On our 2811 router we have a 16 poirt etherswitch module. I set the routers IP on the Vlan1 interface rather then the fasterthernet0/0 due to not using fastethernet 0/0 or 0/1 due to having all connections in the internal switch.
I am currently not able to hit the internal network ip but I can ping the serial interface. Is there a correct place to put the routers internal IP?
Also it will not allow us to telnet in with the serial interface IP. Is there a way to remove that restriction. Here is that snip of the config..
First, the interface vlan 1 is a logical interface. For it to come up, there must be devices connected to the switchport that belongs to vlan 1. Check if the interface vlan 1 is up/up.
Second, what kind of switch module, other switch module such as NME needs further configuration on the interface gig interface for it to communicate or the router see the interface vlan 1. on the router check show ip route, do you see vlan 1 as directly connected?
Third, where are you trying to telnet from to this router? Are you directly connected? If you not, do other routers in th path have knowledge of the interface vlan 1's network in their routing table?
How is the physical connection between your PC and the f0/0 interface? I guess the f0/0 interface is on the 16 port switch, if so, you will not be able to assign an ip address to the interface, as it is a layer 2 interface. If you are on the same switched network as the f0/0 interface, then without any extra configuration, the vlan 1 interface should be up and you should be able to reach it.
You have an access-class config on the vty configuration. confirm that the access-list 23 does not deny your ip address telnet access to the router.
You will not be able to telnet to the vlan1 interface until it is up/up.
You need to get one of the ports on the switch module in a up state and assigned to vlan1. You might be able to do that with the no keepalives command in the interface.
I suspect if you attempt to use the 2 built in fast ethernet interfaces it will be difficult. These are set to be routed and cannot be directly assigned to a vlan. You will need to set them up to a bridge group but I'm not sure if it will just associate with the vlan interface or if you must put in a BVI also.
You issue with being able to ping but not telnet to the router is more than likely related to the access lists applied to the vty lines.
we have tried with vlan 1 up and down. (it does change states when nothing is connected)
>>>You will never be able to ping an interface that is up/down. This interface needs to be up/up, just like your serial interface, if that serail is ever to go up/dwon, there is no wya you can get to it.
The 16 port switch is a nme, I am guessing we would just want to assign fastethernet0/0 an IP inside vlan1's range, then assign that port to vlan1 to keep it always up?
>> No, assigning an ip address on two different interfaces in the same router is a no/no, the router will complain. In order to keep the interface vlan up/up you just need to connect a PC to it. Think of interface vlan as a physical interface, if an ethernet interface does not have anything connected to it, will it come up? Same with the logical interface, it need a physical interface related to it to be up/up.
the interface was going up and down. We were not able to ping the interface from outside due to the service provider not having the route set up and assigned to our circuit. After that we changed the login to a fixed login and we could telnet in.
I assigned our range to vlan1 and left no ip one f0/0 and f0/1. the module is f1/0 thru f1/15. they are automatically tied to vlan 1 so it is only up when a device is plugged into it.
Thanks for all the help. It made this issue much easier to track down
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...