Solved: Getting access to a switch remotely through a router

Aaron Greene · ‎11-14-2008

I have a switch at a remote site with no technicians. It is a new switch and a config was placed on it prior to its deployment. The switch was installed and connected to the router with a straight-through to the switches Gi0/1 port from Router-Fa0/0/0 - L2 port).

Here is the relevant switc h config:

vlan 2330

interface FastEthernet0/7

switchport access vlan 2330

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/8

switchport access vlan 2330

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/1

!

interface Vlan1

no ip address

shutdown

!

interface Vlan2330

ip address 10.33.13.2 255.255.255.240

!

ip default-gateway 10.33.13.1

ip classless

ip http server

Here is the relevant router config:

interface FastEthernet0/0.3330

encapsulation dot1Q 3330

ip vrf forwarding 3330

ip address 10.33.254.4 255.255.255.192

no snmp trap link-status

no cdp enable

!

interface FastEthernet0/1

ip address 159.105.202.69 255.255.255.192

ip helper-address 159.105.65.3

shutdown

duplex auto

speed auto

!

interface FastEthernet0/0/0

switchport access vlan 10

ip vrf forwarding 3330

!

interface FastEthernet0/0/1

!

interface FastEthernet0/0/2

!

interface FastEthernet0/0/3

!

interface Vlan1

no ip address

!

interface Vlan10

ip address 172.16.1.1 255.255.255.252

!

interface Vlan33

ip vrf forwarding 3330

ip address 10.33.13.1 255.255.255.240

ip helper-address global 159.105.33.10

!

The router's vlan database mode will not let me do extended vlans so I can't match up the vlans on each side. I can see the switch in sh cdp neigh. I would like to be able to get access to the switch so that I can configure it in a regualr vlan range. Is this possible? Or will I have to drive over 100 miles just to console to the switch?

glen.grant · ‎11-14-2008

Thats a problem don't see a way around that.

View solution in original post

lejoe.thomas · ‎11-14-2008

Hi Aaron,

To configure extended vlans, the vtp mode must be transparent.So, have you tried changing the vtp mode to transparent on the router.

HTH

Lejoe

Aaron Greene · ‎11-14-2008

Yes, I have. But you can only configure vlans on the router from vlan database mode. In vlan database mode you cannot use extended vlans.

lejoe.thomas · ‎11-14-2008

try using vlan "vlan-id" global configuration command because you cannot create extended vlans from vlan database mode. which router is this?

Lejoe

glen.grant · ‎11-14-2008

Thats a problem don't see a way around that.

ramil91466 · ‎11-14-2008

Try This:

When you connect to router, telnet to switch

ip address 10.33.13.2 first

Switch

config t

int g0/1

switchport trunk native vlan2330

no shut

Router

config t

no vlan10

int fa0/0/0

ip address 172.16.1.1 255.255.255.252

encap dot1q 1 native

no shut

exit

line vty 0 4

exec-timeout 20 0

lockable

private

logging synchronous limit 4000

login local

transport input telnet ssh

exit

wr mem

Aaron Greene · ‎11-14-2008

The problem is that I cannot telnet to the switch from the router or from anywhere. I actually got the extended vlans working by doing an IOS upgrade. So now my fa0/0/0 port looks like this:

interface FastEthernet0/0/0

switchport mode trunk

ip vrf forwarding 3330

and I have an int vlan of:

interface Vlan2330

ip vrf forwarding 3330

ip address 10.33.13.1 255.255.255.240

I still can't connect to it, though. What about getting smoeone to reset the switch to factory defaults? Would that be easier? Could I connect from the router to the switch if the switch has the defaults and a blank config?

Aaron Greene · ‎11-14-2008

also, I can't assign an ip address to a layer 2 port (fa0/0/0)