CSS- MGMT IP - ROUTING

Unanswered Question
Jan 12th, 2010

Hi All

Just a quick one.

I have a CSS 11501 (7.50) and have configured an IP address for the management Interface. This is now reachable from local subnet, but not from WAN. Apart from the gateway given in the boot statement, do we need to specifically give a route towards management interface for us to manage the CSS from WAN ?

for example, I have:

(config-boot)# ip address 10.10.10.10

(config-boot)#gateway 10.10.10.1

Wouldnt the default gateway here, take care of the reachability from WAN (no reachability in my case). I see the documentation says we need to add another static route through the mgmt interface such as:

(config)# ip management route 0.0.0.0/0 10.10.10.1

, for us to do SNMP, telnet, SSH from WAN ? Is it possible to add 0.0.0.0/0 on ip management command or could we just add static networks onto it? Will it affect default routing functionality of production VIP/interfaces in anyway?

Reference:

 

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v7.50/configuration/quick/guide/Setup.html#wp1160987

Unfortunately I dont have a box to test the configs, and had to implement this on production..

Regards

Raj

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sachinraja Mon, 01/25/2010 - 07:22

Yes Guiseppe.  I did. but no response..

ANyways I made this work without any issues. Added specific subnets for managemnet subnets towards the MGMT interface and it worked good..

Raj

Giuseppe Larosa Mon, 01/25/2010 - 12:10

Hello Raj,

>> Added specific subnets for managemnet subnets towards the MGMT interface and it worked good..

This makes sense looking at the link you had attached.

I felt an impulse to try to empty the pipe ....:)

that is to try to give an answer

Hope to help

Giuseppe

sachinraja Mon, 01/25/2010 - 12:19

Thanks Guiseppe..

It is a little funny to define static routes, even after defining the default gateway on the MGMT interface ! CSS team probably  need to fix this ! I was always comparing CSS with something like a router, which has common routing table for all interfaces, which would make things tough for me to add this route ! but it turned out that CSS was behaving more like the ASA/PIX firewalls , in terms of routing.. So, the routes given in the MGMT interface did not overlap with the routes given on production interfaces ! Though it was documented, i had my own doubts , since there were highly critical servers (as always) which sits behind the CSS, and its still a blackbox for me :)

Thanks again

Raj

Actions

This Discussion