...

ok, so i took fa0/24 and remove the port monitor and access vlan 10 and made it native vlan 10. No telnet works. Is it bad to leave the port monitor port in access vlan 10 for fa0/7? I usually don't have anything plugged into it, only when i'm sniffing.

You cannot telnet into the switch unless you create a Vlan 10 SVI and assign with an IP and also no shut down on the interface. As you ports are on vlan 10 so taking the port monitor out will not still allow you to telnet into the switch.

This is a layer 2 switch switch so only one v;an SVI will stay up and in this case if you enable the VLAN 10 along with an IP you will not be able to telnet to it using the Vlan 11 IP. So make sure whihc vlan is ur management vlan and assign the ports in that vlan along with SVI created with proper IP.

HTH,

-amit singh

Unless I can not read there is no vlan 10 configured with an IP address. I do see VLAN 11 though could that be the problem?

Mike sure read that part of the config more carefully than I did. (When I looked at the config I saw that VLAN 1 was not configured and shut down, and saw that another VLAN was configured but mis-read the detail that it was VLAN 11 instead of 10.)

So the real problem is that the management address in configured on VLAN 11, but with no active ports VLAN 11 will be down.

So depending on what you want your implementation to be, either configure an access port in VLAN 11 (and plug something valid into that port) or reconfigure VLAN 11 into VLAN 10. Since VLAN 10 is configured as the native VLAN I think it would be more appropriate to put the management address in VLAN 10.

To answer Jeff's other question I do not see a problem in leaving ports configured as monitor ports.

HTH

Rick

first off, thanks for all the help and quick responses. second it looks like i was a little premature in my response. still not working.

i'm looking at my other switches configs and don't see vlan11 on any port. also, vlan11 is up up on the switch in question.

Jeff

Would you post the output of show vlan from the switch? When you are on the console of the switch can you ping to any addresses of devices in the network?

Is the switch still set up with VLAN 11 as the management address or is it on VLAN 10? And related to that is the question of where is the layer 3 interface that routes to and from the switch? On one of the trunk connections I assume. But which one? And is the layer 3 interface configured to be part of VLAN 11 or 10?

HTH

Rick

Jeff,

Can you also do a sh vtp status with that information too.

Mike

VWBEN3524-02#sho vtp sta

VTP Version : 2

Configuration Revision : 19

Maximum VLANs supported locally : 254

Number of existing VLANs : 22

VTP Operating Mode : Client

VTP Domain Name : LRBEN

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xCF 0x94 0xF8 0xF4 0x0F 0xF1 0x53 0xD9

Configuration last modified by 10.249.97.254 at 7-10-93 05:18:46

VWBEN3524-02#sho va lan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/7, Fa0/24

2 CHRWS active

10 VWBENDATA active

11 VWBENMGMT active

15 VWBENVOICE active

20 VLAN0020 suspended

40 CHVBENDATA active

41 CHVBENMGMT active

45 CHVBENVOICE active

46 CHVBENWIFI1 active

47 CHVBENWIFI2 active

60 MITBENDATA active

61 MITBENMGMT active

65 MITBENVOICE active

70 VLAN0070 active

190 WHSEDODGEDATA active

191 WHSEDODGEMGMT active

250 PRIMARYWIRELESS-CHRYSLER active

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

Can't ping connected servers in either vlan 10 or 15, but can ping other switches (i.e. 10.11.1.1) and gateway (10.11.0.1) and itself (10.11.1.2).

Still set with vlan 11.

on

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

Device ID: VWBEN3550-01

Entry address(es):

IP address: 10.249.97.254

Platform: cisco WS-C3550-12G, Capabilities: Router Switch IGMP

Interface: GigabitEthernet0/2, Port ID (outgoing port): GigabitEthernet0/10

Holdtime : 170 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(12c)EA1, RELEASE SOFTWARE

(fc1)

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Mon 25-Nov-02 00:07 by antonino

advertisement version: 2

Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=0000000

0FFFFFFFF010221FF000000000000000BFDB28200FF0000

VTP Management Domain: 'LRBEN'

Native VLAN: 1

Duplex: full

interface GigabitEthernet0/10

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

mls qos trust cos

auto qos voip trust

wrr-queue bandwidth 20 1 80 0

wrr-queue queue-limit 80 1 20 1

wrr-queue cos-map 1 0 1 2 4

wrr-queue cos-map 3 3 6 7

wrr-queue cos-map 4 5

priority-queue out

Jeff

Thanks for posting this information. I believe that there are several useful things in it. It is helpful to have verification that VLAN 11 is active and functioning. The fact that you can ping to other addresses and devices within VLAN 11 is helpful confirmation that you do have connectivity over the trunk(s) to other devices. The fact that you can not ping to anything outside of VLAN 11 seems to point to some config difficulty on the layer 3 interface for this VLAN. Would I assume that the default gateway address of 10.11.0.1 is on the 3550? Can you post the interface config of 10.11.0.1?

Thanks

Rick