cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
805
Views
5
Helpful
6
Replies

3750: Cannot be managed, management IP reachable.

Hi team.

 

We have a switch in production that serves as a L2 ALS. I was about to test it's L3 capabilities and after I issued ip routing , the switch then cannot be managed (i.e., telnet/ssh attempts are failing). Though, its management IP is still reachable.

The switch is running the following code.

Cisco IOS Software, C3750 Software (C3750-IPBASE-M), Version 12.2(50)SE5, RELEASE SOFTWARE (fc1)

 

Has anyone encountered an issue like this? What could be the probable reason?

Should I reboot the switch already?

 

Thanks in advance.

 

 

2 Accepted Solutions

Accepted Solutions

PETER BUZA
Level 1
Level 1

Hi Carlos,

 

If you used the switch as an L2 switch you probably had a default-gateway configuration as well to manage the switch from a different IP subnet. When you applied the "ip routing" command the default gateway setting was gone, so now you don't have a valid route to your management station's subnet where you managed the device from before.

I suggest using the console port to connect to the device and issue the "ip route 0.0.0.0 0.0.0.0 earlier default-gateway IP address" command. Than you may reach the switch again from the management IP subnet.

If you don't have console access, than restarting the device may also solve your problem, in case of you had been saved the config before you issued the ip routing command.

 

Regards, Peter

 

BR, Peter

View solution in original post

My thought was the same as Peter that when ip routing is enabled then the default-gateway statement stops working. (it is not necessarily gone, but it no longer works) But I am puzzled at the statement in the original post where Carlos says that the management IP is still reachable. I think that we need more information about that. Is it reachable from remote subnets? Or is it reachable only from devices connected in the local subnet?

 

While I agree that console access could be very helpful I wonder if there are other alternatives that might allow Carlos to access the switch. In particular if the switch is reachable from devices in the local subnet I wonder if there is a router or another switch connected in the same subnet with this switch and whether Carlos might access that router or switch and from that device then access this switch using local telnet or SSH.

 

HTH

 

Rick

HTH

Rick

View solution in original post

6 Replies 6

InayathUlla Sharieff
Cisco Employee
Cisco Employee

Carlos,

Before doing the reload, any possibility to get the console connection to see whats going on?

If in case no console access then I dont see any other way to get it back. Assuming that cpu is high kind of thing but not sure bcz we dont have any evidence to prove it.

 

Also its time to upgrade the firmware on the box though.

HTH

PETER BUZA
Level 1
Level 1

Hi Carlos,

 

If you used the switch as an L2 switch you probably had a default-gateway configuration as well to manage the switch from a different IP subnet. When you applied the "ip routing" command the default gateway setting was gone, so now you don't have a valid route to your management station's subnet where you managed the device from before.

I suggest using the console port to connect to the device and issue the "ip route 0.0.0.0 0.0.0.0 earlier default-gateway IP address" command. Than you may reach the switch again from the management IP subnet.

If you don't have console access, than restarting the device may also solve your problem, in case of you had been saved the config before you issued the ip routing command.

 

Regards, Peter

 

BR, Peter

My thought was the same as Peter that when ip routing is enabled then the default-gateway statement stops working. (it is not necessarily gone, but it no longer works) But I am puzzled at the statement in the original post where Carlos says that the management IP is still reachable. I think that we need more information about that. Is it reachable from remote subnets? Or is it reachable only from devices connected in the local subnet?

 

While I agree that console access could be very helpful I wonder if there are other alternatives that might allow Carlos to access the switch. In particular if the switch is reachable from devices in the local subnet I wonder if there is a router or another switch connected in the same subnet with this switch and whether Carlos might access that router or switch and from that device then access this switch using local telnet or SSH.

 

HTH

 

Rick

HTH

Rick

Hi Richard and all.

 

Sorry if i got you puzzled. I was reaching the IP through a device local to the subnet which is why I was able to receive echo replies. I can't ssh or telnet into using other local devices cause their management subnet isn't in the TACACS group defined in the VTY lines. I'll have to console into it and disable routing.

 

Thanks alot.

I'll have to console into it and disable routing.

you can also just add the default route when you are connected through the console. You don't have to disable routing.

Hi karsten.

 

We're not upgrading to routed access yet. I was just testing some of it's ports. So I disabled routing instead.

 

Thanks!

Review Cisco Networking for a $25 gift card