cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
7405
Views
23
Helpful
17
Replies

4500X Out-of-Band Management port

JesseDM68
Level 1
Level 1

I am attempting to set up the FastEthernet management port on some 4500x switches that we have recieved for Out-of-Band management, but I am unable to get them working.  I have set this up before on ASR1004 routers and have not had any troubles with them, although I have noticed that they use a different mangement vrf name.  

I have added the IP address to the FastEthernet1 port, applied a default route for the vrf (e.g. ip route vrf mgmtVrf 0.0.0.0 0.0.0.0 x.x.x.x), and connected the port to my switch.  I am unable to ping the out-of-band management IP from anywhere, inside or outside of its subnet, and I am unable to ping out from the 4500x using the ping vrf mgmtVrf <IP address> command.  When I run a show interface Fa1 command on the 4500x and on the switch its connected to, they both show that they are sending traffic but neither shows that its recieving any traffic.  I have tried connecting a laptop directly to the FastEthernet port, set it statically to the same subnet, and am still unable to ping the managment interface.  I ran a Wireshark capture on the laptop and I show no traffic coming from the management port on the switch, even though when I check the  show interface command it shows that the port is sending packets.  I have attempted this on two separte 4500x switches so far with the same results.  We are running IOS-XE 03.04.04.SG on both switches with the entservices license.  Any help would be appreciated.

 

Thanks,

Jesse

2 Accepted Solutions

Accepted Solutions

Quick update: in my case it was solved by upgrading to version 03.05.03

View solution in original post

This fixed my exact issue as well.  Upgraded from 03.05.02 to 03.05.03 and the out-of-band management interface works like a charm.

It's also lovely how the 03.05.03 release notes don't show any resolved caveats or hardware/software changes.  Seems like a fairly major fix to me....

View solution in original post

17 Replies 17

Rajeev Sharma
Cisco Employee
Cisco Employee

Hey Jesse,

Share the show int fa1 and show run int fa1 command output.

Regards,
RS.

Here is the show int fa1 and show run int fa1 while I had the laptop connected and attempted to ping both directions.

 

interface FastEthernet1
 vrf forwarding mgmtVrf
 ip address 172.16.1.10 255.255.0.0
 speed auto
 duplex auto
end

 


FastEthernet1 is up, line protocol is up
  Hardware is RP management port, address is f40f.1b56.9c57 (bia f40f.1b56.9c57)
  Internet address is 172.16.1.10/16
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:06:29, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/0 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog
     0 input packets with dribble condition detected
     402 packets output, 101340 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     8 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out

I've used them on several 4500X switches and it's been pretty straightforward.

You don't perchance have control plane policing setup in any way do you?

Unless that enabled by default now I have not enabled anything on this switch besides this management port. I even erased the startup-configuration and started over with just this setup. I wanted to get the management port working so that I could set the switch up remotely.

Does your downstream switch have an active SVI in the 172.16.0.0/16 subnet the 4500X Mgmt interface is in? (You did intend to make it a /16 - right?) 

I was testing the 172.16.0.0/16 block when I had the management port directly connected to my laptop.  When it was connected to the switch it was using a different IP block and the gateway to that block is on a router that is also connected to the other switch.

Hey,

Did you find a solution for this? I am seeing exactly the same thing on a 4500-X running Version 03.05.00.E

 

No, I have not been able to find a solution for this.  As it is I am unable to use the management port on my 4500-X switches for out-of-band management.

Quick update: in my case it was solved by upgrading to version 03.05.03

This fixed my exact issue as well.  Upgraded from 03.05.02 to 03.05.03 and the out-of-band management interface works like a charm.

It's also lovely how the 03.05.03 release notes don't show any resolved caveats or hardware/software changes.  Seems like a fairly major fix to me....

I am running into the same issue, if the fix is to upgrade from 03.05.02 to 03.05.03. How do you upgrade the IOS without being able to send traffic from laptop to my fa1 port on the 4500X?

You would simply use an in-band method (i.e. log in via an SVI or routed port address).

Copy the new image into bootflash directory via ftp, change the boot variable and make sure your config-register is 0x2102. Save and reload.

We finally got the out-of-band management interface working by upgrading the IOS from 3.4.4 SG to 3.4.6 SG on a new 4500X that we just received.  Thanks everyone for your help.

Hi JesseDM68

I just purchased couple of 4500X and I am having the same issue. How did you resolve yours? I am running Version 03.05.03.E

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco

Ā