Accessing 3560 switch from other subnet.

Answered Question

Hi all.

Im trying to find the solution to allow other subnets that then local one to access my switch. Im currently located on another net that the switch but i can access it via ip.

When i try to access it via telnet or ssh, i get no aswers. If i do it from the same net it works. I found a command called permit but is seems not to exist on my new switch.


Thanks in advance.


p

Correct Answer by mohammedmahmoud about 10 years 1 week ago

Hi,


Your switch has no layer 3 configuration, but it has the "ip routing" command, and thus please use "no ip routing" in order to gain the use of the "ip default-gateway 10.0.5.1" command, as if i am assuming correct the "10.0.5.1" is your LAN gateway which shall do the remote access job for you.



HTH, please do rate all helpful replies,

Mohammed Mahmoud.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Patrick Laidlaw Fri, 06/22/2007 - 00:32
User Badges:
  • Gold, 750 points or more

Hello,


If you post your config and type in what ip address's we can can help you out.


Couple of things might be happening there might be an ACL blocking or permitting only certain subnes from managing your switch, or the subnet your on is not being routed to the subnet that your switchs SVI interface is on.


Patrick

Hi again. Thanks for replying!


I forgot to say that i can't get any syslogs from the switch, switch on net 10.0.5.0/24, im on 10.0.8.0/24.


Im new to Cisco so maybe my questions are noobish but how can i see which layer the switch is operating in? I presume its layer 2 now.


I post my config (show run-command right?):

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname switch_vaning-5

!

logging count

logging console warnings

enable secret xxx

enable password xxx

!

username silvesurfer password xxx

no aaa new-model

vtp mode transparent

ip subnet-zero

ip routing

!

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

description Tele2-LAN

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/2

description F&B_LAN-VANING-5

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/3

!

interface GigabitEthernet0/4

!

interface GigabitEthernet0/5

description Backup

!

interface GigabitEthernet0/6

description Backup_harddisk

!

interface GigabitEthernet0/7

description Telefonboken

!

interface GigabitEthernet0/8

description Mediabank_temp

!

interface GigabitEthernet0/9

description ftp

!

interface GigabitEthernet0/10

description agda

!

interface GigabitEthernet0/11

description -untitled-

!

interface GigabitEthernet0/12

description .

!

interface GigabitEthernet0/13

description ARKIV-WEB

!

interface GigabitEthernet0/14

description ARKIV-SQL

!

interface GigabitEthernet0/15

description MULTISERVER

!

interface GigabitEthernet0/16

description BIGBROTHER

!

interface GigabitEthernet0/17

description ns.intern-en0

!

interface GigabitEthernet0/18

description ns.intern-en1

!

interface GigabitEthernet0/19

description .

!

interface GigabitEthernet0/20

description support

!

interface GigabitEthernet0/21

description HALON_PRIMARY

!

interface GigabitEthernet0/22

description HALON_SECONDARY

!

interface GigabitEthernet0/23

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/24

description .

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/25

description CITYAKUTEN-1

!

interface GigabitEthernet0/26

description CITYAKUTEN-2

!

interface GigabitEthernet0/27

!

interface GigabitEthernet0/28

!

interface Vlan1

ip address 10.0.5.218 255.255.255.0

!

ip default-gateway 10.0.5.1

ip classless

ip http server

!

logging facility local2

logging 10.0.8.184

snmp-server community xxxx RO

!

control-plane

!

!

line con 0

line vty 0 4

password xxxxx

no login

line vty 5 15

password xxxxx

no login

!

!

monitor session 1 source interface Gi0/21

monitor session 1 destination interface Gi0/18

ntp server 17.254.0.27

end


Thx again.

Correct Answer
mohammedmahmoud Fri, 06/22/2007 - 03:48
User Badges:
  • Green, 3000 points or more

Hi,


Your switch has no layer 3 configuration, but it has the "ip routing" command, and thus please use "no ip routing" in order to gain the use of the "ip default-gateway 10.0.5.1" command, as if i am assuming correct the "10.0.5.1" is your LAN gateway which shall do the remote access job for you.



HTH, please do rate all helpful replies,

Mohammed Mahmoud.

mohammedmahmoud Fri, 06/22/2007 - 04:18
User Badges:
  • Green, 3000 points or more

Hi,


You are very welcomed, and thanks for using the rating system.


BR,

Mohammed Mahmoud.

Hello again.

This is strange for me, the "trick" worked on one of my three switches so naturally i wonder whats wrong with the other two, posting my config and hoping you could help me once again:


Switch02#sh run

Building configuration...


Current configuration : 2302 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch02

!

enable secret xxx

enable password admin

!

no aaa new-model

vtp mode transparent

ip subnet-zero

!

!

!

!

no file verify auto

!

spanning-tree mode pvst

spanning-tree extend system-id

no spanning-tree vlan 1

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

description .

!

interface GigabitEthernet0/2

!

interface GigabitEthernet0/3

!

interface GigabitEthernet0/4

!

interface GigabitEthernet0/5

!

interface GigabitEthernet0/6

!

interface GigabitEthernet0/7

!

interface GigabitEthernet0/8

!

interface GigabitEthernet0/9

!

interface GigabitEthernet0/10

!

interface GigabitEthernet0/11

!

interface GigabitEthernet0/12

!

interface GigabitEthernet0/13

!

interface GigabitEthernet0/14

!

interface GigabitEthernet0/15

!

interface GigabitEthernet0/16

!

interface GigabitEthernet0/17

!

interface GigabitEthernet0/18

!

interface GigabitEthernet0/19

!

interface GigabitEthernet0/20

!

interface GigabitEthernet0/21

!

interface GigabitEthernet0/22

!

interface GigabitEthernet0/23

!

interface GigabitEthernet0/24

!

interface GigabitEthernet0/25

!

interface GigabitEthernet0/26

!

interface GigabitEthernet0/27

!

interface GigabitEthernet0/28

!

interface GigabitEthernet0/29

!

interface GigabitEthernet0/30

!

interface GigabitEthernet0/31

!

interface GigabitEthernet0/32

!

interface GigabitEthernet0/33

!

interface GigabitEthernet0/34

!

interface GigabitEthernet0/35

!

interface GigabitEthernet0/36

!

interface GigabitEthernet0/37

!

interface GigabitEthernet0/38

!

interface GigabitEthernet0/39

!

interface GigabitEthernet0/40

!

interface GigabitEthernet0/41

!

interface GigabitEthernet0/42

!

interface GigabitEthernet0/43

!

interface GigabitEthernet0/44

!

interface GigabitEthernet0/45

!

interface GigabitEthernet0/46

!

interface GigabitEthernet0/47

!

interface GigabitEthernet0/48

!

interface GigabitEthernet0/49

!

interface GigabitEthernet0/50

!

interface GigabitEthernet0/51

!

interface GigabitEthernet0/52

!

interface Vlan1

ip address 10.0.5.219 255.255.255.0

!

ip classless

ip http server

!

!

control-plane

!

!

line con 0

line vty 0 4

password xxxxx

no login

line vty 5 15

password xxxxx

no login

!

end

Thx!


p

mohammedmahmoud Fri, 06/22/2007 - 06:17
User Badges:
  • Green, 3000 points or more

Hi,


You are very welcomed, and i am very glade that you've been an expert in this stuff now :)



HTH,

Mohammed Mahmoud.

mohammedmahmoud Fri, 06/22/2007 - 00:34
User Badges:
  • Green, 3000 points or more

Hi,


To access the switch from another subnet, its a routing issue, if the switch is acting as layer 2 (no ip routing) you should use the "default-gateway" command (where the local subnet router should be the default gateway), if it is acting as a layer 3 switch you must make sure that the subnets that you are trying to access the switch from is routable to the switch.



HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Actions

This Discussion