01-04-2015 09:21 PM - edited 03-07-2019 10:04 PM
How do I set my cisco catalyst 3560 to use a static ip instead of an ip from our DHCP server? I want to monitor it with nagios and would like it to use an ip from our static range.
Solved! Go to Solution.
01-05-2015 05:00 AM
#interface vlan [x]
#ip address 10.10.10.1 255.255.255.0
Replace the [x] with the VLAN ID of your manangement Vlan and the IP address and Mask for the ones you want to use.
Thanks
01-05-2015 12:48 AM
Do you mean that currently the 3560 uses DHCP to get an IP address for it's management interface ?
If so can you post the output of -
a) sh boot
b) sh ip int br | include Vlan
Jon
01-05-2015 07:59 AM
01-05-2015 09:40 AM
Why do you have two vlan interfaces (SVIs) on this switch ?
I assume if previously you were using DHCP for both interfaces then this switch could only be acting as L2 and not L3 ie. it is not doing any routing between vlans because the clients wouldn't know the correct default gateway ?
So are you saying you can't ping the switch ?
If so -
a) what IP address are you pinging from ?
b) which switch/router does handles the routing between vlans ?
Jon
01-05-2015 11:07 AM
Vlan1 is our local LAN (192.168.1.0/24) and lvan2 is our VOIP (call center IP phones) which are connected to an Adtran router on the 10.99.... subnet.
I'm trying to ping from our local LAN from my ip: 192.168.1.101
Here is the route info from the config on SW3 (the switch we are discussing)
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.23.181.1 254
ip route 0.0.0.0 0.0.0.0 192.168.1.14 254
ip http server
ip http secure-server
!
====================================
Here is the config from the switch connected to the adtran "VOIP" router:
Using 7821 out of 524288 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SW4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
system mtu routing 1500
vtp domain fub
vtp mode transparent
ip subnet-zero
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 2
name VOICE
!
!
interface FastEthernet0/1
description PC/PHONE
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/2
description PC/PHONE
switchport mode access
switchport voice vlan 2
spanning-tree portfast
.
.
.
interface FastEthernet0/47
description PC/PHONE
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/48
description PC/PHONE (uplink from Adtran 916e Router)
switchport trunk encapsulation dot1q
switchport mode trunk
switchport voice vlan 2
spanning-tree portfast
!
interface GigabitEthernet0/1
description UPLINK-TO-SW3
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet0/2
description UPLINK
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet0/3
description UPLINK
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet0/4
description UPLINK
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface Vlan1
description DATA-VLAN
ip address dhcp
!
interface Vlan2
description VoIP-VLAN
ip address dhcp
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.14 254
ip route 0.0.0.0 0.0.0.0 172.23.181.1 254
ip route 0.0.0.0 0.0.0.0 172.23.181.1 254
ip route 0.0.0.0 0.0.0.0 192.168.1.14 254
ip http server
ip http secure-server
!
!
control-plane
!
!
!
end
--------------------------------------------
Here is route info from another Cisco Catalyst 3560 (24-port) from the stack
!
interface Vlan1
ip address 172.16.2.2 255.255.0.0
!
------------------------------------------------------------
01-05-2015 11:07 AM
This is really confusing ie. -
Here is route info from another Cisco Catalyst 3560 (24-port) from the stack
!
interface Vlan1
ip address 172.99.99.2 255.255.0.0
!
the subnet used in the above is totally different from the one you applied to SW3 for the same vlan.
Can you explain that ?
I think we need to understand your network layout and the IP addressing before we can say what you should do.
Jon
01-05-2015 12:00 PM
I agree with Jon that this is quite confusing. When the switch is operating as a layer 2 switch it really should have only a single interface vlan x to provide layer 3 functionality. On many layer 2 switch I have had the experience that when you configure a second SVI that the first one configured goes to protocol down. But other switches allow multiple SVIs and keep them in the up state. I have also seen situations where having multiple active SVIs on a layer 2 switch caused unexpected behaviors.
And I am quite puzzled at this part of the configuration
ip route 0.0.0.0 0.0.0.0 192.168.1.14 254
ip route 0.0.0.0 0.0.0.0 172.99.99.99 254
ip route 0.0.0.0 0.0.0.0 172.99.99.99 254
ip route 0.0.0.0 0.0.0.0 192.168.1.14 254
As a layer 2 switch I would not expect to see any ip route statements much less attempts to configure 4 default routes (but which duplicate the next hop on two route statements).
HTH
Rick
01-05-2015 02:07 PM
192.168.1.14 is our firewall
The other route is old, from previous VOIP provider.
I don't understand why the route info is there twice.
01-05-2015 02:31 PM
In terms of which switch is routing for the data vlan then what is the default gateway set to on the clients in that vlan ?
That IP address will be on one of your switches and hopefully on that switch there should also be a default route (or more than one :-)), pointing to the firewall.
It is a bit confusing how it has been setup.
It sounds like you can ping the switch now but if you want to tidy everything up then let us know and we can perhaps dig a bit deeper and have a look at all the configs.
Jon
01-05-2015 05:10 PM
Our default gateway on our LAN is the firewall 192.168.1.14.
In terms of Cisco Switches: we have SW and SW3 and SW4 and Cisco24POE. Total of 4 Cisco switches. All Catalyst 3560's. The first one we got was SW and here is its config (nothing is plugged into Fast eth0/1; also I removed most of the ports as they are all the same):
Using 6721 out of 524288 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW
!
enable secret 5 $1$Fq5g$vvR7eBEpmcarWk6tlMs1o.
!
no aaa new-model
ip subnet-zero
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
description CONNECTION TO SHORETEL FA0/1 ROUTER
switchport access vlan 2
switchport mode access
duplex full
speed 100
!
interface FastEthernet0/2
!
.
.
interface FastEthernet0/47
description PHONE + PC
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/48
description PHONE + PC
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface GigabitEthernet0/1
description UPLINK-TO-24port-SW
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/2
description UPLINK-TO-SW3
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
ip address dhcp
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
no login
line vty 5 15
no login
!
!
end
===================
Here is the config from the 24-port switch:
Using 3801 out of 524288 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Cisco24PoE
!
enable secret 5 $1$WH66$Zf7VOSZ5FN96T5AbH/5fM1
enable password <redacted>
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/2
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
.
.
.
interface FastEthernet0/23
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/24
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface GigabitEthernet0/1
description UPLINK-TO-SW
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 172.16.2.2 255.255.0.0
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
password <redacted>
login
line vty 5 15
password <redacted>
login
!
end
=====================================
Here is the config for SW4
Using 7821 out of 524288 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SW4
!
boot-start-marker
boot-end-marker
!
!
username cisco privilege 15 password 7 060506324F41
no aaa new-model
system mtu routing 1500
vtp domain fub
vtp mode transparent
ip subnet-zero
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 2
name VOICE
!
!
!
interface FastEthernet0/1
description PC/PHONE
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/2
description PC/PHONE
switchport mode access
switchport voice vlan 2
spanning-tree portfast
.
.
.
interface FastEthernet0/46
description PC/PHONE
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/47
description PC/PHONE
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/48
description PC/PHONE (uplink from Adtran 916e Router)
switchport trunk encapsulation dot1q
switchport mode trunk
switchport voice vlan 2
spanning-tree portfast
!
interface GigabitEthernet0/1
description UPLINK-TO-SW3
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet0/2
description UPLINK
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet0/3
description UPLINK
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet0/4
description UPLINK
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface Vlan1
description DATA-VLAN
ip address dhcp
!
interface Vlan2
description VoIP-VLAN
ip address dhcp
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.14 254
ip route 0.0.0.0 0.0.0.0 172.23.181.1 254
ip route 0.0.0.0 0.0.0.0 172.23.181.1 254
ip route 0.0.0.0 0.0.0.0 192.168.1.14 254
ip http server
ip http secure-server
!
!
control-plane
!
!
line con 0
logging synchronous
login local
line vty 0 4
logging synchronous
login local
line vty 5 15
logging synchronous
login local
!
end
01-06-2015 02:25 AM
If the default gateway for the data clients is the firewall then at least for data none of your switches appear to be routing that traffic ie. they are all simply acting as L2 switches even though they are L3 capable.
What is the default gateway for the VOIP clients ?
Do you want to manage all your switches via a static IP ?
Jon
01-06-2015 10:50 AM
Here is the info off my VOIP phone:
IP Gateway: 10.58.5.129
Subnet Mask: 255.255.255.128
VLAN ID: 2
This is provided by the Adtran router from its dhcp
I want to at least monitor the switches from Nagios (hence the desire to have them accessible via ping with a static IP.
I have never managed a Cisco switch via a static IP but that sounds attractive as well.
01-09-2015 02:46 PM
01-05-2015 01:52 PM
sorry for the confusion...I was trying to obvuscate the IP info and that was a poor choice on my part. I updated the above config info. correcting the IP's. Basically we have a flat data LAN on 192.168.1.0/24 and our current VOIP circuit starts with 10.58.5... The Cisco switches are all Catalyst 3560 switches and our previous voice provider was managing them and now I'm trying to manage them. All that to say, I believe the 172.... routes are all old and unused. I'm not sure what is managing the routes. How can I find out?
01-05-2015 01:55 PM
Now the switch is pingable...not sure what happened. I can ping it at 192.168.1.13
In regards to the vlan1 on the 24-port Cisco....
!
interface Vlan1
ip address 172.99.99.2 255.255.0.0
!
should read:
!
interface Vlan1
ip address 172.16.2.2 255.255.0.0
!
I think this is an erroneous vlan1 definition on this 24-port Cisco as all the ports are setup to use voip and data...here's the full config:
Using 3801 out of 524288 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Cisco24PoE
!
enable secret 5 $1$WH66$Zf7VOSZ5FN96T5AbH/5fM1
enable password <redacted>
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/2
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/3
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/4
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/5
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/6
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/7
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/8
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/9
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/10
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/11
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/12
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/13
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/14
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/15
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/16
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/17
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/18
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/19
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/20
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/21
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/22
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/23
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface FastEthernet0/24
description PCs & Phones
switchport mode access
switchport voice vlan 2
spanning-tree portfast
!
interface GigabitEthernet0/1
description UPLINK-TO-SW
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 172.16.2.2 255.255.0.0
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
password <redacted>
login
line vty 5 15
password <redacted>
login
!
end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide