Can't find why switch is not accessible through SSH

Marc_Lalonde · ‎03-23-2023

Hello all,

I have a bunch of switches C2960 at work and I can connect to most except 2. I can't even ping them. The thing is, I have the same setup procedure for all switches so I don't understand where I went wrong on this one.

No SSH, no ping, no telnet, nothing.

Any help would be greatly appreciated.

See attached "sh run" result.

Flavio Miranda · ‎03-23-2023

Hi

Can you run "show ip int br " on the switch ?

Marc_Lalonde · ‎03-23-2023

Please find log file attached for command "sh ip int br"

Flavio Miranda · ‎03-23-2023

Well, to me make no sense you can not ping the switch. The switch have the interface vlan up and default gateway in place.

I would try to upgrade or even open a cisco tac, if possible.

You can try clean up the config with write erase command and try to add the config again. Make sure you have console access during this process.

Marc_Lalonde · ‎03-23-2023

Some evolution on the matter:

The switch is pingable from the gateway. When I connect to the gateway through 192.168.30.1, I can ping 192.168.30.34 with success. But I can't from anywhere else on the network.

My client PC is on the 192.168.12.0 network and even when I connect to the gateway with 192.168.12.1, it still can ping the switch at 192.168.30.34.

However, my client PC still can't ping 192.168.30.34, but it can ping (and access SSH and telnet) other switches on the 192.168.30.0 network.

pieterh · ‎03-24-2023

looks like your vlan 30 is not propagating correctly
try these commands
show vlan
show vtp status
show span vlan 30

Marc_Lalonde · ‎03-24-2023

Hello Pieter,

Do you want me to try these commands on the gateway or on the inaccessible switch?

pieterh · ‎03-24-2023

on the inaccessible switch and maybe also the connected switch

Marc_Lalonde · ‎03-24-2023

Please find attached the log file containing the 3 commands on the inaccessible switch.

pieterh · ‎03-25-2023

the switch has no active interfaces in vlan 30 and only the uplink is carying the vlan
-> configure an access port in vlan 30 and connect some device to it
then test the result

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/50, Gi1/0/51, Gi1/0/52
10 PACDATA active Gi1/0/1, Gi1/0/2, Gi1/0/3
.....
30 PACPHY active
100 Internet active
222 PACSRV active
240 PACVOIP active Gi1/0/1, Gi1/0/2, Gi1/0/3
.....

Marc_Lalonde · ‎03-27-2023

I don't understand, all my other switches (which are accessible through an address on VLAN 30) show NO active interfaces in VLAN 30.

pieterh · ‎03-27-2023

please issue commands
show vlan
show vtp status
show span vlan 30
on the switch connecting to the SPY2-SW11

Marc_Lalonde · ‎03-27-2023

The "switch" connected to switch SPY2-SW11 is our main router, FVMF1-GW11.

Please find attached the log file with the 3 commands issued.

MHM Cisco World · ‎03-27-2023

you have a bunch of SW, only two is not connect ?
are these two SW new or used ? if used then are you sure you remove the VLAN db from SW ?
the VTP can make SW refuse add VLAN to db
check the VTP status

Marc_Lalonde · ‎03-27-2023

I have compared the inaccessible switch to accessible switches and VTP status are set up the same way.

The only difference I see is in the "show span VLAN 30" the only interface it's on is Gi1/0/49, but that is the fiber interface that connects to our router. Other accessible switches have the VLAN 30 on other interfaces as well...