Cisco Catalyst 2650

Hi Experts,

Looking to see what i am missing. We have a new location and have one cisco switch connected to a cisco router. I have assigned an IP, subnet mask and default gateway to Vlan 1.

From the desktop we can ping out to all subnets(5) including remote desktop to workstations. From a remote subnet back to the new location we can ping the switch and router and access them, but can not access any computers or any devices that are attached to the switch. There are no host firewalls enabled on the computers.

Thanks
talltreeAsked:
Who is Participating?
 
rojiruCommented:
Same as others have stated.

Plus, check the IP Config on the workstations. Is the IP assignment static or via dhcp on the workstations? If it is dhcp, is the IP information correct for the subnet? Are the Network Address, Subnet Mask and Gateway Address correct?

You could run a show mac-address table (not sure of the command format, as it is different across IOS) to check, if there is any traffic from a workstation. User may need to run a ping to gateway in order to generate some traffic.
0
 
CESNetwork AdministratorCommented:
are the ports administratively down?
0
 
talltreeAuthor Commented:
Hi CES,

No they are up.
0
IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

 
JustInCaseCommented:
Do you have all needed routes in routing table on all routing devices (in both directions)?
What is connection type between locations (is trafic tunneled, MPLS etc)?
0
 
talltreeAuthor Commented:
Yes, routes are on the router and the switch is used for layer 2. Using fiber media.

From a remote location i can access the switch by the IP on VLAN 1. i just can't get to any device on the ports. All ports are in Vlan 1 and computers that are on show a up status on the ports.
0
 
CESNetwork AdministratorCommented:
Predrag has a good point.  Can the local switch ping the workstations?  and the router using an extended ping from the local and WAN interfaces?

Those tests may help isolate the issue
0
 
talltreeAuthor Commented:
Yes, I am on the switch remotely from another location and while on the switch cli i can ping hosts on that subnet, the router and all any device on all subnets, but can not access the devices connected to the switch.
0
 
JustInCaseCommented:
Can you ping hosts with some other source IP address (other interface on remote location) to check default gateway address on hosts?
For example ping 192.168.2.1 source 192.168.x.32
0
 
JustInCaseCommented:
Helpful information would be topology with IP addresses marked on it traceroutes between locations and routing table of all routing devices (if possible, would be good to have configurations of L3 devices with masked public IP addresses and removed private information in configurations).
0
 
atlas_shudderedSr. Network EngineerCommented:
What is the IP address and mask of the router's LAN interface and what is the IP, mask and dfg configured on one of the workstations?
0
 
Hemil AquinoNetwork EngineerCommented:
Hint:  From a remote subnet back to the new location we can ping the switch and router and access them, but can not access any computers or any devices that are attached to the switch.

If you are able to reach the router and switch that means you are good, the problem is switch connectivity issues towards the hosts.

You need to check the following

1- Double check the switchport, make sure they're up up.
2- Are you assigning ip to those host via dhcp or statically? in case you have dhcp configured, could you please check your default gateway?
2- Knowing the fact you are using vlan 1, you dont need to switch-port any other vlan therefore I think you are having a default gateway issues.
0
 
netcmhCommented:
The workstations GW needs to be checked.
0
 
rojiruCommented:
Another thought on the PCs. I assume that they are Windows 7 or later. You stated that the host firewall is disabled. Check the network group (or whatever MS calls it) setting on the PCs. Which group are they assigned? Is the firewall disabled for this group. If the PCs are in the Public group, you will need to move them to a private or domain group.
0
 
talltreeAuthor Commented:
Hi Guys,

Thanks all for the help. Rojiru it was the host firewall.
0
 
netcmhCommented:
Thanks for the clarification and fix. Thanks for the grade. Good luck!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.