cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11044
Views
10
Helpful
7
Replies

Cannot ping hosts from 3650 management interface

ACStech
Level 1
Level 1

I have a new 3650 switch with 2 Vlans configured on it (2 and 3). I have Vlan1 shutdown. I have given the management interface (GigabitEthernet0/0) an IP address in Vlan2 (192.168.110.201 255.255.255.0) and I can connect to the interface over telnet. The switch has a default gateway established (192.168.110.75) which is an active 2650 switch. This is the same default gateway used on the old Cisco switch that I'm trying to replace with this 3650 switch.

I cannot ping any hosts in either VLAN from the new switch. 

At first, I thought this was because no Vlan was configured on the port but the "Switchport" command returns an invalid input error.

The weird thing is, I already configured one 3650 switch with a similar VLAN/LAN setup so I'm pretty confused. I connected the other switch using the same wall port and same Cat 5e cable as the one I'm currently working on. Just to be clear, the port cannot ping any hosts in either LAN, it's not just one host that I'm trying to ping.

Any idea about where to start troubleshooting? I feel like I'm probably just missing some small dumb thing.

2 Accepted Solutions

Accepted Solutions

Richard Burts
Hall of Fame
Hall of Fame

For troubleshooting let us start by posting the output of the command show ip interface brief and of the command show interface status. Then please post the output of the command show interface trunk and the configuration of interface Gig0/0. It might also be helpful if you post the output of the command show cdp neighbor.

HTH

Rick

HTH

Rick

View solution in original post

I am glad that you got it worked out and that you agree with me about how the management interface works.

HTH

Rick

HTH

Rick

View solution in original post

7 Replies 7

Richard Burts
Hall of Fame
Hall of Fame

For troubleshooting let us start by posting the output of the command show ip interface brief and of the command show interface status. Then please post the output of the command show interface trunk and the configuration of interface Gig0/0. It might also be helpful if you post the output of the command show cdp neighbor.

HTH

Rick

HTH

Rick

Bear with me since I can't TFTP the running-config anywhere. Just let me know if there's something particular I should look at that I'm not posting...

show ip interface brief

Vlan1 unassigned administratively down/down

Vlan2 192.168.109.205 down/down

Vlan3 192.168.110.205 down/down

GigabitEthernet0/0 192.168.110.203 up/up

None of the other interfaces have been assigned IP addresses and their status/protocol are all down/down. This makes sense as I only have an Ethernet cable plugged into the management port. I have the console port connected, as well.

show interface status

Starts with Gi1/0/1 (rather than Gi0/0 which is the management port). None of the ports are connected, Vlan 1 is listed as the Vlan for all of them, Duplex is auto, Speed is auto, Type is 10/100/1000BaseTX

show interface trunk - not included in this switch

sh vlan -We may be on to something. All of the ports are listed in VLAN1. VLAN2 and 3 are not listed at all.  When I use Show Run:

interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
ip address 192.168.110.201 255.255.255.0
negotiation auto

interface GigabitEthernet1/0/1
switchport turnk native vlan 3
switchport mode trunk
spanning-tree portfast
The rest of the ports are configured similarly.
interfaceVlan1
no ip address
shutdown
interface Vlan2
ip address 192.168.109.205 255.255.255.0
interface Vlan3
ip address 192.168.110.205 255.255.255.0
!
ip default-gateway 192.168.110.75 [this is the default-gateway currently in use in the current LAN]
ip route 0.0.0.0 0.0.0.0 192.168.110.75

I guess I missed something in the VLan configuration. I'm drawing a blank...

Thanks for posting the outputs. They do provide some helpful information. The first important thing are these lines

Vlan2 192.168.109.205 down/down

Vlan3 192.168.110.205 down/down

If the vlan interfaces are down/down then nothing can be sent or received at the IP layer in those vlans. The reason those vlans are down/down is because there are no ports assigned and connected to these vlans. When you configure ports to be in these vlans and have devices connected in these vlans then the vlan interfaces should change to the up/up state and IP processing should be enabled.

There are other important things that it shows, including the fact that your management interface is in its own vrf. In that case I believe that it needs its address to not be in one of the vlan subnets. I believe that on these switches that the "management" interface is intended to provide out of band management and can not use a data vlan subnet address. It is interesting that you say that you are able to telnet to the switch. I assume that this is because the vlan interface for that subnet is not up. I would believe that when you attempt to bring up the vlan interface that there would be issues with the management interface.

A less important but puzzling thing is that the output of show ip interface brief shows the address of the management interface as 192.168.110.203 but the show run has it as 192.168.110.201.

HTH

Rick

HTH

Rick

Sorry, you can ignore the IP addresses. I just made them up to illustrate where thing should be. I know they're private IPs but I still don't like posting exact IP addresses on forums.

The thing about the ports and the Vlans is the ports are set to be in trunk mode for Vlan 3. 

interface GigabitEthernet1/0/1
switchport trunk native vlan 3
switchport mode trunk
spanning-tree portfast

Thanks for the help but at this point I think the best thing is just to plug the other switch in and see what I did with it. I was trying to troubleshoot it just to give myself a way to practice but I need to get this done. Thanks for the help, though. It did help me see a few things I need to correct.

TESTLAB#show running-config interface GigabitEthernet 0/0
Building configuration...

Current configuration : 117 bytes
!
interface GigabitEthernet0/0
 vrf forwarding Mgmt-vrf
 ip address 10.189.99.8 255.255.255.0
 negotiation auto
end

TESTLAB#ping vrf Mgmt-vrf 10.189.99.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.189.99.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/10 ms
TESTLAB#

ACStech
Level 1
Level 1

I figured out that you're correct about the management interface. It's weird how it works.

The pings didn't really matter to me, I just wanted to be able to copy the running config via TFTP so I found this line of code in my other router that I forgot I used:

ip tftp source-interface GigabitEthernet0/0

And that solved my issue.

I am glad that you got it worked out and that you agree with me about how the management interface works.

HTH

Rick

HTH

Rick