Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

management physical interface and Management VLAN

Hello Guys,

We have a 2350 switch with managment vlan and now we are deploying a management switch (2350) to manage all the devices with this. So i have to get ride of that management vlan and have a physical management port with the same IP (as in mgmt vlan). Everything shows up when i shut down the mgmgt vlan and open the mgmt physical port, but I am not able to login via ssh or telnet using the physical mgmt port IP. Can you guys please bail me out.

Thanks.

7 REPLIES
VIP Super Bronze

management physical interface and Management VLAN

Hi,

So you are using a new 2350 to manage the rest of your switches out of band?

Can you post the config from the managment switch?

HTH

New Member

management physical interface and Management VLAN

Hello Reza,

Thank you for the reply. I will review the senario for you. We have a L3 6509 (vlan 308 configured) and to this we have 2350 (we call TOR) with mgmt vlan with IP from VLAN 308.

Now we are deploying a new 2350 (mgmt swt) to manage all the device connected to 6509. So the mgmt swt is connected to 6509 and TOR. The link between 6509 and mgmt swt is good, i can even login into the mgmt swt remotely. but there is a problem with TOR, the TOR was having mgmt int vlan with IP again from vlan 308, and i wanted this IP to be on the physical mgmt port of the TOR and then remove the mgmt vlan completely. Please find below the config of the mgmt swt:

Building configuration...

Current configuration : 9628 bytes

!

version 12.2

no service pad

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime localtime show-timezone

service password-encryption

service linenumber

!

hostname

!

boot-start-marker

boot-end-marker

!

logging buffered 65535 informational

no logging console

logging monitor informational

!

no aaa new-model

clock timezone utc 0

system mtu routing 1500

vtp domain b11-23m-int-1-1

vtp mode transparent

ip subnet-zero

no ip source-route

no ip icmp rate-limit unreachable DF

ip domain-list ntwk.msn.net

no ip domain-lookup

ip domain-name ntwk.msn.net

!

!

!

!

!

!

errdisable recovery cause udld

errdisable recovery cause bpduguard

errdisable recovery cause channel-misconfig

errdisable recovery cause pagp-flap

errdisable recovery cause dtp-flap

errdisable recovery cause link-flap

errdisable recovery interval 60

port-channel load-balance src-dst-ip

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

vlan 99

name DUMMY_VLAN

!

vlan 308

!

ip ftp source-interface FastEthernet0

ip tftp source-interface FastEthernet0

ip ssh time-out 30

!

interface FastEthernet0

description LUSRED011C6N01:Gi3/40 MGMT VLAN 308

ip address 10.195.151.18 255.255.255.128

no ip route-cache

!

interface GigabitEthernet0/1

description b11-23x-int-1-01 Fa0

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

!

interface GigabitEthernet0/2

description b11-23x-int-1-02 Fa0

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/3

description b11-23x-int-1-03 Fa0

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/4

description b11-23x-int-1-04 Fa0

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/5

description b11-23x-int-1-05 Fa0

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/6

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/7

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/8

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/9

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/10

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/11

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/12

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/13

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/14

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/15

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/16

switchport access vlan 308

switchport mode access

no logging event link-status

load-interval 30

mls qos trust dscp

flowcontrol receive on

spanning-tree guard root

!

interface GigabitEthernet0/17

!

interface GigabitEthernet0/18

!

interface GigabitEthernet0/19

!

interface GigabitEthernet0/20

!

interface GigabitEthernet0/21

!

interface GigabitEthernet0/22

!

interface GigabitEthernet0/23

!

interface GigabitEthernet0/24

!

interface GigabitEthernet0/25

!

interface GigabitEthernet0/26

!

interface GigabitEthernet0/27

!

interface GigabitEthernet0/28

!

interface GigabitEthernet0/29

!

interface GigabitEthernet0/30

!

interface GigabitEthernet0/31

!

interface GigabitEthernet0/32

!

interface GigabitEthernet0/33

!

interface GigabitEthernet0/34

!

interface GigabitEthernet0/35

!

interface GigabitEthernet0/36

!

interface GigabitEthernet0/37

!

interface GigabitEthernet0/38

!

interface GigabitEthernet0/39

!

interface GigabitEthernet0/40

!

interface GigabitEthernet0/41

!

interface GigabitEthernet0/42

!

interface GigabitEthernet0/43

!

interface GigabitEthernet0/44

!

interface GigabitEthernet0/45

!

interface GigabitEthernet0/46

!

interface GigabitEthernet0/47

!

interface GigabitEthernet0/48

!

interface GigabitEthernet0/49

!

interface GigabitEthernet0/50

!

interface GigabitEthernet0/51

!

interface GigabitEthernet0/52

!

interface TenGigabitEthernet0/1

!

interface TenGigabitEthernet0/2

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

ip http server

ip http secure-server

ip tacacs source-interface FastEthernet0

!

!

control-plane

!

!

line con 0

line vty 0 4

login

line vty 5 15

login

!

end

VIP Super Bronze

Re: management physical interface and Management VLAN

Hi,

Are you planning to put an SVI on the mgmt switch, because in your config I don't see that.

config t

interface valn 308

ip address xx.xxx.xxx.xxx

If this is the case you then need a /30 between the switch and the 6500 and default route on the mgmt switch.

If you are planning to extend vlan 308 all the way to the 6500 and use the mgmt switch as a layer-2 device only, then you need to create a trunk link between the mgmt switch and the 6500 and create the SVI for vlan 308 on the 6500.  You would also need to a default gateway on the mgmt switch pointing to the 6500 SVI.

HTH

New Member

Re: management physical interface and Management VLAN

Reza,

We would like to get ride of the SVI as many as possible. Some of the TOR are having a separate mgmt port available so i would like to use that as mgmt for the TOR. The vlan is extended already.

On the TOR:

it was

int vlan 308

ip address 10.10.10.1 x.x.x.x

i want to make

int fa0

ip address 10.10.10.1 x.x.x.x

to work and then delete the svi vlan 308 on TOR.

THE VLAN whole subnet was created on 6500 and extended to TOR. ip default is also pointed to 6500 in other TOR I have 3 TOR.

Thank you.

VIP Super Bronze

management physical interface and Management VLAN

We would like to get ride of the SVI as many as possible. Some of the TOR are having a separate mgmt port available so i would like to use that as mgmt for the TOR. The vlan is extended already.

int vlan 308

ip address 10.10.10.1 x.x.x.x

i want to make

int fa0

ip address 10.10.10.1 x.x.x.x

Correct, I understand.  You are trying to go from an inband mgmt to an out of band.  You don't need any default gateway on the TORs since you are using the management interface. That is just a host port with an IP just like a PC or printer etc...

You only need a default gateway on the management switch and not the TORs.

HTH

New Member

Re: management physical interface and Management VLAN

ok I have configured ip default on mgmt swt, and i have removed the ip default gateway on TOR.

not working...

If i am using the same IP (from mgmt vlan on physical mgmt port) there wont be any routing issue right.

Thank you Reza.

VIP Super Bronze

Re: management physical interface and Management VLAN

If i am using the same IP (from mgmt vlan on physical mgmt port) there wont be any routing issue right.

No, your TOR switches are treated as hosts.  Think of them being just like PC or any other end device with an IP address.

Did you create a trunk connection between the management switch and the 6500?

Can you post the config for SVI for vlan 308 from the 6500 and also the trunk link between the 6500 and the management switch?

HTH

243
Views
0
Helpful
7
Replies
CreatePlease login to create content