Hi Professionals
I need help with a network design.
Switch 1 is connected to a WAN link which is tagged with a couple of VLANs.
VLAN3 is for Management (of Switches and Server iLOs). For that purpose i have Switch 2, which has connections to all managed host interfaces.
Everything works fine, exept that i can not access Switch 1 over the WAN (either ping, ssh, telnet, web).
If I connect to one other switch with ssh, i can connect to switch1 with ssh.
I think the problem is, that switch1 has Tagged VLAN3 (to propagate to other switches) and OOBM is untagged on VLAN3.
Does anybody give an input or advice, how to realize that, so that also switch1 is accessible on VLAN3?
Any input is appreciated.
Kind regards
giusi
Hello
Do you have an ACL on the tagged port? Please check, as there should be no difference if it is tagged or not. The connection should be to the vlan interfaces if it is defined on the port it should be allowed. There is also another possibility that there is no route on this switch /switch 1/ to the destination from where you are trying to reach it.
Hope this helps!
Hello guisi,
When you try to reach from the wan connection - aaa.bbb.ccc.112 - the management interface of switch1 - is it from the same subnet, how is the routing to it and from it to the ip address you are trying to reach it.
Yes, the static route is valid for the whole switch unless you are using vpn-instance (VRF) which is a separate routing table for its interfaces.
Maybe from switch 2 it is reaching from peer to peer connection to the ip address on interface M0/0/0, but from the WAN the ip address is not reachable on switch1, you may try to ping from the interface ip address to the device you need to see if it has reachabiity.
Is the gateway - aaa.bbb.ccc.126 - reachable from switch 1?
Hi I have the same problem. with a very similar setup:
Ich have two IRF Stacks of 5950 in different datacenters connected via a static trunk. The OOBM interfaces are only reachable from datacenter A and are in our mgmt vlan 400. The OOBM interfaces in datacenter B are connected to a management switch, which is connected via static trunk to the datacenter B 5950 stack.
I cant reach the management interface of the 5950 in datacenter B from a host connected to the mgmt vlan in datacenter A. The correct arp entries are generated on both ends. I can see ping requests at the host in datecenter A when i do a ping from the 5950 in datecenter B, but the answers are never arriving,
This issue occurs with FW 5950_7.10.R6301 - with FW 5950_7.10.R6205P03 everything is working as expected.
It seems to be a bug in FW FW 5950_7.10.R6301. Or is there a new configuration need which i have overlooked?
https://h10145.www1.hpe.com/downloads/SoftwareReleases.aspx?ProductNumber=JH402A
