TFTP from a Cisco Catalyst 4006 problem

What was the last state in which you could ping the switch? Get back to that state and then tell the switch the address that you have.

Keep in mind that you are on a VLAN that communicates on a certian subnet, so when you change your IP address you must be plugged into that VLAN in order to ping and use your TFTP server, or anything else for that matter.

While connected to the switch, issue the command "show ip interface brief", it will show you a list of interfaces and their IP addresses. Then issue the command "show vlan", this will tell you which ports are assigned to which VLAN. Now, plug yourself into an available port and assign an IP address in the subnet range of the particular VLAN, give a minute for spanning tree to "listen,learn,forward" and then try to ping the VLAN's IP address.

If this succeeds you can use your TFTP server.

Another note, BE CAREFUL!!! Networking gear is really fun stuff when it works correctly, it can make others quite grumpy when it isn't working correctly.

-- Laugh at your problems; everybody else does.

Catalyst_user wrote:

Thanks for your response, but the problem hasn't been solved yet.

This is a part of the switch#show vlan

VLAN Name Status IfIndex Mod/Ports, Vlans

---- -------------------------------- --------- -------

------------------------

1 default active 6 1/1-2 2/6-12,2/14-33 3/1-6 4/1-6 5/1-6 100 Server active 11 2/3,2/5

VLAN Type SAID MTU Parent RingNo BrdgNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ ------ ---- -------- ------

------

1 enet 100001 1500 - - - - - 0 0 100 enet 100100 1500 - - - - - 0 0

VLAN MISTP-Inst DynCreated RSPAN

---- ---------- ---------- --------

1 - static disabled 100 - static disabled

As you can see, port 5 on module 2 (router module WS-x4232-L3) is assigned to VLAN 100, the management vlan.

Below is the config of the sc0,assigned to vlan 100, on the Supervisor Engine II mod.

sc0: flags=63 vlan 100 inet 172.22.124.11 netmask 255.255.254.0 broadcast

172.22.125.255

So I connected the PC to the 2/5 port and used 172.22.124.17 as ip-address. So I could ping the switch from the PC now, but not vice-versa.

Port Name Status Vlan Level Duplex Speed Type

----- ------------------ ---------- ---------- ------ ------ -----

------------ 2/5 connected 100 normal auto auto

10/100BaseTX

Perhaps the problem is located here: switch# (enable) SHOW IP ROUTE Fragmentation Redirect Unreachable

------------- -------- ----------- enabled enabled enabled

The primary gateway: 172.22.125.253 Destination Gateway RouteMask Flags Use Interface

--------------- --------------- ---------- ----- --------

--------- default 172.22.125.253 0x0 UG 0 sc0

172.22.124.0 172.22.124.11 0xfffffe00 U 92 sc0 172.22.0.0 172.22.124.11 0xffff0000 UG 2 sc0

I cleared the IP ROUTE table, but that didn't change anything. By the way, the switch was used at another place, brought here and now it's still located in a testing enviroment, so there is no primary gateway attached, just a single PC.

I hope this makes the situation easier to understand.

It should have work since you could ping the switch from your PC. So I would suggest that you turn off your FW software and try again.

So I'm not the only person here that has experience with M$ WinXP SP2's POS firewall, I see....lol

-Richard

Thanks for this excellent tip. I asked the admin to remove the firewall from that laptop and suddenly my problem was solved ! Those things make a monday morning feel like a friday evening :)

Thanks again !!

It was actually BlackICE Defender about 2 to 3 years ago.

I was playing with BlackIce and forgot that I had it installed. Took me about 45 minutes of troubleshooting before I realized what I did!