Getting access to a switch remotely through a router

Answered Question
Nov 14th, 2008
User Badges:

I have a switch at a remote site with no technicians. It is a new switch and a config was placed on it prior to its deployment. The switch was installed and connected to the router with a straight-through to the switches Gi0/1 port from Router-Fa0/0/0 - L2 port).


Here is the relevant switc h config:


vlan 2330

interface FastEthernet0/7

switchport access vlan 2330

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/8

switchport access vlan 2330

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/1

!

interface Vlan1

no ip address

shutdown

!

interface Vlan2330

ip address 10.33.13.2 255.255.255.240

!

ip default-gateway 10.33.13.1

ip classless

ip http server



Here is the relevant router config:



interface FastEthernet0/0.3330

encapsulation dot1Q 3330

ip vrf forwarding 3330

ip address 10.33.254.4 255.255.255.192

no snmp trap link-status

no cdp enable

!

interface FastEthernet0/1

ip address 159.105.202.69 255.255.255.192

ip helper-address 159.105.65.3

shutdown

duplex auto

speed auto

!

interface FastEthernet0/0/0

switchport access vlan 10

ip vrf forwarding 3330

!

interface FastEthernet0/0/1

!

interface FastEthernet0/0/2

!

interface FastEthernet0/0/3

!

interface Vlan1

no ip address

!

interface Vlan10

ip address 172.16.1.1 255.255.255.252

!

interface Vlan33

ip vrf forwarding 3330

ip address 10.33.13.1 255.255.255.240

ip helper-address global 159.105.33.10

!


The router's vlan database mode will not let me do extended vlans so I can't match up the vlans on each side. I can see the switch in sh cdp neigh. I would like to be able to get access to the switch so that I can configure it in a regualr vlan range. Is this possible? Or will I have to drive over 100 miles just to console to the switch?



Correct Answer by glen.grant about 8 years 5 months ago

Thats a problem don't see a way around that.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
lejoe.thomas Fri, 11/14/2008 - 06:31
User Badges:
  • Silver, 250 points or more

Hi Aaron,


To configure extended vlans, the vtp mode must be transparent.So, have you tried changing the vtp mode to transparent on the router.


HTH

Lejoe

Aaron Greene Fri, 11/14/2008 - 06:38
User Badges:

Yes, I have. But you can only configure vlans on the router from vlan database mode. In vlan database mode you cannot use extended vlans.

lejoe.thomas Fri, 11/14/2008 - 06:43
User Badges:
  • Silver, 250 points or more

try using vlan "vlan-id" global configuration command because you cannot create extended vlans from vlan database mode. which router is this?


Lejoe

Correct Answer
glen.grant Fri, 11/14/2008 - 06:42
User Badges:
  • Purple, 4500 points or more

Thats a problem don't see a way around that.

ramil91466 Fri, 11/14/2008 - 09:35
User Badges:

Try This:

When you connect to router, telnet to switch

ip address 10.33.13.2 first


Switch

config t

int g0/1

switchport trunk native vlan2330

no shut


Router

config t

no vlan10

int fa0/0/0

ip address 172.16.1.1 255.255.255.252

encap dot1q 1 native

no shut

exit

line vty 0 4

exec-timeout 20 0

lockable

private

logging synchronous limit 4000

login local

transport input telnet ssh

exit

wr mem



Aaron Greene Fri, 11/14/2008 - 10:27
User Badges:

The problem is that I cannot telnet to the switch from the router or from anywhere. I actually got the extended vlans working by doing an IOS upgrade. So now my fa0/0/0 port looks like this:


interface FastEthernet0/0/0

switchport mode trunk

ip vrf forwarding 3330


and I have an int vlan of:


interface Vlan2330

ip vrf forwarding 3330

ip address 10.33.13.1 255.255.255.240


I still can't connect to it, though. What about getting smoeone to reset the switch to factory defaults? Would that be easier? Could I connect from the router to the switch if the switch has the defaults and a blank config?

Aaron Greene Fri, 11/14/2008 - 10:29
User Badges:

also, I can't assign an ip address to a layer 2 port (fa0/0/0)

Actions

This Discussion