Appreciate the responses; which are really filling in the blanks for me. Just to note, I didn’t paste the entire config for simplicity. The other ports are used for user and printer vlans. None of which are assigned to the Management Vlan. From Gi 1/1, we have a 6500 used as the internal router and VTP server. The 6500 is remotely managed from another site and in checking with them, yes there is a password set. With that question answered, it brings me to one other. I thought if the VTP domain setting is null, it inherits the VTP and Vlan information from the VTP server?
... View more
I'm not fully understanding this one but, hopefully one of the Gurus can explain this to us. I had two switches, one that we had on the network prior (swA) and one brand new out of the box (swN). swA we brought back to the shop, formatted NVRAM and threw a new configuration on it for a different building. We installed it and everything worked accordingly. With swN, we proceeded to put a new configuration on it, a mirror of the configuration on swA, with the exception of name and Management VLAN IP. We installed it in a separate building, users and printers were able to access network resources and such but, we could not access the switch remotely. We reviewed the configuration several times over but nothing was dissimilar except that the vlan.dat file was missing. We copied over the vlan.dat file from swA and immediately we were able to access the switch through the Management VLAN IP remotely. What is the specific reason that it would require the vlan.dat file to access the switch remotely? It passed all traffic; user, printer vlans, trunked traffic to attached switches, but no remote access. A partial config: no service pad service password-encryption ! hostname swN ! boot-start-marker boot-end-marker ! ip subnet-zero no ip source-route no ip gratuitous-arps no ip domain-lookup ! errdisable recovery cause bpduguard errdisable recovery cause psecure-violation ! ! vlan internal allocation policy ascending ! ip tcp synwait-time 10 ip tcp path-mtu-discovery ip tftp source-interface Vlan10 ! ! interface GigabitEthernet1/0/1 description <== D1 ==> switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 3-1005,1025-4094 switchport mode trunk switchport nonegotiate spanning-tree portfast disable spanning-tree guard loop ! interface GigabitEthernet1/0/2 description <== sw48 B ==> switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 3-1005,1025-4094 switchport mode trunk switchport nonegotiate spanning-tree portfast disable spanning-tree guard loop ! interface Vlan1 description <== DO NOT USE/SECURITY VIOLATION ==> shutdown ! interface Vlan20 description <== MANAGEMENT VLAN ==> ip address 10.5.1.39 255.255.254.0 no ip redirects no ip unreachables no ip proxy-arp no ip route-cache no ip mroute-cache ! interface Vlan98 description <== Ver 5.0 Access Switch 3750-24TS ==> no ip address shutdown ! interface Vlan99 description <== 3750 v3.3 ==> no ip address shutdown ! ip default-gateway 10.5.0.1 ip classless no ip http server no ip http secure-server
... View more