Solved: Re: Management IP on two linked sg300

Lee Wade · ‎06-20-2018

HI all.

I have two sg200 series switches and a Cisco ASA 5505.

I bought the switches a few years ago and stuck them together on layer 2 for simplicity's sake, but now, for fun, I'm converting my flat network to a L3 network. I still have my layer 2 stuff on VLAN1 and I'm migrating it all to their own networks, one network at a time, starting with clients.

I have it working, for the most part, but I had a question about IP addresses defined in and VLAN's.

How do you differentiate the between and IP, meant as a gateway for a VLAN and the actual management IP address of the switch? At the moment different IP's in the same /24 network are defined as VLAN 1. I tried to create another VLAN on the second switch (vlan2) and give it an address, but you have to assign it to a UP port for it to work. Am I missing something? Do I assign it to the trunk linking the switches?

I've uploaded my configs if you have any questions about how i'm set up.

Thanks in advance,

Thanks, in advance for your support.

riteshsh · ‎06-21-2018

Hi,

My name is Ritesh Sharma from Cisco TAC.

SG300 switch works on L2 mode with a single management IP defined on VLAN1. However, once you change the mode from L1 to L2 and created different SVI's on the switch, then the switch can be accessible using any of the IP's assigned to VLAN's.

All SVI's will act as a management IP for the switch.

For Eg: Switch is working on L3 mode. VLAN1 IP :- 192.168.1.1; VLAN2 IP :- 192.168.2.1.

Now if a PC is connected to VLAN1 he will be able to access the switch using 192.168.1.1 IP and the PC connected on VLAN2 will be able to access the switch using 192.168.2.1 IP.

View solution in original post

Iliya Gatsev · ‎06-20-2018

Hi,

My name is Iliya Gatsev from Cisco Technical Support Team.
It will be good to call our support line and open a support case.

https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

Iliya Gatsev
Cisco STAC Network Engineer
Together we are the human network .:|:.:|:. CISCO

riteshsh · ‎06-21-2018

Hi,

My name is Ritesh Sharma from Cisco TAC.

SG300 switch works on L2 mode with a single management IP defined on VLAN1. However, once you change the mode from L1 to L2 and created different SVI's on the switch, then the switch can be accessible using any of the IP's assigned to VLAN's.

All SVI's will act as a management IP for the switch.

For Eg: Switch is working on L3 mode. VLAN1 IP :- 192.168.1.1; VLAN2 IP :- 192.168.2.1.

Now if a PC is connected to VLAN1 he will be able to access the switch using 192.168.1.1 IP and the PC connected on VLAN2 will be able to access the switch using 192.168.2.1 IP.

Lee Wade · ‎06-21-2018

Thanks for your assistance Ritesh. I did find a solution to my problem once I actually read the admin guide. For what I need, I used a loopback interface on the second switch as some of the SVI's I created are not yet assigned to ports.

Lee Wade · ‎06-22-2018

Sitesh, you've gotten to the root of my problem, of having two layer three devices connected only in a layer 2 manner. To obtain the functionality I want, I will have to put one in layer 2 mode, or configure routing between the two switches. This is difficult to do when you're using your actual working network as a lab!. Thankfully I only have to answer too the family and not customers.
Thanks again for your help.