Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

LAN Switches cannot be accessed by Telnet, SSH or console in native vlan

Hi to all of you:

I do have a question about tagging the native vlan.

In our network we do have about 90 L2 and L3 switches, 2950 the oldest, 2960, 2960S, 3560 PoE, 3750 and 4503E, and we are running VTP, and 43 vlans within the entire network.

our Native VLAN is still vlan 1, and there are many corporative applications running in this vlan.

We have upgraded the IOS for the switches to the latest IOS version about 6 months ago, and after that we started to have issues on the switches, related to accessing the switch, either by telnet, ssh, or even console. However, the switch is still working fine, I mean, doing all bridging and switching traffic.

I have to reset or reload (power cycle) if I want to access the switch.

I have read that having the native vlan can be a problem.

Could you please let me know if you have gone through this problem?

Thanks in advance for your help.

Javier F. Berthin H.

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

LAN Switches cannot be accessed by Telnet, SSH or console in nat

can u post the config of the switch foe which u r not able to reach via telnet.

is these line are there on on vty :

line vty 0 4

login local

transport input all

line vty 5 15

login local

Regards

8 REPLIES
VIP Purple

LAN Switches cannot be accessed by Telnet, SSH or console in nat

can u post the config of the switch foe which u r not able to reach via telnet.

is these line are there on on vty :

line vty 0 4

login local

transport input all

line vty 5 15

login local

Regards

New Member

LAN Switches cannot be accessed by Telnet, SSH or console in nat

Hi Sandeep.

First of all, Thank you very much for your reply.

I do have part of the configuration that will allow me to get into the switch through ssh/telnet/ console session.

We have decided to set off the ssh conf, and we still have the problem, please if you see any issue in this partial config. let me know.

thanks.

Javier

SHOW VERSION

ROM: Bootstrap program is C3750 boot loader

BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE

(fc1)

Core_Toldos uptime is 1 day, 19 hours, 10 minutes

System returned to ROM by power-on

System restarted at 21:41:53 Bolivia Sun Nov 24 2013

System image file is "flash:c3750-ipservicesk9-mz.150-2.SE4.bin"

..............

cisco WS-C3750G-24TS-1U (PowerPC405) processor (revision D0) with 131072K bytes

of memory.

Processor board ID FOC1050Y28Z

Last reset from power-on

9 Virtual Ethernet interfaces

28 Gigabit Ethernet interfaces

The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.

Base ethernet MAC Address       : 00:1A:6D:68:43:80

Motherboard assembly number     : 73-10219-07

Power supply part number        : 341-0098-02

Motherboard serial number       : FOC105006J7

Power supply serial number      : AZS104900XV

Model revision number           : D0

Motherboard revision number     : B0

Model number                    : WS-C3750G-24TS-S1U

System serial number            : FOC1050Y28Z

Top Assembly Part Number        : 800-26859-01

Top Assembly Revision Number    : B0

Version ID                      : V03

CLEI Code Number                : CNMWS00ARC

Hardware Board Revision Number  : 0x09

Switch Ports Model              SW Version            SW Image

------ ----- -----              ----------            ----------

*    2 28    WS-C3750G-24TS-1U  15.0(2)SE4            C3750-IPSERVICESK9-M

Configuration register is 0xF

SHOW RUN

....................

line con 0

logging synchronous

line vty 0 4

password 7 xxxxxxxxxxxxxxxxxxxxxx

transport preferred telnet

transport input all

transport output all

line vty 5 15

!

ntp server 192.168.11.206

event manager session cli username "yyyyyy"

event manager applet dhcp

event timer watchdog time 30

action 1.0 cli command "enable"

action 3.0 cli command "clear ip dhcp conflict *"

!

end

VIP Purple

Re: LAN Switches cannot be accessed by Telnet, SSH or console in

SHOW RUN

....................

line con 0

logging synchronous

line vty 0 4

password 7 xxxxxxxxxxxxxxxxxxxxxx

transport preferred telnet

transport input all

transport output all

line vty 5 15

!

ntp server 192.168.11.206

event manager session cli username "yyyyyy"

event manager applet dhcp

event timer watchdog time 30

action 1.0 cli command "enable"

action 3.0 cli command "clear ip dhcp conflict *"

!

end

Hi,

this config is ok.

Still u can not telnet/ssh to switches or ??? can u plz tell me the error or issue now?

If u still facing the issue then it could be a bug:

Can you console into the switch ?  If you can't or you're getting "Low memory" or something then it's an IOS bug..

Regards

Purple

LAN Switches cannot be accessed by Telnet, SSH or console in nat

Hi,

Is vlan 1 your management vlan and if so is the corresponding svi up/up ?

sh ip int br | i Vlan

Can you ping the switches?

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Cisco Employee

LAN Switches cannot be accessed by Telnet, SSH or console in nat

Hi Javier,

I believe you must have upgraded the code to 15.x which depletes the memory. The access to the switch via console/telnet/ssh all-together will be affected only if we encounter memory issue. Check for "show process memory sorted" and check if you see Auth-manager in the top process.

Thanks & Regards,
Karthick Murugan
CCIE#39285

Thanks & Regards, Karthick Murugan CCIE#39285
New Member

LAN Switches cannot be accessed by Telnet, SSH or console in nat

Hi Karhtick:

I guess you have the best answer, you suggested the memory command and I am attaching you as result.

Next step should be to downgrade the IOS?, because we did the upgrade just in order to have the latest IOS published by Cisco.

If you need the config please let me know, for complementary comments.

Thanks for your help.

Javier

Core_Toldos#
Core_Toldos#
Core_Toldos#sh processes memory sorted
Processor Pool Total:   57114592 Used:   42061488 Free:   15053104
      I/O Pool Total:   12582912 Used:    9397428 Free:    3185484
Driver te Pool Total:    1048576 Used:         40 Free:    1048536

PID TTY  Allocated      Freed    Holding    Getbufs    Retbufs Process
   0   0   56706116   14325484   38372056          0          0 *Init*

197   0    4506712    2363500    1463652          0          0 Auth Manager

   0   0          0          0    1443720          0          0 *MallocLite*

   0   0  577244636  370831296     916016   12457311    3203234 *Dead*

236   0     532808      46152     507068          0          0 IP ARP Adjacency

303   0    1335768     890528     450448          0          0 ADJ resolve proc

230   0   27640244      15996     378344      10152          0 CDP Protocol

  77   0     368260   14413456     377820          0          0 EEM ED ND

102   0     385848        232     362236          0          0 HLFM address lea

404   0    3397428    3069392     334928          0          0 hulc running con

192   0     307492      21604     294808          0          0 HL2MCM

193   0     356552      70624     294744          0          0 HL2MCM

357   0     265100          0     275260     100548          0 EEM ED Syslog

365   0  126849404   86726456     255248          0          0 EEM Server

  87   0     569060     274864     244984          0          0 Stack Mgr Notifi

203   0     753032     492440     164316          0          0 DTP Protocol

201   0     737920     526656     159424          0          0 802.1x switch

  13   0  505129716  504972016     156620          0          0 ARP Input


Core_Toldos#

New Member

LAN Switches cannot be accessed by Telnet, SSH or console in nat

Hi Cadet.

Thanks for your consideration about this issue.

I do have the Int. vlan up/up, I can ping it, and once I restart the switch I can access the switch via any session, like ssh, console or telnet. but suddenly, i cannot access it.

Do you think can be memory limitations, I am running the 15.1 IOS version

Javier

Cisco Employee

LAN Switches cannot be accessed by Telnet, SSH or console in nat

Hi,

It looks like the issue is related to memory depletion. Please try the following and monitor the memory for a day or two and confirm the behavior

conf ter

no macro auto monitor

Thanks & Regards,
Karthick Murugan
CCIE#39285

Thanks & Regards, Karthick Murugan CCIE#39285
1233
Views
0
Helpful
8
Replies
CreatePlease to create content