Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Catalyst 3550 will not route

Status
Not open for further replies.
loyalist

loyalist

MIS
Jun 25, 2003
69
CA
Can someone please help,

I have a 3550 with the standard image and I am unable to get traffic to go out a second layer 3 interface. I have a default route that goes to my firewall and it has always worked fine. I had a wan dsl installed last week to connect a branch office point to point and I am unable to get traffic from any vlans to go out that interface. Pinging from that interface I can reach the connected router and the far end router. Can't ping local or far router from any subnet, connected 2950, or any svi on 3550. When debugging only see traffic going out and nothing coming back.

This is pretty straight forward stuff,can't understand why it isn't working.

Remote site subnet is 10.100.60/24, default gateway is 10.100.60.1(remote cisco 800 series router inside interface)

Local subnet on 3550 is 10.100.150.16/29, .17 layer 3 interface on 3550, .18 directly connected cisco 800 series router:

interface FastEthernet0/12
description connection to WAN DSL
no switchport
ip address 10.100.150.17 255.255.255.248
no ip route-cache
duplex half
speed 10
no cdp enable

Only 2 routes on 3550 are:

ip route 0.0.0.0 0.0.0.0 10.100.150.9
ip route 10.100.60.0 255.255.255.0 10.100.150.18

Here is my config:

version 12.1
no service single-slot-reload-enable
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log datetime localtime
service password-encryption
!
hostname Cat3550
!
no logging console
enable secret 5 $1$SyHc$EeDBFxGrlYIblJ4hyeVaZ
!
ip subnet-zero
no ip source-route
ip routing
no ip domain-lookup
!
!
spanning-tree extend system-id
!
!
interface FastEthernet0/1
description connected to server6
switchport access vlan 75
no ip address
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/2
description connected to server5
switchport access vlan 75
no ip address
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/3
description connected to DMZ int PIX
switchport access vlan 75
no ip address
no cdp enable
!
interface FastEthernet0/4
description trunk to 2950
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
duplex full
speed 100
no cdp enable
!
interface FastEthernet0/5
description connected to DavidT
switchport access vlan 100
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/6
description connected to JustinB
switchport access vlan 100
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/7
description temp connect to load balancer 10.100.25.6
switchport access vlan 25
no ip address
no cdp enable
!
interface FastEthernet0/8
description connected to JasonK
switchport access vlan 100
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/9
description connected to server4
switchport access vlan 100
no ip address
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/10
description temp mail server
switchport access vlan 75
no ip address
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/11
description connected to BrianH
switchport access vlan 50
no ip address
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/12
description connection to WAN DSL
no switchport
ip address 10.100.150.17 255.255.255.248
no ip route-cache
duplex half
speed 10
no cdp enable
!
interface FastEthernet0/13
description connected to AdamF
switchport access vlan 100
no ip address
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/14
description connected to JasonL
switchport access vlan 100
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/15
description connected to AdamF
switchport access vlan 100
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/16
no ip address
no cdp enable
!
interface FastEthernet0/17
description connected to ChrisC
switchport access vlan 100
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/18
no ip address
no cdp enable
!
interface FastEthernet0/19
description connected to Server3
switchport access vlan 100
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/20
description dragon test port
switchport access vlan 75
no ip address
duplex full
speed 100
no cdp enable
!
interface FastEthernet0/21
description connected to Server2
switchport access vlan 125
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/22
description connected to Server1 10.100.75.11
switchport access vlan 75
no ip address
no cdp enable
!
interface FastEthernet0/23
description connected to inside int PIX 10.100.150.9
no switchport
ip address 10.100.150.10 255.255.255.248
duplex full
speed 100
no cdp enable
!
interface FastEthernet0/24
no switchport
no ip address
no cdp enable
!
interface Vlan1
ip address 192.168.1.252 255.255.255.0
!
interface Vlan25
ip address 10.100.25.1 255.255.255.0
no ip route-cache
!
interface Vlan40
no ip address
no ip route-cache
!
interface Vlan50
ip address 10.100.50.1 255.255.255.0
ip helper-address 10.100.50.254
no ip route-cache
!
interface Vlan60
no ip address
!
interface Vlan75
no ip address
no ip route-cache
ntp broadcast version 2
!
interface Vlan100
ip address 10.100.100.1 255.255.255.0
ip helper-address 10.100.50.254
no ip route-cache
ntp broadcast version 2
!
interface Vlan125
ip address 10.100.125.1 255.255.255.0
no ip route-cache
ntp broadcast version 2
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.100.150.9
ip route 10.100.60.0 255.255.255.0 10.100.150.18
no ip http server
!
no cdp run
!
line con 0
password 7 100A38483A3B13095941
line vty 0 4
exec-timeout 0 0
password 7 15563A5D3B062A267D76
login
line vty 5 15
password 7 074B101D712518074257
login


As a last resort even tried reloading and still cannot ping those addresses.

Thanks in advance,

Loyalist





 
Sort by date Sort by votes
Thanks Baddos,

Tried this today, removed the layer 3 from the fa0/12 interface, created a vlan for that subnet(vlan 150), created a svi and put ip address on svi(int vlan 150, ip address 10.100.150.17 255.255.255.248), made fa0/12 switchport access vlan 150. Same results can ping from interface but not anywhere else. Removed address from svi and then can't ping at all, removed route to .60.0 and can't ping at all. This really should be working, don't understand this. Can ping locally from that .150.16/29 subnet even form svi, but no other subnets can reach it. Thought problem may have been with svi's not recognizing route so that's why I made today's changes but apparently this is not the problem.

Here's my routes, not seeing anything out of the ordinary here, looks like it should be working:

Cat3550#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is 10.100.150.9 to network 0.0.0.0

10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
C 10.100.100.0/24 is directly connected, Vlan100
C 10.100.125.0/24 is directly connected, Vlan125
S 10.100.60.0/24 [1/0] via 10.100.150.18
C 10.100.50.0/24 is directly connected, Vlan50
C 10.100.25.0/24 is directly connected, Vlan25
C 10.100.150.16/29 is directly connected, Vlan150
C 10.100.150.8/29 is directly connected, FastEthernet0/23
C 192.168.1.0/24 is directly connected, Vlan1
S* 0.0.0.0/0 [1/0] via 10.100.150.9

Here's what it looks like now:

interface FastEthernet0/12
description connection to WAN DSL
switchport access vlan 150
no ip address
duplex half
speed 10
no cdp enable

interface Vlan150
ip address 10.100.150.17 255.255.255.248
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.100.150.9
ip route 10.100.60.0 255.255.255.0 10.100.150.18
no ip http server



I'm really stuck here, really appreciate any input whatsoever.

Thanks,

Loyalist
 
Upvote 0 Downvote
Can you ping between devices attached to the switch? I.e. between VLANs? It looks like the networks you are onwardly linking to don't know about your networks. You are statically routing so the onward devices will need routes back to your subnets.

Andy
 
Upvote 0 Downvote
Thanks Andy, however I can ping everything(all machines and svi's) except that new directly connected subnet(10.100.150.16/29) and the far end(10.100.60.1).
 
Upvote 0 Downvote
Thanks guys, found the problem, it was my ISP. They only had a route to the direclty connected subnet, once I had them change that to a default route with my 3550 being the next hop everything worked fine. I can now move traffic between all subnets.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Blackybear
  • Question
Cisco RV042G router
Replies
0
Views
291
Blackybear
Blackybear
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
866
BIS
BIS
bfordz
  • Locked
  • Question
new help on setting up third party VoIP phones through Catalyst 2960x switch
Replies
0
Views
338
bfordz
bfordz
telemarksman
  • Locked
  • Question
ATA Cisco SPA122 not triggering single line courtesy phone ringer
Replies
0
Views
288
telemarksman
telemarksman
pbxnkey
  • Locked
  • Question
Reduced Bandwidth on Cisco 3550
Replies
6
Views
496
ADB100
ADB100

Part and Inventory Search

Sponsor

Back
Top