Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4113
Views
11
Helpful
7
Replies

9800-CL with VLAN Interfaces - No Communication possible

Go to solution
Dominik_
Level 1
Level 1

‎06-25-2021 07:31 AM - edited ‎07-02-2021 09:36 PM

Hey Community, 

 

I deployed a 9800-CL to an internal network. 

It was provisioned with the .ova file. 

In total i have 3 interfaces 

the plan was: 

 

Gi1 -> Wireless Management as Access Port 

Gi2 -> VLAN for SSID as Access Port 

Gi3 -> Redundancy 

 

Gi1 was removed from SP Interface configuration 

Software is 17.3.2a. 

 

Now i started to configure the controller and i'm facing the problems: 

I started with Gi1 to make it reachable and 

configured as follows: 

Gi1 

switchport mode access 

switchport access vlan 123

no negotiation auto

speed 10000

no mop sysid

no mop enabled

!

vlan 123 

name Management

!

int vlan 123 

ip address 192.168.254.254 255.255.255.0 

ip route 0.0.0.0 0.0.0.0 192.168.254.254 

 

The Controller cannot communicate - but if i try to ping something inside the network i see the packet incoming and the response is also there but it's not reaching the controller. 

 

 

Does anybody have a hint why this is not working

 

I verified with routed interface but this is not usable since i cannot use routed interface for an ssid. 

 

 

Edit: 

Forgot to mention - we moved this vSwitch also to the Gi2 and tried the same configuration with the same result. 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Dominik_
Level 1
Level 1

‎07-07-2021 08:19 AM

Issue is solved. 

Key of our problem was that promiscous mode was not enabled. 

Now Cluster is up and running and serving clients. 

 

@Scott Fella 

"these are hard set for a specific use.  Management and wireless management is on G2 unless you for some reason need OOB for management, which I don't see why on a VM" 

 

This is not correct - when in the OVA the management was not set the interface can be used for prod traffic as well. 

What we now have is: 


G1 ->  Outside 

G2 -> Wireless Inside

G3 -> Redundancy 

 

And it is working fine. 

So our problem was the promiscous mode.

View solution in original post

7 Replies 7

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎06-25-2021 08:20 AM - edited ‎06-25-2021 08:23 AM

Here is my 2cents.... I never use G1 for OOB, I only use G2 for everything and G3 if I want to deploy SSO, or else I don't even use that for N+1.  Also, if you want to use all or any of these three interfaces, you need a separate vSwitch for each.  

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Dominik_
Level 1
Level 1
In response to Scott Fella

‎06-25-2021 08:36 AM

Hi Scott, 

 

is it possible to reuse the Gi1 in that case? - i don't want to use it for OOB. 

 

Basically we have three vswitches 

 

Vnic1 -> Uplink to network (used as Wireless management) 

Vnic2 -> Uplink to SSID-network 

Vnic3 -> SSO 

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Dominik_

‎06-25-2021 08:38 AM

No... these are hard set for a specific use.  Management and wireless management is on G2 unless you for some reason need OOB for management, which I don't see why on a VM.

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Dominik_
Level 1
Level 1
In response to Scott Fella

‎06-25-2021 08:51 AM

Ok - we reset the setup as follows: 
Gi1 disconnected 

Gi2 Access Vlan 123 

 

Even in that way i don't get any traffic towards the SVI of the controller. 

 

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Dominik_

‎06-25-2021 09:07 AM

I would go through the deployment guide again and also take a look at some blogs that are out there for the 9800-CL.Also make sure that in the vSwitch you have accept Promiscuous Mode and Forged Transmits.  Take a look at what you have had configured and make sure you cleared everything out also.  If you can't ping the gateway from the CLI, then you have an configuration setting issue.  Might be easier to spin up another VM and go through the setup again.  Doesn't take that long.

-Scott
*** Please rate helpful posts ***

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Dominik_

‎06-25-2021 09:09 AM

G2 should be a trunk and the vSwitch should be a trunk with native vlan defined as 123 if that is what you are using. Unless you are just going to use one vlan for management and wireless management and all FlexConnect local switching.

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Dominik_
Level 1
Level 1

‎07-07-2021 08:19 AM

Issue is solved. 

Key of our problem was that promiscous mode was not enabled. 

Now Cluster is up and running and serving clients. 

 

@Scott Fella 

"these are hard set for a specific use.  Management and wireless management is on G2 unless you for some reason need OOB for management, which I don't see why on a VM" 

 

This is not correct - when in the OVA the management was not set the interface can be used for prod traffic as well. 

What we now have is: 


G1 ->  Outside 

G2 -> Wireless Inside

G3 -> Redundancy 

 

And it is working fine. 

So our problem was the promiscous mode.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card