Announcement

Collapse
No announcement yet.

Switch can't ping Router (CCNA Basics)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Switch can't ping Router (CCNA Basics)

    I have a 2600 series router set up with fa0/0 set with 192.168.30.1 and a Catalyst switch set w/ VLAN 1 ip set to 192.168.30.2.

    I can ping the switch from the router but can not ping the router from the switch. I am sure this is on page 2 of any Cisco networking book, but the answer escapes me.

    What am I missing?
    Thank you,

    Marc

  • #2
    Re: Switch can't ping Router (CCNA Basics)

    please post both configs (without the passwords)
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Switch can't ping Router (CCNA Basics)

      SWITCH:

      Building configuration...

      Current configuration : 3383 bytes
      !
      version 12.1
      no service pad
      service timestamps debug datetime msec localtime
      service timestamps log datetime msec localtime
      service password-encryption
      !
      hostname Backroom3
      !
      no logging console
      enable secret 5
      !
      username privilege 15 password 7
      clock timezone EST -5
      clock summer-time EST recurring
      ip subnet-zero
      ip routing
      !
      !
      spanning-tree mode pvst
      no spanning-tree optimize bpdu transmission
      spanning-tree extend system-id
      !
      !
      interface FastEthernet0/1
      no ip address
      no mdix auto
      spanning-tree portfast
      !
      interface FastEthernet0/2
      switchport voice vlan 5
      no ip address
      no mdix auto
      spanning-tree portfast
      !

      interface GigabitEthernet0/1
      no ip address
      !
      interface GigabitEthernet0/2
      no ip address
      !
      interface Vlan1
      ip address 192.168.30.2 255.255.255.0
      !
      ip default-gateway 192.168.30.1
      ip classless
      ip http server
      !
      !
      line con 0
      line vty 0 4
      login local
      line vty 5 15
      login
      !
      ntp clock-period 36029840
      ntp server 192.168.1.4
      end


      ROUTER:

      Building configuration...

      Current configuration : 799 bytes
      !
      version 12.3
      service timestamps debug datetime msec
      service timestamps log datetime msec
      no service password-encryption
      !
      hostname AJ2621
      !
      boot-start-marker
      boot-end-marker
      !
      no logging console
      enable password
      !
      voice-card 0
      dspfarm
      !
      no aaa new-model
      ip subnet-zero
      ip cef
      !
      username privilege 15 password 0
      !
      interface FastEthernet0/0
      ip address 192.168.30.1 255.255.255.0
      ip access-group 101 in
      duplex auto
      speed auto
      !
      interface Serial0/0
      no ip address
      shutdown
      !
      interface FastEthernet0/1
      ip address 192.168.1.7 255.255.255.0
      duplex auto
      speed auto
      !
      no ip http server
      ip classless
      !
      access-list 101 permit tcp any any
      !

      line con 0
      line aux 0
      line vty 0
      password
      login
      line vty 1 4
      login
      !
      !
      end
      Thank you,

      Marc

      Comment


      • #4
        Re: Switch can't ping Router (CCNA Basics)

        what switch port connects to the router?

        Comment


        • #5
          Re: Switch can't ping Router (CCNA Basics)

          fa0/1 is the switchport
          Thank you,

          Marc

          Comment


          • #6
            Re: Switch can't ping Router (CCNA Basics)

            Have you tried removing the access list from that interface?

            Comment


            • #7
              Re: Switch can't ping Router (CCNA Basics)

              Originally posted by joeqwerty View Post
              Have you tried removing the access list from that interface?
              I think that did the trick I can ping throughout the 30.x network. Thank you!!!
              Thank you,

              Marc

              Comment


              • #8
                Re: Switch can't ping Router (CCNA Basics)

                YW. Glad it helped.

                Comment


                • #9
                  Re: Switch can't ping Router (CCNA Basics)

                  The ACL was indeed the problem.
                  ICMP is niet TCP.
                  If you want to allow ICMP traffic with a ACL you can add this:
                  access-list 101 permit icmp any any

                  If you want to allow everything:
                  access-list 101 permit ip any any
                  Marcel
                  Technical Consultant
                  Netherlands
                  http://www.phetios.com
                  http://blog.nessus.nl

                  MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                  "No matter how secure, there is always the human factor."

                  "Enjoy life today, tomorrow may never come."
                  "If you're going through hell, keep going. ~Winston Churchill"

                  Comment


                  • #10
                    Re: Switch can't ping Router (CCNA Basics)

                    I was going to mention that as well, but I figured I would just ask him to remove the access list altogether. In most cases access lists should be on the router or you should implement a full featured firewall.

                    Comment


                    • #11
                      Re: Switch can't ping Router (CCNA Basics)

                      The ACL was on the router.. see the double config
                      Marcel
                      Technical Consultant
                      Netherlands
                      http://www.phetios.com
                      http://blog.nessus.nl

                      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                      "No matter how secure, there is always the human factor."

                      "Enjoy life today, tomorrow may never come."
                      "If you're going through hell, keep going. ~Winston Churchill"

                      Comment


                      • #12
                        Re: Switch can't ping Router (CCNA Basics)

                        Oops, you're right. In any event it's probably not needed and a firewall is the best method anyway.

                        Comment


                        • #13
                          Re: Switch can't ping Router (CCNA Basics)

                          Depends what the target is.
                          If you don't use the internet then a firewall can gives a lot of overhead.
                          Or if you want to make it possible to route between 2 subnets and want to deny the other onces (lollypop for example) or just using the acl on the switch
                          A firewall will also gives a lot over overhead.

                          On the internet side, yes I agree using a firewall is the best thing to do
                          Marcel
                          Technical Consultant
                          Netherlands
                          http://www.phetios.com
                          http://blog.nessus.nl

                          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                          "No matter how secure, there is always the human factor."

                          "Enjoy life today, tomorrow may never come."
                          "If you're going through hell, keep going. ~Winston Churchill"

                          Comment


                          • #14
                            Re: Switch can't ping Router (CCNA Basics)

                            Well, I can ping all throughout the 30 network from the router and switch. But I can not ping the 30 switch from a switch on the .1 network. I have a route saying all .30.x go to 1.7 and can ping 30.1. just can't ping anything beyond it.

                            Is this were the ip any any statement comes in handy?
                            Thank you,

                            Marc

                            Comment


                            • #15
                              Re: Switch can't ping Router (CCNA Basics)

                              OK, from my router, I can ping to the corners of both .1 and .30 networks. But I can only ping to the router from each..

                              from anywhere on the .1, I can only ping to 30.1
                              from anywhere on the .30, I can only ping to 1.7

                              How can I get to where I can get through the router?
                              Thank you,

                              Marc

                              Comment

                              Working...
                              X