cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1160
Views
0
Helpful
2
Replies

Configuration assistance on a new 4900m

ericngimme
Level 1
Level 1

Im having difficulties getting pass this vrf command on the 4900m using the management port. Just hoping for any guidance that can get this switch simply connected and used for a management IP.

Snippet of the config

ip vrf mgmtVrf
!
vtp mode transparent
!
!
!
power redundancy-mode redundant
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet1
ip vrf forwarding mgmtVrf
ip address 10.10.10.10 255.255.255.0
speed auto
duplex auto
!

What do I need to do to get a simple IP onto the FA port (assuming the FA port is the mgmt port) and to make it accessible from anywhere in our internal network.  I understand the ip configuration and gateway but I dont understand the vrf portion.  tyvm in advance

2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

ericngimme@gmail.com

Im having difficulties getting pass this vrf command on the 4900m using the management port. Just hoping for any guidance that can get this switch simply connected and used for a management IP.



!
interface FastEthernet1
ip vrf forwarding mgmtVrf
ip address 10.10.10.10 255.255.255.0
speed auto
duplex auto
!

What do I need to do to get a simple IP onto the FA port (assuming the FA port is the mgmt port) and to make it accessible from anywhere in our internal network.  I understand the ip configuration and gateway but I dont understand the vrf portion.  tyvm in advance

Eric

Try adding a default route for the vrf ie.

ip route vrf mgmgtVrf 0.0.0.0 0.0.0.0

Jon

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Eric,

you may need to add an rd under VRF configuration.

An rd has to be configured in order to start the VRF object.

ip vrf mgmtVrf

rd 100:100

!

Other users have reported problems in accessing TACACS+ AAA server without this parameter

This is a miss in documentation

Then, as Jon has suggested you need a default route in VRF to give reachability of other IP subnets

Edit:

to be noted this is thought for a form of logical out of band management

you can use an SVI in vlan X as your management address without dealing with VRFs

I've checked in some recent installed 4948-10GE and we used an SVI in global routing table instead of the management VRF.

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco