Remote Access to Cisco 2960 switch

We had a Cisco 2960 switch that I rebuilt.  I copied the running config from an existing switch that is identical to this switch.  both are access point switches that are plugged into our core switch.  The rebuilt switch has an IP of 10.38.36.40.  Everything plugged into the switch (printers, cameras, and workstations) is working fine.  I can ping everything on the switch, but I can't ping or remote connect into the switch itself.  I have unplugged the switch and brought it back up 3 times, but still no remote connection.

Here is the running config:
Using 5659 out of 65536 bytes
!
version 12.2
no service slave-log
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service linenumber
service pt-vty-logging
service sequence-numbers
!
hostname DHS-RM11-AS01
!
boot-start-marker
boot-end-marker
!
logging buffered 8192
logging rate-limit 10 except errors
!
username admin privilege 15 password 7 0020362A340A52505B
username taylorp privilege 15 password 7 13311F1700050A2D7A
no aaa new-model
clock timezone CDT -6
clock summer-time CST recurring
system mtu routing 1500
ip subnet-zero
!
no ip domain-lookup
ip domain-name net.dwight.k12.il.us
!
!
crypto pki trustpoint TP-self-signed-1445844480
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1445844480
 revocation-check none
 rsakeypair TP-self-signed-1445844480
!
!
crypto pki certificate chain TP-self-signed-1445844480
 certificate self-signed 01 nvram:IOS-Self-Sig#3002.cer
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/2
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/13
 description RM11 PRINTERS
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 201
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/21
 description SECURITY CAMERAS
 switchport access vlan 50
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/22
 description SECURITY CAMERAS
 switchport access vlan 50
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/23
 description SECURITY CAMERAS
 switchport access vlan 50
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/24
 description SECURITY CAMERAS
 switchport access vlan 50
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/1
 description UPLINK TO DHS-MDC-CS01
 switchport mode trunk
!
interface GigabitEthernet0/2
 description NOT IN USE
 switchport mode trunk
 shutdown
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan10
 ip address 10.38.36.40 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.38.36.1
no ip http server
ip http secure-server
logging 192.168.145.110
access-list 90 remark SNMP RO Management
access-list 90 permit 192.168.145.0 0.0.0.255
access-list 90 permit 10.38.38.0 0.0.0.255
access-list 91 remark SNMP RW Management
access-list 91 permit 10.38.38.200
snmp-server community DPS5NMP$RO RO 90
snmp-server community DPS5NMP$RW RW 91
snmp-server trap-source Vlan10
snmp-server system-shutdown
snmp-server enable traps snmp coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps cpu threshold
snmp-server enable traps syslog
snmp-server host 10.38.38.200 DPS5NMP$RW
snmp ifmib ifindex persist
!
control-plane
!
banner motd ^C
Notice:
-------
This system is for the use of authorized users only. Individuals using
this computing system without authority, or in excess of their authority,
are subject to having all of their activities on this system monitored
and recorded by system personnel.
In the course of monitoring individuals improperly using this system,
or in the course of system maintenance, the activities of authorized
users may be monitored.
Anyone using this system expressly consents to such monitoring and is
advised that if such monitoring reveals possible evidence of criminal
activity, system personnel may provide the evidence of such monitoring
to law enforcement officials.
^C
!
line con 0
 login local
line vty 0 4
 login local
 transport input ssh
line vty 5 15
 login local
 transport input ssh
!
ntp clock-period 36028992
ntp server 10.38.36.1
end
tails71Asked:
Who is Participating?
 
tails71Author Commented:
I talked with a buddy from Cisco.  He told me to do a "show vlan".  We discovered that VLAN 10 (our management vlan) wasn't appearing.

I added VLAN 10 to the switch, and presto.  Remote access.
0
 
raeldriCommented:
have you generated the RSA key on the switch?

for example:
crypto key generate rsa general-keys modulus 1024

Open in new window

0
 
eeRootCommented:
The lines, "transport input ssh," mean the switch is accessable via SSH.  Are you trying to access the switch with an SSH client such as putty?  Also, are you trying to ping it from a VLAN10, or VLAN201 device?  If VLAN201, then you may need to add these lines:

conf t
interface Vlan201
 no ip address
 no ip route-cache
 no shutdown
end
0
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

 
sstireCommented:
You have:
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan10
 ip address 10.38.36.40 255.255.255.0
 no ip route-cache
---------------------------------------------------------
I would also add all other vlan interfaces that the switch contains as you did for int vlan1. eg-
interface Vlan50
no ip address
no ip route-cache


If the switch is on Vlan10, -does your PC have the rights to cross vlans on the core router via access lists?
0
 
tails71Author Commented:
I have generated the RSA Key.

I'm using PuTTy to access my switches.  I'm trying to ping the switch from VLAN201.  We have an identical switch in a different room, that is working and accessed the same way.  The config is the same except for the hostname and ip address of the switch.  The "interface Vlan201" section is not present.

The only thing I'm wondering is these lines:

      access-list 91 permit 10.38.38.200

      snmp-server host 10.38.38.200 DPS5NMP$RW


They point to an old server that was shutdown.  These lines are present in the switch that is accessible.
0
 
sstireCommented:
Also, if you're wanting to telnet into the switch you'd want to configure your VTY lines to include: transport input telnet ssh
that way it gives you both telnet AND ssh access to the vty's.
0
 
eeRootCommented:
Can you post the port config of the switch, that this switch uplinks to?
0
 
tails71Author Commented:
This is the port on the core switch that the switch (trouble accessing one) is connected to:

interface GigabitEthernet0/14
 description UPLINK TO DHS-RM11-AS01
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree portfast
0
 
tails71Author Commented:
I did a "show cdp neighbor detail" cmd.  I discovered that the switch was appearing, but not it's IP address.  This lead me down the pass of seeing what VLANs were active on the switch.  Then discovering I had to add our management VLAN.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.