cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MS350 switch not able to reach the cloud by configured management vlan 1

BB
Here to help

MS350 switch not able to reach the cloud by configured management vlan 1

Hello,

 

we have the following design.

 

VLAN 1   subnet 10.150.0.0/22

 

MS350 STACK With two switches

The switches are getting an DHCP lease from a DHCP server on VLAN1

 

Switch A  10.150.2.105 with Gateway 10.150.0.2

Switch B  10.150.2.106 with Gateway 10.150.0.2

 

The stack is also configured in DHCP & ROUTING

name:  uplink

Subnet: 10.150.0.0/22

Ip: 10.150.0.2

vlan: 1

DHCP Settings: Off

OSPF Routing: Disabled

Multicast routing: Disabled

 

Also configured an static route

Name: default route

subnet: 0.0.0.0/0

next hop ip: 10.150.0.1 (router to the internet)

 

In this situation the switches are not able to communicate to the cloud, and try to find a path over other configured vlan id.

 

NOTE:

I create a work-around for ( in my opinion )  this BUG

I found out that the switch was able to get an address but not able to route over the virtual interface (10.150.0.2) and follow the configured default route.

 

I created an reservation on the DHCP server and configured 10.150.0.1 as the router in this reservation.

possible to create a static IP configuration for this switch management address also with the 10.150.0.1 as gateway.

 

 

7 REPLIES 7
Kind of a big deal ww
Kind of a big deal

Re: MS350 switch not able to reach the cloud by configured management vlan 1

just use the gateway .1

 

when you have new switches or factory reset they dont have any vlan and routing configuration so it would not be able to contact the cloud.

Ben
A model citizen

Re: MS350 switch not able to reach the cloud by configured management vlan 1

you say this is a bug but what device has the 10.150.0.2 ip? (you say virtual ip?)

Is this the L3 interface?

 

Do you have a VLAN to route traffic back and forth between your firewall and switch stack? 

Kind of a big deal

Re: MS350 switch not able to reach the cloud by configured management vlan 1

And you can test your config by connecting a computer directly to the cable that is currently connected to the switch and setting it up with the same IP information to make sure you can ping the gateway and get to the internet.  One thing worth mentioning is that the management IP really just needs to be an IP that the switches can use to get to the internet. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
BB
Here to help

Re: MS350 switch not able to reach the cloud by configured management vlan 1

The device holding the 10.150.0.2 is the corestack interface for vlan 1

the two switches are member of this stack

 

 

BB
Here to help

Re: MS350 switch not able to reach the cloud by configured management vlan 1

This will work as other switches are also able to do this.

 

only the two switches in the same stack as the virtual interface are not able to do this.

The rest of the network is healthy.

 

 

Kind of a big deal ww
Kind of a big deal

Re: MS350 switch not able to reach the cloud by configured management vlan 1

 

here another topic relating to this with some info. https://community.meraki.com/t5/Switching/Management-VLAN/m-p/19025#M1520

 

you could make a support case and give it a try. 

 

what is the reason you want to route to its own vlan? 

 

BB
Here to help

Re: MS350 switch not able to reach the cloud by configured management vlan 1

Yes I know,
Still found this a bug.
Now we have to make an exception just for this two switches or better say for the stack with the L3 interface and static route to the internet router while everything switches and nodes in the same VLAN works fine.
It is not logical that this traffic is not routed by the defined route on the same stack.

TO ALL: I know there is said it is not supported
but also get the advice to apply a wish.


Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.