Rick_Penney
asked on
Cannot connect to Cisco switch via a new management vlan
Hi, I am having problems accessing a Cisco 2960 switch via a new management vlan (Vlan3). I have a second physical site with the same equipment which is working fine.
Please see the attached drawing. The Non working site still has the ip address set for interface vlan 1 as well as vlan 3, and the default gateway is currently set to the vlan 1 sub interface on the router. When I changed the default gateway to the vlan 3 sub interface, I couldn't connect to the switch via its vlan 3 IP.
The working site is also a Cisco 2960 switch and I was able to configure the vlan 3 interface with an ip address, change the default gateway, log back in to the switch via its vlan 3 ip address and then remove the vlan 1 ip address.
I'm not back on site for a week, but it would be handy to have a few new things to try when there,
Many thanks
Please see the attached drawing. The Non working site still has the ip address set for interface vlan 1 as well as vlan 3, and the default gateway is currently set to the vlan 1 sub interface on the router. When I changed the default gateway to the vlan 3 sub interface, I couldn't connect to the switch via its vlan 3 IP.
The working site is also a Cisco 2960 switch and I was able to configure the vlan 3 interface with an ip address, change the default gateway, log back in to the switch via its vlan 3 ip address and then remove the vlan 1 ip address.
I'm not back on site for a week, but it would be handy to have a few new things to try when there,
Many thanks
Soulja
Did you remove the ip address from interface VLAN 1 also when you changed the gateway. If not, the switch will still try to use VLAN1 since IP Default gateway command is for the switch in LAYER 2 mode. It will only use one vlan interface which defaults to VLAN 1. Additionally, is there a reason you are using Non-RFC1918 addressing?
ASKER
Hi, many thanks for your reply
I didn't as I didn't have to do this at the working site, so it didn't cross my mind.
I will do this next week when I'm back on site on Tuesday just incase I get locked out, I can connect a serial cable to restore.
Ref the RFC1918 addressing, the first octet isn't actually the real value, I just thought i'd change it as its posted publicly, although it doesn't really matter I guess as the real address is a is a private one anyway, me just being paranoid :-)
kind regards
Rick
I didn't as I didn't have to do this at the working site, so it didn't cross my mind.
I will do this next week when I'm back on site on Tuesday just incase I get locked out, I can connect a serial cable to restore.
Ref the RFC1918 addressing, the first octet isn't actually the real value, I just thought i'd change it as its posted publicly, although it doesn't really matter I guess as the real address is a is a private one anyway, me just being paranoid :-)
kind regards
Rick
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you Irmoore, i'll give it a try on Tuesday
much appreciated
much appreciated
Good catch lrmoore, didn't even see that (no info returned) part. :)
ASKER
Thanks guys, I'm going to go to site tomorrow now and try that, i'll post back tomorrow
thank you both
thank you both
ASKER
Hi, I have added the command switch nonegotiate and that worked a treat.
Although I only put two switches in the diagram, we obviously have a lot more than that.
One of the switches when I entered the switch nonegotiate command came back Command Rejected: Conflict between "nonegotiate" and "dynamic" status.
I exited the switch, did a couple of the others, when I came back to the same switch and re entered the same command, it worked perfectly.
Just for my own notes, any ideas why it was initially rejected?
Thanks a million to both for your posts, very grateful
Although I only put two switches in the diagram, we obviously have a lot more than that.
One of the switches when I entered the switch nonegotiate command came back Command Rejected: Conflict between "nonegotiate" and "dynamic" status.
I exited the switch, did a couple of the others, when I came back to the same switch and re entered the same command, it worked perfectly.
Just for my own notes, any ideas why it was initially rejected?
Thanks a million to both for your posts, very grateful
ASKER
Hi, I reconfigured all 5 Cisco switches today, 3 of them I had to put in the switch nonegotiate command, the other two worked without the command.
After changing the default gateway and then logging back into the switches with the vlan 3 interface ip address, I removed the vlan 1 ip address, and did a write mem , copy run start and copy run tftp.
3 hours later now at a different site, but remoting controlling the same PC that I did the config work on, I can no longer ping the 3 switches that have the switch nonegotiate command. I can however ping and telnet onto the switches from PCs at the same site and also from my current location across the WAN.
Any ideas?
After changing the default gateway and then logging back into the switches with the vlan 3 interface ip address, I removed the vlan 1 ip address, and did a write mem , copy run start and copy run tftp.
3 hours later now at a different site, but remoting controlling the same PC that I did the config work on, I can no longer ping the 3 switches that have the switch nonegotiate command. I can however ping and telnet onto the switches from PCs at the same site and also from my current location across the WAN.
Any ideas?
Wrong range for default gateway IP address, needs to be in vlan 3 range.
Conflict between "nonegotiate" and "dynamic" status- switchport mode trunk command was missing on interface (default port setting is depending on model - dynamic auto (new models) or dynamic desirable (old models))
ASKER
Thanks guys for your help. The switch nonegotiate command fixed the problem
Ref my last post regarding not being able to reconnect to the switches from the same pc that I initially used, but being able to connect to them from every other pc, I rebooted the switches, and now can access them again from that pc
kind regards
Rick
Ref my last post regarding not being able to reconnect to the switches from the same pc that I initially used, but being able to connect to them from every other pc, I rebooted the switches, and now can access them again from that pc
kind regards
Rick