Options

1721 and 2950 ROAS Problem

johnwest43johnwest43 Member Posts: 294
in CCNP
I am not sure wereelse to turn , here is the problem of the day. I have a 1721 configed as a router on a stick trunked to a 2950. my pc can ping the switch the switch can ping the pc. neither can ping the router. after debugging arp i can see that the request is getting to the router but i get this message

*Mar 11 23:50:29.831: IP ARP req filtered src 10.0.0.100 000f.f78c.0080, dst 10.0.0.14 0000.0000.0000 wrong cable, interface FastEthernet0.1

This only happens on the managment vlan witch i have set to vlan 10 I have configed the router with encap dot1q 10 native command.

When i place a pc on vlan 20 (172.16 net) which is not the native vlan i can ping the routers fa0.2 int form the pc.

Here are the configs

thanks for the help guys.



Switch (2950)

version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
ip subnet-zero
!
no ip domain-lookup
ip domain-name lab.local
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
interface FastEthernet0/1
!
interface FastEthernet0/2
switchport trunk native vlan 10
switchport mode trunk
!
interface FastEthernet0/3
switchport trunk native vlan 10
switchport mode trunk
!
interface FastEthernet0/4
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/8
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan10
ip address 10.0.0.100 255.255.255.0
no ip route-cache
!
ip default-gateway 10.0.0.20
ip http server
!
line con 0
line vty 0 4
login local
transport input telnet
line vty 5 15
login
!
!
end

moe(config)#do sh vlan b
VLAN Name Status Ports
----
1 default active
10 home-net active Fa0/1, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8
20 172-net active Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23
Fa0/24

moe(config)#do sh int tru
Port Mode Encapsulation Status Native vlan
Fa0/2 on 802.1q trunking 10
Fa0/3 on 802.1q trunking 10
Port Vlans allowed on trunk
Fa0/2 1-4094
Fa0/3 1-4094
Port Vlans allowed and active in management domain
Fa0/2 1,10,20
Fa0/3 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa0/2 1,10,20
Fa0/3 1,10,20


Router (1721)

tom(config-subif)#do sh run
Building configuration...
Current configuration : 952 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname tom
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$zmv1$DB3hwLZ9EkNQStrW.SLIY/
!
no aaa new-model
ip cef
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
ip domain name homelab.local
!
username admin secret 5 $1$WLr8$ZJHBM4Fudjvv1xGZqfHmn
!
interface Loopback0
ip address 192.168.1.250 255.255.255.0
!
interface FastEthernet0
no ip address
speed auto
!
interface FastEthernet0.1
encapsulation dot1Q 10 native
!
interface FastEthernet0.2
description 172-net vlan 20
encapsulation dot1Q 20
ip address 172.16.0.2 255.255.255.0
!
interface Serial0
ip address 1.1.1.1 255.255.255.254
fair-queue
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login local
transport input ssh
!
end
CCNP: ROUTE B][COLOR=#ff0000]x[/COLOR][/B , SWITCH B][COLOR=#ff0000]x[/COLOR][/B, TSHOOT [X ] Completed on 2/18/2014
· Share on FacebookShare on Twitter

Comments

  • Options
    wastedtimewastedtime Member Posts: 586 ■■■■□□□□□□
    I don't see a IP address on interface "fa0.1". If you are trying to pass traffic from one network to the other it is needed.
    · Share on FacebookShare on Twitter
  • Options
    peanutnogginpeanutnoggin Member Posts: 1,096 ■■■□□□□□□□
    Because you have the Router trunking with the switch... they pass traffic for VLan 20 (172-net). The router is acting as the default gateway for Vlan 20. However, on the switch, you have the default-gateway (which only works when the switch is layer 2 -- which is the case) is set to 10.0.0.20. This ip address should be on your router but I'm not seeing it. If you assign the router to 10.0.0.20, then you'll probably be able to route between Vlans with your ROAS. HTH.

    -Peanut
    We cannot have a superior democracy with an inferior education system!

    -Mayor Cory Booker
    · Share on FacebookShare on Twitter
  • Options
    chmorinchmorin Member Posts: 1,446 ■■■■■□□□□□
    Your switch is forwarding all packets out to a default gateway that does not exist. I'd attach your 10.0.0.20 address to the fa0/0.1 and see if it works then.

    Also be sure you 'no shut' your fa0/0 interface.

    Are they still teaching ROAS?
    Currently Pursuing
    WGU (BS in IT Network Administration) - 52%| CCIE:Voice Written - 0% (0/200 Hours)
    mikej412 wrote:
    Cisco Networking isn't just a job, it's a Lifestyle.
    · Share on FacebookShare on Twitter
  • Options
    johnwest43johnwest43 Member Posts: 294
    Thanks for th ereplies guys, i was trimming that fat on the code i posted and must have deleted the ip of fa0.1 by accendent. Anyway I finally had it and trashed both configs and started from scratch. The 2nd time was the charm. Thanks for the quick replies.
    CCNP: ROUTE B][COLOR=#ff0000]x[/COLOR][/B , SWITCH B][COLOR=#ff0000]x[/COLOR][/B, TSHOOT [X ] Completed on 2/18/2014
    · Share on FacebookShare on Twitter
Sign In or Register to comment.