Can't establish 2 way communication between a switch and a laptop

I have a Cisco 3750 switch and a laptop and I cannot get the switch to ping the laptop. The laptop can ping itself 192.168..1.2 and the switch 192.168.1.1. The switch can ping 192.168.1.1 the vlan 1 interface but cannot ping 192.168.1.2 the laptop. I have a straight cat6 cable between int gi1/0/48 and my laptop.

I can ping my laptop from other switches so my laptop will respond.

I have wr erased and reloaded the switch. I have tried different ip addresses. I have tried gi1/0/36 and 40 with the same results. I deleted vlan.dat. I have tried using 192.168.1.1 as the default gateway on the laptop. I have tried using 192.168.1.2 as the default-gateway on the switch.

Switch#ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Switch#ping 192.168.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Switch#sh run
Building configuration...

Current configuration : 2385 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
no aaa new-model
switch 1 provision ws-c3750e-48pd
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0
 no ip address
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
!
interface GigabitEthernet1/0/48
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
interface TenGigabitEthernet1/0/1
!
interface TenGigabitEthernet1/0/2
!
interface Vlan1
 ip address 192.168.1.1 255.255.255.0
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 5 15
!
end
Dragon0x40Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

amprantiCommented:
Disable your windows firewall
0
Dragon0x40Author Commented:
thanks ampranti,

I checked and the firewall is turned off. I also turned off my vpn client. I can ping my laptop from other switches so I don't think it is my laptop.
0
Dragon0x40Author Commented:
tried another laptop and the router can ping the laptop.

Something else must be loaded recently on my laptop.

I'll have to look around.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Dragon0x40Author Commented:
I tried a different switch and neither can ping my laptop.

I put wireshark on the laptop interface and could see my laptop broadcast for the mac of the switch and then I could see the switch unicast a ping reply to my laptop.

But when I try to ping the laptop from the switch wireshark does not see a broadcast or a ping request.

I don't understand how the laptop can communicate to the switch and back but not vice versa and I don't understand why the switch is not attempting to put something on the interface to my laptop.
0
Dragon0x40Author Commented:
To answer my own question: If the laptop interface is blocking certain traffic then wireshark won't be able to see it?
0
amprantiCommented:
Do you have any other firewall on your PC? Mcaffee antivirus (mcafee antivirus IS blocking pings)
VPN client is checkpoint or cisco?

Temporarly disable ALL your network adapters in contro panel -->  network connections. Allow enable only your local lan

Does it work!?
0
amprantiCommented:
Also check your routing table, y using the command

route PRINT

0
Dragon0x40Author Commented:
I have Check Point VPN-1 Secure Client NG with application intelligence- R56 Build number: 615 and Trend Micro Office Scan Client Version 10 service pack 1
0
amprantiCommented:
Checkpoint is the problem! ;)
It doesnt allow to pings to your PC
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Dragon0x40Author Commented:
Disabling all the nics except the lan interface did not change anything.

route print shows a route to the network with the ip address of my lan nic as the interface and gateway with a metric of 20
0
Dragon0x40Author Commented:
But I have turned it off and it still won't allow pings.

At least I think it is off: I right click on the tray icon and select "Stop VPN-1 Secure Client"
0
amprantiCommented:
Doesnt work! You should uninstall to make it working :(

Check this: network connections --> <local area connection --> properties --> general --> Is there loaded anything strange? checkpoint engine or something? try to temporarly disable
0
JeffSchaperCommented:
on the switch, do a show arp. it will list the mac address associated with the ip address. check to make sure that the mac address of your laptop and ip address are correct on the switch. the problem might be that
1. You have another machine with the laptops address or
2. have a static arp entry sending the reply to a different interface.
to check the mac address on the laptop type ipconfig/all in a command prompt on the laptop.
0
amprantiCommented:
If you have a second PC (without checkpoint VPN) try to ping it. Does it work?
Then try to connect the two PCs using a cross cable. Does it work!? I bet that you will not be able to ping the pc that has not the problem!!
0
Dragon0x40Author Commented:
Thanks JeffSchaper,

Ok, looks like I found it with Ampranti's help.

Under Local Area Connection Properties: This connection uses the following items: Check Point SecuRemote with a check box by it. I unchecked it and I was able to ping my laptop from another laptop. I am hoping that it will work when I use my TFTP server to transfer an image to a switch.

I checked the Check Point Secure Client log and it showed that it was dropping ICMP Type 8 (Echo) packets so that verifies it.

Right clicking on the tray icon and selecting "Stop VPN-1 Secure Client" does not seem to be enough.

An update or policy may have changed because disabling the Secure Client through the tray icon worked a few weeks ago when I needed to use my laptop as a TFTP server, which is what I need to do now and started all this.
0
Dragon0x40Author Commented:
I was able to transfer my IOS to the switch so thanks for all the help.

Some days you have to work really hard to do things that you take for granted other days.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.