Developer Forum

have a Cisco switch 2950 setup with the configuration listed below:
sw-int>en
Password:
sw-int#sh start
Using 3281 out of 32768 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname sw-int
!
enable secret 5 $1$iO2h$eYERx9alsClgYntewlNQK.

enable password 7 133756161E1E060320

!
ip subnet-zero
no ip domain-lookup
no cluster run
!
!
spanning-tree mode pvst
spanning-tree portfast default
no spanning-tree optimize bpdu transmission

spanning-tree extend system-id
no spanning-tree vlan 1
no spanning-tree vlan 2
!
!
interface FastEthernet0/1
description Vlan management
no ip address
duplex full
speed 100
no cdp enable
!
interface FastEthernet0/2
description Firewall Management System

no ip address
no cdp enable
!
interface FastEthernet0/3
no ip address
no cdp enable
!
interface FastEthernet0/4
switchport mode access
no ip address
duplex full
speed 100
no cdp enable
!
interface FastEthernet0/5
no ip address
no cdp enable
!
interface FastEthernet0/6
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/7
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/8
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/9
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/10
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/11
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/12
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/13
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/14
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/15
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/16
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/17
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/18
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/19
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/20
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/21
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/22
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/23
switchport access vlan 2
switchport mode access
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/24
switchport mode access
no ip address
duplex full
speed 100
no cdp enable
spanning-tree portfast
!
interface Vlan1
ip address 131.136.249.129 255.255.255.128

no ip route-cache
!
ip default-gateway 131.136.249.129
no ip http server
!
access-list 1 permit 131.136.249.3
no cdp run
!
line con 0
password 7 107C481D1005102207
line vty 0 4
access-class 1 in
password 7 1425530F191628022F
login
line vty 5 15
access-class 1 in
password 7 1425

"benchmark" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...

What switchports are you actually using? What is the actual topology
because you say the switch is 'behind' the firewall with rules to allow your
pc through so I assumed the topology was:

isp -- switch -- firewall -- pc

Also the switch default gateway and it's vlan 1 address are the same. Of
course that has nothing to do with the problem as it's a layer-2 switch and
the default gateway is only for traffic from the switch itself (management
interface).

Again, as it's a simple layer-2 switch I would guess the problems actually
the firewall rules ... as you've proven ... you remove the problem.

R!durbIk

i BernieM,
Your guess on the topology is right. My laptop is
connected to fa0/4. You also right on the fact that the default gateway
and vlan 1 have the same. I have reported this to the contractor that
originally setup the Cisco 2950 for us to look into that.

Thanks,

Eric.

BernieM wrote:

i BernieM,
I am not sure about the topology of the network as it
is managed by a contracting agency. But my knowledge of Cisco PIX
Firewall tells me that the topology should be
isp -- firewall -- switch -- pc.

Thanks,

Eric.


BernieM wrote:

"benchmark" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...

Ok, so when you connect the media converter directly yo your pc it works and
the only change you then make is put the switch in between your pc and the
media converter ... connecting your pc to fa0/4 ... which port is the media
converter being connected to? Do the switch ports link lights come up?

As the switch has ports 1 to 12 in vlan 1 and your connecting to port 4 then
the media converter should be connected to a vlan 1 port as well.

The obvious question is though ... what do the contracting agency being paid
to manage this network say about the problem?

btw ... you should not post entire configs especially with sensitive
information like passwords ... all those "password 7's" decrypt to
"R!durbIk". This is especially true if you don't even manage this network
device. I'm surprised you have access to it.

BernieM

gt;> "benchmark" < XXXX@XXXXX.COM > wrote in message


"benchmark" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...

I also just noticed that only ports 1 to 4 in vlan 1 are capable of coming
up ... the others are administratively shutdown.