 224.0.0.2
remark IGIS LicenseServers - IGIS ArcGIS License Servers
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.82 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.222 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.70.11 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.70.12 log
permit tcp 192.168.70.0 0.0.0.255 any
ip access-list extended ISR_Servers
remark ISR Servers
permit udp any host 224.0.0.2
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.251 log
permit tcp 192.168.70.0 0.0.0.255 host 192.168.241.251 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.249 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.33 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.58 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.76 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.30 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.31 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.41 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.37 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.53 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.34 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.243 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.11 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.12 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.13 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.14 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.15 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.16 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.17 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.18 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.19 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.20 log
permit tcp 192.168.31.0 0.0.0.255 any
permit tcp 192.168.40.0 0.0.0.255 any
ip access-list extended Prisms_Server
remark Prisms Server access
permit udp any host 224.0.0.2
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.230 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.160 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.37 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.21 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.22 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.25 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.11 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.12 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.13 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.14 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.15 log
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.16 log
permit tcp 192.168.31.0 0.0.0.255 any
permit tcp 192.168.50.0 0.0.0.255 any
ip access-list extended Zelda
remark Zelda - Acronis Backup Server & Spiceworks Server
permit udp any host 224.0.0.2
permit tcp 192.168.31.0 0.0.0.255 host 192.168.241.252 log
permit tcp 192.168.21.0 0.0.0.255 host 192.168.241.252 log
permit tcp 192.168.21.0 0.0.0.255 host 192.168.21.11 log
permit tcp 192.168.21.0 0.0.0.255 any
remark Zelda - Acronis Backup Server & Spiceworks Server
!
!
!
control-plane
service-policy input system-cpp-policy

line con 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login local
line vty 5 15
login local
!
!
!
!
!
!
!
ap dot11 airtime-fairness policy-name Default 0
ap group default-group
ap hyperlocation ble-beacon 0
ap hyperlocation ble-beacon 1
ap hyperlocation ble-beacon 2
ap hyperlocation ble-beacon 3
ap hyperlocation ble-beacon 4
end

 

3 Replies 3

Hi,

Please post the output of 'sh ip route', and 'sh standby brief'. Could you also run 'traceroute' to 8.8.8.8 with source interface vlan20 and post here?

HTH,
Meheretab
HTH,
Meheretab

Switch One " SHow ip route":

O*E2 0.0.0.0/0 [110/10] via 10.0.0.1, 21:40:07, GigabitEthernet1/0/3
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.0.0.0/30 is directly connected, GigabitEthernet1/0/3
L 10.0.0.2/32 is directly connected, GigabitEthernet1/0/3
O 10.0.0.4/30 [110/2] via 192.168.80.3, 21:39:57, Vlan80
[110/2] via 10.0.0.1, 21:40:07, GigabitEthernet1/0/3
50.0.0.0/30 is subnetted, 1 subnets
O E2 50.226.127.116 [110/20] via 10.0.0.1, 21:40:07, GigabitEthernet1/0/3
192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.20.0/24 is directly connected, Vlan20
L 192.168.20.3/32 is directly connected, Vlan20
192.168.21.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.21.0/24 is directly connected, Vlan21
L 192.168.21.2/32 is directly connected, Vlan21
192.168.31.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.31.0/24 is directly connected, Vlan31
L 192.168.31.2/32 is directly connected, Vlan31
192.168.40.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.40.0/24 is directly connected, Vlan40
L 192.168.40.3/32 is directly connected, Vlan40
192.168.50.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.50.0/24 is directly connected, Vlan50
L 192.168.50.3/32 is directly connected, Vlan50
192.168.60.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.60.0/24 is directly connected, Vlan60
L 192.168.60.2/32 is directly connected, Vlan60
192.168.70.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.70.0/24 is directly connected, Vlan70
L 192.168.70.3/32 is directly connected, Vlan70
192.168.80.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.80.0/24 is directly connected, Vlan80
L 192.168.80.2/32 is directly connected, Vlan80
192.168.90.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.90.0/24 is directly connected, Vlan90
L 192.168.90.3/32 is directly connected, Vlan90
192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.100.0/24 is directly connected, Vlan100
L 192.168.100.2/32 is directly connected, Vlan100
O E2 192.168.110.0/24 [110/20] via 192.168.80.3, 09:39:19, Vlan80
192.168.130.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.130.0/24 is directly connected, Vlan130
L 192.168.130.2/32 is directly connected, Vlan130
O E2 192.168.241.0/24 [110/20] via 10.0.0.1, 21:40:07, GigabitEthernet1/0/3

 


Show Standby Brief Switch 1

Interface Grp Pri P State Active Standby Virtual IP
Vl20 20 100 P Standby 192.168.20.2 local 192.168.20.1
Vl21 21 110 P Active local 192.168.21.3 192.168.21.1
Vl31 31 110 P Standby 192.168.31.3 local 192.168.31.1
Vl40 40 100 P Standby 192.168.40.2 local 192.168.40.1
Vl50 50 100 P Standby 192.168.50.2 local 192.168.50.1
Vl60 60 110 P Active local 192.168.60.3 192.168.60.1
Vl70 70 100 P Standby 192.168.70.2 local 192.168.70.1
Vl80 80 110 P Active local 192.168.80.3 192.168.80.1
Vl90 90 100 P Standby 192.168.90.2 local 192.168.90.1
Vl100 100 110 P Active local 192.168.100.3 192.168.100.1
Vl110 110 100 P Init unknown unknown 192.168.110.1
Vl130 130 110 P Active local 192.168.130.3

 

Traceroute Results Switch one :

2 68.86.204.221 2 msec 3 msec 2 msec
3 68.86.204.217 3 msec 3 msec 4 msec
4 68.86.90.57 5 msec 6 msec 5 msec
5 68.86.86.34 5 msec 4 msec 3 msec
6 50.242.150.138 4 msec
96.87.8.186 4 msec 5 msec
7 * * *
8 66.249.95.20 6 msec
72.14.233.20 4 msec 5 msec
9 216.239.59.103 5 msec
108.177.3.19 4 msec
209.85.252.23 4 msec
10 8.8.8.8 4 msec 5 msec 4 msec

 

Switch 2 "show ip route"


O*E2 0.0.0.0/0 [110/10] via 10.0.0.5, 09:45:19, GigabitEthernet1/0/3
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O 10.0.0.0/30 [110/2] via 192.168.80.2, 09:45:19, Vlan80
[110/2] via 10.0.0.5, 09:45:19, GigabitEthernet1/0/3
C 10.0.0.4/30 is directly connected, GigabitEthernet1/0/3
L 10.0.0.6/32 is directly connected, GigabitEthernet1/0/3
50.0.0.0/30 is subnetted, 1 subnets
O E2 50.226.127.116 [110/20] via 10.0.0.5, 09:45:19, GigabitEthernet1/0/3
192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.20.0/24 is directly connected, Vlan20
L 192.168.20.2/32 is directly connected, Vlan20
192.168.21.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.21.0/24 is directly connected, Vlan21
L 192.168.21.3/32 is directly connected, Vlan21
192.168.31.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.31.0/24 is directly connected, Vlan31
L 192.168.31.3/32 is directly connected, Vlan31
192.168.40.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.40.0/24 is directly connected, Vlan40
L 192.168.40.2/32 is directly connected, Vlan40
192.168.50.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.50.0/24 is directly connected, Vlan50
L 192.168.50.2/32 is directly connected, Vlan50
192.168.60.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.60.0/24 is directly connected, Vlan60
L 192.168.60.3/32 is directly connected, Vlan60
192.168.70.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.70.0/24 is directly connected, Vlan70
L 192.168.70.2/32 is directly connected, Vlan70
192.168.80.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.80.0/24 is directly connected, Vlan80
L 192.168.80.3/32 is directly connected, Vlan80
192.168.90.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.90.0/24 is directly connected, Vlan90
L 192.168.90.2/32 is directly connected, Vlan90
192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.100.0/24 is directly connected, Vlan100
L 192.168.100.3/32 is directly connected, Vlan100
192.168.110.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.110.0/24 is directly connected, Vlan110
L 192.168.110.2/32 is directly connected, Vlan110
192.168.130.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.130.0/24 is directly connected, Vlan130
L 192.168.130.3/32 is directly connected, Vlan130
O E2 192.168.241.0/24 [110/20] via 10.0.0.5, 09:45:19, GigabitEthernet1/0/3

Switch 2 Show standby brief
Interface Grp Pri P State Active Standby Virtual IP
Vl20 20 110 P Active local 192.168.20.3 192.168.20.1
Vl21 21 100 P Standby 192.168.21.2 local 192.168.21.1
Vl31 31 110 P Active local 192.168.31.2 192.168.31.1
Vl40 40 110 P Active local 192.168.40.3 192.168.40.1
Vl50 50 110 P Active local 192.168.50.3 192.168.50.1
Vl60 60 100 P Standby 192.168.60.2 local 192.168.60.1
Vl70 70 110 P Active local 192.168.70.3 192.168.70.1
Vl80 80 100 P Standby 192.168.80.2 local 192.168.80.1
Vl90 90 110 P Active local 192.168.90.3 192.168.90.1
Vl100 100 100 P Standby 192.168.100.2 local 192.168.100.1
Vl110 110 110 P Active local unknown 192.168.110.1
Vl130 130 100 P Standby 192.168.130.2 local 192.168.130.1

 

 

ENS-SYN-VA-SW2#traceroute 8.8.8.8 source vlan 20
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 * * *
2 * * *
3 * * *

 

ENS-SYN-VA-SW2#traceroute 8.8.8.8
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1
2 68.86.204.221 2 msec 3 msec 3 msec
3 68.86.204.217 3 msec 3 msec 2 msec
4 68.86.90.57 4 msec 5 msec 5 msec
5 68.86.86.34 4 msec 5 msec 4 msec
7 * * *
8 72.14.235.32 10 msec
72.14.234.134 7 msec
72.14.233.20 5 msec
9 108.170.229.69 4 msec
209.85.247.197 5 msec
209.85.255.45 5 msec
10 8.8.8.8 4 msec 5 msec 4 msec

Hello

Your advertising vlan 80 for OSPF peering, From what I can see it doesn't seem required

Try advertising your vlans in the ospf as connected  with their correct subnets and not as a /16 and not redistribute them.

Lasty have both switches advertise the same networks as presently they are not.

 

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Review Cisco Networking for a $25 gift card