Solved: Re: C3750X Management Port Config

Kevin Hamilton · ‎03-18-2021

I have several 3750X switches that have the management port, fa0, connected to my office LAN (192.168.1.0/24). I want to move them to a dedicated management LAN so I created 10.100.0.0/16 on an open port of my office router. However, I cannot telnet to the switches on the new LAN. I assume that the 3750X fa0 port needs some sort of ip route or default gateway to get back to the office router. I tried configuring vrf as I would on a 3850, but it is not a valid command on the 3750X. If I log in to the office router I can ping either direction. For example, I can ping 192.168.1.19 and 10.100.0.19, but not from one subnet to the other.

Any suggestions as to how I can talk to the 3750X management ports on the other subnet would be greatly appreciated.

Reza Sharifi · ‎03-19-2021

Default gateway is not set

As I mentioned before, you need to set the default gateway.

ip default-gateway 10.100.100.x

where x is the ip address you have on the Sonicwall.

HTH

View solution in original post

Reza Sharifi · ‎03-18-2021

Hi,

Assuming all the 3750x switches are layer-2 only, you need a default gateway on each one pointing to the management switch/router.

192.168.1.x

So, 3750x needs a svi for the management vlan and also a gateway

example:

vlan 10

description mgmt vlan

exit

interface vlan 10

IP address 192.168.1.10 255,255,0,0

no sh

exit

IP default-gateway 192.168.1.x where x is the IP address of the management device.

Also, the 3750x switches don't support vrf for management like the 3850, 3650, 9300, etc.

HTH

balaji.bandi · ‎03-19-2021

adding to other comments - is this fa0 is dedicated for management, how is the other network-connected? - can you post the configuration to look at. if this is a management network you can directly configure interface fa0 (no switch port and IP address to that port) depends on arrangements and connection arrangement.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Kevin Hamilton · ‎03-19-2021

Thank you for the replies. I am attaching a crude diagram (pdf) that I hope better explains what I'm trying to accomplish. I realize I can make it work by creating a VLAN dedicated to management and add it to one or more regular switchports, but I was hoping to accomplish this by using the management port.

Kevin Hamilton · ‎03-19-2021

Uploading diagram as a jpeg. Hopefully it will display correctly.

Reza Sharifi · ‎03-19-2021

3750x-On the fa0 interface assign ip 10.100.0.100

Mgmt-Lan switch- Create any vlan you want and put the interface connecting to the 3750x in a vlan (access mode)

example:

vlan 10

exit

interface g1/0/1

switchport

swtchport mode access

switchport vlan 10

do the same exact config for the interface connecting to the Sonicwall

3750x-Add default gateway toward the Sonicwall (if that is the device doing the routing) 10.100.0.x

now you should be able to ping 10.100.0.100 from 192.168.1.19 host.

HTH

Kevin Hamilton · ‎03-19-2021

Hello Reza,

Thank you for your input. I have attempted your configuration but no success. I can access all other devices on the 10.100.x.x. network from 192.168.1.19, so it appears as if the 3750X ignores the ip route statement. Please see the following config info for the 3750 and the upstream 4948E:

3750X Trunkated running config:

Current configuration : 69 bytes
!
interface FastEthernet0
ip address 10.100.100.10 255.255.0.0
!
interface GigabitEthernet1/0/1
!
.
.

interface TenGigabitEthernet1/1/2
!
interface Vlan1
no ip address
shutdown
!
ip forward-protocol nd
!
ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.100.0.1
!
!
!
!
line con 0
line vty 5 15

Switch#sh ip route
Default gateway is not set

Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
Switch#

Switch#sh int fa0
FastEthernet0 is up, line protocol is up
Hardware is PowerPC405 FastEthernet, address is e0d1.735c.c3b9 (bia e0d1.735c.c3b9)
Internet address is 10.100.100.10/16
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set

...

Upstream 4948E trunkated config:

Sonicwall is connected ot G1/5 and 3750X fa0 is connected to G1/7.

!
interface GigabitEthernet1/1
switchport access vlan 502
switchport mode access
!
interface GigabitEthernet1/2
switchport access vlan 502
switchport mode access
!
interface GigabitEthernet1/3
switchport access vlan 502
switchport mode access
!
interface GigabitEthernet1/4
switchport access vlan 502
switchport mode access
!
interface GigabitEthernet1/5
description To Sonicwall
switchport access vlan 502
switchport mode access
!
interface GigabitEthernet1/6
description To LINUX Server
switchport access vlan 502
switchport mode access
!
interface GigabitEthernet1/7
description To 3750X_10
switchport access vlan 502
switchport mode access

Reza Sharifi · ‎03-19-2021

Default gateway is not set

As I mentioned before, you need to set the default gateway.

ip default-gateway 10.100.100.x

where x is the ip address you have on the Sonicwall.

HTH

Kevin Hamilton · ‎03-19-2021

Thank you!!!! I was using ip route 0.0.0.0 0.0.0.0 10.100.0.1 and that wasn't working. Never considered ip default-gateway 10.100.0.1. Thank you for your guidance.

Reza Sharifi · ‎03-19-2021

Glad it is all working for you, Kevin. Good luck!