After un-stacking a Cisco switch in my IBM blade center I can no longer ping the management IP I had configured on my management VLAN. The only item I see that changed is that the Bladecenter AMM added a internal Ethernet management port. There has been some discussion on reddit. Prior to un-stacking this VLAN interface was working.
I still haven’t found a resolution that would explain why this isn’t working or how to allow access over the current management VLAN. If possible I would like to keep L3 routing off on the switch.
As far as testing I have configured an access port and truck port native to the management VLAN. I connected a laptop with a static IP within the management VLAN range to these ports and was not able to ping or access the swith. When the switch is connected it does pass traffic, as expected, on all ports/VLANs. However I was still unable to ping or SSH the switch directly.
For testing purposes:
- I have configured an access port and truck port native to the management VLAN, I’ve configured a laptop with a IP in the management VLAN to connect to these test ports.
- I’ve devices on other VLAN are able to connect and pass traffic though this switch.
- The switch its self cannot ping other devices when using no source, the FE interface as source, or the management VLAN IP as the source.
- I’ve removed the management VLAN IP, and configured the FastEthernet port with the management VLAN IP.
- I suspect this doesn’t work as I cannot set a VLAN onto the FastEthernet port
- I’ve removed the default gateway with, and without, the VLAN ID configured and with the FasEthernet port configured.
Here is a partial config
no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname sw-7-tsting ! boot-start-marker boot-end-marker ! enable secret ... ! username .... no aaa new-model clock timezone EST -5 0 switch 1 provision ws-cbs3110g-s-i system mtu routing 1500 ! ! ip domain-name abc.def vtp mode transparent ! ! crypto pki ... ! spanning-tree mode rapid-pvst spanning-tree extend system-id spanning-tree pathcost method long no spanning-tree vlan 1-4094 ! ! port-channel load-balance src-dst-ip ! ! vlan internal allocation policy ascending ! vlan N name traffic N ! vlan NN name traffic NN ! vlan NNN name traffic NNN ! vlan XXX name network management ! ip ssh time-out 60 ip ssh version 2 ! ! ! interface FastEthernet0 ip address 192.168.x.x 255.255.255.0 ! interface GigabitEthernet1/0/17 description used to test all vlans switchport trunk native vlan XXX switchport trunk allowed vlan N,NN,NNN,XXX switchport mode trunk switchport nonegotiate ! interface GigabitEthernet1/0/18 description used to test network VLAN XXX switchport access vlan XXX switchport mode access switchport nonegotiate ! interface Vlan1 no ip address shutdown ! interface Vlan XXX ip address 10.XXX.200.236 255.255.255.0 ! ip default-gateway 10.XXX.200.1 ip http server ip http secure-server ! snmp-server community public RO snmp-server host 10.XXX.200.30 version 2c public udp-port 161 ! line con 0 line vty 0 4 login transport input ssh line vty 5 15 login ! ntp server 220.127.116.11 end