cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1199
Views
5
Helpful
5
Replies

Cisco 4500-X Fa1 Connectivity Issues

Chad Thelen
Level 1
Level 1

I have a Cisco 4500-X switch that I'm trying to get the mgmt port working on (Fa1). I must be missing something in my config, because I cannot ping anything in the same VLAN, nor can I even see a MAC address on the access switch it is plugged into. It is plugged into a 3560E with the port configured as an access port on the correct VLAN. I've verified no MTU mismatch, no speed or duplex mismatch. 

Here are some configs. 

switch#sho run vrf mgmtVrf
Building configuration...

Current configuration : 310 bytes
vrf definition mgmtVrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
interface FastEthernet1
vrf forwarding mgmtVrf
ip address XX.XX.163.154 255.255.252.0
speed auto
full-duplex
!
ip route vrf mgmtVrf 0.0.0.0 0.0.0.0 XX.XX.160.1
!
!
end

switch#sho ip route vrf mgmtVrf

Routing Table: mgmtVrf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is XX.XX.160.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via XX.XX.160.1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C XX.XX.160.0/22 is directly connected, FastEthernet1
L XX.XX.163.154/32 is directly connected, FastEthernet1

1 Accepted Solution

Accepted Solutions

Yes that's sounds a bit buggy alright you should get your arp , checking mine as its out of band and there all same subnet I can see multiple arps learned through each mgmt. port for each device

You definitely should be getting an arp and mac on 3560 as well just checked mine to confirm , yes let us know how upgrade goes be interesting to see if this is another software issue on 4500x

xxxx#sh ip arp vrf Mgmt-vrf g0/0
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  172.xxx           -   ac7e.8a33.7980  ARPA   GigabitEthernet0/0
Internet  172.xxx             0   0009.0f09.0008  ARPA   GigabitEthernet0/0
Internet  172.xxx         166   ac7e.8a33.8480  ARPA   GigabitEthernet0/0
Internet  172.xxx         252   b8be.bf30.15b7  ARPA   GigabitEthernet0/0
Internet  172.xxx       112   c414.3c4d.aa37  ARPA   GigabitEthernet0/0

View solution in original post

5 Replies 5

Mark Malone
VIP Alumni
VIP Alumni

Hi

your config is correct I have oob running through all my switches using mgmt. port and they go back to a mgmt. stack that's connected to our fws to process any type of mgmt. traffic like syslog,netflow,ntp etc

When you are on the 3560 give it an SVI as a test if you still cant ping the mgmt.  from that as source when its directly connected its most likely the 4500x ios-xe version there are a few very buggy editions out there on that platform, this way its basically arping shouldn't  need routing and if its still the same I would try another image

Is your default route pointing to a firewall ? can you even ping the mgmt. interface through its vrf if its up/up when your directly consoled on the 4500x ?

Current configuration : 339 bytes
vrf definition Mgmt-vrf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
!
interface GigabitEthernet0/0
 description ** Network Managment Interface **
 vrf forwarding Mgmt-vrf
 ip address 172.x.x.x 255.255.254.0
 negotiation auto
!
ip route vrf Mgmt-vrf 0.0.0.0 0.0.0.0 172.x.x.x.

Thanks for the reply Mark, and thanks for verifying my config.  

I'm running Version 03.05.01E

The 3560 switchport isn't evening learning the MAC address of the 4500, so I have a feeling its an ARP issue as well.

Default route is pointing to an SVI on our core switch, same VLAN as the 3560 SVI. The only thing I can ping from the 4500, is itself. Nothing else in or out of that VLAN at all. 

There is already an SVI on that 3560, in the same subnet as the mgmt on the 4500, and I cannot ping the 4500 when sourcing from that SVI. Has to be an ARP issue. I'll try upgrading to the recommended version on Cisco's site, 3.06.04E, and I'll update this thread afterward.

Thanks again. 

Yes that's sounds a bit buggy alright you should get your arp , checking mine as its out of band and there all same subnet I can see multiple arps learned through each mgmt. port for each device

You definitely should be getting an arp and mac on 3560 as well just checked mine to confirm , yes let us know how upgrade goes be interesting to see if this is another software issue on 4500x

xxxx#sh ip arp vrf Mgmt-vrf g0/0
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  172.xxx           -   ac7e.8a33.7980  ARPA   GigabitEthernet0/0
Internet  172.xxx             0   0009.0f09.0008  ARPA   GigabitEthernet0/0
Internet  172.xxx         166   ac7e.8a33.8480  ARPA   GigabitEthernet0/0
Internet  172.xxx         252   b8be.bf30.15b7  ARPA   GigabitEthernet0/0
Internet  172.xxx       112   c414.3c4d.aa37  ARPA   GigabitEthernet0/0

Upgrading fixed my issue. I upgraded to 3.06.04E. And right when it came up, I was able to ping it. 

Took me a bit because I didn't know I had to change the config-register to make the switch look at the boot statements.

Either way, I appreciate the assistance, Mark. Thanks for the suggestions.

Thanks for letting us know Chad at least we know the MGMT port has issues for definite now on that IOS-XE version

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: