Cisco :: 6509 WLC Should Not Be Placed On Data Center Segment
Jul 2, 2011
We are in middle of deploying WiSM2s on our network, from a design point of view i am confused on where to position the WiSM2s. We have 2 DCs and from best practice architecture view WLC should not be placed on the Data Center segment, but it seems that is the only option i have.
DCs host 6509s, i am planning to host 1 WiSM in each DC, all clients will be on seperate subnet. Do you foresee any issues with this deployment or any security issues? authentications are followed as per cisco recommendation, clients authenticated against AD through ACS so it is fairly secure.
View 3 Replies
ADVERTISEMENT
Feb 22, 2012
How to trace firewall and load balancers placed in data center.
View 6 Replies
View Related
Oct 21, 2011
We have had this issue for a long time in our enterprise. I don't work all the time in networking. I did a CCNA a while ago. We used to have a network manager who set everything up but he left the company. Basically we have this issue that if you connect to Cisco L2TP Remote Access VPN you can't access any resources at our Data Center. Also if you connect directly to the LAN.
View 10 Replies
View Related
Apr 4, 2011
We are planning to purchase an ASA 5505 for a VPN solution for one of our offices. The office has 50-60 user at peak load who would be connecting over the S2S VPN to the datacenter.
From a hardware standpoint, can the ASA 5505 handle this load. The licence is for unlimitedf inside hosts but what is the actual limit on this platform?
View 1 Replies
View Related
Sep 7, 2011
I have some doubts about the best solution for the design of a mini data center.In the data center there is a 6500 with FWSM module installed, there are some vlans created, all of them in the fwsm module. For example, a back end server to communicate with a server in the front end must always pass through the firewall. My question is, all these flows passing in the firewall does not degrade the speed of communication?What is the best practice, just pass the communications with the WAN in the firewall, and the vlan communication between front end and back end is only set up in 6500?
View 13 Replies
View Related
Jan 11, 2012
Any recommendations for top of rack switch for within our data centre.Dual power is a requirement, but bandwidth and through put will not be huge as such I have been looking atthe WS-C3560X-48T-L and the Nexus 3048.
View 1 Replies
View Related
Mar 2, 2012
I have some doubts about the best solution for the design of a mini data center.In the data center there is a 6500 with FWSM module installed, there are some vlans created, all of them in the fwsm module. For example, a back end server to communicate with a server in the front end must always pass through the firewall. My question is, all these flows passing in the firewall does not degrade the speed of communication?What is the best practice, just pass the communications with the WAN in the firewall, and the vlan communication between front end and back end is only set up in 6500?
View 6 Replies
View Related
Nov 4, 2012
We will be moving to a new data center in the very near future and with them our WAN IP addresses will be changing. Any best course of action for changing the IP addresses throughout the firewall configuration? Would it be possible/suggested to export the running-config, make the neccessary changes, then import the config? I am familiar with the ASA 5510 only so far as changes are required. It is not something I work with on a regular basis.
View 5 Replies
View Related
Oct 11, 2012
We have backup data center where I am now planning to provide backup internet service ( in the case where there is internet down or power outage at main server room) . I have a pair of Cisco ASA's 5540, one of which I need to move to backup data center ( BDC), Presently I have ADSL router at disaster serve room with static public IP from ISP.
Currently, I am publishing all my internal resources through ASA. Now my questions, if I move Standby ASA to Disaster Server Room. How I can publish the same internal resources through standby ASA and make it standby as active during the down time of main server room
View 6 Replies
View Related
Feb 26, 2012
What are the list require for setting up Data Center for either University or Government?
View 4 Replies
View Related
Oct 8, 2012
Lucien is a customer support engineer at the Cisco Technical Assistance Center. He currently works in the data center switching team supporting customers on the Cisco Nexus 5000 and 2000. He was previously a technical leader within the network management team. Lucien holds a bachelor's degree in general engineering and a master's degree in computer science from Ecole des Mines d'Ales. He also holds the following certifications: CCIE #19945 in Routing and Switching, CCDP, DCNIS, and VCP #66183
View 1 Replies
View Related
Feb 21, 2013
I have a problem to solve in our data center, see attached drawing. HW: Our core switches consists of two stacked C3750 with ip routing. What I want to do is probably simple but I haven't been able to figure out the best method.
VLAN10 and VLAN20 should not be able to communicate with each other. (ACLs?)VLAN10 will have it's own default route/firewall. Both VLAN10 and VLAN20 should be able to send server backups to server in VLAN30. All 3 V LANs come in on a trunk from a pair of stacked C2960-S. I need it to be able to scale if we have 50 VLANs for instance, hopefully without long complicated ACLs. I've been considering VRF's, PBR but can't decide what's the simplest solution to this problem. I have never done this before so I would prefer to start off on the right foot.
View 1 Replies
View Related
Nov 6, 2012
We have ACE module intergrated in cisco 6509 switch. We have performance issue for specific url while accessing through ACE, but it works normal when works with direct url.The users are getting error at middle of works , " applications are unable to get data ". We have configured http-cookie sticky like below, [code]
We are using two rserver in serverfarm and enabled port-80 services.
View 4 Replies
View Related
Dec 7, 2010
Recently I faced 1 issue in MLS 6509.MLS had all Gig modules in slots 6,7,8 taking System detected CRC error rate on port ASIC data bus exceed fatal threshold, ("System detected CRC error rate on port ASIC data bus exceed fatal threshold".) causing the module reset by the SUP. After this active SUP causing it to failover the standby. This process was continuing every few minutes resulting in the SUPs on MLS rolling.what could be the issue for Sup rolling reset?
View 1 Replies
View Related
Jun 15, 2012
I am currently working on a project which purpose is to establish a TCP connection between a PC and a microcontroler.I configured (in C language) the µC as the server, and the PC as the client (in C#, using the TCPClient class).While running the codes, I capture the frames on the network with Wireshark.The client's ISN is chosen randomly by the TCPClient.Connect method.Since there will be only one TCP connection at a time, the server's ISN is always 0.The server's port is 0xC0C0 (49344) and the client's port is also chosen randomly by the TCPClient.Connect method.find the screenshot of the Wireshark's capture attached.In compliance with RFC793, the three-way-handshake should conclude with an ACK segment from the client.In my exemple, the client tries to connect three times, and then drops : the client sends no ACK segment.The µC's SYN-ACK reply may be bad configured .What kind of information did I miss ? Are there special data the client is expecting ? Why don't I get back an ACK segment from the client?
View 3 Replies
View Related
Apr 14, 2011
2 dhcp server on the same lan segment not thesame ip add series , how can i prevent to lease ip from another ip series
View 2 Replies
View Related
Aug 4, 2012
I have a standard switch with a server two routers one for data one for VoIP Server is dhcp and dns, all clients are auto configured from the server - all is good.I want to share my internet with anouther business - in the same building I have added a Ethernet router with a different ip range and this router is their dhcp server with its own private LAN This router has been connected to our LAN via the the Ethernet router wan port Works fine, but all clients on the new private lan can ping and see the LAN behind the wan port of the Ethernet router and can ping them, in some cases certain files can be seen?
View 1 Replies
View Related
Jul 13, 2012
The default Gateway and DHCP server is connected to port 1 of the switch. I have various other devices on the network plugged into other ports on the switch.I want port 1 to communicate with every port on the switch, but don't want the other ports to be able to see eachother unless I specifically allow them to. For example, port 5 should see port 1, and 7, but nothing else.Everything needs to be in the same subnet. With the older Dlink switches I am used to this feature is called "Port Segmentation" but I see no such option in this switch. I have been playing with the VLAN settings but so far I have not been able to achieve this.
View 7 Replies
View Related
May 31, 2013
I have been having a heck of a time trying to configure my 5505 to allow the second segment on my network to use the internet. Office 1 has a fiber internet connection, and all traffic flows fine. Office 2 had gotten it's internet from AT&T, via a network based firewall injecting a default route into the mpls cloud. both offices connunicate to each other through the mpls.
When we added the fiber to office 1, we had the mpls people change the default internet route to the inside address of the 5505 and things worked fine. when AT&T attempted to remove the NBF defaut route, and inject the 5505's address as default, things didn't go so well.
AT&T claims that it is within my nat cmmands on the 5505, but won't tell me anything else. I assume that they are correct, and I assume that I am not good enough with the 5505 ASDM to tell it what to do.
Office 1 uses 10.10.30.xx addresses and Office 2 uses 10.10.10.xx - the 5505 inside interface is 10.10.30.2 the internal interfaces of the mpls are 10.10.30.1 and 10.10.10.1
View 21 Replies
View Related
Nov 28, 2012
I have a client with a WLC 2504 that wants to route "guest" users through a gateway appliance "radiusgateway.com" and all others through the network. It appears to me this would require the use of two fa ports on the WLC. One directly connected to the radiusgateway (which is connected to a switchport) and the other fa interface connected directly to a switchport bypassing the proxy server.
My issue is, "how do you segment the ssid traffic via the WLC". The interfaces cia the gui aren't that intelligent, there's an enable and logging drop down. Via the command line, I didn't see any methods of routing traffic.
View 1 Replies
View Related
Mar 23, 2013
WAN link plugs into a 2821 Router with an switch module in it. About 8 clients are plugged in to the 2821.2821 connects to super cheap netgear switch (I'm 99% sure it's stripping dot1q headers) via one of the ports in the switch module. About 4 people are connected to the netgear.Now, I sent a catalyst 3560g to the branch because they wanted to extend into a new building. Someone decided to run a single cable from the netgear to the 3560. On the 3560, I have about 5 clients and a couple of APs.
So it goes 2821 -> Netgear -> 3560. All of these are single connections.When the 3560 gets plugged in, all clients on the netgear lose their connection, and nothing on the 3560 works. It happens almost instantly. I can't figure out why connections are dropping. The APs have about 4 VLANs onn them, and the PCs are on their own VLAN (the native VLAN).
View 3 Replies
View Related
Aug 21, 2012
We have an OSPF network with four 6500 Distribution Switches. They are fully meshed and see each other as peers and are sharing routes. Off of one pair (Border) there is a setup of 3750G siwtches that go off to another network and they do not run OSPF. Between the Border Dist and the 3750G Switches we run HSRP. The 3750G side uses HSRP GP 192 and the Dist Side uses HSRP 192.There are static routes on the 3750G pointing to the Dist HSRP address to get back to network.Pings fail from the OSPF side to the HSRP address on the 3750G side.If I do a trace from the OSPF side to the HSRP address it hits one border dist switch then the other and fails.If I have static routes on both border dist switches pointing to the HSRP on the 3750side, do we need to change the metric on one dist so that it is preferred over the other or should the router Id take care of that?
View 1 Replies
View Related
May 23, 2013
I was asked to enable netflow in an ASA Firewall for Orion/Solarwinds server monitoration. Firewall is a 5550, with 4G RAM, and no extra modules but SSM-4GE. This firewall has 5 DMZ segments and ans specific segment for internet traffic.There are segments as unique subinterfaces in physical interfaces. Other segments as individual subinterfaces in the same physical interface (but individual VLANs)Usually firewall CPU flows between 30% to 40%. Rarely to 50%.
1 - How dangerous or risky could be implement netflow in this firewall?...This firewall is very critical for the customer. My concern is regrading CPU, traffic generated, memory, etc
2 - In a month, firewall will be migrated from 8.2 software version to 8.4 software version. Is there any incompatibility in some commands?...Would be recommended to perform netflow configuration after software upgrade?
3 - How could it be implemented for Orion monitoring, regarding each individual sub-interface (and so, each VLAN assigned)?I there any recommendation regarding configuration, best practices?
View 6 Replies
View Related
Feb 5, 2012
I need to create a firewalled segment that not only separates hosts from general population, but also from each other. The solitary confinement of firewalled segments.I know that I could create a bunch of sub-interfaces, one for each host or group that needs to be isolated, but I'd really rather not have to do that if possible. 1) It could become a management nightmare between ACLs and sub-interfaces and 2) it's a waste of IP addresses.s there any way that I can create a bunch of separate VLANs behind the firewall and have them all terminate at the firewall, using a single firewall IP address for the gateway?
VLAN 1 - hosts 1.1.1.5 and 1.1.1.6VLAN 2 - hosts 1.1.1.7
Firewall DMZ Interface - 1.1.1.1VLAN 3 - hosts 1.1.1.8 and 1.1.1.9
This way, the hosts are isolated and can't talk to each other unless they're on the same VLAN.I'm working with an ASA 5510 running 8.2.4(4).
View 1 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Jan 26, 2013
My system is asking for solution center
View 1 Replies
View Related
Dec 6, 2011
I was trying to use my Xbox as a media Center. But its really slow. It shows I have a low Bandwidth. My Pc is a MW 7. My current ( old) router is wired to the xbox. PC wireless. Do I need a new router?
View 1 Replies
View Related
Apr 22, 2012
We've been upgrading our WLCs to 7.0.230.0 but I've notifced after they have been upgraded they no longer appear in the controller section in License Center on the WCS. They still exist in the WCS and the audit the configuration jobs are working. I've also tried manually triggering the Controller License Status background tasks and this runs without reporting any errors.I thought it may be because the WCS was at a lower version but I've now upgraded this to 7.0.230.0 also but the WLCs are still missing.
View 1 Replies
View Related
Dec 16, 2010
I downloaded the ISO for SSE 2010, and the damned thing is too big to burn to a DVD5. I doubt seriously MS expects people to have Dual-Layer discs handy.Is this intended not to be burned, but installed from the desktop instead? I can open the ISO just fine with WinZip.
View 5 Replies
View Related
Jun 24, 2012
Can any provide me with the SKU's and pricing of the Broadband Access Center 4.2 Is this the correct version to use with the SRP527?
View 1 Replies
View Related
Jun 13, 2011
I can't remember the last time I connected to the Windows media center on my Xbox 360 but I know recently I have tried to run a game server on the PC that the media center runs on. I was trying to do this by setting up a static IP. Here is the thread I posted to ask questions about it. I also used Hamachi to do the same thing. It basicly creates another netowork for you to connect to other people on, I guess. When I started using it another network appeared in my network and sharing center.I have tried reseting my modem and router. I've checked my network settings on my PC and my Xbox 360 and they both look like they use to look before I tried to use my PC as a server.
View 13 Replies
View Related
Nov 12, 2012
I have tested each antenna separately. With each antenna attached one at a time the left and right antenna is giving me -20 signal. The center is only giving me -65 signal. Is this a problem with the router or normal? I noticed that the center pin is pushed in more then the left and right. Don't know if that is the cause.
View 14 Replies
View Related
