cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
638
Views
15
Helpful
18
Replies

Telnet access

Hi Group,

I'm having problems accessing remote switches. Example: In site A, I have three switches--switch1, switch2, switch3--and all are setup with a management interface and a default route. Switch1 has a mgt interface of 10.255.102.1 and the default route is 10.20.102.10, which belongs to the local router. I have a similar setup on switch2 and switch3--10.255.102.2 & 10.255.102.3 are the mgt interfaces with the same default route setup. The router is plugged into switch1. I can access these switches through the first switch only, but I need to access them directly to make changes/update software through mgt software. Below is the code I use to setup the default route. Any thoughts would be appreciated.

I've tried both of the following:

ip default-gateway 10.20.102.1

and

ip route 0.0.0.0 0.0.0.0 10.20.102.1

18 Replies 18

Chris,

All 3 switches are acting as Layer2 switch. Right? If so I would use this command,ip default-gateway 10.20.102.10 . Is IP,10.20.102.10 on the router?

How are they(3 Switches) connecting? Trunk? Access?

Please provide more information.

Toshi

Yes, Layer 2. VTP is setup with switch1 being the server. Connected physically with fiber cables. The IP 10.20.102.10 is the router IP. 24-bit mask.

Chris,

Which vlan are you using for managing all switches?

please post SW1's configuration.

Well, all switches should have "ip default-gateway 10.20.102.10"

Edit: Jon made a good point about the IP addresses.

Toshi

Christopher

If the mask is /24 then the network is 10.20.102.0/24

How can this be the default-gateway for 10.255.102.x addresses ?. What is the subnet mask for this network ie. 10.255.102.x ?

Jon

Jon,

The mask is the same: /24. Over the past, year, we've replaced HP switches with Cisco and have added VoIP. The switches were setup by our vendor, so not sure what the logic is on the IP address.

Okay this is a bit confusing.

If the default-gateway is 10.20.102.10 then you need to give the switches an address from the 10.20.102.x network.

Jon

Jon Marshall
Hall of Fame
Hall of Fame

Christopher

What is the subnet mask for the 10.255.102.x addresses and the subnet mask for 10.20.102.10 ?

Jon

Hi Jon,

The mask is 24-bit.

Chris

Chris,

Please post the configuration on Sw1. Just to make sure that it's acting like L2 switch.

Toshi

see attached

Chris

The config that you posted is helpful. First, most of us have been assuming that we are talking about layer 2 switches. But the config clearly shows that this is a layer 3 switch with IP routing enabled (see the command ip routing).

Since it is layer 3 enabled with routing then the command ip default-gateway is not doing anything (having it does not hurt but it also does not help).

I believe that the issue is that the management address in VLAN 1 is in subnet 10.255.102. And while the switch has several other active VLANs (2, 3, 10, and 172) and while it has several ports configured as trunks, it has no other SVIs (other VLAN interfaces) and so the only subnet that the switch knows about is the 10.255.102 subnet. Therefore the default route of ip route 0.0.0.0 0.0.0.0 10.20.102.10 is not working because the switch has no idea of how to get to the next hop of 10.20.102.10.

Does the router have an interface/subinterface configured for VLAN 1? If so the easy solution would be to change the next hop address in the static route to use the router address in VLAN 1. If that is not possible then I would suggest moving the management address of the switch from VLAN 1 to whatever VLAN is subnet 10.20.102.

Note that the way the switch is working, it is pretty much functioning as a traditional layer 2 switch (having multiple VLANs but only having 1 VLAN interface configured). In that case enabling ip routing does not accomplish much.

HTH

Rick

HTH

Rick

Chris,

Rick has explained very well. It's a good idea to see how they(routers and switches) are connecting including configuration of them.

5P! for Rick

Toshi

Hi Rick,

Wanted to quickly acknowledge your post. I'm going to digest this a bit, but it does bring up other questions. I'll post back later today.

Thanks everybody.

Chris

Hi Rick,

Thanks for the response, which has brought up various other questions.

Considering that the switch config that I posted is a VTP client with VLANs 10 & 172 configured on a VTP server (another 3560 with IP routing enabled)

directly connected to this switch, would the management address of VLAN1 effect traffic flow on VLAN 10 & 172? Such as TCP out-of-order, duplicate

acknowledgements and retransmissions? I've seen this quite a bit while running wireshark on switches in a couple locations.

I looked at the router configuration and it does NOT have an interface/subinterface configured for VLAN 1, but it does have the following routing statement:

ip route 10.255.102.0 255.255.255.0 10.20.102.1

I've used the switches at my location as an example. The switches I have problems connecting to are in several other remote locations, but the setup is

similar (and appears to be consistent). In 'my' location, the switch that is configured as the VTP server also has ip routing enabled and it appears that

others do as well. This switch has a lot of information about our network on it, so I'm reluctant to post the whole config, but do want to include necessary

information. Here's the VLAN 1 & VLAN 172 interfaces and some config info on the other switch.

hostname SW00-3560-02

interface Vlan1

description OPS_Switch_Mgmt

ip address 10.255.102.2 255.255.255.0

no ip redirects

!

interface Vlan10

description OPS_Data_Network

ip address 10.20.102.1 255.255.255.0

ip helper-address 10.20.102.5

no ip redirects

!

interface Vlan172

description OPS_Voice_Network

ip address 172.20.102.1 255.255.255.0

ip helper-address 10.20.102.5

no ip redirects

If more info is needed, let me know.

Thanks,

Chris

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco