02-13-2012 10:33 AM - edited 03-07-2019 04:54 AM
Hi !
There is some very strange Problem which is driving me crazy
recently i bought a dozen of access switches most of them are 2960
when i updated the ios with 12.2(55) SE1 i encountered an error about licensing issues.
It said :
Error Message ILET-1-AUTHENTICATION_FAIL: This
Switch may not
have been
manufactured by Cisco
or with
Cisco's
authorization. This product may contain
...
I objected the seller that these are fake ones but he rejected and sent me the 12.2(58) SE2 ios
and with that ios the message above disappeared.
first of all i like to know your opinion about that
and second problem which is making me crazy
the switch interface vlan can not be pinged from not-direct connected devices.
Assume a very simple scenario
PC1----Sw1-----Sw2-----PC2
all in vlan 1 all up and all in one subnet
PC1 can ping int vlan 1 (on switch 1) and also PC2 but can not ping int vlan 1 ip address on sw2
PC2 can ping sw2 int vlan 1 ip and also pc1 but not sw1
and the switches can not ping int vlan 1 ip address of each other
i configured tens of switches but this is the first time i encounter with this
any thing missing or any strange point in that ?
02-16-2012 10:43 AM
as i said i tried other vlans too and not worked
the pt file is built by myself in few minutes to show that this simple scenario should work and as u see it works in PT.
there is not any complicated thing here just access links between switches and clients and unfortunately switches can not each other interface vlans ..
02-16-2012 11:15 AM
Have you done this on each switch, at this prompt done:
# sh vlan brief (verify all ports are set to access, no trunks as no router)
# sh run (verify your vlan # have unique addresses, same subnet mask and a default-gateway*)
If this is basically the lab 3/3 in Discovery, except not using STP. My students also had an issue.
# conf t
fig)# ip default-gateway #.#.#.# same as your pc's (even though you don't use a router, this command should fix it)
Use the same on both switches.
02-16-2012 11:23 AM
i said on previous posts that although i think and i am sure setting DG is not necessary but i tested that and as i expected it did not fix the problem.
all the hosts and vlan 1 are on same subnet and pcs are directly connected to switches.
i should repeat again that the same scenario is done in the attached PT file and as u see it works
02-16-2012 06:11 PM
Try to add a static arp mapping on PCs
PC-1
arp -s 192.168.x.x mac-address Sw2
PC-2
arp -s 192.168.x.x mac-address Sw1
02-18-2012 06:08 AM
i will try it but just another thing that may help
one switches does not receive the others CDP packets !! and so does not show it as its neighbor
and the other switch which can send and receive cdp packests show arp : say incomplete for the other switch !
02-16-2012 06:30 PM
Try to check your subnets, maybe it belong to another else.
02-18-2012 03:27 PM
Let me understand your issue ...
You want to ping multiple IP address of multiple interface VLAN?
There's a little workaround. Upgrade to 12.2(55)SE3 (or later) and enable IP Routing.
02-18-2012 08:52 PM
Thanks But This is the issue. i do not need routing on 2960 (which i know can be done with changing SDM to lan routing and using IOS 12.2(55) and above
i just want one interface vlan to be pinged from another switch interface vlan (Assume Just are interface vlan 1)
as i upgraded to 12.2(58) se 2 the above message about "switch may has not been manufactured by cisco ...." went away
but the ping is still a problem (show arp is incomplete and ...)
Just an update :
I resetted 3 of switches to factory settings. two of them now can ping each other interface vlan but the third cant
again cdp is not received and the other switch shows incomplete in arp table
maybe the switches have a problem
02-19-2012 11:28 AM
Mohammed,
I had the misfortune to be working on some 3560's that were found to be fake in our office in china, they gave odd issues too. Does the serial number look good? On one of ours the serial number was manipulated....
Sent from Cisco Technical Support iPad App
02-20-2012 08:27 PM
These Guys can even make fake serial numbers
i mean they copy some original serial number and print it on a lablle and stick it on a fake switch
but anyway can you tell me the best way to find if the switch is fake or not ?
anything in hardware any site for serial check or ...
03-08-2012 08:46 AM
Hello Again,
Richard Pasztor 34 posts since Sep 26, 2010
Currently Being Moderated
Hi all,
I had a very disappointed experience today during the planned upgrade on my 2960 to IOS version 12.2(58)SE2 after business hours. We have a small office with 3x 2960 and a couple of 2950. There is a single 2960 called as the "central" as its the STP root, and most other switches are directly connected to the central. The remaining switches are conected to one of the switches conneting to the central.
I tested the aforementioned IOS on 2x 2960 las t week, but did not upgrade the central one. The 2x switches ran fine for a week, so I decided to upgrade the central one: basically it was a disaster. After the restart, the central became immediately unavailable via SSH (though admin IP pingable). I connected to the console, and realized that even console does not work, as I received the error message: "Low memory", and the console session could not be started. I restarted the switch once again (had to cut the power) and this time I managed to connect via the serial: the free memory was approx 2 MB, though its was over 5 MB if running 12.2(55)SE1. After 1-2 mins, free memory decreased down to 1.8 megs. SSH was still not functioning. At this time, fearing of a sudden memory leak during the night, I had to rollback to the previous version.
My config is quite simple: RSTP root, DHCP snooping, 1 LACP etherchannel, only 5x VLANs with VTP server, MOTD and BANNER (yeah I know its a risky feature since the previous IOS) I wonder what can be the problem here?
I have attached the running config of the central 2960 (removed some sensitive entries)
Currently Being Moderated
Sep 7, 2011 2:51 PM (in response to Richard Pasztor)
12.2(58)SE2 on a 2960 cause memory leaksHi,
There is a bug raised for this issue and it is in assigned to a Development engineer now.
As of now i cannot share the bug id with you, since it is internal to cisco.
Symptomps:
===========
When booting a 2960 with 64Mb of DRAM a low memory error can be observed under certain
circumstances when running 12.2(58)SE or later This will prevent acess to the console/ssh/telnet of the switch.
++ As a workaround we need to downgrade the IOS until the bug is fixed.
Hope this helps.
Cheers
Somu
Rate helpful posts
Try a downgrade and see if it works. Also, how much memory do you have, both DRAM and flash?
Sincerely,
Randy
03-08-2012 09:18 AM
Unfortunately My Problem Still Exists
It has run me completely mad
the seller does not accept that switches have a problem and the switches can not ping each other and one of them does not send cdp packets and ...
i am very mad with this
i will be thankful if anyone can help or one of cisco guys tell us if it is a bug and it is under research to solve it
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide