cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
435
Views
0
Helpful
1
Replies

Can't Access Switch GUI from VPN Subnet

smanning
Level 1
Level 1

I just replaced half of my switches with new hardware. When connected via VPN I can access the browser management GUI on all of the old switches but none of the new switches. My management network is 172.16.92.0/23 and my VPN network is 192.168.2.0/24. Can anyone help me figure out what's missing from the config on my new switches to allow access? Thanks in advance for any help you can provide!

--------------------------------------------------------------

Here's the startup config of a switch I CAN access from the VPN network.

--------------------------------------------------------------

config-file-header
sw-library-1
v1.4.11.5 / R800_NIK_1_4_220_026
CLI v1.0
set system mode switch

file SSD indicator plaintext
@
vlan database
vlan 5,11-12
exit
voice vlan id 5
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
no eee enable
hostname sw-library-1
no passwords complexity enable
username admin password encrypted x privilege 15
username cisco password encrypted x privilege 15
ip ssh server
snmp-server location Library
ip http timeout-policy 1800 http-only
no ip http secure-server
!
interface vlan 5
name VoIP
!
interface vlan 11
name Private
ip address 172.16.93.5 255.255.254.0
no ip address dhcp
!
interface vlan 12
name Public
!
interface gigabitethernet1
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
macro description switch
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet2
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
macro description ip_phone_desktop
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet3
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet4
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet5
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
macro description ip_phone
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet6
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
macro description ip_phone_desktop
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet7
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general pvid 12
macro description ip_phone
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet8
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general pvid 12
switchport forbidden default-vlan
!
interface gigabitethernet9
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general pvid 12
switchport forbidden default-vlan
!
interface gigabitethernet10
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general pvid 12
switchport forbidden default-vlan
!
interface gigabitethernet11
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general pvid 12
switchport forbidden default-vlan
!
interface gigabitethernet12
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general pvid 12
switchport forbidden default-vlan
!
interface gigabitethernet13
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
macro description switch
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet14
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet15
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet16
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet17
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet18
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet19
switchport mode general
switchport general allowed vlan add 11 untagged
switchport forbidden vlan add 5,12
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet20
switchport mode general
switchport general allowed vlan add 11 untagged
switchport forbidden vlan add 5,12
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet21
switchport mode general
switchport general allowed vlan add 11 untagged
switchport forbidden vlan add 5,12
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet22
switchport mode general
switchport general allowed vlan add 11 untagged
switchport forbidden vlan add 5,12
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet23
switchport mode general
switchport general allowed vlan add 11 untagged
switchport forbidden vlan add 5,12
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet24
switchport mode general
switchport general allowed vlan add 11 untagged
switchport forbidden vlan add 5,12
switchport general pvid 11
switchport forbidden default-vlan
!
interface gigabitethernet25
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
macro description switch
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet26
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general pvid 11
macro description switch
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet27
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 5,11-12 tagged
switchport general pvid 11
macro description switch
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet28
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 5,11-12 tagged
switchport general pvid 11
macro description switch
switchport forbidden default-vlan
!next command is internal.
macro auto smartport dynamic_type unknown
!
exit
ip default-gateway 172.16.93.1

------------------------------------------------------------------

Here's the startup config of a switch I CANNOT access from the VPN network.

------------------------------------------------------------------

config-file-header
switchf2b5ad
v3.2.1.1 / RCBS3.2hotfix_950_377_136
CLI v1.0
file SSD indicator plaintext
@
!
unit-type-control-start
unit-type unit 1 network gi uplink none
unit-type-control-end
!
vlan database
vlan 5,11-12
exit
voice vlan id 5
voice vlan oui-table add 0001e3 Siemens_AG_phone
voice vlan oui-table add 00036b Cisco_phone
voice vlan oui-table add 00096e Avaya
voice vlan oui-table add 000fe2 H3C_Aolynk
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone
voice vlan oui-table add 00e075 Polycom/Veritel_phone
voice vlan oui-table add 00e0bb 3Com_phone
no eee enable
bonjour interface range vlan 1
hostname switchf2b5ad
username admin password encrypted x privilege 15
!
interface vlan 1
no ip address dhcp
!
interface vlan 5
name VoIP
!
interface vlan 11
name Private
ip address 172.16.93.6 255.255.254.0
!
interface vlan 12
name Public
!
interface GigabitEthernet1
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
power inline priority critical
!
interface GigabitEthernet2
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
power inline priority critical
!
interface GigabitEthernet3
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
power inline priority critical
!
interface GigabitEthernet4
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet5
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet6
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet7
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet8
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet9
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet10
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet11
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet12
switchport mode general
switchport general allowed vlan add 5,12 tagged
switchport general allowed vlan add 11 untagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet13
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet14
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet15
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet16
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet17
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet18
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet19
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet20
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet21
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet22
switchport mode general
switchport general allowed vlan add 5 tagged
switchport general allowed vlan add 12 untagged
switchport general forbidden vlan add 1
switchport general pvid 12
!
interface GigabitEthernet23
switchport mode general
switchport general allowed vlan add 5,11-12 tagged
switchport general forbidden vlan add 1
switchport general pvid 11
power inline never
!
interface GigabitEthernet24
switchport mode general
switchport general allowed vlan add 5,11-12 tagged
switchport general forbidden vlan add 1
switchport general pvid 11
power inline never
!
interface GigabitEthernet25
switchport mode general
switchport general allowed vlan add 5,11-12 tagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet26
switchport mode general
switchport general allowed vlan add 5,11-12 tagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet27
switchport mode general
switchport general allowed vlan add 5,11-12 tagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
interface GigabitEthernet28
switchport mode general
switchport general allowed vlan add 5,11-12 tagged
switchport general forbidden vlan add 1
switchport general pvid 11
!
exit

1 Accepted Solution

Accepted Solutions

Hi

 You are missing the command

 ip default-gateway 172.16.93.1

View solution in original post

1 Reply 1

Hi

 You are missing the command

 ip default-gateway 172.16.93.1

Review Cisco Networking for a $25 gift card