One of the challenges of working with remote devices is when you have to change the IP address. For example, if you have to change an IP from 192.168.2.1 to 192.168.2.100 you might do this:
The Maverick Approach (when you don’t care about downtime)
Connect to the switch at 192.168.2.1
[code]]czo3MTpcInJlbG9hZCBpbiA1DQpjb25mIHQNCmludCB2bGFuIDENCmlwIGFkZHJlc3MgMTkyLjE2OC4yLjEwMCAyNTUuMjU1LjI1NS57WyYqJl19MFwiO3tbJiomXX0=[[/code]
Then connect to the switch at 192.168.2.100
[code]]czoxMzpcInJlbG9hZCBjYW5jZWxcIjt7WyYqJl19[[/code]
And that’s it! If your initial IP change didn’t work your switch will reload and you’ll be back at 192.168.2.1, and you can try again.
A Safer Approach
Connect to the switch at 192.168.2.1
[code]]czo3OTpcImNvbmYgdA0KaW50IHZsYW4gMQ0KaXAgYWRkcmVzcyAxOTIuMTY4LjIuMTAxIDI1NS4yNTUuMjU1LjAgc2Vjb25kYXJ5DQp7WyYqJl19ZW5kDQpleGl0XCI7e1smKiZdfQ==[[/code]
Then connect to the switch at 192.168.2.101
[code]]czo2OTpcImNvbmYgdA0KaW50IHZsYW4gMQ0KaXAgYWRkcmVzcyAxOTIuMTY4LjIuMTAwIDI1NS4yNTUuMjU1LjANCmVuZA0KZXhpdFwie1smKiZdfTt7WyYqJl19[[/code]
Then connect to the switch at 192.168.2.100 to make sure it worked, and to remove the staging IP.
[code]]czo4MjpcImNvbmYgdA0KaW50IHZsYW4gMQ0Kbm8gaXAgYWRkcmVzcyAxOTIuMTY4LjIuMTAxIDI1NS4yNTUuMjU1LjAgc2Vjb25kYXJ7WyYqJl19eQ0KZW5kDQpleGl0XCI7e1smKiZdfQ==[[/code]
The reason we have to go through this contortion of using a third, temporary IP is because Cisco does not permit you to have a secondary IP without a primary IP configured.
More Complex Changes
The solution above works if you want to change the IP, but what if you need to do something more complex? What if you need to move the management IP from one VLAN to another? This might happen if you’re in an environment that was using VLAN 1 everywhere, and you’ve decided to enact of the recommendations in the Cisco Best Practices guide so now you need to move the management IP from VLAN 1 to VLAN 777.
In this case you can’t just configure 192.168.2.100 in VLAN 777, because that subnet already exists in VLAN 1. You can’t remove the IP from VLAN 1, because then you’ll lose your connection to the device.
The solution is to use a script, as below. You’ll note that my script included changing the VLAN of interface FastEthernet 1/0/1 to VLAN 777; this is the interface that my connection is coming through and because my management IP is going to be on VLAN 777 it is necessary to do this. Make sure you think about what the final configuration will look like after your script completes, remember that you need to be able to connect to this device or else you’re going to have to reload and start over.
[code]]czoxMzY6XCJpbnRlcmZhY2UgVmxhbjENCm5vIGlwIGFkZHJlc3MNCmludGVyZmFjZSB2bGFuIDc3Nw0KaXAgYWRkcmVzcyAxOTIuMTZ7WyYqJl19OC4yLjEgMjU1LjI1NS4yNTUuMA0KaW50ZXJmYWNlIGZhIDEvMC8xDQpzd2l0Y2hwb3J0IGFjY2VzcyB2bGFuIDc3N1wiO3tbJiomXX0=[[/code]
Create this script in a text file, and copy it to your device. I used tftp.
[code]]czozNzA6XCJSb3V0ZXIjY29weSB0ZnRwIGZsYXNoOg0KQWRkcmVzcyBvciBuYW1lIG9mIHJlbW90ZSBob3N0IFtdPyB0ZnRwLnNlcnZ7WyYqJl19ZXIuY29tDQpTb3VyY2UgZmlsZW5hbWUgW10/IGRldmljZS12bGFuLXNjcmlwdC50ZXh0DQpEZXN0aW5hdGlvbiBmaWxlbmFtZSBbZHtbJiomXX1ldmljZS12bGFuLXNjcmlwdC50ZXh0XT8NCkFjY2Vzc2luZyB0ZnRwOi8vdGZ0cC5zZXJ2ZXIuY29tL2RldmljZS12bGFuLXNjcmlwe1smKiZdfXQudGV4dCYjODIzMDsNCkxvYWRpbmcgZGV2aWNlLXZsYW4tc2NyaXB0LnRleHQgZnJvbSB0ZnRwLnNlcnZlci5jb20gKHZpYSBWbGF7WyYqJl19bjEpOiAhDQpbT0sgLSAxMzMgYnl0ZXNdDQoxMzMgYnl0ZXMgY29waWVkIGluIDAuMDI1IHNlY3MgKDUzMjAgYnl0ZXMvc2VjKVwiO3tbJiomXX0=[[/code]
Then I can confirm the contents are what I think they should be like this:
[code]]czoxODA6XCJSb3V0ZXIjbW9yZSBmbGFzaDovZGV2aWNlLXZsYW4tc2NyaXB0LnRleHQNCmludGVyZmFjZSBWbGFuMQ0Kbm8gaXAgYWR7WyYqJl19ZHJlc3MNCmludGVyZmFjZSB2bGFuIDc3Nw0KaXAgYWRkcmVzcyAxOTIuMTY4LjIuMSAyNTUuMjU1LjI1NS4wDQppbnRlcmZhY2UgZntbJiomXX1hIDEvMC8xDQpzd2l0Y2hwb3J0IGFjY2VzcyB2bGFuIDc3N1wiO3tbJiomXX0=[[/code]
That looks right, so we can apply the script now. I’m cautious when I’m working remotely, so I always set a reload timer; this way if something goes really wrong I can always get back to the original configuration.
[code]]czoyOTA6XCJSb3V0ZXIjcmVsb2FkIGluIDUNClN5c3RlbSBjb25maWd1cmF0aW9uIGhhcyBiZWVuIG1vZGlmaWVkLiBTYXZlPyBbeWV7WyYqJl19cy9ub106IHllcw0KQnVpbGRpbmcgY29uZmlndXJhdGlvbuKApg0KW09LXQ0KUmVsb2FkIHNjaGVkdWxlZCBmb3IgMTU6MTk6MzkgUHtbJiomXX1TVCBNb24gTWFyIDI5IDIwMTAgKGluIDUgbWludXRlcykgYnkgcGF1bCBvbiB2dHkwICh3b3puZXkuY2EpDQpQcm9jZWVkIHdpdGgge1smKiZdfXJlbG9hZD8gW2NvbmZpcm1dDQpSb3V0ZXIjDQoqKioNCioqKiDigJQgU0hVVERPV04gaW4gMDowNTowMCDigJQNCioqKlwiO3tbJiomXX0=[[/code]
Now we can start the VLAN change!
[code]]czoxNTU6XCJSb3V0ZXIjY29weSBmbGFzaDovZGV2aWNlLXZsYW4tc2NyaXB0LnRleHQgcnVubmluZy1jb25maWcNCkRlc3RpbmF0aW97WyYqJl19biBmaWxlbmFtZSBbcnVubmluZy1jb25maWddPw0KMTMzIGJ5dGVzIGNvcGllZCBpbiAwLjEwOSBzZWNzICgxMjIwIGJ5dGVzL3NlY3tbJiomXX0pDQpSb3V0ZXIjXCI7e1smKiZdfQ==[[/code]
When I did this, my ssh session didn’t even drop. All this really does it copy the contents of the file flash:/device-vlan-script.text right into the running configuration, and the device treats the commands just like it would when the device is booting up. All I have to do now is cancel the timed reload.
[code]]czo2OTpcIlJvdXRlciNyZWxvYWQgY2FuY2VsDQpSb3V0ZXIjDQoqKioNCioqKiDigJQgU0hVVERPV04gQUJPUlRFRCDigJQNCioqKlwie1smKiZdfTt7WyYqJl19[[/code]
wozneyenterprises.wordpress.com 
Cisco TAC,
I lab’d it dropping a config file on the device and then using copy flash:/file run.
Where I think I made my mistake was to make the secondary device a trunk rather than letting the connection remain switchport access until the change completed. It also may be that once I change the secondary from SVI1 to SVI116 it loses its route even though it is the same IP address. I may be able to get the top device to change, but am afraid I will lose connectivity to the secondary device for the same reason, it cannot see SVI116 while it is still on SVI1 even though the IP addresses are the same. Was hoping you would be a little more technical. The non technical answer is “You will have to make this change via a console connection . “
And while I expect connectivity to drop, I would be able to reestablish the ssh session after the new SVI took. Any way. I will keep searching for an understanding. You can close this SR.
Katherine Gaj
Any thoughts? thx kat
Changing truck configurations on remote devices is always tricky. There are a few ways to do it though.
For example you could have set your management VLAN to be the native VLAN on the remote trunk side, so you’d always be able to reach it.
I have done copying the script to running config but my connection drops
My cisco 2950 switch is connected to L3 cisco 3750 switch
via trunk port and L3 management vlan is 1 ,how would i change my 2950 switch vlan into 200
A 2950 won’t be able to have two active route-able interfaces at the same time.
You need to imagine the steps required as if you were sitting on the console.
Remove IP address from Vl1
Remove default gateway
Create Vl200
Create SVI for Vl200
Add IP address to interface Vl200
Add the new default gateway
That’s just a rough outline, you’ll need to generate your own config snippet based on what you’re attempting to do.
Great idea. I’ve been using it, but I can’t get script to create a vlan with:
vlan 5
name UserVlan
vlan 15
name MgmtVlan
exit
or
vlan database
vlan 15 name MgmtVLAN
vlan 5 name UserVLAN
exit
Any idea’s
Thanks
Your script looks okay, but I’m not sure if it will work outside of config mode if you need to modify the vlan database directly.
Verify that the commands work in config mode, and check the logs.