https access to switch through vrf in 12.2(52)SE

Unanswered Question
Nov 23rd, 2009
User Badges:

I have no longer HTTPs access to the 3560 switch, after an upgrade to 12.2(52)SE.

The problem is obviously related to the fact that I am trying to connect to a switch IP address

that belongs to a dedicated "management" VRF management.  Debugging tcp on the switch

shows that it immediately sends TCP resets.

If I target the web browser to another switch IP address, which is in the global routing table, then the

router accepts the connection!

I had similar problems when accessing the switch via SSH.  This could be cured however,

by putting an access-class command under the VTY lines with the "vrf-also" command.

For the HTTPs access (needed for managing the switch with CNA) I have not found a solution

yet.  Any ideas?

NOTE: in the previous IOS  version (12.2(37)SE1), there was no problem for HTTPS access

within a VRF...



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion