cannot ping two devices through remote access-SSH

Unanswered Question
Mar 15th, 2007
User Badges:

one of our gold partner called me and advised that he cannot ping or SSh to two of the 4948 switch.however if he logged to the core switch the 6500 he can sub telnet to the 4900.but he cannot telnet directly through SSH to the 4900.i have checked the config for SSH on both device and this is configure correctly.can any one help and tell me why we cant ping or SSH to these two devices directly rather than telneting to the core device it self before telneting to the 4900s.This is very urgent

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Thu, 03/15/2007 - 02:04
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Is the core device sharing a common management vlan with the 4948 switches ?. If so and you can ping/telnet from the core device but not from remote devices have you checked the routing setup.


What is the default gateway on your 4948 switches ?.


A bit of explanation about how our switches are connected and some IP addressing would help.


HTH


Jon

aaberdeen Thu, 03/15/2007 - 03:24
User Badges:

Thanks for yr reply Jon,

we can ping and telnet from the core device to the 4900 but we cannot directly connect to the 4900 from SSh


Should the default gateway be that of the 6500 core switch?


I have added more information 4 u


The 4848 switches are connected to the 6509s via Etherchannel links. All our other edge switches are also connected to the core. All these devices are in the same management VLAN. We have a problem remotely managing the 4848?s from other VLANS but all other devices can be accessed. The 4848s don?t respond to ping either from these other VLANs.



We?ve had a look at the firewall but cant see anything that points towards a firewall issue. We could be wrong tho


Jon Marshall Thu, 03/15/2007 - 03:34
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


the default gateway on the 4948 switches should be the layer 3 interface for the management vlan.

Can you ping this interface from the 4948 switches ?


You mentioned a firewall - where does this sit in your topology ?


Jon



aaberdeen Thu, 03/15/2007 - 04:35
User Badges:


Thanks 4 yr prompt reply


no we cannot ping the ip addr on the manegement vLAN.when you said to ping the layer3 ip addr from the management VLAN wat do u mean? we have to bear in mind that we want and be able to telnet and ping the 4900 through SSH rather than log in to the core and then log in again to the 4900.


we have now eliminated firewall


the default gateway on the 4900 is 10.0.0.24

aaberdeen Thu, 03/15/2007 - 04:48
User Badges:

CAn you tell me wat i should look four in the routing set-up we are trying to ping and telnet to VLAN 10 with an ip addr of 10.0.0.7


info attached:


Interface IP-Address OK? Method Status Protocol

Vlan1 unassigned YES NVRAM down down

Vlan10 10.0.0.7 YES NVRAM up up

GigabitEthernet1/1 unassigned YES unset up up

Jon Marshall Thu, 03/15/2007 - 05:04
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Just to clarify. This is how i understand what you have set up


You have a management vlan for the switches. The layer 3 SVI for this vlan is on your core switch.


The other switches you have all have IP addresses for management from the same management vlan.

Each switch should have a default gateway set and this default gateway should be the Layer 3 SVI on your core switch. (If you are running a pair of core switches you may well be using HSRP so your switches default gateway would be the virtual IP.


The vlan that your switch layer 3 management is in, is this the same vlan as the management vlan ie.


what vlan interface is the default gateway in ?


if you cannot ping the default gateway from the switch this sounds like you have your vlans messed up.


Could you provide configs of the 4948, the core switch and another switch that works


Jon



aaberdeen Thu, 03/15/2007 - 05:17
User Badges:

Thanks for yr reply i have attched the config of the 4948 thats havin problems with ssh and i have attached the config of another switch that can SShsuccessfully if u need more information pleasle let me know

The 3600 switch works successfully.please let me know if u want the core config as well

 

 

 

Jon Marshall Thu, 03/15/2007 - 06:34
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


The default gateway on your 3560 is 10.0.0.1.


You have said in one of your previous replies that the default gateway of the 4900 was 10.0.0.24.


They are both in vlan 10. Why is the 4900 switch pointing to a different gateway. Have you tried changing it to point to the same gateway - 10.0.0.1 ?


HTH


Jon

aaberdeen Fri, 03/16/2007 - 07:20
User Badges:

Sorry but both devices ie the 3560 and the 4900 are using the same default gateway of 10.0.0.1

aaberdeen Fri, 03/16/2007 - 07:22
User Badges:

i also want to mention on the 4900 and the 3600 we can ping 10.0.0.1 and respoce time are ok

Jon Marshall Fri, 03/16/2007 - 00:47
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Did you get this sorted out ??


Jon

aaberdeen Fri, 03/16/2007 - 07:23
User Badges:

No i am afraid we are still owkring on this and more suggestions

aaberdeen Fri, 03/16/2007 - 10:23
User Badges:

Any suggestion at all still cant SSHed to the 4900 directly i have checked the config and the default gateway ip addr is configured

Actions

This Discussion