My router had this configuration on the interface facing the switch:
description Connection to gruden, Cisco switch
no ip address
encapsulation dot1Q 10
ip address 10.10.10.1 255.255.255.0
encapsulation dot1Q 20
ip address 172.27.20.1 255.255.255.0
I assumed that if I assigned a management IP to my switch with either a 10.10.10.0/24 or 172.27.20.0/24 address, the switch would be able to speak to the router. I assigned 10.10.10.100/24 to the switch. Because switches do not receive IPs on individual ports, I applied the IP to VLAN 1:
gruden(config-if)#ip address 10.10.10.100 255.255.255.0
gruden(config)#ip default-gateway 10.10.10.1
Unfortunately, this did not work. I could not reach the router from the switch and vice-versa.
I decided to try assigned a new IP address directly to router interface fa0/1, and give the switch an IP in the same netblock:
gill(config-if)#ip address 192.168.168.1 255.255.255.0
Here's how I configured the switch:
gruden(config-if)#ip address 192.168.168.2 255.255.255.0
gruden(config)#ip default-gateway 192.168.168.1
That did it. Now I can reach both devices. Apparently the switch can only communicate with the router when the address on the switch is outside of the VLANs in use. I believe Todd Lammle refers to this sort of setup as a management overlay network, where certain IPs are used solely for device management.
If anyone can comment on this design or suggest an alternative, I welcome feedback. I think the wrinkle in my setup involves the router having to pass traffic between VLANs 10 and 20.