2

In the following network, I have configured every device but somehow I can't ping my Customer-PC and Technical-PC to PasirGudang-SW and Segamat-SW.enter image description here

The PCs can ping the other ip address just fine except the 172.16.99.x.

Below is my router and switch configuration: Johor-RT (ROUTER):

Current configuration : 1690 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname Johor-RT
!
!
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
username cisco password 7 082048430017
!
!
license udi pid CISCO1941/K9 sn FTX152498Q2-
!
!
!
!
!
!
!
!
!
no ip domain-lookup
ip domain-name cisco.com
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface Tunnel0
 ip address 192.168.3.118 255.255.255.252
 mtu 1476
 tunnel source Serial0/1/1
 tunnel destination 160.249.3.58
!
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.99
 encapsulation dot1Q 99
 ip address 172.16.99.129 255.255.255.128
!
interface GigabitEthernet0/1.133
 encapsulation dot1Q 133
 ip address 10.232.3.65 255.255.255.224
!
interface GigabitEthernet0/1.169
 encapsulation dot1Q 169
 ip address 10.232.3.97 255.255.255.248
!
interface Serial0/1/0
 no ip address
 clock rate 2000000
 shutdown
!
interface Serial0/1/1
 ip address 76.40.3.154 255.255.255.252
!
interface Vlan1
 no ip address
 shutdown
!
router ospf 1
 log-adjacency-changes
 network 10.232.3.64 0.0.0.31 area 0
 network 10.232.3.96 0.0.0.7 area 0
 network 76.40.3.152 0.0.0.3 area 0
 network 172.16.99.128 0.0.0.127 area 0
!
ip classless
ip route 0.0.0.0 0.0.0.0 76.40.3.153 
ip route 10.232.3.104 255.255.255.252 192.68.3.117 
!
ip flow-export version 9
!
!
!
banner motd ^CUnauthorized Access is Prohibited!^C
!
!
!
!
!
line con 0
 password 7 0822455D0A16
 login
!
line aux 0
!
line vty 0 4
 login local
 transport input ssh
!
!
!
end

PasirGudang-SW (SWITCH 1):

Current configuration : 1534 bytes
!
version 15.0
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname PasirGudang-SW
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
!
no ip domain-lookup
ip domain-name cisco.com
!
username cisco privilege 1 password 7 082048430017
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
 switchport access vlan 133
 switchport mode access
!
interface GigabitEthernet0/1
 switchport mode trunk
!
interface GigabitEthernet0/2
 switchport mode trunk
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan99
 ip address 172.16.99.133 255.255.255.128
!
ip default-gateway 172.16.99.129
!
banner motd ^CUnauthorized Access is Prohibited!^C
!
!
!
line con 0
 password 7 0822455D0A16
 login
!
line vty 0 4
 login local
 transport input ssh
line vty 5 15
 login
!
!
!
!
end

Segamat-SW (SWITCH 2):

Current configuration : 1507 bytes
!
version 15.0
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname Segamat-SW
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
!
no ip domain-lookup
ip domain-name cisco.com
!
username cisco privilege 1 password 7 082048430017
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
 switchport access vlan 169
 switchport mode access
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
 switchport mode trunk
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan99
 ip address 172.16.99.169 255.255.255.128
!
ip default-gateway 172.16.99.129
!
banner motd ^CUnauthorized Access is Prohibited!^C
!
!
!
line con 0
 password 7 0822455D0A16
 login
!
line vty 0 4
 login local
 transport input ssh
line vty 5 15
 login
!
!
!
!
end
Improve this question
3
  • 2
    Did you create the VLANs on the switch?
    – Ron Trunk
    Commented Apr 11, 2021 at 1:19
  • Post "show ip int br" and show vlan br; also use /30s instead for your p2p route links otherwise you will have issues with routing protocols as they wont scale cleanly. @RonTrunk is probably on the money.
    – onxx
    Commented Apr 11, 2021 at 5:24
  • Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you can post and accept your own answer.
    – Ron Maupin
    Commented Nov 19, 2022 at 21:42

1 Answer 1

Reset to default
0

On Johor-RT you've configured the Gig0/1.169 subinterface facing PasirGudang-SW for 802.1q tagging with ID 169. That VLAN ID doesn't exist on the switch, making it drop those inbound frames. You need to create that VLAN on PasirGudang-SW and Segamat-SW.

The easiest ways to test those setups:

  • let each end node ping its default gateway - failing indicates a layer-2/VLAN problem
  • check the switches' MAC tables to see if the end node MAC appear in the expected VLAN
Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.