Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1934
Views
10
Helpful
4
Replies

Need help moving existing ASW management IP to New Remote management IP/SSH

Go to solution
jtsrunning
Level 1
Level 1

‎10-11-2017 09:35 PM - edited ‎03-01-2019 06:11 PM

Hi,

On a access switch, I tried moving the current management IP and VLAN 1000 to a new management IP and VLAN 30 using a different subnet. I initially SSH into the current device IP: 10.186.73.5/24. After,
I used the following script:

!
vlan 30
name Network_Management
!
interface vlan 30

description Network_Mgt.
ip address 10.22.42.4 255.255.255.0
!
ip default-gateway 10.22.42.1
!
Test connection here. New IP pingable throughout network and could SSH into it, but I am now denied access from my credentials. Changing the default-gateway denied my login credentials.
!
I consoled in and added back the original default-gateway 10.186.73.1. I SSH into the switch using the NEW IP 10.22.42.4 and it asked for my credentials. I was in successfully.

 

I don't understand why the default gateway affects my credentials being denied.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Meheretab Mengistu
Level 7
Level 7
In response to jtsrunning

‎10-11-2017 11:19 PM - edited ‎10-11-2017 11:25 PM

Check if you could access the tacacs+ server from the new subnet (eg. ping TACACS_IP_ADDRESS source vlan30). Could you access the tacacs+ server?

 

Also, check whether you have configured "ip tacacs source-interface vlan 1000". If so, replace it with "ip tacacs source-interface vlan 30".

 


HTH,
Meheretab

HTH,
Meheretab

View solution in original post

4 Replies 4

Go to solution
Meheretab Mengistu
Level 7
Level 7

‎10-11-2017 09:47 PM

Hi,

How do you authenticate when you do SSH? Is it using local username/password? Or, is it using TACACS+ or other servers?

HTH,
Meheretab
HTH,
Meheretab

Go to solution
jtsrunning
Level 1
Level 1
In response to Meheretab Mengistu

‎10-11-2017 10:00 PM

SSH was authenticatred via TACACS+

0 Helpful

Go to solution
Meheretab Mengistu
Level 7
Level 7
In response to jtsrunning

‎10-11-2017 11:19 PM - edited ‎10-11-2017 11:25 PM

Check if you could access the tacacs+ server from the new subnet (eg. ping TACACS_IP_ADDRESS source vlan30). Could you access the tacacs+ server?

 

Also, check whether you have configured "ip tacacs source-interface vlan 1000". If so, replace it with "ip tacacs source-interface vlan 30".

 


HTH,
Meheretab

HTH,
Meheretab

Go to solution
jtsrunning
Level 1
Level 1
In response to Meheretab Mengistu

‎10-12-2017 02:28 PM

Thank you very much for the speedy response. Your solution helped and I also had to update the TACACS server.

0 Helpful
Customers Also Viewed These Support Documents