We help IT Professionals succeed at work.
Troubleshooting Question

Ping address on another Subnet

54 Views
Last Modified: 2020-11-02
Hi Guys

I have this subnet.

10.2.8.0/22       10.2.8.1       VLAN 1

I created this subnet.

10.2.19.0/24   10.2.19.1      VALN 1019

From my computer 10.2.8.7     I can ping 10.2.19.1  

But I can not ping any other devices on the 10.2.19.0 Network.


I have a Meraki MX60 Router where I configured my vlans.

I have two Meraki MS220 8 Port POE switches

I have two Cisco 3750 48 Port switches


Any ideas or suggestions

Thank you

Tom

 




Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2007

Commented:
Systems in subnet 10.2.19.0/24 must have default gateway or their subnet mask is wrong.
Elie MatarNetwork and Security Engineer
CERTIFIED EXPERT

Commented:
hello,

In case the subnet mask and default gateway are correct on the computers, please check if you have an Access list applied on the interface that are preventing the ping.
CERTIFIED EXPERT
Top Expert 2007

Commented:
But you were trying to ping systems on 10.2.19.0/24!
What you shared is diferrent  

Thomas GrassiSystems Administrator

Author

Commented:
Opps I was playing around with settings

here it is


CERTIFIED EXPERT
Top Expert 2007

Commented:
What about subnet mask? I can see you are using two different subnet masks.
Is this by mistake?
Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
Is the switchport in the correct vlan?
Can you ping the other way? From a device in the 1019 vlan can you ping the gateway .19.1? Can you ping .8.1? Can you ping a device in the 1018 vlan?
What switch are these devices on?
On the Cisco switch you should enable rapid spanning tree to be compatible with the meraki and make sure the uplink is in fact trunking. Sho int trunk..

Thomas GrassiSystems Administrator

Author

Commented:
The 1018 Vlan not used at this time.

I can ping devices on my 1038 VLAN

Is the switchport in the correct vlan?     Where Do I check for that?

The devices on the 1019 VLAN are ESXI Hosts Virtual Switches  

I can ping the Management Network on my ESXI Host but not this Virtual Network 
CERTIFIED EXPERT

Commented:
start by pinging the gateway from any host in the 10.2.19 network.

you need the switchport to be properly configured and all the switches you traverse to be properly configured, either with adequate trunks or links dedicated to that vlan.

one common mistake is to add vlans to the trunks but forget to create the vlans on the switches. check with "show vlan" on each of the switches you go through.
Thomas GrassiSystems Administrator

Author

Commented:
sho vlan on all switches shows only VLAN 1
CERTIFIED EXPERT

Commented:
seems we are missing part of the topology. if you do traverse those switches, the vlans should exist.

unless you are setting up a new lan, and your pc is currently directly plugged to the router, i hardly see how any thing can work.

can you elaborate on what initially worked and what you are changing as well as the overall topology ?
Thomas GrassiSystems Administrator

Author

Commented:
Guys

First If I can ping the gateway ip addess then why can't I ping the devices on that network.  

Since I can ping devices on my 1038 VLAN I changed the 1019 VLAN setting to match


So now the subnets match on my 10.2.8.0/22  255.255.252.0  

on the 10.5.16.0/22  255.255.252.0

Still can not ping 10.5.16.109

Can ping 10.5.16.1    

You all talking about switchport      where do I find that info?




CERTIFIED EXPERT

Commented:

First If I can ping the gateway ip addess then why can't I ping the devices on that network.  
because as long as you can reach the router, and there is no acl in the way, you can ping any address the router has.

the 1038 vlan being a wifi network, i assume it is handled directly by the router so there are no switches along the way.

to get the topology follow the cables. and you may want to answer the above questions with whatever you know even if you cannot answer all of them.

btw, you perfectly can use different network masks as long as you do so in different lans. all machines of a given lan must use matching masks, but different networks/lans can each use whatever you want.
Thomas GrassiSystems Administrator

Author

Commented:
All my Access Point are plugged into my Meraki MS220 POE switches

they are not connected directly to my routers

My switches and ISP cables are the only cables connected to my MX60 
CERTIFIED EXPERT

Commented:
focus on the switches you traverse between the host you are setting up on the 1019 network : presumably either or both of the MS220 switches.

i cannot guess all your setup. one working and usual setup would be
- the ip is configured in the virtual machine you are working on rather than a vmk
- your esx host is configured with a virtual switch for the machines network including vmk1
- the virtual machine is plugged on that virtual switch in the 1039 vlan
- the switch is plugged to vmk1 on a trunk port that allows vlan 1039
- the vlan is declared on the switch
- the switch is plugged to the router using a trunk interface that allows said vlan on both sides

other configs can work including ones where you have a dedicated switch for each vlan or a dedicated port for each vm.

the above is common as it allows to configure any number of vlans and hosts

CERTIFIED EXPERT

Commented:
either way, if you need a virtual host in that vlan, do not configure it's address in vmware. the address belongs to the guest, not the host.
Thomas GrassiSystems Administrator

Author

Commented:
I was just on with Meraki Support and we traced the ip address 10.5.16.119 and 10.5.16.109
No response back

The NIC and the Ip address shows on my client list on my MX-60 so it is defined.

So the ESXI Host for that NIC is not responding to ARP or ICMP requests.

Is there a setting on the ESXI Host for this nic?

CERTIFIED EXPERT

Commented:
the esxi host is not supposed to handle the addresses of the vms.
the vm should have that address.

the esx and all switches along the way need to simply allow that vlan to pass through.
follow the cables if needed and refer to the above setup unless you have a reason to prefer a different one.

as far as i understand, the vmware infra is new
Thomas GrassiSystems Administrator

Author

Commented:
I will test that theory

I will add a test nic to one of my vms and see if I can ping that    

I will post results
CERTIFIED EXPERT

Commented:
that is no theory. that is the way it works.

you can either use a virtual switch in the proper vlan and the above setup or provide a physical nic to the vm. either way, the networking needs to be configured adequately. in the case you use a physical nic, that nic would usually be plugged to the switch on a regular access port.

it will not work until you get a complete working chain.
Thomas GrassiSystems Administrator

Author

Commented:
OK Guys now this is what I found
I added a second network adapter to a vm server I have and placed it on that VM Network with subnet 1019

Gave it an ip address of 10.5.16.100
That server primary nic is 10.2.8.15

I am able to ping the ESXI hosts network adapters with the 10.5.16.x address assigned

it works with the nic of that network but does not without

It has to be a routing issue.
 

CERTIFIED EXPERT

Commented:
nope. but it sheds some light : that means you successfully managed to pass through the switches.

how did you configure that second adapter ?
i assume you still cannot ping 10.5.16.100 ??

CERTIFIED EXPERT

Commented:
remember the esxi host is not a router : it either acts as a switch for the vms, or maps one of the guest's nic to a physical nic
Thomas GrassiSystems Administrator

Author

Commented:
On Vmware I edited the VM config added second Network adapter.
Then on the VM configured it to use the ip address
 nd yes unable to ping 10.5.16.100 from my computer 10.2.8.7


CERTIFIED EXPERT

Commented:
it might be a good idea to review the complete chain with how the virtual adapters are setup and how each of the involved switch ports is configured
CERTIFIED EXPERT
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
Thomas GrassiSystems Administrator

Author

Commented:
I add a second ip address to my network adapter and that works it allows me to ping that subnet now.

Now trying to add that on my ubuntu server.

I can now ping all the address on that vlan.  Just by giving my computer a ip address from the network.
CERTIFIED EXPERT

Commented:
you may want to post what did it for future users reference.

good to see you got it working.

make sure those addresses are actually in the adequate vlan rather than the default vlan

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions