smartchecker (smartchecker) wrote in cisco_ru,
smartchecker
smartchecker
cisco_ru

ASA 5505 + c2960s + cisco 871. Почему не ходит трафик?

Вырезал vlan 100 по mgmt.

На ASA
interface Ethernet0/2
 switchport trunk allowed vlan 2,100
 switchport mode trunk
!
interface Ethernet0/3
 switchport access vlan 100
!
interface Vlan2
 nameif marino
 security-level 100
 ip address 192.168.2.1 255.255.255.0 
!
interface Vlan100
 description Management
 nameif management
 security-level 100
 ip address 192.168.100.3 255.255.255.0 
!


ASA упирается транком в c2960s
asa5505# sh switch vlan 
VLAN Name                             Status    Ports
---- -------------------------------- --------- -----------------------------
1    -                                down      Et0/4, Et0/5, Et0/6, Et0/7
                                                
55   outside                          up        Et0/0, Et0/1
100  management                       up        Et0/2, Et0/3


c871 - 192.168.100.1
На 2960s есть отдельный mgmt порт - 192.168.100.2
ASA - 192.168.100.3
air2602 - 192.168.100.4

mgmt порт 2960s воткнут в ASA - порт e0/3.
Роутер воткнут в другой порт свича тоже транком.
С роутера могу зайти на ASA и air2602, а на свич нет.

Почему с ASA пинги на адрес 192.168.100.2 проходят, а с других девайсов - нет?

asa5505# ping 192.168.100.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

c871#ping 192.168.100.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Subscribe
  • Post a new comment

    Error

    default userpic

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 4 comments