Re: Change the default gateway for Switch management interface for L2 switches

Althaf07 · ‎02-26-2019

Hello All,

i am changing the Switch management IP on Multiple switches to a different subnet. the SVI interface for the switch management is configured on Cisco ASA firewall context and rules are allowed in the firewall to enable communication from all switches (source IP) to jump server (destination IP) for ssh port (tcp/22) from where i will remotely connect to all switches.. once the new mgmt interface is configured in all switches and new vlan is allowed on trunk ports, i have to configure the new default gateway IP address on all switches. but the challenge here is i am doing this change from a remote location from the jump server. once the gateway is configured i will remove old mgmt IP and old default gateway IP. all these switches are only L2.

can anyone suggest how to change the default gateway without losing remote access to the switches from the jump server? i have no onsite/console support to do this activity.

Jaderson Pessoa · ‎02-26-2019

Hello,

You can apply it on statup-config file and after you finish to config new ip and new gateway, copy tu running-config.

Jaderson Pessoa
*** Rate All Helpful Responses ***

Seb Rupik · ‎02-26-2019

Hi there,

Do you have access to the ASA? If so you can SSH to the switches from there. This way the default gateway configuration being incorrect for a time will not matter as you are connecting from the local subnet.

cheers,

Seb.

Althaf07 · ‎02-26-2019

i do have access to the Firewall. but ssh is not allowed from the firewall to the switches.

Seb Rupik · ‎02-26-2019

How long are the switches permitted to be offline on the management for?

You could create an EEM script containing the all of the required commands in sequence and schedule it with a countdown timer.

Once you have started the timer on all the switches, make the change on the ASA and then wait for the timer to elapse and *hopefully* all your switches will come back online.

cheers,

Seb.

Jaderson Pessoa · ‎02-26-2019

Dear,

Just make changing the configurations file at startup-config, after you finish your configurations, upload archive to switch again and run the command copy startup-config running-config

you wont have any stop.

Best regards.

Jaderson Pessoa
*** Rate All Helpful Responses ***

Althaf07 · ‎04-10-2019

here is how i completed this change.

1. configured a new switch in the new mgmt vlan and new mgmt ip

2. allowed the new vlan and configured the SVI on all other switches where i had to change the mgmt ip to new mgmt ip.

3. to change the gateway on all other switches i logged into new switch that i configured in the new mgmt vlan. took ssh to other switches through as we already have a layer vlan configured on all the switches.

4 i changed the gateway of each switch and i did not lose the connectivity to them while i had still access to those switches from the ssh session on new switch

paul driver · ‎04-10-2019

Hello
What switch models do you have?
Would you have access to the core switch?
Would you know local access credentials of the switches?

Depending on the above one neat way you maybe able change the switches addressing is via a L2 connection from the core or any switch directly connected interconnects (l2 trunks), no need to have ip connectivity or any reloads and you would be able to change the addressing at your will..

Example:

Core switch
config t
cluster enable L2
do sh cluster candidates
cluster member 10 mac-address <base mac-addrees of switch> password xxxx
end

rcommand 10

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul