Solved

unable to ping or telnet to cisco switch2950 but internet work

Posted on 2006-11-21
13
557 Views
Last Modified: 2011-10-03
hi
i have access switch cisco 2950 connect to distrbution switch (layer 3 switch using to routing) then connect to core switch 4503 then connect to pix 525 then to router 2800

befor some day i can ping and telnet to this switch(cisco 2950)(this switch contain VLAN2 and iam shutdown VLAN1) (i have 14 vlan in my network) when i enter to this switch and iam try to use this command for interface VLAN14 then    (no shutdown) the switch not respond after i restart it the switch is work and the interner in my pc      work but now i can not able to pig or telnet to this switch
iam try to change the pc but i get same problem
how i can solve the problem
thanks
0
Comment
Question by:nasemabdullaa
13 Comments
 
LVL 27

Expert Comment

by:pseudocyber
ID: 17987842
It would help us if you could draw it out and post configs.
0
 

Author Comment

by:nasemabdullaa
ID: 17987951
hi
thanks for your reply
this is my network map (you can find it here)
http://www.netometer.net/clients/diagrams/nasem.html

thanks
0
 
LVL 3

Expert Comment

by:MarkWYnne
ID: 17987955
Do you have physical access to the switch?
You may have to connect to the colsole port to reconfigure the 2950 if you cannot access it through telnet or ping it. Use a serial 2 ethernet connection to connect to the
switch(Blue Cable) via hyper terminal, once there log into the switch and check the configuration and that all ports are up
0
 
LVL 5

Expert Comment

by:WGhen
ID: 17987962
Hi,
Do you have trunking running between these switches?
Other than not being able to ping it or telnet to it, does it still allow traffic from things connected to it to go through?
Does it have an IP route statement pointing to whatever it's appropriate gateway is on the L3 switch?

WGhen
0
 

Author Comment

by:nasemabdullaa
ID: 17988019
hi
thanks for your reply
>>>You may have to connect to the colsole port to reconfigure the 2950
i can enter using colsole port and all port is up

>>>Do you have trunking running between these switches
yes between access switch and distrbution switch


>>>Other than not being able to ping it or telnet to it, does it still allow traffic from things connected to it to go through
yse the internet and network is working good

>>>Does it have an IP route statement pointing to whatever it's appropriate gateway is on the L3 switch
no

thanks
0
 
LVL 5

Accepted Solution

by:
WGhen earned 250 total points
ID: 17988110
Put in an ip route.  Switches do not know how to send traffic back that they receive such as ping or telnet without the ip route.  In some the statement will be:
ip route 0.0.0.0 0.0.0.0 [gateway for switches subnet]

example: let's say switc's address is 172.16.2.252, the ip route to it's L3 router has an address of 172.16.2.254 so...

          ip route 0.0.0.0 0.0.0.0 172.16.2.254
or in some versions of IOS...
          ip default-gateway 172.16.2.254



Hope this helps,
WGhen
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:nasemabdullaa
ID: 17988163
hi
thanks for your reply
switch ip you mean ip managment for this switch (172.16.10.2) or for distrbution switch which is 172.16.10.1
must i put in this switch or in distrbution switch

thanks
0
 
LVL 5

Assisted Solution

by:WGhen
WGhen earned 250 total points
ID: 17988225
You need to add that in the switch that you are unable to telnet to which I believe is the 2950.
What is the gateway for the 172.16.10.x subnet?

So in the 2950 you'd put in either:
          ip route 0.0.0.0 0.0.0.0 172.16.10.???
or
          ip default-gateway 172.16.10.???

replace the question marks with the actual gateway for the 172.16.10x network whatever that may be.


WGhen
0
 

Author Comment

by:nasemabdullaa
ID: 17988276
hi
thanks for your reply
i put this command but i havhe the same problem

thanks
0
 
LVL 5

Expert Comment

by:WGhen
ID: 17988304
Ok,
You can't ping it still?  Even if you are on another device on the 172.16.10.x network?
I guess we'll need to see the whole config for the 2950.
WGhen
0
 

Author Comment

by:nasemabdullaa
ID: 17988374
hi
thanks for your reply
this is configuration

Core#telnet 172            
Trying 172.16.10.3 ... Open---------------------------


User Access Verification                        

Password:        
Password:        

S-M-12-24-C2>enableurity Device Manage
Password: installe
S-M-12-24-C2#sh run                  
Building configuration...                        

Current configuration : 8809 bytese use of the username "cisco"    
!
version 12.1            
no service pad              
service timestamps debug uptime                    

Please c
service timestamps log uptimetial credentials using SDM or
no service password-encryption                              
!
hostname S-M-12-24-C2      

Here are the
!i
enable password moo                  
!
ip subnet-zerome <myuser>  p
!v
!e
spanning-tree mode pvstrd>                    
no spanning-tree optimize bpdu transmissione cisco                

Replace <myuser>
spanning-tree extend system-idame and password you want to u
!
!
!
!
interface FastEthernet0/1                        
 description MVlan_.

             
MOO_Router#sh run        
 spanning-tree portfasturation...            
 spanning-tree bpduguard enableion : 4238 bytes              
!
interface FastEthernet0/2n 12.4            
servic
 switchport access vlan 2e msec                  
 switchport mode accessice timestamps log date
 switchport port-security                  
no se
 switchport port-security aging time 2                
!
hostname MOO_Route
 switchport port-security violation restrict            
boot-end-marker              
!
 spanning-tree portfastp domain name yourdomai
 spanning-tree bpduguard enable  
!
!
!
!
!
!
!
!
!
!
!!
interface FastEthernet0/3tpoint TP-self-signed-342
 switchport access vlan 2                        
 switchport mode accessed                    
 switchport port-securityf-Signed-Certificate-3428
 switchport port-security aging time 2                      
 revocation-che
 switchport port-security violation restrictself-signed-3428832341                      
 switchport port-security aging type inactivityin TP-self-signed-3428832341                  
 mls qos cos override            
 certif
 macro description cisco-desktop              
  30820251 308201
 spanning-tree portfastD0609 2A864886 F70D0101
 spanning-tree bpduguard enable                              
!
interface Fas  
         
 macro description cisco-desktopAF4FE 7DCF1F22 58D6A23C 8838379A
 spanning-tree portfast                      
 spanning-tree bpduguard enable            
  A6B10203 010001A
!7
interface FastEthernet0/6FF040530 030101FF 3024060
 switchport access vlan 2                        
 switchport mode access  551D1104 1D301B82 194
 switchport port-security6F7572 646F6D61 696E2E63
 switchport port-security aging time 2                                
  6F
 switchport port-security violation restrictF524B8 0CDFAA90 4A8EC8EE                    
 switchport port-security aging type inactivity    
  50E49230 1D060355 1D0E0416 0414B86C 766
 mls qos cos overrideA 8EC8EE50          
 macro description cisco-desktop                            
 
 spanning-tree portfast0D 01010405 00038181 00
 spanning-tree bpduguard enable                              
!
interface Fas            
 switchport port-security aging time 2FB3BE6 7D825173 50CAF20F 5CD0D278    
 switchport port-security violation restrict                      
  EC75AD2F 58413A69
 switchport port-security aging type inactivityA9F09                                          
 mls qos cos override        
  F9FFBAFD
 macro description cisco-desktopBC 26                          
 spanning-tree portfast quit      
username ci
 spanning-tree bpduguard enableL$OxhoBFeR.7oK35DlYpMxS/      
!
interface FastEthernet0/8                        
 switchport access vlan 2ege 15 secret 5 $1$MAfd$l
 switchport mode access                      
 switchport port-security            
!
!
!
!
 switchport port-security aging time 2                        
 description
 switchport port-security violation restrict                                            
!
interface FastEthernet0/9      
 speed auto      
 switchport access vlan 20/0                    

 switchport mode access 255.255.255.0        
 switchport port-security  
 no ip route-cache ce
 switchport port-security aging time 2che                  
 no ip mroute-ca
 switchport port-security violation restrict            
 no keepalive            
 no
 switchport port-security aging type inactivity no cdp enable              
!
interface Conte
 mls qos cos override                
 ip
 macro description cisco-desktop                              
 
 spanning-tree portfasts 62.68.65.2 255.255.25
 spanning-tree bpduguard enable                          
   
!
ip htt
 macro description cisco-desktop0 requests 10000                
 spanning-tree portfast              
!
!
!
 spanning-tree bpduguard enable  
!
!
!
!
!
!
!
!
!
b
!n
interface FastEthernet0/11--------------------------
 switchport access vlan 2-------------------      
 switchport mode access                      
 switchport port-securityouter and Security Device
 switchport port-security aging time 2ice.                                  
 switchport port-security viola        
                   
 switchport mode access172.16.100.2 ... Open!
 switchport port-security


User Access Verificati
 switchport port-security aging time 2      
Password:        
Type help o
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivityist of available commands.                    
 mls qos cos override      
PIX> enable  
 macro description cisco-desktop      
PIX# sh run          
:
 spanning-tree portfastsion 6.3(5)            
 spanning-tree bpduguard enable                      
interfa
!
interface FastEthernet0/14          
interface gb-e
 switchport access vlan 2                        
 switchport mode accesse gb-ethernet1 1000auto
 switchport port-security                      
n
 switchport port-security aging time 2                            
nameif et
 switchport port-security viola                            
 switchport port-security aging time 2718-1719                              
 switchport port-security violation restrict  
fixup protocol rsh 514                  
 switchport port-security aging type inactivity  
fixup protocol sip 5060                    
 mls qos cos override udp 5060            
 macro description cisco-desktopinny 2000                      
 spanning-tree portfast25                    
 spanning-tree bpduguard enable                      
fixup pr
!o
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity.65.43 eq smtp                                
 mls qos cos override      
access-list Ou
 macro description cisco-desktop.65.43 eq ftp                  
 spanning-tree portfast                
acces
 spanning-tree bpduguard enablehost 62.68.65.43 eq telnet    
!
interface FastEthernet0/17                          
 switchport access vlan 2ermit tcp any host 62.68.
 switchport mode access                      
 switchport port-security
access-list OutsideIn p
 switchport port-security aging time 2                                      
 switchport port-security viola                            
access-
 spanning-tree bpduguard enablest 62.68.65.50 eq smtp        
!
interface FastEthernet0/18                      
acc
 switchport access vlan 2tcp any host 62.68.65.50
 switchport mode access                      
 switchport port-security-list OutsideIn permit tc
 switchport port-security aging time 2                                      
 switchport port-security violation restrictit tcp any host 62.68.65.50 eq 3389        
 switchport port-security aging type inactivity    
access-list OutsideIn permit tcp any host
 mls qos cos override                    
 macro description cisco-desktop
access-list OutsideIn permit tc
 spanning-tree portfastq ssh                  
 spanning-tree bpduguard enable          
pager lines 24      
!
ip address inside 172
 switchport port-security aging time 2                            
no ip add
 switchport port-security violation restrictntf3                  
ip audit info action
 switchport port-security aging type inactivity action alarm                            
no fa
 mls qos cos overrideover timeout 0:00:00
 macro description cisco-desktoppoll 15                
no failo
 spanning-tree portfast                      
 spanning-tree bpduguard enableide                            
!n
interface FastEthernet0/20                          
 switchport access vlan 14ntf3                      
 switchport mode access16.2.70 255.255.255.255
 switchport port-security                        
 switchport port-security aging time 255.255 inside                        
 switchport port-security viol                            
!
interface FastEthernet0/21            
pdm location
 switchport access vlan 2inside                  
 switchport mode access
pdm location 172.16.7
 switchport port-security                        
 switchport port-security aging time 20 255.255.255.0 inside                
 switchport port-security violation restrict.16.9.0 255.255.255.0 inside                
 switchport port-security aging type inactivity.10.0 255.255.255.0 inside                    
 mls qos cos override  
pdm location 172.1
 macro description cisco-desktop                                
 spanning-tree portfast.16.12.0 255.255.255.0
 spanning-tree bpduguard enable                  
           
!
 switchport port-security aging time 2                                
pdm l
 switchport port-security violation restrict                                        
pdm
 switchport port-security aging type inactivity                                      
pdm loc
 mls qos cos override255.255.0 inside    
 macro description cisco-desktop      
pdm location 172.16.110.
 spanning-tree portfast                      
 spanning-tree bpduguard enablecation 172.16.120.2 255.255.255
!5
interface FastEthernet0/23                          
 switchport access vlan 243 255.255.255.255 outsid
 switchport mode access                      
 switchport port-security4 255.255.255.255 outside
 switchport port-security aging time 2        
pdm location 172.16.2.96 255
 switchport port-security viola                            
interface FastEthernet0/24.0 255.255.255.0 0 0      
 description trunk_port            
nat (insi
!)
interface GigabitEthernet0/1 0                          
 description trunk_portnside) 1 172.16.4.0 255
 switchport mode trunk                      
!
interface GigabitEthernet0/216.5.0 255.255.255.0 0 0    
 description trunk_port              
nat (in
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan10
 ip address 172.16.10.3 255.255.255.0
 no ip route-cache
!
ip default-gateway 172.16.10.1
ip http server
!
line con 0
 password moo
 login
line vty 0 4
 password moo
 login
line vty 5 15
 login
!
!
end

S-M-12-24-C2#

thanks
0
 
LVL 5

Expert Comment

by:WGhen
ID: 17988696
What does the 4503 have for an ip route statement?

WGhen
0
 

Author Comment

by:nasemabdullaa
ID: 17995951
hi
sorry i made mistake
my configuration is




User Access Verification                        

Password:        
Password:        
S-M-12-24-C2>enable                  
Password:        
S-M-12-24-C2#sh run                  
Building configuration...                        

Current configuration : 8809 bytes                                  
!
version 12.1            
no service pad              
service timestamps debug uptime                              
service timestamps log uptime                            
no service password-encryption                              
!
hostname S-M-12-24-C2                    
!
enable password moo                  
!
ip subnet-zero              
!
!
spanning-tree mode pvst                      
no spanning-tree optimize bpdu transmission                                          
spanning-tree extend system-id                              
!
!
!
!
interface FastEthernet0/1                        
 description MVlan_port                      
 switchport access vlan                    
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/2                        
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type in                                      
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/3                        
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/4                        
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/5                        
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type in                                      
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/6                        
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/7                        
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/8                        
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type in                                      
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/9                        
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/10                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/11                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type i                                    
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/12                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/13                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/14                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type i                                    
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/15                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/16                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/17                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type i                                    
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/18                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/19                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/20                          
 switchport access vlan 14                          
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type                                    
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/21                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/22                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type inactivity                                              
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/23                          
 switchport access vlan 2                        
 switchport mode access                      
 switchport port-security                        
 switchport port-security aging time 2                                      
 switchport port-security violation restrict                                            
 switchport port-security aging type i                                    
 mls qos cos override                    
 macro description cisco-desktop                                
 spanning-tree portfast                      
 spanning-tree bpduguard enable                              
!
interface FastEthernet0/24                          
 description trunk_port                      
!
interface GigabitEthernet0/1                            
 description trunk_port                      
 switchport mode trunk                      
!
interface GigabitEthernet0/2                            
 description trunk_port                      
 switchport mode trunk                      
!
interface Vlan1              
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan10
 ip address 172.16.10.3 255.255.255.0
 no ip route-cache
!
ip default-gateway 172.16.10.1
ip http server
!
line con 0
 password moo
 login
line vty 0 4
 password moo
 login
line vty 5 15
 login
!
!
end

S-M-12-24-C2#

thanks
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Independent domain networks for setup 6 84
Network Connection 5 35
RDP Sonicwall 8 32
EIGRP on point-to-point vlan 14 28
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now