?
Solved

Weird Switch Issue

Posted on 2011-04-25
10
Medium Priority
?
249 Views
Last Modified: 2012-05-11
I've got a weird switch issue I'm hoping you can help me solve.  

I've got a Cisco Small Business SG-200 48 port gig switch.  I want to reserve the first 16 ports to an engineering VLAN and the rest to general office use.  I set ports 1-16 to VLAN 1 and 16-50 on VLAN3.  Port 1 connects to an interface on our FW that dishes out 192.168.1.0 addresses and port 49 connects to the 192.168.3.0 FW interface.  Port 50 has an uplink to a Netgear switch to the 192.168.3.x network.  

When I plug in a laptop into ports 2-16 everything works fine.  I get 192.168.1.x IP address and the internet works fine.  

When I connect to the remaining ports on the Cisco, some of the ports work and some don't.  It's completely random.  In all cases I get a 192.168.3.x IP address just fine but I with some ports I can't ping the default GW and obviously can't get out.  There are about 10 ports that don't work.  I checked the port configuration and they're set exactly the same.  I tried multiple laptops even setting a manual speed and duplex with no luck.  I'm baffled!

I had to offload those bad ports to the Netgear until this issue gets resolved.  

ANY help is appreciated!
0
Comment
Question by:wrinklefree
  • 4
  • 3
  • 3
10 Comments
 
LVL 2

Accepted Solution

by:
wnead earned 2000 total points
ID: 35461838
How about trunk vlan 1 & 3 down to port 1, then set 2-16 as access ports for vlan 1 (should be default) and 17-48 as access vlan 3.  
0
 

Author Comment

by:wrinklefree
ID: 35461995
That was my original intent but this Cisco switch web interface is awful and I didn't see a clear way to setup a proper trunk on this switch. By default the ports are setup as a trunk with a Admin PVID of 1.  The interface doesn't seem to allow me to add VLAN3.  

In any case, my workaround should work in theory for now.  I'll be losing a gig switch port by doing it this way but I can live with that.  I still can't figure out why some of the ports are not working.  
0
 
LVL 2

Expert Comment

by:wnead
ID: 35462082
here's the admin guide.  vlan's are on p105.

is spanning tree turned on?  it's possible the switch is "split-brained"  half the time it knows which interface to go back to for access and the other half it's trying to go another.  that may be the trouble with 2 uplinks.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 2

Expert Comment

by:wnead
ID: 35462139
0
 
LVL 26

Expert Comment

by:Soulja
ID: 35462297
This may be an MAC/ARP issue, since the switch first seen the device on a different port and vlan, and now sees it on a different port and vlan. How much time are you allowing between connecting from one vlan to the other. When this occurs do you clear the arp or mac address table before reconnecting?
0
 

Author Comment

by:wrinklefree
ID: 35462450
- Yes STP is turned on.  I'm going to try and setup a trunk with 1 uplink to the FW tonight.  Unfortunately this can't be done during work hours.  

- I thought it might be an ARP issue as well.  I connected to a known good port and was able to ping the default gw.  Looked at the arp table using arp -a.  Connected to a known bad port, tried to ping the GW which failed.  Looked at the arp table again and the MAC addresses were identical.  I didn't flush the cache but thats something I can try in a bit.  
0
 
LVL 26

Expert Comment

by:Soulja
ID: 35462561
I was referring to on the switch itself.
0
 

Author Comment

by:wrinklefree
ID: 35462780
Sorry about the confusion.  I checked the MAC address tables on the switch and there's no duplicates entries for my laptop.  I left it plugged in for about 15 mins.  

I did notice however duplicate entries for the 2 uplinks going to the firewall, although they're on separate VLANs.  By default the ASA5505 uses the same mac address for all of it's interfaces.  I wonder if this is causing my problems, although it doesn't explain why it's only happening to a few select ports.  
0
 
LVL 26

Expert Comment

by:Soulja
ID: 35490940
No, that is normal to put that ASA interfaces on separate VLAN's. That shouldn't be the issue. Although it you really want to rule it out, you could put the interfaces on entirely separate switches.
0
 

Author Comment

by:wrinklefree
ID: 35515018
It turned out the entire last block of ports were not working properly, the users  didn't have time to complain yet as they were on wireless ;)

In any case I stopped by over the weekend and setup port 1 as a trunk port to allow VLAN's 1 and 3.  Unplugged the second upl-link then set all the remaining ports to Access and set the VLAN's accordingly.  In typical Cisco fashion the web interface is more confusing than it needs to be.  This could have taken me 2 seconds with a CLI.

It's all working perfect now!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we’ll look at how to deploy ProxySQL.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question