-1

I have a dell PowerConnect 2824 and I have a cat 5 cable connected from port 1 to port 23. Port 1 is reserved for VLAN 1 (the only VLAN that can manage the switch) and port 18-23 belong to VLAN 112.

I currently have the switch setup with ip 10.71.3.5/27 and a test machine plugged into port 22 with IP address 10.71.3.30/27. For some reason I can not ping 10.71.3.5 from my test machine (10.71.3.30).

Note: When I try to ping the server plugged into port 21 (IP: 10.71.3.7/27) also VLAN 112, I get responses just fine.

Note: When I plug my test machine directly into port 1, I can ping 10.71.3.5 just fine.

Quick Recap:

  1. Switch IP: 10.71.3.5
  2. Port 1 - dedicated to management - (VLAN1)
  3. Port 21 - SERVER (10.71.3.7/27) - (VLAN112)
  4. Port 22 - test machine (10.71.3.30/27) - (VLAN112)
  5. Port 23 - dedicated to management (to hop over to VLAN 1 from VLAN 112) - (VLAN112)
Arvo Bowen
  • 805
  • 5
  • 17
  • 35
  • 1
    Wait, you have a cable going from one port to another in the same switch? Why? – MDMarra Jul 02 '13 at 16:41
  • Because there is no other way to manage the switch then from VLAN 1. I do not use VLAN 1 anywhere. So I reserve port 1 to be left on VLAN 1. Seeing thats the ONLY port on VLAN 1, in order to gain access to it I have to have a cable hop over to it from port 23 which is in VLAN 112 with a bunch of other ports. It's very well explained in the question. I hope you did not down vote the well formed question just because you disagree with my methodology... :P – Arvo Bowen Jul 02 '13 at 17:05
  • You can select a different management interface, just create an IPhone address on a different vlan first – pauska Jul 02 '13 at 17:46
  • An IPhone address? How do you select a management int? – Arvo Bowen Jul 02 '13 at 17:49
  • 1
    @ArvoBowen hooking one switch port to another is a _very_ good way to loop your network. It's not just horrible practice but can actively break things. – Zypher Jul 02 '13 at 19:43
  • Stupid autocorrect.. "IP address" – pauska Jul 02 '13 at 22:36
  • pauska: Ahh OK that makes more sense! But then in that case, nope that would not work. See my comments on my answer below. Zypher: I know I know... I hated the idea, but when using VLANs you are in a way creating multiple switches, and in doing so NOT making loops but simply connecting two DIFFERENT switches together. BUT I KNOW IT'S NOT A GOOD IDEA. I just didn't have another way around it. Put simply the 2824 was NOT meant to have multi VLANs working across multi switches and allow management. VERY BAD DESIGN! ;) – Arvo Bowen Jul 03 '13 at 18:20

1 Answers1

0

Before down-voting, jab-commenting, or telling someone they are doing something wrong (instead of giving them some type of solution) is not productive at all. Something very important to remember about switches is that "not all switches are created equal".

In my case there is NO way (that I could find) to manage the switch on any VLAN other than VLAN1. This would be fine but then you run into an issue with VLAN1 in that you can NOT alter the VLAN in any way. In Dell's mind VLAN1 is sacred and not to be touched. You can not rename the VLAN, tag or untag packets, etc. My only option was to use other VLANs created by me. The issue you run into is that if your not on VLAN1 you can NOT manage the switch! Well seeing as how I need to manage the switch I decided that the only way to make this happen was to keep the 1st port dedicated to management and keep it on VLAN1. Then I thought by connecting to virtual VLANs together with a physical cat5 cable I would be able to hop from one VLAN to another on the Dell switch. Well this was a shot in the dark (even though I hated the idea of hooking that cat5 from one port to another on the same switch I gave it a try). This resulted in a no go situation. I could not get the two VLANs to talk to each other. So I came at it from another angle. My work around involved my ASA5505 that I use for small routing jobs (such as managing a switch that is a horrible design like the dell powerconnects).

I simply isolated the switches on there own subnet 10.71.3.48/29 and hooked port 1 right into my ASA5505 then gave the ASA5505 an IP of 10.71.3.49 for that INT used and the switch an IP of 10.71.3.50 (mask: 255.255.255.248).

I know this is not a solution for the issue at hand, but I simply could not find a way to get around making it work. So instead I came up with a work around.

Arvo Bowen
  • 805
  • 5
  • 17
  • 35
  • 2
    1) this is a perfectly valid solution. 2) Have you tried something like : `int vlan 112` ; `ip address ` in config mode? being able to assign an IP to a vlan interface for management purposes is a pretty basic setting that is even on el cheapo desktop managed switches these days. – Zypher Jul 02 '13 at 19:41
  • 1
    And don't throw stones at Dell. VLAN 1 is the "sacred" (native) VLAN on Cisco switches as well. – joeqwerty Jul 02 '13 at 22:00
  • joeqwerty : not by my experience... I use my ASA5505 all day long with VLAN1 and have no issues at all! I can do anything I want with VLAN1 just as I can any new VLAN I create (with the exception of deleting it). Zypher: I came to realize that on these switches the CLI is about useless... everytime I tried to do something with it I would run into a situation where the command was not valid/found. I remember going down that road - DELL(config-if)# ip address 10.71.3.54 255.255.255.248 - RESULTS: IP Address can be configured only on VLAN 1 - But thanks for the try! ;) – Arvo Bowen Jul 03 '13 at 18:15