08-28-2017 03:20 AM - edited 03-01-2019 06:05 PM
Hi!
Cisco newbie here. I created a number of VLANs for our network on a series or Cisco 2960 switches and I found myself using VLAN 1 because, you know, newbie.
I would like to move the VLAN 1 configuration to an appropriately named VLAN. This includes moving the VLAN configuration and the VLAN IP configuration as well to the correct VLAN.
I've tried to do this in the past and I lost access to the primary switch, which brought down the entire network, forcing a reboot.
Please what is the safest means of changing re-configuring this remotely, without knocking down the network once more?
Thanks in advance!
08-28-2017 01:55 PM
Hi create another vlan on the switch at L3 so an SVI needs to be up/up and in the L2 db too and bring it up make sure its reachable by ssh , that way you will have access when vlan 1 goes down , make sure to access by ip rather than DNS as the name maybe tied to vlan 1 ip address when originally setup
If you have a vty acl make sure the new ip is in there for the new vlan with a source of your machine your coming from so you can access it , keep both vlans up until your sure you can access by the new one , again use ips only not dns to be sure your hitting right ip
note even when vlan 1 is shutdown its always in use , its transports dtp/vtp/stpcdp etc info in the background
i have done the same on my 2960s as below from one of my switches that are too far to cable the mgmt port to the mgmt switch so i just cretaed a mgmt vlan and pushed it out make sure new vlan is on the trunk connection too
#sh ip int brie
Interface IP-Address OK? Method Status Protocol
Vlan1 x.x.x.x YES NVRAM administratively down down
Vlan1222 172.x.x.x YES NVRAM up up
Also if your remote its best to use ... reload in 30
so then if something happens and you lock your self outr it will reboot without any intervention once config hadsnt been saved
unfortunately unlike ios-xe and nx-os you cant use the config rollback so the reload in command is the best option to get you out of a lockout issue
This is could be an impacting change if something goes wrong again so you should have a window specified to work on in case there is an issue and it does have to reload , out of hours or at a time where end users wont notice it
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide