Solved

Cisco Catalyst 4948> Device can't be seen by others unless they are on the same subnet

Posted on 2010-08-23
12
1,868 Views
Last Modified: 2012-05-10
Earlier I posted a question about configuring an IP for my Cisco 4948..

I got a solid response from Kvistofta and here it is:

"
enable
(password)
conf t
hostname cisco4948noca
ip http server
int vlan1
 ip address 10.1.98.3 255.255.0.0
exit
ip default-gateway 10.1.2.1
line vty 0 4
login
password <your password>
exit
enable secret <your password>

http to your switch and login with blank username and the enable-password you entered above as password. "

This worked fine but from a workstation not using 10.1.2.1 as it's gateway the device is not pingable. I know the problem is with the 4948 switch because when I use the cat5 connected to the 'MAIN' switch  and directly connect it to my laptop instead of thru the 4948 the laptop pulls 10.1.98.112 and it is pingable from everywhere. What do you think I'm missing in the configuration of the 4948 that is preventing it from being seen by those not on the 10.1.2.1 gateway?

Thanks again
0
Comment
Question by:cp361
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 2
12 Comments
 
LVL 24

Expert Comment

by:rfc1180
ID: 33506636
you still need to configure layer 3 routing on the switch for other vlans.

can you post your 4948 config please

Billy
0
 
LVL 6

Expert Comment

by:Galtar99
ID: 33506656
Either the switch routes or it's connected to something that routes for it.  Either way, we need to see the config, and probably the config or it's up stream neighbor.
0
 

Author Comment

by:cp361
ID: 33506724
the output from sh run is:

cisco4948noca#sh run
Building configuration...

Current configuration : 2123 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname cisco4948noca
!
enable secret 5 $1$Wy6.$hSSst1riu.j1bDejhKisR/
!
vtp mode transparent
ip subnet-zero
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
power redundancy-mode redundant
!
!
!
vlan internal allocation policy ascending
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface GigabitEthernet1/3
!
interface GigabitEthernet1/4
!
interface GigabitEthernet1/5
!
interface GigabitEthernet1/6
!
interface GigabitEthernet1/7
!
interface GigabitEthernet1/8
!
interface GigabitEthernet1/9
!
interface GigabitEthernet1/10
!
interface GigabitEthernet1/11
!
interface GigabitEthernet1/12
!
interface GigabitEthernet1/13
!
interface GigabitEthernet1/14
!
interface GigabitEthernet1/15
!
interface GigabitEthernet1/16
!
interface GigabitEthernet1/17
!
interface GigabitEthernet1/18
!
interface GigabitEthernet1/19
!
interface GigabitEthernet1/20
!
interface GigabitEthernet1/21
!
interface GigabitEthernet1/22
!
interface GigabitEthernet1/23
!
interface GigabitEthernet1/24
!
interface GigabitEthernet1/25
!
interface GigabitEthernet1/26
!
interface GigabitEthernet1/27
!
interface GigabitEthernet1/28
!
interface GigabitEthernet1/29
!
interface GigabitEthernet1/30
!
interface GigabitEthernet1/31
!
interface GigabitEthernet1/32
!
interface GigabitEthernet1/33
!
interface GigabitEthernet1/34
!
interface GigabitEthernet1/35
!
interface GigabitEthernet1/36
!
interface GigabitEthernet1/37
!
interface GigabitEthernet1/38
!
interface GigabitEthernet1/39
!
interface GigabitEthernet1/40
!
interface GigabitEthernet1/41
!
interface GigabitEthernet1/42
!
interface GigabitEthernet1/43
!
interface GigabitEthernet1/44
!
interface GigabitEthernet1/45
!
interface GigabitEthernet1/46
!
interface GigabitEthernet1/47
!
interface GigabitEthernet1/48
!
interface Vlan1
 ip address 10.1.98.3 255.255.0.0
!
ip default-gateway 10.1.2.1
ip http server
!
!
!
!
!
!
line con 0
 stopbits 1
line vty 0 4
 password password
 login
!
end

cisco4948noca#
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 24

Expert Comment

by:rfc1180
ID: 33506729
what ports are connected to what? and what subnets are what ports?
0
 

Author Comment

by:cp361
ID: 33506762
Sorry .. Port 1 is connected to another switch a Catalyst 6513 5/33 dhcp is enabled on it. The 4948 is not configured at all save for the previously mentioned vlan1 config included in original question at top of this page.

Thanks
0
 

Author Comment

by:cp361
ID: 33506771
The other ports on the 4948 are used for servers at least that is the intent and they are reachable from any P/C using the same gateway subnet mask
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 50 total points
ID: 33506927
Depending on your image, it would be something like:

no ip default-gateway 10.1.2.1
ip route 0.0.0.0 0.0.0.0 10.1.2.1

interface Vlan100
 description subnet 100
 ip address 192.168.100.0 255.255.255.0
 ip access-group 2100 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp


interface Vlan101
 description subnet 101
 ip address 192.168.101.0 255.255.255.0
 ip access-group 2101 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp

access-list 2100 remark subnet 100
access-list 2100 permit ip 192.168.100.0 0.0.0.255 any

access-list 2100 remark subnet 101
access-list 2100 permit ip 192.168.101.0 0.0.0.255 any

interface GigabitEthernet1/2
switchport mode access
switchport access vlan 100

interface GigabitEthernet1/3
switchport mode access
switchport access vlan 101


Billy
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33506935
correction on the ACLs:
access-list 2100 remark subnet 100
access-list 2100 permit ip 192.168.100.0 0.0.0.255 any

access-list 2101 remark subnet 101
access-list 2101 permit ip 192.168.101.0 0.0.0.255 any


Note, these are optional, I always add ACLs for the subnets that are connected, this will only only those networks.

Billy
0
 

Author Comment

by:cp361
ID: 33511975
@rfc1180:

It looks good and a lot for me to chew on  ;)
Would you mind including the:

enable
conf t
exit

commands?
If required?

Thanks
0
 
LVL 6

Expert Comment

by:Galtar99
ID: 33512778
The upstream switch it's connected to, can you post its config as well?  How many VLAN's are you using and what IP subnets are associated with them?  What's doing the routing for your network?  Or is it flat with just switches?
0
 

Author Comment

by:cp361
ID: 33512926
I'm good everything is working as it should the devices(servers) are reachable from all subnets now I will mark this issue as resolved.

Thanks a million!
0
 

Author Comment

by:cp361
ID: 34121794
Ok from the 4948 I can ping another deivice from a port on the vlan so it appears the vlan can't be seen remotely inspite of the trunk and the definitions on the upstream switch


0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Mac-address sticky 12 68
P2P and MPLS 3 62
Auto Qos question 1 19
Logging into A Cisco switch from another switch or router 2 22
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question