这是我忘了开关造成的。 继续阅读,只有当你很无聊
SonicWALL NSA 3500连接到Cisco Catalyst 3850.SonicWALL具有“子接口”(VLAN)V2,V800和V802。 2和802都工作得很好,我现在正在试图增加800,但没有stream量通过干线。 看到我的configuration图像。 我不能得到一个下游“交换机端口访问VLAN 800”端口与设备连接,并在交换机上我不能ping 172.16.16.7,这是SonicWALL子接口IP,而我可以ping IP的VLAN 802。
编辑 – 由于使用“ip classless”configuration思科,我能够使Spanning-Tree脱离“BKN”状态,并且VLAN 800现在在“ sh int gi1 / 0/2 trunk ”中显示为未修剪的VLAN但我的主要问题是无法通过stream量或连接在该VLAN上的访问设备仍然存在。
http://oi60.tinypic.com/15cllp1.jpg
下面是图片的链接,以防在这里看不到: http : //oi60.tinypic.com/15cllp1.jpg
编辑
开关#sh跨越summ
Switch is in pvst mode Root bridge for: VLAN0800 Extended system ID is enabled Portfast Default is disabled PortFast BPDU Guard Default is disabled Portfast BPDU Filter Default is disabled Loopguard Default is disabled EtherChannel misconfig guard is enabled UplinkFast is disabled BackboneFast is disabled Configured Pathcost method used is short Name Blocking Listening Learning Forwarding STP Active ---------------------- -------- --------- -------- ---------- ---------- VLAN0001 0 0 0 9 9 VLAN0002 0 0 0 14 14 VLAN0003 0 0 0 9 9 VLAN0004 0 0 0 10 10 VLAN0005 0 0 0 10 10 VLAN0006 0 0 0 9 9 VLAN0007 0 0 0 9 9 VLAN0008 0 0 0 9 9 VLAN0009 0 0 0 9 9 Name Blocking Listening Learning Forwarding STP Active ---------------------- -------- --------- -------- ---------- ---------- VLAN0010 0 0 0 9 9 VLAN0011 0 0 0 9 9 VLAN0012 0 0 0 10 10 VLAN0013 0 0 0 9 9 VLAN0014 0 0 0 9 9 VLAN0015 0 0 0 11 11 VLAN0016 0 0 0 9 9 VLAN0017 0 0 0 9 9 VLAN0018 0 0 0 11 11 VLAN0103 0 0 0 9 9 VLAN0104 0 0 0 10 10 VLAN0105 0 0 0 10 10 VLAN0106 0 0 0 9 9 VLAN0107 0 0 0 9 9 VLAN0111 0 0 0 9 9 VLAN0800 0 0 0 9 9 VLAN0802 0 0 0 10 10 VLAN0803 0 0 0 9 9 ---------------------- -------- --------- -------- ---------- ---------- 27 vlans 0 0 0 258 258 交换机#sh跨越800
VLAN0800 Spanning tree enabled protocol ieee Root ID Priority 4896 Address dca5.f433.4980 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 4896 (priority 4096 sys-id-ext 800) Address dca5.f433.4980 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi1/0/2 Desg FWD 19 128.2 P2p Gi1/0/14 Desg FWD 4 128.14 P2p Gi1/0/15 Desg FWD 4 128.15 P2p Gi1/0/16 Desg FWD 4 128.16 P2p Gi1/0/17 Desg FWD 4 128.17 P2p Te1/1/3 Desg FWD 4 128.55 P2p Te1/1/4 Desg FWD 4 128.56 P2p Po1 Desg FWD 3 128.2027 P2p Po2 Desg FWD 3 128.2028 P2p
Switch# sh int gi1 / 0/2 switchport
Name: Gi1/0/2 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none
看到我的最上面的编辑 – VLAN 800现在显示在“* sh int gi1 / 0/2 trunk”作为未修剪的VLAN,但这并没有改变我无法连接任何VLAN的问题,我仍然不能ping 172.16.16.7
这听起来像一个路由问题。 确保Cisco Catalyst 3850具有到SonicWALL NSA 3500的默认路由或通过SonicWALL直接到达172.16.16.0/24目的地的路由。 没有正确的路由将阻止交换机能够PING不在同一个子网上的IP地址。
我很想知道vlan 800上的设备是否可以PING 172.16.16.7。
提供一些TRACEROUTE结果对于切换到172.16.16.7以及vlan 800上的设备和vlan 800上的设备到172.16.16.7以及交换机也是有帮助的。
天哪,我真是个白痴。 思科和SonicWALL之间有一个转换,我完全忘记了,直到我准备将networking接入点安装到位。 它应该一直传递的一切,但一时兴起,我决定检查其configuration,发现switchport trunk allowed vlan 1,2,802,1002-1005涉及两个端口。 抱歉浪费了大家的时间和精力。 它现在有效。