cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
553
Views
4
Helpful
5
Replies

Lost access to 2950 after enabling vlan

nygenxny123
Level 1
Level 1

Our current configurations for our lan are 2960 swithces that get their ip's from DHCP (not sure why our admin wanted it this way)

so the basic configurations are this

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan134

ip address dhcp

no ip route-cache

!

While I was away a consultant needed

to add a 2950 switch. Instead of following the standard configuration as you see above...he statically assigned

each vlan its own IP address...

He also didnt configure the port on the

2950 as a trunk, which would be attached

to the 2960. The 2960 gig port is a trunk

so i configured the 2950 port as a trunk..

He also mistakenly assigned all the ports

on the switch to the wrong vlan-133. So i

re configured them to the right vlan-134

However this was the configuration just before I lost access on the 2950

!

interface GigabitEthernet0/1

description Uplink to 2960 gig0/46

switchport mode trunk

no ip address

!

interface GigabitEthernet0/2

no ip address

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan133

ip address 192.168.133.182 255.255.255.0

no ip route-cache

!

interface Vlan134

ip address 192.168.134.182 255.255.254.0

no ip route-cache

shutdown

!

ip default-gateway 192.168.133.1

no ip http server

Since all the user ports were now on vlan 134, I needed to enable that particluar vlan since it was shut

cat7.2950#conf t

Enter configuration commands, one per line. End with CNTL/Z.

cat7.2950(config)#int vlan 134

cat7.2950(config-if)#no sh

Connection to host lost.

Now I cant access that 2950, however the cdp neighbor on the 2960 still shows the 2950..

cat6.2960#sh cdp ne det

Device ID: cat7.2950

Entry address(es):

IP address: 192.168.133.182

Platform: cisco WS-C2950T-24, Capabilities: Switch IGMP

I cant ping that 2950..any ideas?

also is the 2950 capable of getting its ip address from dhcp?

5 Replies 5

nygenxny123
Level 1
Level 1

hmmm..

so i can access the router with the IP address of vlan 134 and vlan 133 is shut, which i did not shut

interface Vlan133

ip address 192.168.133.182 255.255.255.0

no ip route-cache

shutdown

!

interface Vlan134

ip address 192.168.134.182 255.255.254.0

no ip route-cache

and the cdp of the sister router is stil showing the 133 address...i even cleared

the cdp table of the sister router

cat6.2960#sh cdp ne det

Device ID: cat7.2950

Entry address(es):

IP address: 192.168.133.182

but the ip is still unpingable..prob cuz its shut!..but why is it in cdp?

purohit_810
Level 5
Level 5

Try to ping " cat7.2950" ? You haven't here put complete comfiguration, I think.

THanks,

Dharmesh

ok-it seems cdp has updated with the interface vlan 134 IP..and i can now access the

switch..

but why would the interface vlan 133 shut itself down?

Hi,

IMHO, 2950 is a L2 switch which can have only one IP address active on a management interface.

You can define more IP addresses assigned to particular "int VLAN x", but always all are shutdown except of one active.

If you issue "no shut" on another int VLANy, it automatically shuts the previous active management int VLAN x.

CDP remains advertising the original info for some time, it was even necessary to reload the switch to update CDP info sent with previous IOS versions :-(

BR,

Milan

Hello,

it is like Milan has explained : I've seen this behaviour when I did some security tests : as soon as you define a new SVI VLan with its own ip address the previous one is automatically shutted down

If you re-enable the first vlan it is the second one that is disabled and so on.

best regards

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco