«

My problem is this: I have two Catalyst switches (a 2950 LRE and a
2950T) on remote subnets that I cannot telnet or http to. While the
subnets are remote (different cities), they are all connected through
the Internet via VPN tunnels. I can ping the switches from my subnet
(192.168.1.x, the switches are on subnets 192.168.7.x and 192.168.9.x),
but I cannot telnet or http to them.

Making things more interesting: if I take remote control of a user's
computer (RDP or SMS remote tools) that is on the same subnet as the
switch, I CAN telnet or http to the switch!

No other devices seem to have this problem (HP switches, which are
basically rebadged Cisco switches, or a older Cat1900, and no Cats on
my local subnet). I thought it might be some weirdness with the VLANs,
but all my equipment is set to VLAN1, Cisco and non-Cisco alike.

Here are the configs for the two switches (modified for my protection,
natch)


SWITCH ON THE 192.168.7.X SUBNET
------------------------------------------------------------------------------------------
sh run
Building configuration...

Current configuration : 2436 bytes
!
! Last configuration change at 12:26:29 EST Wed Dec 28 2005
! NVRAM config last updated at 12:26:29 EST Wed Dec 28 2005
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Cat2950T
!
enable secret xxxxxxxxxx
!
clock timezone EST -5
ip subnet-zero
!
ip domain-name xxxxxxxxx
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 192.168.7.5 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.7.1
ip http server

(bunch of snmp stuff deleted)

!
line con 0
line vty 0 4
password yyyyyyyy
login
line vty 5 15
password yyyyyyyyyy
login
!
ntp clock-period 17179946
ntp server 192.168.1.81
!
end
------------------------------------------------------------------------------------------


SWITCH ON THE 192.168.9.X SUBNET
-------------------------------------------------------------------------------------------
Current configuration : 1485 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CiscoCat2950LRE
!
enable secret xxxxxxxxxxxxxxx
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
controller LongReachEthernet 0
!
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface LongReachEthernet0/1
cpe type CISCO575-LRE
flowcontrol receive on
flowcontrol send on
!
interface LongReachEthernet0/2
flowcontrol receive on
flowcontrol send on
!
interface LongReachEthernet0/3
flowcontrol receive on
flowcontrol send on
!
interface LongReachEthernet0/4
flowcontrol receive on
flowcontrol send on
!
interface LongReachEthernet0/5
flowcontrol receive on
flowcontrol send on
!
interface LongReachEthernet0/6
flowcontrol receive on
flowcontrol send on
!
interface LongReachEthernet0/7
flowcontrol receive on
flowcontrol send on
!
interface LongReachEthernet0/8
flowcontrol receive on
flowcontrol send on
!
interface Vlan1
ip address 192.168.10.5 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.10.1
ip http server

(bunch of snmp stuff deleted)

!
line con 0
line vty 0 4
password yyyyyyyyy
login
line vty 5 15
login
!
!
end
------------------------------------------------------------------------------------------------------

As you can see, no access-lists blocking anything. As I said, I can
ping OK, and SNMP queries (I deleted all the SNMP stuff above to make
this long post a bit shorter) are returned w/ no problems. The VPNs
are working OK, and there's nothing in the firewall rules (SonicWALL
firewalls) to block anything on the VPN. And as I said, telnet and
http work fine as long as I'm on a computer that's on the same subnet.

I've never come across this sort of problem with Cisco equipment, but
I've always played in pure Cisco environments, not one with a mix of
Cisco and non-Cisco equipment like this.

Anyone? Anyone? Bueller?

It seems that switches are ok, so problem could be somewhere on the path
between your network and remote network where switches resides...
If you are able to connect to the HP devices are you sure that there is no
some ACL's along the path that blocks communication with cisco equipment
explicitly?

B.R.
Igor


<> wrote in message
news: oups.com...
> My problem is this: I have two Catalyst switches (a 2950 LRE and a
> 2950T) on remote subnets that I cannot telnet or http to. While the
> subnets are remote (different cities), they are all connected through
> the Internet via VPN tunnels. I can ping the switches from my subnet
> (192.168.1.x, the switches are on subnets 192.168.7.x and 192.168.9.x),
> but I cannot telnet or http to them.
>
> Making things more interesting: if I take remote control of a user's
> computer (RDP or SMS remote tools) that is on the same subnet as the
> switch, I CAN telnet or http to the switch!
>
> No other devices seem to have this problem (HP switches, which are
> basically rebadged Cisco switches, or a older Cat1900, and no Cats on
> my local subnet). I thought it might be some weirdness with the VLANs,
> but all my equipment is set to VLAN1, Cisco and non-Cisco alike.
>
> Here are the configs for the two switches (modified for my protection,
> natch)
>
>
> SWITCH ON THE 192.168.7.X SUBNET
> ------------------------------------------------------------------------------------------
> sh run
> Building configuration...
>
> Current configuration : 2436 bytes
> !
> ! Last configuration change at 12:26:29 EST Wed Dec 28 2005
> ! NVRAM config last updated at 12:26:29 EST Wed Dec 28 2005
> !
> version 12.1
> no service pad
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname Cat2950T
> !
> enable secret xxxxxxxxxx
> !
> clock timezone EST -5
> ip subnet-zero
> !
> ip domain-name xxxxxxxxx
> !
> spanning-tree mode pvst
> no spanning-tree optimize bpdu transmission
> spanning-tree extend system-id
> !
> !
> !
> !
> interface FastEthernet0/1
> !
> interface FastEthernet0/2
> !
> interface FastEthernet0/3
> !
> interface FastEthernet0/4
> !
> interface FastEthernet0/5
> !
> interface FastEthernet0/6
> !
> interface FastEthernet0/7
> !
> interface FastEthernet0/8
> !
> interface FastEthernet0/9
> !
> interface FastEthernet0/10
> !
> interface FastEthernet0/11
> !
> interface FastEthernet0/12
> !
> interface FastEthernet0/13
> !
> interface FastEthernet0/14
> !
> interface FastEthernet0/15
> !
> interface FastEthernet0/16
> !
> interface FastEthernet0/17
> !
> interface FastEthernet0/18
> !
> interface FastEthernet0/19
> !
> interface FastEthernet0/20
> !
> interface FastEthernet0/21
> !
> interface FastEthernet0/22
> !
> interface FastEthernet0/23
> !
> interface FastEthernet0/24
> !
> interface GigabitEthernet0/1
> !
> interface GigabitEthernet0/2
> !
> interface Vlan1
> ip address 192.168.7.5 255.255.255.0
> no ip route-cache
> !
> ip default-gateway 192.168.7.1
> ip http server
>
> (bunch of snmp stuff deleted)
>
> !
> line con 0
> line vty 0 4
> password yyyyyyyy
> login
> line vty 5 15
> password yyyyyyyyyy
> login
> !
> ntp clock-period 17179946
> ntp server 192.168.1.81
> !
> end
> ------------------------------------------------------------------------------------------
>
>
> SWITCH ON THE 192.168.9.X SUBNET
> -------------------------------------------------------------------------------------------
> Current configuration : 1485 bytes
> !
> version 12.1
> no service pad
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname CiscoCat2950LRE
> !
> enable secret xxxxxxxxxxxxxxx
> !
> ip subnet-zero
> !
> !
> spanning-tree mode pvst
> no spanning-tree optimize bpdu transmission
> spanning-tree extend system-id
> !
> !
> !
> controller LongReachEthernet 0
> !
> !
> interface GigabitEthernet0/1
> !
> interface GigabitEthernet0/2
> !
> interface LongReachEthernet0/1
> cpe type CISCO575-LRE
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/2
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/3
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/4
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/5
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/6
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/7
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/8
> flowcontrol receive on
> flowcontrol send on
> !
> interface Vlan1
> ip address 192.168.10.5 255.255.255.0
> no ip route-cache
> !
> ip default-gateway 192.168.10.1
> ip http server
>
> (bunch of snmp stuff deleted)
>
> !
> line con 0
> line vty 0 4
> password yyyyyyyyy
> login
> line vty 5 15
> login
> !
> !
> end
> ------------------------------------------------------------------------------------------------------
>
> As you can see, no access-lists blocking anything. As I said, I can
> ping OK, and SNMP queries (I deleted all the SNMP stuff above to make
> this long post a bit shorter) are returned w/ no problems. The VPNs
> are working OK, and there's nothing in the firewall rules (SonicWALL
> firewalls) to block anything on the VPN. And as I said, telnet and
> http work fine as long as I'm on a computer that's on the same subnet.
>
> I've never come across this sort of problem with Cisco equipment, but
> I've always played in pure Cisco environments, not one with a mix of
> Cisco and non-Cisco equipment like this.
>
> Anyone? Anyone? Bueller?
>
>

The only places any ACL's would be located are on the SonicWALL
firewalls, and I've rechecked those; no ACL blocks anywhere.

You might have a problem with your default gateway command - the 'default
gateway' command only sets the DGW for the console. It's the 'ip route'
command that determines routes for the interfaces.

If you can ping the router, the 'ip route' is correct. If you can't telnet,
you need to fix your 'default gateway'.




<> wrote in message
news: oups.com...
> My problem is this: I have two Catalyst switches (a 2950 LRE and a
> 2950T) on remote subnets that I cannot telnet or http to. While the
> subnets are remote (different cities), they are all connected through
> the Internet via VPN tunnels. I can ping the switches from my subnet
> (192.168.1.x, the switches are on subnets 192.168.7.x and 192.168.9.x),
> but I cannot telnet or http to them.
>
> Making things more interesting: if I take remote control of a user's
> computer (RDP or SMS remote tools) that is on the same subnet as the
> switch, I CAN telnet or http to the switch!
>
> No other devices seem to have this problem (HP switches, which are
> basically rebadged Cisco switches, or a older Cat1900, and no Cats on
> my local subnet). I thought it might be some weirdness with the VLANs,
> but all my equipment is set to VLAN1, Cisco and non-Cisco alike.
>
> Here are the configs for the two switches (modified for my protection,
> natch)
>
>
> SWITCH ON THE 192.168.7.X SUBNET
> --------------------------------------------------------------------------
----------------
> sh run
> Building configuration...
>
> Current configuration : 2436 bytes
> !
> ! Last configuration change at 12:26:29 EST Wed Dec 28 2005
> ! NVRAM config last updated at 12:26:29 EST Wed Dec 28 2005
> !
> version 12.1
> no service pad
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname Cat2950T
> !
> enable secret xxxxxxxxxx
> !
> clock timezone EST -5
> ip subnet-zero
> !
> ip domain-name xxxxxxxxx
> !
> spanning-tree mode pvst
> no spanning-tree optimize bpdu transmission
> spanning-tree extend system-id
> !
> !
> !
> !
> interface FastEthernet0/1
> !
> interface FastEthernet0/2
> !
> interface FastEthernet0/3
> !
> interface FastEthernet0/4
> !
> interface FastEthernet0/5
> !
> interface FastEthernet0/6
> !
> interface FastEthernet0/7
> !
> interface FastEthernet0/8
> !
> interface FastEthernet0/9
> !
> interface FastEthernet0/10
> !
> interface FastEthernet0/11
> !
> interface FastEthernet0/12
> !
> interface FastEthernet0/13
> !
> interface FastEthernet0/14
> !
> interface FastEthernet0/15
> !
> interface FastEthernet0/16
> !
> interface FastEthernet0/17
> !
> interface FastEthernet0/18
> !
> interface FastEthernet0/19
> !
> interface FastEthernet0/20
> !
> interface FastEthernet0/21
> !
> interface FastEthernet0/22
> !
> interface FastEthernet0/23
> !
> interface FastEthernet0/24
> !
> interface GigabitEthernet0/1
> !
> interface GigabitEthernet0/2
> !
> interface Vlan1
> ip address 192.168.7.5 255.255.255.0
> no ip route-cache
> !
> ip default-gateway 192.168.7.1
> ip http server
>
> (bunch of snmp stuff deleted)
>
> !
> line con 0
> line vty 0 4
> password yyyyyyyy
> login
> line vty 5 15
> password yyyyyyyyyy
> login
> !
> ntp clock-period 17179946
> ntp server 192.168.1.81
> !
> end
> --------------------------------------------------------------------------
----------------
>
>
> SWITCH ON THE 192.168.9.X SUBNET
> --------------------------------------------------------------------------
-----------------
> Current configuration : 1485 bytes
> !
> version 12.1
> no service pad
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname CiscoCat2950LRE
> !
> enable secret xxxxxxxxxxxxxxx
> !
> ip subnet-zero
> !
> !
> spanning-tree mode pvst
> no spanning-tree optimize bpdu transmission
> spanning-tree extend system-id
> !
> !
> !
> controller LongReachEthernet 0
> !
> !
> interface GigabitEthernet0/1
> !
> interface GigabitEthernet0/2
> !
> interface LongReachEthernet0/1
> cpe type CISCO575-LRE
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/2
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/3
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/4
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/5
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/6
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/7
> flowcontrol receive on
> flowcontrol send on
> !
> interface LongReachEthernet0/8
> flowcontrol receive on
> flowcontrol send on
> !
> interface Vlan1
> ip address 192.168.10.5 255.255.255.0
> no ip route-cache
> !
> ip default-gateway 192.168.10.1
> ip http server
>
> (bunch of snmp stuff deleted)
>
> !
> line con 0
> line vty 0 4
> password yyyyyyyyy
> login
> line vty 5 15
> login
> !
> !
> end
> --------------------------------------------------------------------------
----------------------------
>
> As you can see, no access-lists blocking anything. As I said, I can
> ping OK, and SNMP queries (I deleted all the SNMP stuff above to make
> this long post a bit shorter) are returned w/ no problems. The VPNs
> are working OK, and there's nothing in the firewall rules (SonicWALL
> firewalls) to block anything on the VPN. And as I said, telnet and
> http work fine as long as I'm on a computer that's on the same subnet.
>
> I've never come across this sort of problem with Cisco equipment, but
> I've always played in pure Cisco environments, not one with a mix of
> Cisco and non-Cisco equipment like this.
>
> Anyone? Anyone? Bueller?
>

Sorry - you said SWITCHES... The default-gateway command is the only option
on switches...

If they were routers, it would matter. In this case it doesn't.

Please disregard my post.




"Telus" <> wrote in message
news:cMDsf.13339$AP5.8098@edtnps84...
> You might have a problem with your default gateway command - the 'default
> gateway' command only sets the DGW for the console. It's the 'ip route'
> command that determines routes for the interfaces.
>
> If you can ping the router, the 'ip route' is correct. If you can't
telnet,
> you need to fix your 'default gateway'.
>
>
>
>
> <> wrote in message
> news: oups.com...
> > My problem is this: I have two Catalyst switches (a 2950 LRE and a
> > 2950T) on remote subnets that I cannot telnet or http to. While the
> > subnets are remote (different cities), they are all connected through
> > the Internet via VPN tunnels. I can ping the switches from my subnet
> > (192.168.1.x, the switches are on subnets 192.168.7.x and 192.168.9.x),
> > but I cannot telnet or http to them.
> >
> > Making things more interesting: if I take remote control of a user's
> > computer (RDP or SMS remote tools) that is on the same subnet as the
> > switch, I CAN telnet or http to the switch!
> >
> > No other devices seem to have this problem (HP switches, which are
> > basically rebadged Cisco switches, or a older Cat1900, and no Cats on
> > my local subnet). I thought it might be some weirdness with the VLANs,
> > but all my equipment is set to VLAN1, Cisco and non-Cisco alike.
> >
> > Here are the configs for the two switches (modified for my protection,
> > natch)
> >
> >
> > SWITCH ON THE 192.168.7.X SUBNET
>
> --------------------------------------------------------------------------
> ----------------
> > sh run
> > Building configuration...
> >
> > Current configuration : 2436 bytes
> > !
> > ! Last configuration change at 12:26:29 EST Wed Dec 28 2005
> > ! NVRAM config last updated at 12:26:29 EST Wed Dec 28 2005
> > !
> > version 12.1
> > no service pad
> > service timestamps debug uptime
> > service timestamps log uptime
> > no service password-encryption
> > !
> > hostname Cat2950T
> > !
> > enable secret xxxxxxxxxx
> > !
> > clock timezone EST -5
> > ip subnet-zero
> > !
> > ip domain-name xxxxxxxxx
> > !
> > spanning-tree mode pvst
> > no spanning-tree optimize bpdu transmission
> > spanning-tree extend system-id
> > !
> > !
> > !
> > !
> > interface FastEthernet0/1
> > !
> > interface FastEthernet0/2
> > !
> > interface FastEthernet0/3
> > !
> > interface FastEthernet0/4
> > !
> > interface FastEthernet0/5
> > !
> > interface FastEthernet0/6
> > !
> > interface FastEthernet0/7
> > !
> > interface FastEthernet0/8
> > !
> > interface FastEthernet0/9
> > !
> > interface FastEthernet0/10
> > !
> > interface FastEthernet0/11
> > !
> > interface FastEthernet0/12
> > !
> > interface FastEthernet0/13
> > !
> > interface FastEthernet0/14
> > !
> > interface FastEthernet0/15
> > !
> > interface FastEthernet0/16
> > !
> > interface FastEthernet0/17
> > !
> > interface FastEthernet0/18
> > !
> > interface FastEthernet0/19
> > !
> > interface FastEthernet0/20
> > !
> > interface FastEthernet0/21
> > !
> > interface FastEthernet0/22
> > !
> > interface FastEthernet0/23
> > !
> > interface FastEthernet0/24
> > !
> > interface GigabitEthernet0/1
> > !
> > interface GigabitEthernet0/2
> > !
> > interface Vlan1
> > ip address 192.168.7.5 255.255.255.0
> > no ip route-cache
> > !
> > ip default-gateway 192.168.7.1
> > ip http server
> >
> > (bunch of snmp stuff deleted)
> >
> > !
> > line con 0
> > line vty 0 4
> > password yyyyyyyy
> > login
> > line vty 5 15
> > password yyyyyyyyyy
> > login
> > !
> > ntp clock-period 17179946
> > ntp server 192.168.1.81
> > !
> > end
>
> --------------------------------------------------------------------------
> ----------------
> >
> >
> > SWITCH ON THE 192.168.9.X SUBNET
>
> --------------------------------------------------------------------------
> -----------------
> > Current configuration : 1485 bytes
> > !
> > version 12.1
> > no service pad
> > service timestamps debug uptime
> > service timestamps log uptime
> > no service password-encryption
> > !
> > hostname CiscoCat2950LRE
> > !
> > enable secret xxxxxxxxxxxxxxx
> > !
> > ip subnet-zero
> > !
> > !
> > spanning-tree mode pvst
> > no spanning-tree optimize bpdu transmission
> > spanning-tree extend system-id
> > !
> > !
> > !
> > controller LongReachEthernet 0
> > !
> > !
> > interface GigabitEthernet0/1
> > !
> > interface GigabitEthernet0/2
> > !
> > interface LongReachEthernet0/1
> > cpe type CISCO575-LRE
> > flowcontrol receive on
> > flowcontrol send on
> > !
> > interface LongReachEthernet0/2
> > flowcontrol receive on
> > flowcontrol send on
> > !
> > interface LongReachEthernet0/3
> > flowcontrol receive on
> > flowcontrol send on
> > !
> > interface LongReachEthernet0/4
> > flowcontrol receive on
> > flowcontrol send on
> > !
> > interface LongReachEthernet0/5
> > flowcontrol receive on
> > flowcontrol send on
> > !
> > interface LongReachEthernet0/6
> > flowcontrol receive on
> > flowcontrol send on
> > !
> > interface LongReachEthernet0/7
> > flowcontrol receive on
> > flowcontrol send on
> > !
> > interface LongReachEthernet0/8
> > flowcontrol receive on
> > flowcontrol send on
> > !
> > interface Vlan1
> > ip address 192.168.10.5 255.255.255.0
> > no ip route-cache
> > !
> > ip default-gateway 192.168.10.1
> > ip http server
> >
> > (bunch of snmp stuff deleted)
> >
> > !
> > line con 0
> > line vty 0 4
> > password yyyyyyyyy
> > login
> > line vty 5 15
> > login
> > !
> > !
> > end
>
> --------------------------------------------------------------------------
> ----------------------------
> >
> > As you can see, no access-lists blocking anything. As I said, I can
> > ping OK, and SNMP queries (I deleted all the SNMP stuff above to make
> > this long post a bit shorter) are returned w/ no problems. The VPNs
> > are working OK, and there's nothing in the firewall rules (SonicWALL
> > firewalls) to block anything on the VPN. And as I said, telnet and
> > http work fine as long as I'm on a computer that's on the same subnet.
> >
> > I've never come across this sort of problem with Cisco equipment, but
> > I've always played in pure Cisco environments, not one with a mix of
> > Cisco and non-Cisco equipment like this.
> >
> > Anyone? Anyone? Bueller?
> >
>
>

wrote:
> The only places any ACL's would be located are on the SonicWALL
> firewalls, and I've rechecked those; no ACL blocks anywhere.
>

when you connect to them via console, what shows a "sh line"?
Do you have free lines available? Outherwise you have to clear them. In
this case also use sercive tcp-keepalives.

bye
andre

If by console, you mean a serial cable plugged into the actual console
port, then I don't know. One switch is about 3 hours drive from me,
and the other is about 9 hours, so...

On the other hand, if you mean by telnet, I'll have to look, but I
don't think that could be the problem, as I couldn't telnet into them
from a local or a remote subnet if there weren't any lines available.

Configure loging buffered if it is not already configured (i.e logging
buffere 10000 debug)

On the switch vty lines, configure an extended access list that permits
any any and logs

Try telnetting to switch. If nothing is logged then the packets are not
making it to the switch in question

Merv wrote:
> Configure loging buffered if it is not already configured (i.e logging
> buffere 10000 debug)
>
> On the switch vty lines, configure an extended access list that permits
> any any and logs
>
> Try telnetting to switch. If nothing is logged then the packets are not
> making it to the switch in question
>
youa may also have someone to powercycle the switch.

andre

Great Giggaly-Wiggaly. POWERCYCLE! Of all the dumb, useless...

Oh, wait. It worked.

Actually, I used a local PC to telnet to the switches and performed a
"reload" command. It worked for one of the switches (the LRE). It
worked for a moment with the 2950T, but after about a minutes I lost
connectivity.

Why it should work one minutes, then stop the next, is the next great
question.