cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
298
Views
0
Helpful
12
Replies
sjamison
Beginner

management vlan

How do I setup the management vlan on a 2950? I have vlan1 now, but if I do a shut, enable vlan 20 with a new IP address, it does not work. I cant ping, or do anything. All traffic just stops on that switch which is weird. The FA 0/24 is configured as a trunk which makes its way to a 3550G12 thats doing L3 routing and is the gateway for all the vlans. The VTP server is a 3750. Do I have to change it on the 3750 and have it propogate out? That would make a roll out a real problem...

12 REPLIES 12
Kevin Dorrell
Advocate

Do you have a SVI vlan interface on your 3550 for VLAN20?

Kevin Dorrell

Luxembourg

Secure Vlan Interface? No?

The vlan 20 interface on the 3550 is configured with an IP address, and HSRP. I can ping the gateway so from another IP Subnet, so I know its conifured right, and its UP. Other than that it hasnt been configured any other way...

Can you ping the vlan 20 interface of the 3550 from the 2950 switch?

Have you set an ip default-gateway on the 2950 to point to the vlan 20 interface of the 3550?

Kevin Dorrell

Luxembourg

Yeah, I added the gateway address. But I couldnt ping out. I couldnt ping the switch either from another IP subnet. The weird thing was when I got rid of VLAN1 and added VLAN20, it would not allow any device to get onto the network. All ports stayed ORANGE. When I changed to back to VLAN1 they all came back green. My trunk is working because all switchports are in a different vlan than the switch is and I can access both vlans. Just cant figure out how to put the switch into another vlan and make it work...

Steve Graham
Beginner

Did you setup your native vlan on your trunk port? Defaults to vlan 1, however, the command "switchport trunk native vlan 20" on both ends of your trunk connection.

No I did not do that... I didnt think I would need to set a command like that since a trunk just moves everything across it. Ill give it a try and see what happens...

This is required when you plan to use another vlan besides 1 as your "native vlan". 1 is native by default for management.

glen.grant
Advisor

Did you create the layer2 vlan for vlan 20 or did you just apply it to the port ? If you do a "show vlan" does vlan 20 show active ? If not you must create the vlan , conf t vlan 20 , enter . Type state active" just to make sure it comes active . Sounds like this might not have been done . This should be done for any new vlan created .

Yes. I have an attachment tied to the originating post showing the VTP Status and a SHOW Vlan. It does show active.

if you have IOS eariler than 12.1(6)EA2 , so you need to use the coman managment to enable the managment vlan , if your IOS is later , you don't need to use it , but I thimk there is other command to be used

Hi,

On 2950 switch, pls try out the following commands :

sw(config)#int vlan 20

sw(config-if)#no shut

The vlan 20 shuld be come active and Vlan 1 will go down. Then the Vlan 20 will become active and will bcome the management Vlan of the switch.

By default all the ports on the switch stay in Vlan1, so you have to manually move them to Vlan 20.

On the trunk link by default all the Vlans are allowed. and by default the native Vlan is 1. But you dont need to change the native Vlan to 20 because even if Vlan1 is not management Vlan, still the management protocols will go through Vlan1.

You can remove Vlan1 from your trunk, this is called Vlan Minimisation but this feature started from 12.1(14)Ea1.

Kindly update me about the status of this problem now. also post the current configs from 2950.

regards

aashish C

Using the native vlan solved the problem.

Question. If I dont assign a vlan to any switchport, but put the switch out of vlan 1 and into another vlan and use the native vlan will all switchports automatically be put into that vlan or will they still remain in vlan 1?

Reason is I want to assign all my switch management interface into its own vlan, but not all ports are yet configured for their assigned vlan so they are still in vlan1.