one of our gold partner called me and advised that he cannot ping or SSh to two of the 4948 switch.however if he logged to the core switch the 6500 he can sub telnet to the 4900.but he cannot telnet directly through SSH to the 4900.i have checked the config for SSH on both device and this is configure correctly.can any one help and tell me why we cant ping or SSH to these two devices directly rather than telneting to the core device it self before telneting to the 4900s.This is very urgent
Is the core device sharing a common management vlan with the 4948 switches ?. If so and you can ping/telnet from the core device but not from remote devices have you checked the routing setup.
What is the default gateway on your 4948 switches ?.
A bit of explanation about how our switches are connected and some IP addressing would help.
Thanks for yr reply Jon,
we can ping and telnet from the core device to the 4900 but we cannot directly connect to the 4900 from SSh
Should the default gateway be that of the 6500 core switch?
I have added more information 4 u
The 4848 switches are connected to the 6509s via Etherchannel links. All our other edge switches are also connected to the core. All these devices are in the same management VLAN. We have a problem remotely managing the 4848?s from other VLANS but all other devices can be accessed. The 4848s don?t respond to ping either from these other VLANs.
We?ve had a look at the firewall but cant see anything that points towards a firewall issue. We could be wrong tho
the default gateway on the 4948 switches should be the layer 3 interface for the management vlan.
Can you ping this interface from the 4948 switches ?
You mentioned a firewall - where does this sit in your topology ?
Thanks 4 yr prompt reply
no we cannot ping the ip addr on the manegement vLAN.when you said to ping the layer3 ip addr from the management VLAN wat do u mean? we have to bear in mind that we want and be able to telnet and ping the 4900 through SSH rather than log in to the core and then log in again to the 4900.
we have now eliminated firewall
the default gateway on the 4900 is 10.0.0.24
CAn you tell me wat i should look four in the routing set-up we are trying to ping and telnet to VLAN 10 with an ip addr of 10.0.0.7
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM down down
Vlan10 10.0.0.7 YES NVRAM up up
GigabitEthernet1/1 unassigned YES unset up up
Just to clarify. This is how i understand what you have set up
You have a management vlan for the switches. The layer 3 SVI for this vlan is on your core switch.
The other switches you have all have IP addresses for management from the same management vlan.
Each switch should have a default gateway set and this default gateway should be the Layer 3 SVI on your core switch. (If you are running a pair of core switches you may well be using HSRP so your switches default gateway would be the virtual IP.
The vlan that your switch layer 3 management is in, is this the same vlan as the management vlan ie.
what vlan interface is the default gateway in ?
if you cannot ping the default gateway from the switch this sounds like you have your vlans messed up.
Could you provide configs of the 4948, the core switch and another switch that works
Thanks for yr reply i have attched the config of the 4948 thats havin problems with ssh and i have attached the config of another switch that can SShsuccessfully if u need more information pleasle let me know
The 3600 switch works successfully.please let me know if u want the core config as well
The default gateway on your 3560 is 10.0.0.1.
You have said in one of your previous replies that the default gateway of the 4900 was 10.0.0.24.
They are both in vlan 10. Why is the 4900 switch pointing to a different gateway. Have you tried changing it to point to the same gateway - 10.0.0.1 ?
Any suggestion at all still cant SSHed to the 4900 directly i have checked the config and the default gateway ip addr is configured