dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1158
AuZZZie1
join:2002-10-25
Canada

AuZZZie1

Member

Cisco VLAN Config Problem

Anyone have any idea why I can't ping 10.1.5.2 with the following config?

I'm using a laptop with the NIC configured on VLAN 5 in the correct subnet directly plugged into FastEthernet3. I can't work out what is wrong with my config. I'm trying to make it a management port on my management VLAN.

version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sa-wan
!
boot-start-marker
boot system flash c181x-advipservicesk9-mz.150-1.M2.bin
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
!
!
dot11 syslog
ip source-route
!
!
!
!
ip cef
no ip domain lookup
ip domain name ****
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1811/K9 sn FHK134173NW
archive
 log config
  hidekeys
!
!
! 
!
!
!
!
!
!
interface FastEthernet0
 description Bell Fibre
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface FastEthernet1
 description Telus ADSL
 no ip address
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface FastEthernet2
 description Inside
 !
!
interface FastEthernet3
 description Management
 switchport access vlan 5
 !
!
interface FastEthernet4
 shutdown
 !
!
interface FastEthernet5
 shutdown
 !
!
interface FastEthernet6
 shutdown
 !
!
interface FastEthernet7
 shutdown
 !
!
interface FastEthernet8
 shutdown
 !
!
interface FastEthernet9
 shutdown
 !
!
interface Vlan1
 description Inside
 ip address 10.254.254.2 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 !
!
interface Vlan5
 description Test
 ip address 10.1.5.2 255.255.255.0
 ip virtual-reassembly
 !
!
interface Async1
 no ip address
 encapsulation slip
 shutdown
 !
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source static tcp 10.0.0.101 3389 interface FastEthernet0 3389
ip nat inside source route-map MAP-LAN interface FastEthernet0 overload
ip nat inside source route-map MAP-TEST interface FastEthernet0 overload
ip nat inside source static tcp 10.0.0.10 80 *.*.*.* 80 extendable
ip nat inside source static tcp 10.0.0.10 443 *.*.*.* 443 extendable
ip nat inside source static tcp 10.0.0.18 80 *.*.*.* 80 extendable
ip nat inside source static tcp 10.0.0.18 443 *.*.*.* 443 extendable
 
ip route 0.0.0.0 0.0.0.0 *.*.*.*
ip route 10.0.0.0 255.255.255.0 10.254.254.1
!
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 2 permit any
no cdp run
 
!
!
!
!
route-map MAP-LAN permit 10
 match ip address 1
 set interface FastEthernet0
!
route-map MAP-TEST permit 10
 match ip address 2
!
 
woofenstein
join:2010-06-09
Union, MO

woofenstein

Member

It looks like you don't have VLAN5 defined even though you have the VLAN interface and port membership correct. Do a "show vlan" and see if 5 is there. If not, go to "config t" and do "vlan 5". If not that, maybe a shut, no shut on the vlan interface.
woofenstein

woofenstein

Member

Looks like you're on an ISR. I think the command is "show vlan-switch" on these.
AuZZZie1
join:2002-10-25
Canada

AuZZZie1

Member

Click for full size
show vlan-switch
Click for full size
Thanks for the reply. Unfortunately as you can see below doesn't look like that is the issue. VLAN5 is showing and you can see the interface comes up when I plug in the cable. No idea what is going on.
jmillermo
join:2010-05-02
Tokyo, Japan

jmillermo to AuZZZie1

Member

to AuZZZie1

debug ip icmp

Nothing wrong with the config.

LCPTeck
join:2000-02-27
singapore

LCPTeck to AuZZZie1

Member

to AuZZZie1
How goes?

TomS_
Git-r-done
MVM
join:2002-07-19
London, UK

2 edits

TomS_ to AuZZZie1

MVM

to AuZZZie1
You say youre "using a laptop with the NIC configured on VLAN 5"...

Does this mean youve configured a VLAN on the laptops NIC?

Check the firewall on your laptop and either disable it, or allow ICMP to pass through freely. Normally this wouldnt be a problem as the firewall would allow packets back in that are a response to something it sent out, but sometimes you never know.

I would also xxxx out the license key in your config near the top...
AuZZZie1
join:2002-10-25
Canada

AuZZZie1

Member

Ok i worked it out. Pretty obvious really not sure why i kept over looking it.

I had the port FE3 as Untagged VLAN5 yet I was setting my NIC as Tagged VLAN 5 for testing. Soon as I removed the VLAN tag from my NIC and just put it as untagged in the right subnet all is well.

Thanks for the help.