cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2172
Views
2
Helpful
16
Replies

Changing IP's on vlan1

gavinr98
Level 1
Level 1

Hope someone can help. I am working on changing the default vlan from 1. The problem I am having is as soon as I remove the IP address from the switch on vlan1, and add it to the new vlan interface, I can no longer ping the gateway from the switch. I have the default route set, but it makes no difference. Not sure what I am doing wrong. Any help would be appreciated.

(2) 9500 switches in a virtual switch stack, port 3 on the switch is connected directly to the router and I have a 9300 switch connected to the 9500's via 40GB QSFP+ port. I get the same results on both the switches when changing the IP's.

1 Accepted Solution

Accepted Solutions

Try to change the IP address from vlan 1 to the other vlan, lets say vlan 100

And run this command on the switch

nterface HundredGigE1/0/3
switchport mode trunk

switchport trunk native vlan 100

 

View solution in original post

16 Replies 16

This is L3 SW'

Clear mac of vlan1 for any l2 SW connect to this L3SW and try again.

Yes, both the 9500 and the 9300's are L3 switches. 

Change IP from VLAN to VLAN must not effect ping except that there is subnet conflict'

You change IP from vlan1 to for example vlan2 in 9500

But 9300 have different subnet for vlan2 

Also clear arp and mac to make both SW knowing new vlan IP

Yes, I changed the IP on both the 9500 and 9300 Vlan. I will clear arp and mac to make sure.

Hi @gavinr98 

 When you change the IP address to another vlan...is this new vlan allowed on the trunk on the switch side and on the core side?

Is that vlan UP if you issue "show ip int br" ?

Yes, I have allowed all vlans on the trunk and the VLAN is UP.

Your gatewa is a route right?  Probably you are using subinterface on the Router?

Can I see the config on the router and on the switch?

We are using a Sophos XG as the default router which is connected to the 9500 port 3. Here is the config from the switchport. Could the fact that the access mode vlan is still pointing to 1?

WTCPASCORE01#sh int hu1/0/3 switchport
Name: Hu1/0/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

 

Trunk from Sw side but subinterface in FW' I mention before the subnet is conflict'

Sw have vlan 2 ip which in FW this sunbet of vlan1 subinterface.

Seems to me that the communication only works if you use Vlan 1 right? This can be related to Firewall does not understand the tag when you use another vlan. Vlan 1 is not tagged.

 Can you share the config from the switch side also?

show inter int <port 3>

 

 

other than the trunk, there is no additional config.

sh run int hu1/0/3
Building configuration...

Current configuration : 57 bytes
!
interface HundredGigE1/0/3
switchport mode trunk

Try to change the IP address from vlan 1 to the other vlan, lets say vlan 100

And run this command on the switch

nterface HundredGigE1/0/3
switchport mode trunk

switchport trunk native vlan 100

 

That was it, everything is working now. Thank You!

Yeah, the firewall is not understanding the tag on the vlan. 

Glad you fix it. 

Review Cisco Networking for a $25 gift card