Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can Only Ping VLAN one way

Status
Not open for further replies.
anocisco

anocisco

IS-IT--Management
May 3, 2012
3
0
0
US
I Have 2 networks connected via WAN link seperated by Cisco 1841 routers. Behind those routers are Cisco 2960's. VLAN 40 is configured on both networks. On Router A i can ping across networks to any VLAN without any problem EXCEPT VLAN 40, which is on Router B.

On Router B I can ping any network EXCEPT VLAN 40 which is what I'm trying to access. Now connected to Router B I have 2 2960's, 1 of the uplinks on switch A is connectd to the FE Interface of the router, the other Uplink on switch A is connected to the uplink on switch B. I cannot ping switch B via ip or telent to it from ANYWHERE.

The device (Device A) in question is connected to Switch A and is on VLAN 40 I've checked the IP, SM, and DG and all are configured properly. I can only ping Device A if i configure a 10.10.40.X IP on a PC. My question is, does switch B have any effect on why i cannot ping from Router A to Device A? Remember I can ping from Router B across to Router A's Vlan 40 without any problems, but i cannot ping from Router B to Device A which is directly connected.. Thanks for your HELP.

 
Sort by date Sort by votes
You are going to have to post the configs , too many possible issues. You have 2 different vlan 40's on each side of the wan ? What are the ip ranges of each of those vlan 40's ? Are the routes in both routers for each of the routers? Are the routers using dynamic routing protocols are or are you attemping all static routes ?
 
Upvote 0 Downvote
hostname Router B
!
boot-start-marker
boot-end-marker
!
logging buffered 100000 debugging
enable secret 5 $1$w859/
!
no aaa new-model
!
resource policy
!
clock timezone CST -6
clock summer-time CDT recurring
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.24.1 10.10.24.10
!
ip dhcp pool WIRELESS_USERS
network 10.10.24.0 255.255.255.0
default-router 10.10.24.254
dns-server 10.10.1.203 10.10.1.238
netbios-name-server 10.10.1.203 10.10.1.238
netbios-node-type h-node
domain-name smc.local
option 161 ip 10.10.1.104
option 162 ascii "/"
option 4 ip 10.10.1.203 10.10.1.238
!
!
no ip domain lookup
ip domain name se.com
!
username ses password 7 000906530E1F
!
!
class-map match-any CONTROLTRAFFIC
match ip dscp cs3
match ip dscp af31
match access-group name MARKVOICECONTROL
class-map match-any REALTIME
match ip dscp ef
match access-group name MARKVOICE
match ip dscp af41
!
!
policy-map MARKINGRESSTRAFFIC
class REALTIME
set dscp ef
class CONTROLTRAFFIC
set dscp af31
class class-default
set dscp default
policy-map WAN-EDGE-POLICY
class REALTIME
set dscp ef
priority percent 50
class CONTROLTRAFFIC
set dscp af31
bandwidth remaining percent 5
class class-default
bandwidth remaining percent 95
set dscp default
!
!
!
interface FastEthernet0/0
ip address 10.10.63.254 255.255.255.0
load-interval 30
speed auto
full-duplex
service-policy input MARKINGRESSTRAFFIC
!
interface FastEthernet0/1
no ip address
ip access-group BLOCKSIEMENS in
ip helper-address 10.10.1.203
duplex auto
speed auto
service-policy input MARKINGRESSTRAFFIC
!
interface FastEthernet0/1.1
encapsulation dot1Q 1 native
ip address 10.10.3.254 255.255.255.0
ip access-group BLOCKSIEMENS in
ip helper-address 10.10.1.203
no snmp trap link-status
service-policy input MARKINGRESSTRAFFIC
!
interface FastEthernet0/1.660
encapsulation dot1Q 660
ip address 10.10.67.254 255.255.254.0
ip helper-address 10.10.1.203
no snmp trap link-status
!
interface FastEthernet0/0/0
description TW MetroEthernet Connection to Hu
switchport trunk native vlan 99
switchport mode trunk
duplex full
speed 10
service-policy output WAN-EDGE-POLICY
!
interface FastEthernet0/0/1
switchport access vlan 100
!
interface FastEthernet0/0/2
switchport access vlan 100
!
interface FastEthernet0/0/3
!
interface Serial0/1/0
description TW Circuit ID# 20/HCGS/100000/TWCS T1 to I
no ip address
!
interface Vlan1
no ip address
!
interface Vlan99
ip address 10.10.99.2 255.255.255.224
!
interface Vlan100
ip address 10.10.24.254 255.255.255.0
ip helper-address 10.10.1.212
ip helper-address 10.10.1.238
!
router eigrp 4
redistribute static metric 1544 280 255 1 1500 route-map RedisRoutes
network 10.10.3.0 0.0.0.255
network 10.10.24.0 0.0.0.255
network 10.10.40.0 0.0.0.255
network 10.10.63.0 0.0.0.255
network 10.10.66.0 0.0.1.255
network 10.10.99.0 0.0.0.31
network 10.10.99.32 0.0.0.3
no auto-summary
neighbor 10.10.99.1 Vlan99
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.99.1
ip route 10.10.99.36 255.255.255.252 10.10.99.34
!
ip http server
!
ip access-list standard RedisRoutes
permit 10.10.99.36 0.0.0.3
permit 10.10.40.0 0.0.0.255
!
ip access-list extended BLOCKSIEMENS
deny ip host 10.10.3.199 any
permit ip any any
ip access-list extended MARKVOICE
permit udp any any eq 3462
permit udp any eq 3462 any
permit udp any any range 9998 10317
permit udp any range 9998 10317 any
permit udp any any range 56000 56062
permit udp any range 56000 56062 any
permit ip host 10.10.3.131 host 10.10.1.158
ip access-list extended MARKVOICECONTROL
permit udp any any eq 4000
permit udp any eq 4000 any
permit udp any any range 6000 7024
permit udp any range 6000 7024 any
!
logging facility local6
logging 10.10.0.111
access-list 1 permit 10.10.0.111
access-list 101 permit ip host 10.10.1.158 host 10.10.3.158
access-list 101 permit ip host 10.10.3.158 host 10.10.1.158
access-list 102 permit ip host 10.10.40.0 any
snmp-server community 5m(5nm9 RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps hsrp
snmp-server enable traps syslog
route-map RedisRoutes permit 10
match ip address RedisRoutes
!
!
control-plane
!
!
line con 0
login local
line aux 0
line vty 0 4
login local
transport input telnet
line vty 5 15
login local
transport input telnet
!
ntp clock-period 17178452
ntp server 10.10.1.203
end
 
Upvote 0 Downvote
hostname Router A
!
boot-start-marker
boot-end-marker
!
logging buffered 100000 debugging
enable secret 5 $1$/Hqx$Ofp8THoCPzm/bH6up8.3U.
!
no aaa new-model
!
resource policy
!
clock timezone CDT -5
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
no ip domain lookup
ip domain name yourdomain.com
!
username sem password 7 09415B1B090D120B
!
!
class-map match-any CONTROLTRAFFIC
match ip dscp cs3
match ip dscp af31
match access-group name MARKVOICECONTROL
class-map match-any REALTIME
match ip dscp ef
match access-group name MARKVOICE
!
!
policy-map MARKINGRESSTRAFFIC
class REALTIME
set dscp ef
class CONTROLTRAFFIC
set dscp af31
class class-default
set dscp default
policy-map WAN-EDGE-POLICY
class REALTIME
set dscp ef
priority percent 50
class CONTROLTRAFFIC
set dscp af31
bandwidth remaining percent 5
class class-default
bandwidth remaining percent 95
set dscp default
!
!
!
interface FastEthernet0/0
ip address 10.10.60.254 255.255.255.0
ip access-group InBoundTrafficViaTW out
speed 100
full-duplex
service-policy input MARKINGRESSTRAFFIC
service-policy output WAN-EDGE-POLICY
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1.5
!
interface FastEthernet0/0/0
description TW MetroEthernet Connection to .
switchport trunk native vlan 99
switchport mode trunk
duplex full
speed 10
!
interface FastEthernet0/0/1
!
interface FastEthernet0/0/2
!
interface FastEthernet0/0/3
!
interface Vlan1
no ip address
!
interface Vlan99
ip address 10.10.99.1 255.255.255.224
ip access-group InBoundTrafficViaTW in
!
router eigrp 4
network 10.10.40.0 0.0.0.255
network 10.10.60.0 0.0.0.255
network 10.10.99.0 0.0.0.31
no auto-summary
neighbor 10.10.99.2 Vlan99
neighbor 10.10.99.3 Vlan99
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.60.253
ip route 10.55.0.0 255.255.0.0 10.10.99.3
!
ip http server
ip http access-class 1
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
!
ip access-list extended InBoundTrafficViaTW
permit ip 10.10.63.0 0.0.0.255 any
permit ip 10.10.3.0 0.0.0.255 any
permit ip 10.10.24.0 0.0.0.255 any
permit ip 10.10.99.0 0.0.0.31 any
permit ip 10.10.6.0 0.0.1.255 any
permit eigrp any any
permit ip 10.10.60.0 0.0.0.255 any
permit ip 10.10.0.0 0.0.7.255 10.30.10.0 0.0.0.255
permit ip 10.10.10.0 0.0.0.255 10.30.10.0 0.0.0.255
permit ip 10.30.10.0 0.0.0.255 10.10.10.0 0.0.0.255
permit ip 10.10.99.32 0.0.0.3 any
permit ip 10.10.99.36 0.0.0.3 any
permit ip 10.55.0.0 0.0.255.255 10.10.10.0 0.0.0.255
permit ip 10.10.10.0 0.0.0.255 10.55.0.0 0.0.255.255
permit ip 10.10.64.0 0.0.1.255 any
permit ip 10.10.66.0 0.0.1.255 any
permit ip 10.8.17.0 0.0.0.255 any
permit ip 10.10.40.0 0.0.0.255 any
permit ip any 10.8.17.0 0.0.0.255
ip access-list extended MARKVOICE
permit udp any any eq 3462
permit udp any eq 3462 any
permit udp any any range 9998 10317
permit udp any range 9998 10317 any
permit udp any any range 56000 56062
permit udp any range 56000 56062 any
ip access-list extended MARKVOICECONTROL
permit udp any any eq 4000
permit udp any eq 4000 any
permit udp any any range 6000 7024
permit udp any range 6000 7024 any
!
logging facility local6
logging 10.10.0.111
access-list 1 permit 10.10.0.111
snmp-server community 5m(5nm9 RO
snmp-server trap-source FastEthernet0/0
snmp-server source-interface informs FastEthernet0/0/0
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps envmon fan shutdown supply temperature
snmp-server enable traps flash insertion removal
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps hsrp
snmp-server enable traps cpu threshold
snmp-server enable traps syslog
snmp-server enable traps vtp
!
control-plane
!
!
line con 0
login local
line aux 0
line vty 0 4
login local
transport input telnet
line vty 5 15
login local
transport input telnet
!
ntp clock-period 17178464
ntp server 10.10.1.203
end

 
Upvote 0 Downvote
On Router A, what's this route pointing at?
ip route 0.0.0.0 0.0.0.0 10.10.60.253

Should be pointing at 10.10.99.2
 
Upvote 0 Downvote
I would be interested to see "show ip route" from routerA and routerB. Both routers are advertising the .40 network and I don't believe that the routers would forward traffic between each other for the .40 network if they both have it locally.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cheikhdtn
  • Locked
  • Question
VLAN
Replies
3
Views
43
iggsterman
iggsterman
mikey789
  • Locked
  • Question
Can 4000-M Routing VLANs ?
Replies
0
Views
40
mikey789
mikey789
mikey789
  • Locked
  • Question
Is There a Way to Calculate the Memorty Req'd for An IOS ?
Replies
1
Views
52
burtsbees
burtsbees
DrB0b
  • Locked
  • Question
Moving LAG from one switch to another, hopefully w/o downtime 1
Replies
2
Views
55
DrB0b
DrB0b
netguy2000
  • Locked
  • Question
C2960TTL multiple Trunk ports with same VLAN
Replies
1
Views
57
chieftan
chieftan

Part and Inventory Search

Sponsor

Back
Top