Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Can't telnet into switch

I have a 3524XL inline power switch. I used to beable to telnet into it, now i can't. Not sure when this happened so can't correalate a config change with this. Tried reseting the commands for telnet and turning off and on. Can only console in.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Can't telnet into switch

Jeff

Thanks for posting the config. I have looked at your config and see something that may explain your symptoms. I note that most of the ports are trunk ports and that there are two access port in vlan 10 (which is the native vlan) but that both access ports are set up as monitor ports. VLAN 10 is configured with an address and is not shut down. Normally if a VLAN has at least one active port the VLAN will come to an up up state. If there are no active ports the VLAN will normally be down. I suspect that having the ports configured as monitor ports may prevent VLAN 10 from being active. I suggest that you reconfigure the switch so that there is at least one active access port in VLAN 10 (and be sure that something valid is plugged into that port).

Try this and let us know what happens.

HTH

Rick

19 REPLIES

Re: Can't telnet into switch

I am a mindreader.

I do not see the vty ports configured to allow access.

The Vlan is also set up for a different network that what I am on.

The port I am telnetting into is not on the same VLAN either.

I do not see a vlan in the UP UP status, actually I do not even see a VLAN created with an IP address or even a default gateway set up.

So my guess is the configuration must not be right. Can you let me know if I am right? I could make a fortune doing this.

:)

:)

Re: Can't telnet into switch

Please paste the config of your switch.

This could be due to the misconfiguration, ACL etc.

HTH,

-amit singh

New Member

Re: Can't telnet into switch

...

Hall of Fame Super Silver

Re: Can't telnet into switch

Jeff

Thanks for posting the config. I have looked at your config and see something that may explain your symptoms. I note that most of the ports are trunk ports and that there are two access port in vlan 10 (which is the native vlan) but that both access ports are set up as monitor ports. VLAN 10 is configured with an address and is not shut down. Normally if a VLAN has at least one active port the VLAN will come to an up up state. If there are no active ports the VLAN will normally be down. I suspect that having the ports configured as monitor ports may prevent VLAN 10 from being active. I suggest that you reconfigure the switch so that there is at least one active access port in VLAN 10 (and be sure that something valid is plugged into that port).

Try this and let us know what happens.

HTH

Rick

New Member

Re: Can't telnet into switch

ok, so i took fa0/24 and remove the port monitor and access vlan 10 and made it native vlan 10. No telnet works. Is it bad to leave the port monitor port in access vlan 10 for fa0/7? I usually don't have anything plugged into it, only when i'm sniffing.

Re: Can't telnet into switch

You cannot telnet into the switch unless you create a Vlan 10 SVI and assign with an IP and also no shut down on the interface. As you ports are on vlan 10 so taking the port monitor out will not still allow you to telnet into the switch.

This is a layer 2 switch switch so only one v;an SVI will stay up and in this case if you enable the VLAN 10 along with an IP you will not be able to telnet to it using the Vlan 11 IP. So make sure whihc vlan is ur management vlan and assign the ports in that vlan along with SVI created with proper IP.

HTH,

-amit singh

Re: Can't telnet into switch

Unless I can not read there is no vlan 10 configured with an IP address. I do see VLAN 11 though could that be the problem?

Hall of Fame Super Silver

Re: Can't telnet into switch

Mike sure read that part of the config more carefully than I did. (When I looked at the config I saw that VLAN 1 was not configured and shut down, and saw that another VLAN was configured but mis-read the detail that it was VLAN 11 instead of 10.)

So the real problem is that the management address in configured on VLAN 11, but with no active ports VLAN 11 will be down.

So depending on what you want your implementation to be, either configure an access port in VLAN 11 (and plug something valid into that port) or reconfigure VLAN 11 into VLAN 10. Since VLAN 10 is configured as the native VLAN I think it would be more appropriate to put the management address in VLAN 10.

To answer Jeff's other question I do not see a problem in leaving ports configured as monitor ports.

HTH

Rick

New Member

Re: Can't telnet into switch

first off, thanks for all the help and quick responses. second it looks like i was a little premature in my response. still not working.

i'm looking at my other switches configs and don't see vlan11 on any port. also, vlan11 is up up on the switch in question.

Hall of Fame Super Silver

Re: Can't telnet into switch

Jeff

Would you post the output of show vlan from the switch? When you are on the console of the switch can you ping to any addresses of devices in the network?

Is the switch still set up with VLAN 11 as the management address or is it on VLAN 10? And related to that is the question of where is the layer 3 interface that routes to and from the switch? On one of the trunk connections I assume. But which one? And is the layer 3 interface configured to be part of VLAN 11 or 10?

HTH

Rick

Re: Can't telnet into switch

Jeff,

Can you also do a sh vtp status with that information too.

Mike

New Member

Re: Can't telnet into switch

VWBEN3524-02#sho vtp sta

VTP Version : 2

Configuration Revision : 19

Maximum VLANs supported locally : 254

Number of existing VLANs : 22

VTP Operating Mode : Client

VTP Domain Name : LRBEN

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xCF 0x94 0xF8 0xF4 0x0F 0xF1 0x53 0xD9

Configuration last modified by 10.249.97.254 at 7-10-93 05:18:46

New Member

Re: Can't telnet into switch

VWBEN3524-02#sho va lan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/7, Fa0/24

2 CHRWS active

10 VWBENDATA active

11 VWBENMGMT active

15 VWBENVOICE active

20 VLAN0020 suspended

40 CHVBENDATA active

41 CHVBENMGMT active

45 CHVBENVOICE active

46 CHVBENWIFI1 active

47 CHVBENWIFI2 active

60 MITBENDATA active

61 MITBENMGMT active

65 MITBENVOICE active

70 VLAN0070 active

190 WHSEDODGEDATA active

191 WHSEDODGEMGMT active

250 PRIMARYWIRELESS-CHRYSLER active

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

Can't ping connected servers in either vlan 10 or 15, but can ping other switches (i.e. 10.11.1.1) and gateway (10.11.0.1) and itself (10.11.1.2).

Still set with vlan 11.

on

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

Device ID: VWBEN3550-01

Entry address(es):

IP address: 10.249.97.254

Platform: cisco WS-C3550-12G, Capabilities: Router Switch IGMP

Interface: GigabitEthernet0/2, Port ID (outgoing port): GigabitEthernet0/10

Holdtime : 170 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(12c)EA1, RELEASE SOFTWARE

(fc1)

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Mon 25-Nov-02 00:07 by antonino

advertisement version: 2

Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=0000000

0FFFFFFFF010221FF000000000000000BFDB28200FF0000

VTP Management Domain: 'LRBEN'

Native VLAN: 1

Duplex: full

interface GigabitEthernet0/10

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

mls qos trust cos

auto qos voip trust

wrr-queue bandwidth 20 1 80 0

wrr-queue queue-limit 80 1 20 1

wrr-queue cos-map 1 0 1 2 4

wrr-queue cos-map 3 3 6 7

wrr-queue cos-map 4 5

priority-queue out

Hall of Fame Super Silver

Re: Can't telnet into switch

Jeff

Thanks for posting this information. I believe that there are several useful things in it. It is helpful to have verification that VLAN 11 is active and functioning. The fact that you can ping to other addresses and devices within VLAN 11 is helpful confirmation that you do have connectivity over the trunk(s) to other devices. The fact that you can not ping to anything outside of VLAN 11 seems to point to some config difficulty on the layer 3 interface for this VLAN. Would I assume that the default gateway address of 10.11.0.1 is on the 3550? Can you post the interface config of 10.11.0.1?

Thanks

Rick

New Member

Re: Can't telnet into switch

!

interface Vlan1

ip address 10.249.97.254 255.255.255.0

!

interface Vlan10

ip address 10.10.0.2 255.255.0.0

ip helper-address 10.249.97.194

no ip redirects

standby 10 ip 10.10.0.1

standby 10 priority 110

standby 10 preempt

!

interface Vlan11

ip address 10.11.0.2 255.255.0.0

no ip redirects

standby 11 ip 10.11.0.1

standby 11 priority 110

standby 11 preempt

!

interface Vlan15

ip address 10.15.0.2 255.255.0.0

no ip redirects

standby 15 ip 10.15.0.1

standby 15 priority 110

standby 15 preempt

!

Hall of Fame Super Silver

Re: Can't telnet into switch

Jeff

Thanks for posting the interface configs that I asked for. I am feeling very puzzled and wondering what we have overlooked, because based on what I am seeing it looks like things should be working.

Am I correct in assuming that you are attempting to ping from the switch console rather than from a PC connected to a switch port?

In one of your posts you said: that the switch can ping other switches (i.e. 10.11.1.1) and gateway (10.11.0.1) in VLAN 11 but could not ping anything outside of VLAN 11. To me that sounds more like an issue with the layer 3 processing at the gateway than it is to be an issue at the switch. On the 10.11.0.1 gateway would you post the output of a standard ping to the switch 10.11.1.2 and then the output of an extended ping on the gateway pinging to the switch 10.11.1.2 and specifying a source address of one of the other interfaces on the gateway?

I notice that VLAN 10 has an ip helper-address configured while VLAN 11 and VLAN15 do not. Is that likely to make any difference? Is there something that needs the helper address in VLAN 10 that is not in VLAN 11 or 15?

HTH

Rick

Re: Can't telnet into switch

Jeff,

I would also be curious about your VTY connections. Can you do a "who" and "show line".

Mike

New Member

Re: Can't telnet into switch

VWBEN3524-02#who

Line User Host(s) Idle Location

* 0 con 0 idle 00:00:00

Interface User Mode Idle Peer Address

VWBEN3524-02#sho line

Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int

* 0 CTY - - - - - 1 0 0/0 -

1 VTY - - - - - 2 0 0/0 -

2 VTY - - - - - 0 0 0/0 -

3 VTY - - - - - 0 0 0/0 -

4 VTY - - - - - 0 0 0/0 -

5 VTY - - - - - 0 0 0/0 -

6 VTY - - - - - 0 0 0/0 -

7 VTY - - - - - 0 0 0/0 -

8 VTY - - - - - 0 0 0/0 -

9 VTY - - - - - 0 0 0/0 -

10 VTY - - - - - 0 0 0/0 -

11 VTY - - - - - 0 0 0/0 -

12 VTY - - - - - 0 0 0/0 -

13 VTY - - - - - 0 0 0/0 -

14 VTY - - - - - 0 0 0/0 -

15 VTY - - - - - 0 0 0/0 -

16 VTY - - - - - 0 0 0/0 -

New Member

Re: Can't telnet into switch

Jeff,

If you could make a network diagram for your setup it will be better to understand it. Also, please include ffg files: sho run for the layer 2 and layer 3, sho vtp stat, sho ver, sho vlan.In which switch and port are you connected when you telnet the 3524?

Thanks.

626
Views
0
Helpful
19
Replies