FTP from Cat4948 console to FTP server on VLAN

Answered Question
Apr 4th, 2007
User Badges:

How do I configure my Cat4948 switch to allow access to an FTP server from the console?


I have set up a Cat4948 to have 2 VLANs: VLAN 2 is the "Server" VLAN and VLAN 3 is the "Management" VLAN. On the management VLAN I have several devices that are manageable via HTTP, and I can access them from the PC within the VLAN designated for that purpose. I also have an FTP server on VLAN 3 whose purpose is to allow updating of the switch.


When I access the console and try to copy from (or to) the FTP server, it fails. I do not want to allow access to the FTP server from any devices on VLAN 2, just from the switch itself.


Any help would be appreciated.

Correct Answer by Jon Marshall about 10 years 3 weeks ago

Hi


You should be able to create a layer 3 SVI on the 4948 in vlan 3.


So on the 4948 you can do


switch(config)# interface vlan 3

switch(config-if)# ip address "vlan 3 ip" "vlan 3 subnet mask"


This should then allow the switch to talk to the FTP server.


HTH


Jon


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Wed, 04/04/2007 - 13:23
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Do you route between the vlans or are they completely separate. Can you ping the ftp server from the switch ?


if the vlans do not route between each other then the only option you have is to give the 4948 an IP address out of your management vlan (vlan 3).


You could allow the 2 vlans to route between each other but then you would need to apply access-lists to stop any other devices on vlan 2 talking to the ftp server.


HTH


Jon

ciscostnnoaa Thu, 04/05/2007 - 06:31
User Badges:

Jon,


Thanks for the quick response. I do not route between the VLANs. One thought I had was that I might need to set up a static route and ACL, but I wasn't sure how to do that for the console.


Exactly how do I go about giving the 4948 an IP address? By configuring the loopback interface? I tried that and it didn't seem to work, but I am not quite clear on how this is supposed to work.


You also mentioned allowing routing between the VLANs. The question I have in that regard is how do I get the switch itself into a VLAN? Before I set anything up I was able to make the FTP connection from the switch to the FTP server, but this was when everything was in the default VLAN 1.



Correct Answer
Jon Marshall Thu, 04/05/2007 - 06:40
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


You should be able to create a layer 3 SVI on the 4948 in vlan 3.


So on the 4948 you can do


switch(config)# interface vlan 3

switch(config-if)# ip address "vlan 3 ip" "vlan 3 subnet mask"


This should then allow the switch to talk to the FTP server.


HTH


Jon


ciscostnnoaa Thu, 04/05/2007 - 07:19
User Badges:

Jon,


That did it, with the addition of:


switch(config-if)#no shutdown


It was very helpful. Thanks!


Scott

Actions

This Discussion