theB0FH
asked on
Trunk ports, VLANs, Catalyst 3750, Layer 2 problems
Hi All
This is driving me mad at the moment and it should be very easy!
I've got 3 switches (Cisco Catalyst 3750 with ADVIPSERVICESK):
3750-HQ1 with 3750-HQ2 and 3750-3 connected to it via dot1q trunk ports.
On 3750-HQ1 I have an interface called VLAN99 with IP address 10.0.0.241
On 3750-HQ2 I have an interface called VLAN99 with IP address 10.0.0.242
On 3750-3 I have an interface called VLAN99 with IP address 10.0.0.243
I can ping 10.0.0.242 from 3750-HQ1 and vice versa, but we cannot get any pings from/to 3750-3 on VLAN99.
Please have a look at the three config files attached and see if there's anything blindingly obvious that I'm obviously too blind to see?
I've been banging my head against this all day!
Thanks!
CAT-3750-3.txt
CAT-3750-HQ2.txt
CAT-3750-HQ1.txt
This is driving me mad at the moment and it should be very easy!
I've got 3 switches (Cisco Catalyst 3750 with ADVIPSERVICESK):
3750-HQ1 with 3750-HQ2 and 3750-3 connected to it via dot1q trunk ports.
On 3750-HQ1 I have an interface called VLAN99 with IP address 10.0.0.241
On 3750-HQ2 I have an interface called VLAN99 with IP address 10.0.0.242
On 3750-3 I have an interface called VLAN99 with IP address 10.0.0.243
I can ping 10.0.0.242 from 3750-HQ1 and vice versa, but we cannot get any pings from/to 3750-3 on VLAN99.
Please have a look at the three config files attached and see if there's anything blindingly obvious that I'm obviously too blind to see?
I've been banging my head against this all day!
Thanks!
CAT-3750-3.txt
CAT-3750-HQ2.txt
CAT-3750-HQ1.txt
I'm guessing that you don't have a trunk port on HQ2 going to HQ3. I can't say for sure since you don't specify which ports are used to connect HQ2 to HQ3.
Try logging into all the switches and check the output using
show interfaces trunk
With this output you shall know how many trunk links are formed between switches.
From the text files you attached, I observed that there wasnt any trunk link specified from hq 2 to switch 3750-3
You might have to configure a trunk .between hq 2 and switch 3750-3.
That should take care of it.
show interfaces trunk
With this output you shall know how many trunk links are formed between switches.
From the text files you attached, I observed that there wasnt any trunk link specified from hq 2 to switch 3750-3
You might have to configure a trunk .between hq 2 and switch 3750-3.
That should take care of it.
Issue "sh vlan" and check that vlan 99 is on switch 3, it will be listed as active.
if not issue
vlan 99
exit
if not issue
vlan 99
exit
ASKER
Hi guys
Thanks for the comments. I'll be able to run a few commands on Tuesday. In the meantime, some more info. I'm also fairly certain (from memory) that VLAN 99 does exist on HQ3 - but I'll confirm on Tuesday.
I should have explained a bit better how these switches are connected. Imagine HQ1 as the "core" switch. HQ2 is hanging off port 1/0/24 and HQ3 is hanging of port 1/0/10. There is no direct link between HQ2 and HQ3.
On HQ1:
Port 1/0/10:
interface GigabitEthernet1/0/10
description xxxxx connection to xxxx 90Mbps Max
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
Port 1/0/24:
interface GigabitEthernet1/0/24
description Downlink to CAT-3750-HQ2
switchport trunk encapsulation dot1q
switchport mode trunk
duplex full
Also what I didnt mention is that I can successfully ping on VLAN99 bwteen HQ1 and HQ2 - it's just 3 that's not working as it should.
Thanks
TB
Thanks for the comments. I'll be able to run a few commands on Tuesday. In the meantime, some more info. I'm also fairly certain (from memory) that VLAN 99 does exist on HQ3 - but I'll confirm on Tuesday.
I should have explained a bit better how these switches are connected. Imagine HQ1 as the "core" switch. HQ2 is hanging off port 1/0/24 and HQ3 is hanging of port 1/0/10. There is no direct link between HQ2 and HQ3.
On HQ1:
Port 1/0/10:
interface GigabitEthernet1/0/10
description xxxxx connection to xxxx 90Mbps Max
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
Port 1/0/24:
interface GigabitEthernet1/0/24
description Downlink to CAT-3750-HQ2
switchport trunk encapsulation dot1q
switchport mode trunk
duplex full
Also what I didnt mention is that I can successfully ping on VLAN99 bwteen HQ1 and HQ2 - it's just 3 that's not working as it should.
Thanks
TB
Please post the output of "show int status" and "show int trunk" for HQ and Switch 3.
ASKER
Hi donjohnston
Below is the output of your commands
Thanks
TB
Below is the output of your commands
Thanks
TB
Switch 1:
CAT-3750-HQ1#sh int status
Port Name Status Vlan Duplex Speed Type
Gi1/0/1 connected 1 a-full a-100 10/100/1000BaseTX
Gi1/0/2 connected 1 a-full a-100 10/100/1000BaseTX
Gi1/0/3 connected 1 a-full a-1000 10/100/1000BaseTX
Gi1/0/4 connected 1 a-full a-1000 10/100/1000BaseTX
Gi1/0/5 connected 1 a-full a-1000 10/100/1000BaseTX
Gi1/0/6 connected 50 a-full a-1000 10/100/1000BaseTX
Gi1/0/7 connected 1 a-full a-100 10/100/1000BaseTX
Gi1/0/8 connected 99 a-half a-100 10/100/1000BaseTX
Gi1/0/9 connected 60 a-half a-10 10/100/1000BaseTX
Gi1/0/10 PowerWAN connectio connected trunk full 100 10/100/1000BaseTX
Gi1/0/11 connected 1 a-full a-1000 10/100/1000BaseTX
Gi1/0/12 connected 20 a-full a-1000 10/100/1000BaseTX
Gi1/0/13 Netgear 16 Port Sw connected 50 a-full a-100 10/100/1000BaseTX
Gi1/0/14 connected 30 a-full a-100 10/100/1000BaseTX
Gi1/0/15 connected 30 a-full a-1000 10/100/1000BaseTX
Gi1/0/16 connected 40 a-full a-1000 10/100/1000BaseTX
Gi1/0/17 connected 40 a-full a-1000 10/100/1000BaseTX
Gi1/0/18 connected 1 a-full a-1000 10/100/1000BaseTX
Gi1/0/19 connected 50 a-full a-1000 10/100/1000BaseTX
Gi1/0/20 connected 50 a-full a-100 10/100/1000BaseTX
Gi1/0/21 connected 50 a-full a-1000 10/100/1000BaseTX
Gi1/0/22 connected 50 a-full a-100 10/100/1000BaseTX
Gi1/0/23 connected 60 full 10 10/100/1000BaseTX
Gi1/0/24 Downlink to 3750-H connected trunk full a-1000 10/100/1000BaseTX
CAT-3750-HQ1#
CAT-3750-HQ1#sh int trunk
Port Mode Encapsulation Status Native vlan
Gi1/0/10 on 802.1q trunking 1
Gi1/0/24 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi1/0/10 1-4094
Gi1/0/24 1-4094
Port Vlans allowed and active in management domain
Gi1/0/10 1,9,20,30,40,50,60,70,73,80-83,90,99-100,110,120,130
Gi1/0/24 1,9,20,30,40,50,60,70,73,80-83,90,99-100,110,120,130
Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/10 1,73,81-83,99
Gi1/0/24 1,99
CAT-3750-HQ1#
Switch 3:
CAT-3750-3#sh int status
Port Name Status Vlan Duplex Speed Type
Gi1/0/1 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/2 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/3 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/4 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/5 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/6 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/7 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/8 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/9 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/10 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/11 Fibre Pair 1 connected 81 full 1000 10/100/1000BaseTX
Gi1/0/12 Fibre Pair 2 connected 82 full 1000 10/100/1000BaseTX
Gi1/0/13 Fibre Pair 3 connected trunk a-full a-1000 10/100/1000BaseTX
Gi1/0/14 Fibre Pair 4 connected 83 full 1000 10/100/1000BaseTX
Gi1/0/15 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/16 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/17 Comms room south u connected 81 a-full a-100 10/100/1000BaseTX
Gi1/0/18 connected 1 a-full a-100 10/100/1000BaseTX
Gi1/0/19 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/20 connected 1 a-full a-1000 10/100/1000BaseTX
Gi1/0/21 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/22 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/23 ASA5505 connected 1 a-full a-100 10/100/1000BaseTX
Gi1/0/24 Exponential-E VPLS connected trunk full 100 10/100/1000BaseTX
CAT-3750-3#
CAT-3750-3#show int trunk
Port Mode Encapsulation Status Native vlan
Gi1/0/13 on 802.1q trunking 1
Gi1/0/24 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi1/0/13 1,73,99
Gi1/0/24 1-4094
Port Vlans allowed and active in management domain
Gi1/0/13 1,73,99
Gi1/0/24 1,9,20,30,40,50,60,70,73,80-83,90,99-100,110,120,130
Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/13 1,73,99
Gi1/0/24 1,20,30,40,50,60,99
CAT-3750-3#
Everything looks good there. The only thing left is the VLAN interface itself. Can you post the output of a "show ip int brief".
ASKER
Hi donjohnston
I've added the output below again for switch 1 and 3.
Cheers
I've added the output below again for switch 1 and 3.
Cheers
Switch 1:
CAT-3750-HQ1#sh ip int brie
Interface IP-Address OK? Method Status Protocol
Vlan1 172.30.0.1 YES NVRAM up up
Vlan20 172.30.20.1 YES NVRAM up up
Vlan30 172.30.30.1 YES NVRAM up up
Vlan40 172.30.40.1 YES NVRAM up up
Vlan50 172.30.50.1 YES NVRAM up up
Vlan60 172.30.60.1 YES NVRAM up up
Vlan99 10.0.0.241 YES manual up up
GigabitEthernet1/0/1 unassigned YES unset up up
GigabitEthernet1/0/2 unassigned YES unset up up
GigabitEthernet1/0/3 unassigned YES unset up up
GigabitEthernet1/0/4 unassigned YES unset up up
GigabitEthernet1/0/5 unassigned YES unset up up
GigabitEthernet1/0/6 unassigned YES unset up up
GigabitEthernet1/0/7 unassigned YES unset up up
GigabitEthernet1/0/8 unassigned YES unset up up
GigabitEthernet1/0/9 unassigned YES unset up up
GigabitEthernet1/0/10 unassigned YES unset up up
GigabitEthernet1/0/11 unassigned YES unset up up
GigabitEthernet1/0/12 unassigned YES unset up up
GigabitEthernet1/0/13 unassigned YES unset up up
GigabitEthernet1/0/14 unassigned YES unset up up
GigabitEthernet1/0/15 unassigned YES unset up up
GigabitEthernet1/0/16 unassigned YES unset up up
GigabitEthernet1/0/17 unassigned YES unset up up
GigabitEthernet1/0/18 unassigned YES unset up up
GigabitEthernet1/0/19 unassigned YES unset up up
GigabitEthernet1/0/20 unassigned YES unset up up
GigabitEthernet1/0/21 unassigned YES unset up up
GigabitEthernet1/0/22 unassigned YES unset up up
GigabitEthernet1/0/23 unassigned YES unset up up
GigabitEthernet1/0/24 unassigned YES unset up up
CAT-3750-HQ1#
Switch 3:
CAT-3750-3#sh ip int brie
Interface IP-Address OK? Method Status Protocol
Vlan1 172.30.0.3 YES NVRAM up up
Vlan71 172.30.71.1 YES NVRAM down down
Vlan72 172.30.72.1 YES NVRAM down down
Vlan73 172.30.73.1 YES NVRAM up up
Vlan81 172.30.81.1 YES NVRAM up up
Vlan82 172.30.82.1 YES NVRAM up up
Vlan83 172.30.83.1 YES NVRAM up up
Vlan99 10.0.0.243 YES manual up up
GigabitEthernet1/0/1 unassigned YES unset down down
GigabitEthernet1/0/2 unassigned YES unset down down
GigabitEthernet1/0/3 unassigned YES unset down down
GigabitEthernet1/0/4 unassigned YES unset down down
GigabitEthernet1/0/5 unassigned YES unset down down
GigabitEthernet1/0/6 unassigned YES unset down down
GigabitEthernet1/0/7 unassigned YES unset down down
GigabitEthernet1/0/8 unassigned YES unset down down
GigabitEthernet1/0/9 unassigned YES unset down down
GigabitEthernet1/0/10 unassigned YES unset down down
GigabitEthernet1/0/11 unassigned YES unset up up
GigabitEthernet1/0/12 unassigned YES unset up up
GigabitEthernet1/0/13 unassigned YES unset up up
GigabitEthernet1/0/14 unassigned YES unset up up
GigabitEthernet1/0/15 unassigned YES unset down down
GigabitEthernet1/0/16 unassigned YES unset down down
GigabitEthernet1/0/17 unassigned YES unset up up
GigabitEthernet1/0/18 unassigned YES unset up up
GigabitEthernet1/0/19 unassigned YES unset down down
GigabitEthernet1/0/20 unassigned YES unset up up
GigabitEthernet1/0/21 unassigned YES unset down down
GigabitEthernet1/0/22 unassigned YES unset down down
GigabitEthernet1/0/23 unassigned YES unset up up
GigabitEthernet1/0/24 unassigned YES unset up up
CAT-3750-3#
Once again, everything looks correct. Can you ping the VLAN 1 interface on Switch 3 from the HQ switch?
ASKER
Pings on VLAN 1 are OK between all switches:
Thanks
Thanks
CAT-3750-HQ1#ping 172.30.0.3 (CAT-3750-3)
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.30.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms
CAT-3750-HQ1#
ASKER
I've also done sh vtp status...
Switch 1:
CAT-3750-HQ1#sh vtp stat
VTP Version : 2
Configuration Revision : 25
Maximum VLANs supported locally : 1005
Number of existing VLANs : 23
VTP Operating Mode : Server
VTP Domain Name : marlow
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xB3 0xF4 0x4A 0x21 0x47 0x55 0x50 0xD3
Configuration last modified by 172.30.0.1 at 10-18-93 20:46:33
Local updater ID is 172.30.0.1 on interface Vl1 (lowest numbered VLAN interface found)
CAT-3750-HQ1#
Switch 2:
CAT-3750-HQ2#sh vtp status
VTP Version : 2
Configuration Revision : 25
Maximum VLANs supported locally : 1005
Number of existing VLANs : 23
VTP Operating Mode : Server
VTP Domain Name : marlow
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xB3 0xF4 0x4A 0x21 0x47 0x55 0x50 0xD3
Configuration last modified by 172.30.0.1 at 10-18-93 20:46:33
Local updater ID is 172.30.0.2 on interface Vl1 (lowest numbered VLAN interface found)
CAT-3750-HQ2#
Switch 3:
CAT-3750-3#sh vtp status
VTP Version : 2
Configuration Revision : 25
Maximum VLANs supported locally : 1005
Number of existing VLANs : 23
VTP Operating Mode : Server
VTP Domain Name : marlow
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xB3 0xF4 0x4A 0x21 0x47 0x55 0x50 0xD3
Configuration last modified by 172.30.0.1 at 10-18-93 20:46:33
Local updater ID is 172.30.0.3 on interface Vl1 (lowest numbered VLAN interface found)
CAT-3750-3#
Then you've probably got a duplicate IP address (10.0.0.243) or a bad entry in the arp cache.
Once you verify there is no other 10.0.0.243 device, check the arp cache of the Switches and see if there's an entry for the other VLAN99 address and that the MAC is correct.
Once you verify there is no other 10.0.0.243 device, check the arp cache of the Switches and see if there's an entry for the other VLAN99 address and that the MAC is correct.
ASKER
OK, I've change VLAN 99 interface IP address on switch 3 to 10.0.0.175 in case there was a conflict. This didn't fix it. I've then done a "clear arp" on all the switches and then did a "show arp | incl 10.0".
On Switch 1 and 2 it's all fine (I see entries from each of these on each other), but on Switch 3 there's some wierdness. Look at the mac address for 10.0.0.1 - can this point to something else that's wrong?
Thanks
On Switch 1 and 2 it's all fine (I see entries from each of these on each other), but on Switch 3 there's some wierdness. Look at the mac address for 10.0.0.1 - can this point to something else that's wrong?
Thanks
Switch 1:
CAT-3750-HQ1#sh arp | incl 10.0.
Internet 10.0.0.1 0 000f.b5d6.18d8 ARPA Vlan99
Internet 10.0.0.242 78 0016.9df2.d7c1 ARPA Vlan99
Internet 10.0.0.241 - 0016.9df2.bfc6 ARPA Vlan99
CAT-3750-HQ1#
Switch 2:
CAT-3750-HQ2#sh arp | incl 10.0
Internet 10.0.0.1 0 000f.b5d6.18d8 ARPA Vlan99
Internet 10.0.0.76 0 0023.6c91.fa0d ARPA Vlan99
Internet 10.0.0.242 - 0016.9df2.d7c1 ARPA Vlan99
Internet 10.0.0.241 0 0016.9df2.bfc6 ARPA Vlan99
CAT-3750-HQ2#
Switch 3:
CAT-3750-3#sh arp | incl 10.0.
Internet 10.0.0.1 0 Incomplete ARPA
Internet 10.0.0.175 - 001e.be77.6047 ARPA Vlan99
CAT-3750-3#
ASKER
another note:
I've removed the "ip helper ..." line from Vlan 99 on Switch 3 - this gets rid of the "Incomplete" Arp entry, but this solves nothing - Switch 2 | Vlan 99 is configured in the same way and that works OK...
Is there some way to trace traffic or something?
Thanks
I've removed the "ip helper ..." line from Vlan 99 on Switch 3 - this gets rid of the "Incomplete" Arp entry, but this solves nothing - Switch 2 | Vlan 99 is configured in the same way and that works OK...
Is there some way to trace traffic or something?
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Just so something else hasn't happened that's adding a symptom, please post the current configs of HQ and Switch 3.
ASKER
Switch CAT-3750-HQ1's config below
CAT-3750-HQ1#sh run
Building configuration...
Current configuration : 16380 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CAT-3750-HQ1
!
no logging console
enable secret 5 $1$yhwh$xxxxxxxxxxxxxx/
!
username admin secret 5 $1$xxxxxxxxxxxxxxxx
aaa new-model
aaa authentication login default local
!
aaa session-id common
switch 1 provision ws-c3750g-24t
ip subnet-zero
ip routing
ip domain-name domain.local
ip name-server 172.30.6.111
!
!
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface GigabitEthernet1/0/1
switchport mode access
!
interface GigabitEthernet1/0/2
switchport mode access
!
interface GigabitEthernet1/0/3
switchport mode access
!
interface GigabitEthernet1/0/4
switchport mode access
!
interface GigabitEthernet1/0/5
switchport mode access
!
interface GigabitEthernet1/0/6
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/0/7
switchport mode access
!
interface GigabitEthernet1/0/8
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet1/0/9
switchport access vlan 60
switchport mode access
!
interface GigabitEthernet1/0/10
description DOWNLINK TO CAT-3750-3
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
!
interface GigabitEthernet1/0/11
switchport mode access
!
interface GigabitEthernet1/0/12
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/13
description Netgear 16 Port Switch
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/0/14
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/15
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/16
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/0/17
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/0/18
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/0/20
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/0/21
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/0/22
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/0/23
switchport access vlan 60
switchport mode access
speed 10
duplex full
!
interface GigabitEthernet1/0/24
description Downlink to CAT-3750-HQ2
switchport trunk encapsulation dot1q
switchport mode trunk
duplex full
!
interface Vlan1
description SERVERS
ip address 172.30.0.1 255.255.248.0
ip helper-address 172.30.6.111
no ip redirects
no ip unreachables
no ip proxy-arp
ip policy route-map GATEWAY_VLAN1
!
interface Vlan20
description WEB_SERVERS
ip address 172.30.20.1 255.255.252.0
ip helper-address 172.30.6.111
no ip redirects
no ip unreachables
no ip proxy-arp
ip policy route-map GATEWAY
!
interface Vlan30
description GROUN_FLOOR
ip address 172.30.30.1 255.255.255.0
ip helper-address 172.30.6.111
no ip redirects
no ip unreachables
no ip proxy-arp
ip policy route-map GATEWAY_VLAN30
!
interface Vlan40
ip address 172.30.40.1 255.255.255.0
ip helper-address 172.30.6.111
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan50
ip address 172.30.50.1 255.255.255.0
ip helper-address 172.30.6.111
no ip redirects
no ip unreachables
no ip proxy-arp
ip policy route-map GATEWAY_VLAN50
!
interface Vlan60
ip address 172.30.60.1 255.255.255.0
ip helper-address 172.30.6.111
no ip redirects
no ip unreachables
no ip proxy-arp
ip policy route-map GATEWAY_VLAN60
!
interface Vlan99
description WIFI Visitors Guest Access
ip address 10.0.0.241 255.255.255.0
ip helper-address 10.0.0.1
no ip redirects
no ip unreachables
no ip proxy-arp
!
router eigrp 1
network 172.30.0.0
no auto-summary
!
ip classless
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
ip route 0.0.0.0 0.0.0.0 172.30.7.2
no ip http server
no ip http secure-server
!
!
ip access-list standard SSH-ALLOWED
permit 172.30.0.0 0.0.255.255
deny any log
!
ip access-list extended ASA_7_11_VLAN30
deny ip 172.30.0.0 0.0.255.255 192.168.144.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip host 172.30.30.101 any
ip access-list extended ASA_7_4_VLAN30
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.20.30.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
ip access-list extended ASA_7_5_VLAN1
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip host 172.30.3.9 any
permit ip host 172.30.3.8 any
permit ip host 172.30.6.30 host 85.90.255.205
permit ip host 172.30.3.5 any
permit ip host 172.30.3.100 any
permit ip host 172.30.3.1 any
permit ip host 172.30.3.3 any
permit ip host 172.30.3.10 any
permit ip host 172.30.1.6 any
permit ip host 172.30.6.9 any
ip access-list extended ASA_7_5_VLAN20
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
ip access-list extended PIX_7_11
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip host 172.30.20.4 any
permit ip host 172.30.20.5 any
permit ip host 172.30.20.6 any
permit ip host 172.30.20.7 any
permit ip host 172.30.20.8 any
permit ip host 172.30.20.9 any
permit ip host 172.30.20.10 any
permit ip host 172.30.20.11 any
permit ip host 172.30.20.12 any
permit ip host 172.30.20.13 any
permit ip host 172.30.20.14 any
permit ip host 172.30.20.15 any
permit ip host 172.30.20.16 any
permit ip host 172.30.20.17 any
permit ip host 172.30.20.18 any
permit ip host 172.30.20.19 any
permit ip host 172.30.20.20 any
permit ip host 172.30.20.21 any
permit ip host 172.30.20.22 any
permit ip host 172.30.20.23 any
permit ip host 172.30.20.24 any
permit ip host 172.30.20.25 any
permit ip host 172.30.20.26 any
permit ip host 172.30.20.76 any
permit ip host 172.30.20.77 any
permit ip host 172.30.20.78 any
permit ip host 172.30.20.86 any
permit ip host 172.30.20.87 any
permit ip host 172.30.20.88 any
permit ip host 172.30.20.89 any
permit ip host 172.30.20.90 any
permit ip host 172.30.20.91 any
permit ip host 172.30.20.92 any
permit ip host 172.30.20.93 any
permit ip host 172.30.20.94 any
permit ip host 172.30.20.95 any
permit ip host 172.30.20.96 any
permit ip host 172.30.20.97 any
permit ip host 172.30.20.98 any
permit ip host 172.30.20.99 any
permit ip host 172.30.20.100 any
permit ip host 172.30.20.101 any
permit ip host 172.30.20.105 any
permit ip host 172.30.20.106 any
permit ip host 172.30.20.107 any
permit ip host 172.30.20.108 any
permit ip host 172.30.20.109 any
permit ip host 172.30.20.110 any
permit ip host 172.30.20.121 any
permit ip host 172.30.20.124 any
permit ip host 172.30.20.131 any
permit ip host 172.30.20.123 any
permit ip host 172.30.20.127 any
permit ip host 172.30.20.81 any
permit ip host 172.30.20.102 any
permit ip host 172.30.20.103 any
permit ip host 172.30.20.104 any
permit ip host 172.30.20.128 any
permit ip host 172.30.20.129 any
ip access-list extended PIX_7_11_VLAN1
deny ip 172.30.0.0 0.0.255.255 192.168.144.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip host 172.30.6.60 any
permit ip host 172.30.6.61 any
permit ip host 172.30.6.25 any
permit ip host 172.30.6.6 any
permit ip host 172.30.7.205 any
permit ip host 172.30.6.5 any
permit ip host 172.30.5.203 any
permit ip host 172.30.6.109 any
permit ip host 172.30.0.7 any
permit ip host 172.30.6.62 any
permit ip host 172.30.1.205 any
permit ip host 172.30.6.111 any
permit ip host 172.30.0.70 any
permit ip host 172.30.0.250 any
permit ip host 172.30.1.243 any
permit ip host 172.30.1.241 any
permit ip host 172.30.0.34 any
permit ip host 172.30.0.56 any
permit ip host 172.30.0.58 any
permit ip host 172.30.0.32 any
permit ip host 172.30.0.57 any
permit ip host 172.30.6.63 any
permit ip host 172.30.2.101 any
permit ip host 172.30.6.37 any
permit ip host 172.30.6.110 any
permit ip host 172.30.6.39 any
permit ip host 172.30.3.4 any
permit ip host 172.30.7.150 any
permit ip host 172.30.6.31 any
permit ip host 172.30.0.90 any
permit ip host 172.30.0.91 any
permit ip host 172.30.0.92 any
permit ip host 172.30.6.14 any
permit ip host 172.30.2.31 any
permit ip host 172.30.0.16 any
permit ip host 172.30.6.45 any
permit ip host 172.30.6.53 any
ip access-list extended PIX_7_11_VLAN30
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 host 83.244.211.99
permit ip host 172.30.30.100 any
permit ip host 172.30.30.28 any
ip access-list extended PIX_7_11_VLAN60
deny ip 172.30.0.0 0.0.255.255 192.168.144.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
ip access-list extended PIX_7_11_VLAN_1
permit ip host 172.30.6.45 any
ip access-list extended PIX_7_1_VLAN30
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.20.30.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
ip access-list extended PIX_7_2_VLAN50
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip host 172.30.50.27 any
ip access-list extended PIX_7_3_VLAN30
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.20.30.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip host 172.30.30.100 any
ip access-list extended SONICWALL_7_1
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.20.30.0 0.0.0.255
permit ip 172.30.0.0 0.0.255.255 172.30.8.0 0.0.7.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip host 172.30.20.2 any
permit ip host 172.30.20.3 any
permit ip host 172.30.20.27 any
permit ip host 172.30.20.28 any
permit ip host 172.30.20.29 any
permit ip host 172.30.20.30 any
permit ip host 172.30.20.31 any
permit ip host 172.30.20.32 any
permit ip host 172.30.20.33 any
permit ip host 172.30.20.34 any
permit ip host 172.30.20.35 any
permit ip host 172.30.20.36 any
permit ip host 172.30.20.37 any
permit ip host 172.30.20.38 any
permit ip host 172.30.20.39 any
permit ip host 172.30.20.40 any
permit ip host 172.30.20.41 any
permit ip host 172.30.20.42 any
permit ip host 172.30.20.43 any
permit ip host 172.30.20.44 any
permit ip host 172.30.20.45 any
permit ip host 172.30.20.46 any
permit ip host 172.30.20.47 any
permit ip host 172.30.20.48 any
permit ip host 172.30.20.49 any
permit ip host 172.30.20.50 any
permit ip host 172.30.20.51 any
permit ip host 172.30.20.52 any
permit ip host 172.30.20.53 any
permit ip host 172.30.20.54 any
permit ip host 172.30.20.55 any
permit ip host 172.30.20.56 any
permit ip host 172.30.20.57 any
permit ip host 172.30.20.58 any
permit ip host 172.30.20.59 any
permit ip host 172.30.20.60 any
permit ip host 172.30.20.61 any
permit ip host 172.30.20.62 any
permit ip host 172.30.20.63 any
permit ip host 172.30.20.64 any
permit ip host 172.30.20.65 any
permit ip host 172.30.20.66 any
permit ip host 172.30.20.67 any
permit ip host 172.30.20.68 any
permit ip host 172.30.20.69 any
permit ip host 172.30.20.70 any
permit ip host 172.30.20.71 any
permit ip host 172.30.20.72 any
permit ip host 172.30.20.73 any
permit ip host 172.30.20.74 any
permit ip host 172.30.20.79 any
permit ip host 172.30.20.80 any
permit ip host 172.30.20.82 any
permit ip host 172.30.20.83 any
permit ip host 172.30.20.84 any
permit ip host 172.30.20.85 any
permit ip host 172.30.20.102 any
permit ip host 172.30.20.103 any
permit ip host 172.30.20.104 any
ip access-list extended SONICWALL_7_1_VLAN1
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.20.30.0 0.0.0.255
permit ip 172.30.0.0 0.0.255.255 172.30.8.0 0.0.7.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip host 172.30.6.11 any
permit ip host 172.30.0.245 any
permit ip host 172.30.0.248 any
permit ip host 172.30.0.252 any
permit ip host 172.30.6.26 any
permit ip host 172.30.4.10 any
permit ip host 172.30.4.11 any
permit ip host 172.30.4.12 any
ip access-list extended SONICWALL_7_1_VLAN60
deny ip 172.30.0.0 0.0.255.255 10.11.12.0 0.0.0.255
deny ip 172.30.0.0 0.0.255.255 10.30.50.0 0.0.0.255
permit ip 172.30.0.0 0.0.255.255 172.30.8.0 0.0.7.255
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
!
logging trap debugging
logging facility local6
logging 172.30.30.101
route-map GATEWAY_VLAN30 permit 10
match ip address PIX_7_1_VLAN30
set ip next-hop 172.30.7.1
!
route-map GATEWAY_VLAN30 permit 20
match ip address PIX_7_11_VLAN30
set ip next-hop 172.30.7.5
!
route-map GATEWAY_VLAN30 permit 30
match ip address ASA_7_11_VLAN30
set ip next-hop 172.30.7.11
!
route-map GATEWAY_VLAN60 permit 10
match ip address SONICWALL_7_1_VLAN60
set ip next-hop 172.30.7.1
!
route-map GATEWAY_VLAN60 permit 20
match ip address PIX_7_11_VLAN60
set ip next-hop 172.30.7.11
!
route-map GATEWAY_VLAN50 permit 10
match ip address PIX_7_2_VLAN50
set ip next-hop 172.30.7.2
!
route-map GATEWAY_VLAN1 permit 10
match ip address SONICWALL_7_1_VLAN1
set ip next-hop 172.30.7.1
!
route-map GATEWAY_VLAN1 permit 20
match ip address PIX_7_11_VLAN1
set ip next-hop 172.30.7.11
!
route-map GATEWAY_VLAN1 permit 30
match ip address ASA_7_5_VLAN1
set ip next-hop 172.30.7.5
!
route-map GATEWAY permit 10
match ip address SONICWALL_7_1
set ip next-hop 172.30.7.1
!
route-map GATEWAY permit 20
match ip address PIX_7_11
set ip next-hop 172.30.7.11
!
route-map GATEWAY permit 30
match ip address ASA_7_5_VLAN20
set ip next-hop 172.30.7.5
!
snmp-server community d4t4Select RO
snmp-server enable traps snmp authentication linkdown linkup coldstart
radius-server source-ports 1645-1646
!
control-plane
!
banner login ^CCC Private Property - All access is logged Unauthorised entry is prohibited^C
alias exec sr sh run
alias exec ct conf t
alias exec sip sh ip protocols
alias exec sir sh ip route
alias exec sim sh ip mroute
alias exec sib sh ip int brief
alias exec sv sh vlan brief
!
line con 0
exec-timeout 15 0
logging synchronous
line vty 0 4
access-class SSH-ALLOWED in
exec-timeout 15 0
logging synchronous
transport input ssh
line vty 5 15
access-class SSH-ALLOWED in
exec-timeout 15 0
logging synchronous
transport input ssh
!
end
CAT-3750-HQ1#
ASKER
Switch CAT-3750-3's config below.
CAT-3750-3#sh run
Building configuration...
Current configuration : 6276 bytes
!
version 12.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service linenumber
!
hostname CAT-3750-3
!
enable secret 5 $1$ocZl$xxxxxxxxxxxxxxxxxxxxx.
!
username admin secret 5 $1xxxxxxxxxxGsj.
aaa new-model
aaa authentication login default local
!
aaa session-id common
switch 1 provision ws-c3750g-24t
system mtu routing 1500
ip subnet-zero
ip routing
ip tcp synwait-time 5
no ip domain-lookup
ip domain-name domain.local
!
ip ssh version 2
!
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface GigabitEthernet1/0/1
switchport mode access
!
interface GigabitEthernet1/0/2
switchport mode access
!
interface GigabitEthernet1/0/3
switchport mode access
!
interface GigabitEthernet1/0/4
switchport mode access
!
interface GigabitEthernet1/0/5
switchport mode access
!
interface GigabitEthernet1/0/6
switchport mode access
!
interface GigabitEthernet1/0/7
switchport mode access
!
interface GigabitEthernet1/0/8
switchport mode access
!
interface GigabitEthernet1/0/9
switchport mode access
!
interface GigabitEthernet1/0/10
switchport mode access
!
interface GigabitEthernet1/0/11
description Fibre Pair 1
switchport access vlan 81
switchport mode access
speed 1000
duplex full
!
interface GigabitEthernet1/0/12
description Fibre Pair 2
switchport access vlan 82
switchport mode access
speed 1000
duplex full
!
interface GigabitEthernet1/0/13
description Fibre Pair 3
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,73,99
switchport mode trunk
!
interface GigabitEthernet1/0/14
description Fibre Pair 4
switchport access vlan 83
switchport mode access
speed 1000
duplex full
!
interface GigabitEthernet1/0/15
switchport mode access
!
interface GigabitEthernet1/0/16
switchport mode access
!
interface GigabitEthernet1/0/17
description Comms room south unmanaged
switchport access vlan 81
switchport mode access
!
interface GigabitEthernet1/0/18
switchport mode access
!
interface GigabitEthernet1/0/19
switchport mode access
!
interface GigabitEthernet1/0/20
switchport mode access
!
interface GigabitEthernet1/0/21
switchport mode access
!
interface GigabitEthernet1/0/22
switchport mode access
!
interface GigabitEthernet1/0/23
description ASA5505
switchport mode access
!
interface GigabitEthernet1/0/24
description UPLINK TO CAT-3750-HQ1
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
!
interface Vlan1
ip address 172.30.0.3 255.255.248.0
ip helper-address 172.30.6.111
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan71
description WIFI network for Guest Access
ip address 172.30.71.1 255.255.255.0
ip helper-address 172.30.6.200
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan72
description WIFI network for General Domain Use
ip address 172.30.72.1 255.255.255.0
ip helper-address 172.30.6.200
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan73
description WIFI network for Scanners
ip address 172.30.73.1 255.255.255.0
ip helper-address 172.30.6.200
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan81
description NORTH and WEST
ip address 172.30.81.1 255.255.255.0
ip helper-address 172.30.6.200
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan82
description EAST
ip address 172.30.82.1 255.255.255.0
ip helper-address 172.30.6.200
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan83
description CENTRAL / Production
ip address 172.30.83.1 255.255.255.0
ip helper-address 172.30.6.200
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan99
description WIFI Visitors Guest Access
ip address 10.0.0.175 255.255.255.0
!
router eigrp 1
network 172.30.0.0
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.30.0.1
no ip http server
no ip http secure-server
!
!
ip access-list standard SSH-ALLOWED
permit 82.133.50.163
permit 217.20.18.2
permit 172.30.0.0 0.0.255.255
permit 10.20.30.0 0.0.0.255
deny any log
!
ip access-list extended ASA5505_7_2_VLAN1
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
ip access-list extended ASA5505_7_3_VLAN1
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip 172.30.0.0 0.0.255.255 any
ip access-list extended ASA5505_7_3_VLAN73
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
ip access-list extended ASA5505_7_3_VLAN81
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip 172.30.0.0 0.0.255.255 any
ip access-list extended ASA5505_7_3_VLAN83
deny ip 172.30.0.0 0.0.255.255 172.30.0.0 0.0.255.255
permit ip 172.30.0.0 0.0.255.255 any
!
route-map GATEWAY_VLAN73 permit 10
match ip address ASA5505_7_3_VLAN73
set ip next-hop 172.30.7.3
!
route-map GATEWAY_VLAN83 permit 10
match ip address ASA5505_7_3_VLAN83
set ip next-hop 172.30.7.3
!
route-map GATEWAY_VLAN81 permit 10
match ip address ASA5505_7_3_VLAN81
set ip next-hop 172.30.7.3
!
route-map GATEWAY_VLAN1 permit 10
match ip address ASA5505_7_3_VLAN1
set ip next-hop 172.30.7.3
!
route-map GATEWAY_VLAN1 permit 20
match ip address ASA5505_7_2_VLAN1
set ip next-hop 172.30.7.2
!
snmp-server community d4t4Select RO
snmp-server enable traps snmp authentication linkdown linkup coldstart
snmp-server enable traps license
radius-server source-ports 1645-1646
!
control-plane
!
banner login ^CCCC Private Property - All access is logged Unauthorised entry is prohibited^C
alias exec sr sh run
alias exec ct conf t
alias exec sip sh ip protocols
alias exec sir sh ip route
alias exec sim sh ip mroute
alias exec sib sh ip int brief
alias exec sv sh vlan brief
!
line con 0
exec-timeout 15 0
logging synchronous
line vty 0 4
access-class SSH-ALLOWED in
exec-timeout 15 0
logging synchronous
transport input ssh
line vty 5 15
access-class SSH-ALLOWED in
exec-timeout 15 0
logging synchronous
transport input ssh
!
end
CAT-3750-3#
Real stupid question, can you ping 10.0.0.175 from CAT-3750-3? That is, can it ping its own VLAN99 IP address?
ASKER
Fair question!
Yes I can ping the VLAN99 IP address from the switch.
cheers
Yes I can ping the VLAN99 IP address from the switch.
cheers
CAT-3750-3#ping 10.0.0.175
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.175, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Do you have any devices that are on CAT-3750-3 that are on VLAN99?
If so can CAT-3750-3 and that device ping each other?
If so can CAT-3750-3 and that device ping each other?
ASKER
Hi giltjr:
There is a device attached to switch 3 that has the ip address 10.0.0.176. This is the ping output as welll as sh arp.
Thx
There is a device attached to switch 3 that has the ip address 10.0.0.176. This is the ping output as welll as sh arp.
Thx
CAT-3750-3#ping 10.0.0.176
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.176, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms
CAT-3750-3#
CAT-3750-3#
CAT-3750-3#
CAT-3750-3#sh arp | incl 10.0.0
Internet 10.0.0.175 - 001e.be77.6047 ARPA Vlan99
Internet 10.0.0.176 2 000b.0e5b.f4ef ARPA Vlan99
CAT-3750-3#
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hi giltjr
Thanks for the comment. I'll have to try that outside office hours as that's one crucial port! I'll hopefully do it later tonight, but more like sometime over the weekend. I'll post back as soon as I have any results.
cheers and have agood weekend
TB
Thanks for the comment. I'll have to try that outside office hours as that's one crucial port! I'll hopefully do it later tonight, but more like sometime over the weekend. I'll post back as soon as I have any results.
cheers and have agood weekend
TB
ASKER
I've not been able to get alone-time on the switch. I'll try soon though. Thx
ASKER
Hi guys (admins included)
I need to put this on hold, but I don't want to close the issue. Problem is I cannot really modify the config of this switch (specifically port 1/0/13) at the moment as it is critical not to have any downtime at the moment.
Can we just leave this call open or should it be put "on hold" in some way? I don't want to cancel it since someone could still come up with a simple solution while waiting for me to get a window for testing.
And the points are still up for grabs.
Cheers
TB
I need to put this on hold, but I don't want to close the issue. Problem is I cannot really modify the config of this switch (specifically port 1/0/13) at the moment as it is critical not to have any downtime at the moment.
Can we just leave this call open or should it be put "on hold" in some way? I don't want to cancel it since someone could still come up with a simple solution while waiting for me to get a window for testing.
And the points are still up for grabs.
Cheers
TB
ASKER
Quick update:
We've not had time to do the suggested steps, but another thing came to mind - perhaps we should update the software on the switches all to the same level if it's not already. Will have to look at this over the next couple of weeks.
TB
We've not had time to do the suggested steps, but another thing came to mind - perhaps we should update the software on the switches all to the same level if it's not already. Will have to look at this over the next couple of weeks.
TB
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Unfortunately I'm going to have to just close this question as I cannot put any time aside to do anything about it anytime soon.
Sorry for the thinly spread points but since there are no clear solutions, what else could I do!
Thanks for the imput guys
Sorry for the thinly spread points but since there are no clear solutions, what else could I do!
Thanks for the imput guys