smartchecker (smartchecker) wrote in cisco_ru,
smartchecker
smartchecker
cisco_ru

ASA 5505 + c2960s + cisco 871. Почему не ходит трафик?

Вырезал vlan 100 по mgmt.

На ASA
interface Ethernet0/2
 switchport trunk allowed vlan 2,100
 switchport mode trunk
!
interface Ethernet0/3
 switchport access vlan 100
!
interface Vlan2
 nameif marino
 security-level 100
 ip address 192.168.2.1 255.255.255.0 
!
interface Vlan100
 description Management
 nameif management
 security-level 100
 ip address 192.168.100.3 255.255.255.0 
!


ASA упирается транком в c2960s
asa5505# sh switch vlan 
VLAN Name                             Status    Ports
---- -------------------------------- --------- -----------------------------
1    -                                down      Et0/4, Et0/5, Et0/6, Et0/7
                                                
55   outside                          up        Et0/0, Et0/1
100  management                       up        Et0/2, Et0/3


c871 - 192.168.100.1
На 2960s есть отдельный mgmt порт - 192.168.100.2
ASA - 192.168.100.3
air2602 - 192.168.100.4

mgmt порт 2960s воткнут в ASA - порт e0/3.
Роутер воткнут в другой порт свича тоже транком.
С роутера могу зайти на ASA и air2602, а на свич нет.

Почему с ASA пинги на адрес 192.168.100.2 проходят, а с других девайсов - нет?

asa5505# ping 192.168.100.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

c871#ping 192.168.100.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Subscribe
  • Post a new comment

    Error

    default userpic

    Your IP address will be recorded 

  • 4 comments