Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2125
Views
0
Helpful
6
Replies

Can't telnet nor ping my switch from another VLAN

Jhorkell
Level 1
Level 1

‎01-30-2020 10:30 AM - edited ‎01-30-2020 11:32 AM

Hello everyone!

So I have a network with many switches and VLANs and everything is beautiful and cool except for this one switch (let's call it SW1) I can't telnet to from another VLAN, it doesn't even respond pings. Every switch here has an administration VLAN (lets say vlan 10) and I can get to them from any vlan of my network via telnet and/or ssh. To get to this switch in particular, though, I have to telnet to any other switch of my network and from there jump to SW1. Also, if I run a ping from VLAN 10 it responds normally, the problem is I can't get to it from my laptop since I work on a different vlan (but I can get to any other switch!)

I did search here an there before coming to you guys and I found that an ACL can be blocking me, but there isn't any configured on SW1. 

Does anyone have an idea of why is this happening? I'm sure it has to be a rookie mistake. The switch is a 2960X and it's working perfectly, I'm actually getting internet (and posting this) from it.

 

Updates:
- I configured a different interface vlan in SW1, with the same results (can't get to it from my laptop, but can do it from another switch)

- I put my laptop on VLAN 10 and I can telnet to SW1, but that's hardly a solution. I need SW1 to work like any other switch on the network.

 

Thanks for your time!

Labels:
0 Helpful
6 Replies 6

Reza Sharifi
Hall of Fame
Hall of Fame

‎01-30-2020 10:52 AM

Hi,

If the switch is layer-2 only, does it have a default gateway pointing to the next hop router?

ip default-gateway <next hop ip>

HTH

0 Helpful

Jhorkell
Level 1
Level 1
In response to Reza Sharifi

‎01-30-2020 11:09 AM

Hi Reza! Thanks for your reply.
Yes, it has that command configured with the next hop's IP (wich is the core switch of the network). And a quick update, I just configured a different interface vlan (lets say 20) and it doesn't change anything. I can't telnet to it from my laptop but I can from a switch, even if that switch doesn't have an interface vlan 20. I thought it has to do with communication between vlans, but I'm not sure anymore what the problem is.
0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to Jhorkell

‎01-30-2020 11:36 AM

Hi,

What is the management ip address on the switch?

You need to make sure whatever vlan/subnet you have configured to manage this switch is propagate throughout your network so you can get to it from anywhere. So, if the next hop switch is layer-2 you need to make sure this vlan is added to trunk port to get to the core. If the core is doing routing, you would need to make sure the same vlan/subnet is added to whatever routing protocol you are running. From the sound of it, it appears that the management subnet is not being advertised throughout your network.

HTH

0 Helpful

Jhorkell
Level 1
Level 1
In response to Reza Sharifi

‎01-30-2020 12:04 PM

Thanks again for your help, Reza!
I can be wrong, but I'm pretty sure the management vlan is being advertised on the network, since from my laptop (wich is directly connected to SW1) I can get to any switch but SW1. Also, if I put my laptop on VLAN 10 I can access to SW1.
The core has the vlan 10 subnet configured on ospf, and the vlan 10 is configured on every switch (vlan 10 and interface vlan 10)
0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to Jhorkell

‎01-30-2020 12:21 PM

Ok, so vlan 10 is the management vlan, you have an SVI on every switch for management and the vlan/subnet is advertised everywhere including to OSPF. Now, if your laptop is connected to sw1 and your laptop has an IP in the management subnet and the port you are connecting to is part of vlan 10, than you should be able to directly connect to the sw1. 

Now, say laptop is in a different vlan (vlan 50) in order for your laptop to get to the management vlan and to access sw1 IP, vlan 50 needs to be advertised on the trunk port connecting to the core and also vlan 50 needs to be added to OSPF, so you can reach the IP on sw1 through the core. So, in this case the routing between vlan 10 and 50 is done on the core. Does this make sense?

HTH

 

0 Helpful

shahneyalam
Level 1
Level 1

‎10-08-2024 12:41 AM

As Simple, enter route on switch derection to management vlan like:

Managment VLAN ip is 192.168.0.254/24

add route

Vlan-1 192.168.0.0 255.255.255.0 192.168.0.254

Vlan-2 192.168.1.0 255.255.255.0 192.168.0.254

Vlan-3 192.168.2.0 255.255.255.0 192.168.0.254

Vlan-4 192.168.3.0 255.255.255.0 192.168.0.254

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card