Re: Created a New Vlan for Management not working

chueymtz · ‎11-06-2024

Created a new vlan10 for managment and and assigned 10.74.2.3 255.255.255.0 to that vlan

interface Vlan10
description MGMT_VLAN
ip address 10.74.2.3 255.255.255.0

sh ip int brief

Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up up
Vlan10 10.74.2.3 YES manual up down

shows the protocol down and I am unable to ping it even from the same switch, my other vlan has an ip of 10.76.2.x on the same switch I cannot reach it.

I've added it to the ospf router ospf 99
network 10.74.0.0 0.0.255.255 area 0
network 10.76.0.0 0.0.255.255 area 0
network 10.78.0.0 0.0.255.255 area 0
network 172.16.0.0 0.0.255.255 area 0
network 192.168.0.0 0.0.255.255 area 0
default-information originate

I added it to the access list not sure what else to try

ip access-list standard 50
10 permit 192.168.0.0 0.0.255.255
20 permit 10.76.0.0 0.0.255.255
30 permit 10.78.0.0 0.0.255.255
40 permit 10.74.0.0 0.0.255.255
ip access-list extended 101
10 deny ip any 172.16.0.0 0.0.255.255
20 permit ip any any
ip access-list extended 102
10 permit ip any 172.16.0.0 0.0.255.255
20 permit ip any 10.243.x.0 0.0.1.255
30 permit ip any 10.233.x.0 0.0.1.255

Flavio Miranda · ‎11-06-2024

@chueymtz

Run the following command

conf t

vlan 10

Richard Burts · ‎11-06-2024

I believe that the key aspect of this issue is "Vlan10 10.74.2.3 YES manual up down" When the protocol state is down you will not be able to access the interface. There are 2 ways to resolve this:

- make sure that there is an access port assigned to this vlan and connect a device on that access port.

- assign vlan 10 to a trunk that is connected to some other device that is up and running.

HTH

Rick

chueymtz · ‎11-07-2024

So I do have a trunk port assigned already to carry traffic to other switches but each switch has it's own third octet for management ie: 10.74.2.x next site 10.74.4.x next site 10.76.6.x etc. This is what I have configured right now for port 1 our trunk port

interface GigabitEthernet1/0/1
description Uplink to TO-SW-01
switchport access vlan 500
switchport trunk allowed vlan 100
switchport mode trunk
switchport nonegotiate

Richard Burts · ‎11-07-2024

It is interesting that you do have a trunk configured. If you would post the output of the command show interface trunk on this switch I believe that you will find that the trunk is configured to carry a single vlan - vlan 100. So vlan 10 is not in the protocol up state. Add vlan 10 to the allowed vlan statement and the vlan should work better.

HTH

Rick

MHM Cisco World · ‎11-07-2024

Just to clarify info here'

Allow vlan into trunk will not make SW automatic generate vlan and add it to db' you still need one step which is manual adding of vlan by ""vlan xx"".

So where is confuse point' the engineer confuse between auto vlan generate and make vlan svi UP.

For auto vlan generate only when access port config vlan is auto generate

For vlan svi UP both access and trunk can be use to make vlan svi UP.

@chueymtz your config is trunk and this is useless

""switchport access vlan 500""

MHM

paul driver · ‎11-07-2024

Hello
is Vlan actually create at L2 on all switches ?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul