Issue with internetwork Expert Security racks

From: Dane Newman (dane.newman@gmail.com)
Date: Sat Jun 14 2008 - 20:20:06 ART

• Next message: Piyoush Sharma: "Re: Worth a re read?"
• Previous message: josh lauer: "Re: coffee"
• Next in thread: Brian Dennis: "Re: Issue with internetwork Expert Security racks"
• Maybe reply: Brian Dennis: "Re: Issue with internetwork Expert Security racks"
• Maybe reply: Dane Newman: "Re: Issue with internetwork Expert Security racks"
• Maybe reply: Joseph Brunner: "RE: Issue with internetwork Expert Security racks"
• Maybe reply: ccie champ: "Re: Issue with internetwork Expert Security racks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello

I have an issue with InternetworkExpert security racks. Can anyone spot an
issue with my config and why I can't find 204.12.1.254 (bb3). I keep going
back and forth with IE support and I have wasted tons of time on this issue
and there support told me it was a problem with my config which I don't see
how it could be?

  BB3 is supposed to be connected to switch 1 via there cabling diagram in
port fa0/24. When I do a show cdp neighbor I get the following output

Rack6SW1#show cdp ne
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability
Platform Port ID
RM-H-SW1 Fas 0/20 161 T S
WS-C2924-XFas 0/13
RM-H-SW1 Fas 0/24 161 T S
WS-C2924-XFas 0/15

This output clearly shows its connected to another switch (which is fine as
long as I could get conectivity to my backbone 3 router). I created a vlan
interface for vlan 133 and gave it the ip 204.12.1.50 and pinged ASA2's
interface of 204.12.1.13 fine as seen in the output below but was unable to
ping 204.12.1.254 When I show arp it gives

Internet 204.12.1.254 0 Incomplete ARPA

I also just hard coded int fa0/20 to trunk to the unknown switch on all
vlan's to see if I could ping it still and was not able too

Rack6SW1#show int trunk
Port Mode Encapsulation Status Native vlan
Fa0/20 on 802.1q trunking 1
Fa0/23 on isl trunking 1
Port Vlans allowed on trunk
Fa0/20 1-4094
Fa0/23 1-4094
Port Vlans allowed and active in management domain
Fa0/20 1,3-5,9,29,33,44,69,112-113,115,133,137-138,170,783
Fa0/23 1,3-5,9,29,33,44,69,112-113,115,133,137-138,170,783
Port Vlans in spanning tree forwarding state and not pruned
Fa0/20 1,3-5,9,29,33,44,69,112-113,115,133,137-138,170,783
Fa0/23 1,3-5,9,29,33,44,69,112-113,115,133,137-138,170,783

Rack1SW1#ping 204.12.1.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 204.12.1.254, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Rack6SW1#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 132.1.137.7 - 000a.8a28.f000 ARPA Vlan137
Internet 132.1.170.7 - 000a.8a28.f000 ARPA Vlan170
Internet 132.1.170.1 60 000d.bd03.f9e0 ARPA Vlan170
Internet 204.12.1.254 0 Incomplete ARPA
Internet 132.1.137.113 111 001a.2ffc.8916 ARPA Vlan137
Internet 204.12.1.13 15 001a.2ffc.8917 ARPA Vlan133
Internet 132.1.137.213 42 001a.2ffc.8916 ARPA Vlan137
Internet 204.12.1.50 - 000a.8a28.f000 ARPA Vlan133
Rack6SW1#show run int vlan 133
Building configuration...
Current configuration : 63 bytes
!
interface Vlan133
 ip address 204.12.1.50 255.255.255.0
end
Rack6SW1#ping 204.12.1.13
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 204.12.1.13, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Rack6SW1#

Below is my full config of switch 1

Rack1SW1#show run
Building configuration...
Current configuration : 3450 bytes
!
! Last configuration change at 16:08:51 UTC Sat Jun 14 2008
! NVRAM config last updated at 14:26:33 UTC Sat Jun 14 2008
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Rack1SW1
!
enable password cisco
!
no aaa new-model
ip subnet-zero
ip routing
!
no ip domain-lookup
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
vlan internal allocation policy ascending
!
!
interface Loopback0
 ip address 150.1.7.7 255.255.255.0
!
interface FastEthernet0/1
 switchport access vlan 170
 switchport mode access
!
interface FastEthernet0/2
 switchport access vlan 29
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 4
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 115
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 69
 switchport mode access
!
interface FastEthernet0/7
 switchport mode dynamic desirable
!
interface FastEthernet0/8
 switchport mode dynamic desirable
!
interface FastEthernet0/9
 switchport access vlan 29
 switchport mode access
!
interface FastEthernet0/10
 switchport access vlan 170
 switchport mode access
!
interface FastEthernet0/11
 switchport access vlan 112
 switchport mode access
!
interface FastEthernet0/12
 switchport mode dynamic desirable
!
interface FastEthernet0/13
 switchport access vlan 9
 switchport mode access
!
interface FastEthernet0/14
 switchport mode dynamic desirable
!
interface FastEthernet0/15
 switchport access vlan 133
 switchport mode access
!
interface FastEthernet0/16
 switchport mode dynamic desirable
!
interface FastEthernet0/17
 switchport mode dynamic desirable
!
interface FastEthernet0/18
 switchport mode dynamic desirable
!
interface FastEthernet0/19
 switchport mode dynamic desirable
!
interface FastEthernet0/20
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/21
 switchport mode dynamic desirable
!
interface FastEthernet0/22
 switchport mode dynamic desirable
!
interface FastEthernet0/23
 switchport trunk encapsulation isl
 switchport mode trunk
!
interface FastEthernet0/24
 switchport access vlan 113
 switchport mode access
!
interface GigabitEthernet0/1
 switchport mode dynamic desirable
!
interface GigabitEthernet0/2
 switchport mode dynamic desirable
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan133
 ip address 204.12.1.50 255.255.255.0
!
interface Vlan137
 ip address 132.1.137.7 255.255.255.0
!
interface Vlan170
 ip address 132.1.170.7 255.255.255.0
!
router ospf 1
 router-id 150.1.7.7
 log-adjacency-changes
 redistribute connected subnets
 redistribute static subnets
 network 132.1.170.7 0.0.0.0 area 170
 network 150.1.7.7 0.0.0.0 area 170
!
router bgp 100
 no synchronization
 bgp router-id 150.1.7.7
 bgp log-neighbor-changes
 neighbor 150.1.2.2 remote-as 100
 neighbor 150.1.2.2 update-source Loopback0
 neighbor 204.12.1.254 remote-as 54
 neighbor 204.12.1.254 ebgp-multihop 255
 no auto-summary
!
ip classless
ip route 132.1.138.0 255.255.255.0 132.1.137.213
ip route 204.12.1.0 255.255.255.0 132.1.137.113
ip http server
ip http secure-server
!
!
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
!
end

• Next message: Piyoush Sharma: "Re: Worth a re read?"
• Previous message: josh lauer: "Re: coffee"
• Next in thread: Brian Dennis: "Re: Issue with internetwork Expert Security racks"
• Maybe reply: Brian Dennis: "Re: Issue with internetwork Expert Security racks"
• Maybe reply: Dane Newman: "Re: Issue with internetwork Expert Security racks"
• Maybe reply: Joseph Brunner: "RE: Issue with internetwork Expert Security racks"
• Maybe reply: ccie champ: "Re: Issue with internetwork Expert Security racks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:21 ART