Cant Ping host computer from 5520

[mathews411]

I have what I'm fairly sure is a stupid question but here it goes. I can ping, telnet, and us JDM from my laptop, but I can't ping my laptop from the 5520 that it is directly connected to (im using a console connection to do CLI as well as being connected via Ethernet)

I'm configuring 2 ERS 5520's with adv. routing license using OSPF. I have the following Vlan's

Router 1:
Vlan-1: 10.163.3.1/24
Vlan-10: 172.16.102.13/24
Vlan-23: 10.163.23.1/24
Vlan-43: 10.163.43.1/24

Router 2:
Vlan-1: 10.163.6.1/24
Vlan-10: 172.16.102.16/24
Vlan-26: 10.163.26.1/24
Vlan-46: 10.163.46.1/24

Port 24 on both 5520's are on Vlan-10 with pvid 10 and is used for the connection between the two. It is set for (access) not as a trunk. This is because of a 3rd party connection they will have to make later.

I have a laptop connected to each 5520:

Router 1's laptop is on port 11 with a pvid of 23, and is a member of vlan 1 and 23. The laptop has an IP address of 10.163.23.100

Router 2's laptop is on port 1 with a PVID of 1, and is a member of vlan 1, 26, 46. The laptop has an IP address of 10.163.6.101

I have a static route of 0.0.0.0 0.0.0.0 172.16.102.13 for router 2 and .16 for router 1.

from laptop 1 I can ping all .1 address on the network but not laptop 2

From laptop 2 I can pin all .1 address but not laptop 1

When using the console connection on either router, I can ping any router address, but neither of the laptop addresses, weather directly connected or not.

I know I'm missing something stupid, but I just cant seem to figure out what. Please advise, point and laugh, or what ever, JUST HELP PLEASE!!!! GGGRRRR

 

[anthonyanderberg]

It seems like it should work so it might be worth simplifying things a little. Is there a reason you've got the ports the laptops are plugged into on more than one VLAN? It might be worth trying the laptops in a simple access-mode port hooked to VLAN 1 on each side. If that doesn't work then take a look at the output of 'show ip routing' 'show ip route' and 'show ip default-gateway' commands and feel free to share them here.

 

[mathews411]

Thank you for the reply anthonyanderberg.

The reason I had the port in multiple Vlan's is so they would be active and would be able to ping them. I will try just having them in Vlan 1 and give you the results of the show commands tomorrow.

Thank you again...

 

[curtismo]

I've got a bunch of 5520s running advanced routing licenses and OSPF. I've been caught with some "gotchas" when setting up these.

- Make sure you do have routing enabled globally (show ip routing)

- Make sure IP routing is enabled on all VLANs (show ip vlan vid xxxx) - look for routing enabled in the last column

- Make sure OSPF routing is enabled on all VLANs (show ip ospf interface) - now, I've gotten caught by interfaces not showing up if there isn't an active item on that VLAN (I'm going by memory - I haven't set a new 5520 for routing in a couple of months) - make sure admin state is "enabled"

Definately, the "show" commands on a 5520 are not as intuitive to me as they are on othe Nortel routing switches that I have (8600 and 1424). For example, just sitting here I can't figure out the command to show me in a table form what all the IP numbers are assigned to the switch VLANS. I can do it individually, by VID; I know there HAS to be a command, but right now I'm just stumpped.

Anyhow, check this out, and get back if you have any more questions. I had to fight through my first one with routing code - I think routing code got issued two years ago in July and I put the first one in service a month later in August.

 

[curtismo]

Figured it out. If you just do "show vlan ip" it should show all your IPs assigned to the VLANs, along with the routing state.

 

[andy88]

Switch 1 port 11 remove from vlan 1. It should only be in vlan 23 pvid 23.

Switch 2 port 1 remove from vlan 26 and 46. It should only be in vlan 1 pvid 1.

Unless a port is tagged it should only be in one vlan and the pvid should match the vlan.

Check the default gateway on the laptops. They should be the ip interface of the vlan they are plugged into.

 

[mathews411]

Thank you all for your replies. I have since made this very simple...

I have reset a 5520 to factory default and started with just a simple config.

Vlan 1 with IP address 10.163.6.1/24

Vlan 10 with IP address 172.16.102.16/24 (not connected)

Laptop with IP address 10.163.6.101/24 connected to port 1 with a default gateway of 10.163.6.1

ports 1-23 are in vlan 1 with VID=1
Port 24 is in vlan 10 with VID=10

from the CLI using a separate laptop with a console connection, I cannot ping the laptop that is connected to the router's Ethernet port. It is on the same subnet and vlan. I have enable IP routing, which I dont think is necessary at this point, but what the heck.

I am also still able to telnet to, and ping the router as well as use JDM from the laptop that is connected to the router via Ethernet. What am I missing

 

[anthonyanderberg]

I'm at a loss, but curtismo knows more about routing on these boxes so maybe he'll have additional ideas. The only thing I can think is that some kind of personal firewall software is running on the laptops. In your new configs are you able to ping anything from the newly-configured switch? Also: what code are you running on these, I know early 5500 code had a number of bugs but everything since 4.0 has been pretty good.

 

[andy88]

I agree it sounds like a firewall on your PC.

Check the port stats. Are you seeing Tx packets counting up on port 1.
Does the switch have a MAC entry on port 1 for your PC.
Does your PC have an arp entry for the switch address. (arp -a)

If there are all of these then it will be a Fw issue.

Also check the port settings on the switch and your PC.

 

[curtismo]

As stated, at this point check your firewall on your PC. Next, do you have a packet sniffing tool, such as Wireshark? If not, its free to download and use for testing.