Cisco :: Directing Traffic Through Catalyst 2940
Aug 2, 2012
I have a Cisco Catalyst 2940 switch, eight ports. Ports 1-4 are connected to a media converter A. Ports 5-6 and 7-8 goes to two separate servers, B and C. Let's say I want traffic from B->5->1->A then through some equipment (which just pushes the data) and back through A->2->6->C without the data just recognizing a shorter path B->5->6->C and thereby skipping the equipment in between. Is this possible without a router? Ridiculous set-up? Yes, though the switch is the only means I have to connect to the media converter in this case.
View 5 Replies
ADVERTISEMENT
Dec 18, 2011
We have one machine running an application accessible remotely. We have cisco877 router, and static ip to access the application remotely. We recently done an update of out application software which has changed the access port/link to application.
since we update the software We can access the application internally through local ip but is not accessible through WAN with static ip, as the port no has changed.
I not having much knowledge of networking don't know what changes should be made in router so it direct the traffic of static ip to the machine running the web application, as before.
I tried looking for clue in router through its SDM Express interface, but no joy.
View 1 Replies
View Related
Mar 12, 2012
Having an issue with two Cat 2940, they have fiber 100Base-TX. Added a new Cat switch (the second on the VLAN), the existing Cat switch drops the fiber connection.
View 6 Replies
View Related
Apr 24, 2012
I'm trying to configure a 2940 switch to trunk. I just can't get it to work.On the interface I have added: switchport mode trunk The default is encap for this switch is dot1q, so there is no need, or ability to add/change the encap mode. Also all vlans are being allowed by default. I still can't get any port to trunk. Need to get G0/1 to trunk, have also tried to trunk f0/6 to the switch in my office. Also can't find the command to change the management VLAN. I do not use vlan 1 for management. Can I change the Mang VLAN on this switch?
View 7 Replies
View Related
Feb 2, 2012
I am trying to find out if its possible to use an existing CISCO 2940 Switch that we have here at our office as a hub? Im sure that borders on insane however, let me break down what we have currently and what I'd like to do.
We currently have a very nice setup here at work, with no problems whatsoever, however; we hired a new person and brought in some new printers and we are running out of wall jacks. Rather then run all new cabling and adding new outlets/faceplates etc... We were just gonna go purchase a simple Netgear 5 port switch/hub from the Local Comp store here in town. We found in our server room a what appears to fully functional and operational cisco 2940 8 Port Switch with a Gigabit port.
All IPs in the office are assigned via DHCP, so....on to the meat of my question -- I tried to plug this into our network and I can't get any connectivity out at all. All the ports light up green etc when I plug in the comps but they aren't pulling valid IPs.
I want to reset this thing and start from the ground up, I am not scared of going into the IOS and modifying what needs to be done...as long as I got a good enough walk through.
View 6 Replies
View Related
Jul 10, 2011
We have the next Settings in our SW. We crate an ACL and aplied to a SVI for Incomming Traffic, I understand that is not necesasry to allow the returning traffic in ACL, but we can't access to rdp for example when we add the ACL, if we remove it, the acces is ok, buet when we add again the access is deny, even we have a log entry, and the ACL i just for Incomming traffic. There is no another ACL.
See attached file
[code]...
View 1 Replies
View Related
Mar 3, 2012
I have this strange problem with my Macbook pro, when I connect it to my cisco 2940 8 port switch then I can reach my ISP (websites eg. google.com) in like 2 minuttes, then something is happening on my router, because suddenly I can´t reach my ISP
This is what I have found out so far:
1. when I lose connection to my ISP then I can only ping internal ip addresses eg. another computer in my network
2. if I renew my ip address on the Macbook then it works again in 2 minutts, then the same happens again. This is my network setup:
Router -> Switch 1 -> Switch 2
I also know that it is not the Macbook, because it have got a new motherboard, and it have been reinstalled
also if I use the Macbook on a other network then it works fine.
All my other computers ( windows and linux ) works fine, no problems.
To me it looks like it is a Nat and/or DNS problem, but I can´t fine out what it is.
View 7 Replies
View Related
Mar 23, 2011
I have downloaded the 90 day ISE evaluation to a vmware platform I have it successfully authenticating local user(s) onto a Cisco 2940 device (12.1) IOS I am trying to follow a TrustSEC design guide [URL] but my LAB 2940 does not support many of the commands shown in this document What I want to try to do is be able to familiarise and demonstrate in the lab the use of ISE to control access to the network using 802.1X and or VPN access from remote vpn clients?
View 2 Replies
View Related
Aug 26, 2012
I trying configure ASN traffic load balance, but doesn't works.I have one Cisco Catalyst 6509 and onde Cisco Ace10 module, in my context "PanWEB" i have the interfaces above: [code] If i try to establish a telnet session(telnet 10.96.202.10 80) i see the SYN packet passing through the ACE and going to the real server, but, the server do not response the SYN packet. I done a capture in the server using wireshark and could see that the IP address of the destination is the VIP and not the rserver ip address , this is a problem? Why can not I have the SYN + ACK from the server?
View 5 Replies
View Related
Nov 21, 2011
I'm receiving multicast traffic (400Mbps) on port 9/38 and sending it out on port gi9/48. I'm trying to achieve that traffic will stay within the card without using the switchfabric,
View 2 Replies
View Related
Jan 28, 2013
Unable to limit traffic on catalyst 3750 gigabit ports it has fiber modules,
I want to limit traffic 2mb per port
I have tried srr-queue and policier but it is not working and there is no ratelimit command under any interface, Applying policy to output is not supported of the interface
policy-map rate-limit
class class-default
police 2000000 8000 exceed-action drop
int gi1/0/3
service-policy input rate-limit
still when I start download it goes to 10 mbps
View 12 Replies
View Related
Dec 19, 2012
We want to filter IP traffic by MAC address on Catalyst 4500. Since we are using bonding (active-backup mode) we need those mac addresses appear on different ports. Below are solutions that we have tried: ACL but it does not work since mac acls only match non ip traffic (We CAN NOT use ip acl). Use a static mac address-table entry to ALLOW specific mac addresses. It does not work either since the same MAC address needs to be seen on a different port. Catalyst 4500 does not support auto-learn option (as e.g. Nexus 5000).
View 3 Replies
View Related
Jun 6, 2013
I have two switches (sanitized configs attached) and I am trying to bond int gi0/1 and gi0/2 between the two. Then I need int gi0/3 back to the main LAN switches. These are new Vlans created 982 and 983 for these switches. Question #1: do the configurations look correct? I haven't placed any laptops on the interfaces to test interconnectivity yet but I am wondering if it will work with no default routes.
The admin team needs these switches at location A for setup then they will be moved to Location B. The only thing that sucks for me is that the network admin before me created gateway interfaces for all the local Vlans on a main router as sub interfaces. For example, for these two subnets, I need to create subinterfaces below (at location A), which is why a gave the Vlan on the switches, ip addresses.
interface GigabitEthernet0/0.982
encapsulation dot1Q 982
ip address 10.98.2.1 255.255.255.0
ip flow ingress
no cdp enable
service-policy input mark-mplsqos-in
interface GigabitEthernet0/0.983
encapsulation dot1Q 983
ip address 10.98.3.1 255.255.255.0
ip flow ingress
no cdp enable
service-policy input mark-mplsqos-in
When I move the subnet to location B, I will also move the gateway. These two switches will be used mainly for a VMWare and HyperVisor environment so Vlan 982 is for VMA network and Vlan 983 is for management. The admin tells me the software needs to tag the packets, I am not sure if I care as the switches should handle that also.
View 1 Replies
View Related
Nov 30, 2009
I have two Catalyst 6506 in VSS mode with VS-S720-10G running 12.2(33)SXI1 IP SERVICES.I have two firewalls that communicate on to the other through a dedicated VLAN created on Catalyst 6506.
One firewall is able to ping the other one on this dedicated VLAN but if I send multicast traffic from firewall-1 I didn't receive it on firewall-2.I found a bug related to multicast issues on Cisco WS-C6509-E with VS-S720-10G. The bug ID is CSCtc59038.
View 9 Replies
View Related
Jan 31, 2012
On a Catalyst 6500, we configured a SPAN session with VLAN 300 as a source. We configured the session bi-directional ("both" keyword). We connect a sniffer on the SPAN destination port.
Strangely enough, we only see the traffic from the VRF to the firewall, but not the reverse traffic ! What can be the problem ?
View 2 Replies
View Related
Mar 5, 2012
I have a Cisco 2940 switch and a Cisco 1841 router. I want to build two different VLAN networks on the switch, which do not have to communicate one with each other, but those VLANS should communicate with the router.
I read a lot of articles, i tried to configure properly the switch and the router but i still don't get them work.
I set on the switch, the GigabitEthernet 0/1 port to Trunk port and i had to set it a native VLAN. The problem is that only from that native VLAN, i can ping the router.
View 17 Replies
View Related
Jan 27, 2013
I have catalyst 3750 I want to controle traffics on every port I have tried Frame-Relay Traffice shaping and Quality of service but there is no support for these commands in the switch.do we have any way to limit traffic on every port in catalyst 3750 and 2960 switches ?
View 4 Replies
View Related
May 6, 2010
I am experiencing a problem on a Catalyst 4510 (cat4500-ipbasek9-mz.122-53.SG.bin) with 802.1x configured. Client PCs are connected via a mini desktop switch to a Cat 4510 switched port in multi-auth mode. The configuration of the port follows:
!interface GigabitEthernet2/34 switchport mode access ip arp inspection limit rate 30 authentication host-mode multi-auth authentication port-control auto authentication periodic authentication timer reauthenticate server dot1x pae authenticator dot1x timeout tx-period 5 dot1x max-reauth-req 6 spanning-tree portfast ip verify source vlan dhcp-snoopingend
It happens from time to time that the Cat 4510 port stops passing traffic. Reconnecting the mini switch recovers the communication. Client PCs connected to the mini switch seem to be authorized at the moment when the problem occures. The RADIUS Termination-Action attribute is set to RADIUS-Request. The problem is not present if "authentication periodic" is disabled.
View 1 Replies
View Related
Jun 4, 2013
Are there any best practices for preventative maintenance on Catalyst Chassis switches. Looking to build a PMI schedule for a customer. Or is there evidence not to perform it at all. Things like re-seating line cards, cleaning fan exhausts, etc.
View 1 Replies
View Related
Dec 11, 2010
We have cisoc 2821 at one of branch and created five sub inetrfaces for different vlans.Output of Show interface shows very frequent increase in the input error count.I have changed the physical cable and switch port on the other side.But still error rate is increasing.When the traffic is less error rate is low but with high traffic it is increasing drastically.My router process is very less(4%) only.What could be possible reason. [code]
View 8 Replies
View Related
Mar 10, 2011
We are looking to implement traffic shaping/policing primarily for P2P traffic. As natively the ASA5550 is only capable of p2p inspection if the traffic is tunneled via port 80 is the AIP-SSM the way forward? We have 2 5550s in active/active failover config. As a side note we are also looking to implement an IDS/IPS system so could this module cover all?Is this module going to provide the desired outcome or is there another module/device out there better suited for this? I would prefer to use the ASA5550s as opposed to implementing another product if only that we can make use of the investment we already made on these devices.
View 1 Replies
View Related
Nov 27, 2012
I am testing limit bandwith using my ASA 8.2, i am trying to limit internet access for certains users , i order to save Bandwith for the important things but i can´t get any limitation
My configuration is the following, the acces list is just for my pc in order to test, and the service policy is applied to outside interface (called internet in my case) for incoming traffic
access-list Internet_mpc_1 extended permit ip host 172.16.127.70 any class-map Internet-class-TEST match access-list Internet_mpc_1 policy-map Internet-policy-web class Internet-class-TEST police output 1024000 1500
service-policy Internet-policy-web interface Internet
With show service policy i can´t see any activity on the policy , but if i do a similar configuration for inside interface outgoing traffic i can see packets allowed and dropped
View 3 Replies
View Related
Apr 29, 2012
I have an ASA 5520 with the below config
Gi0/0: outside (Internet)
Gi0/1: inside (Internal users)
Gi0/2: DMZ (web servers, ftp, Mail etc..)
I have a SMTP relay deployed on the DMZ for mailing. I have also a mail servers installed in the internal lan,
I want to allow trafic from dmz to reach internal lan, and i want normally also allow stmp relay from dmz to reach Internet.
How can i block trafic from DMZ to reach Internal Lan (instead of smtp) if the to allow trafic from dmz to internet i must put ANY in the policy?
For allowing trafic from DMZ to reach Internet, the policy must be DMZ -----> ANY ----->Services., this policy means DMZ can implicity reach Internal Lan?
View 2 Replies
View Related
Mar 19, 2013
We have a Cisco 2811 running ITP IOS. On that router we run the SMPP service. A client on the network connects to this service, and we need to capture the traffic for debug.
I've tried traffic-export, but I cannot see any outbound traffic.I'm guessing that this is due to the fact that the outbound SMPP traffic is not transit traffic as it is generated by the router itself.
Is there any way to capture the outbound traffic?
View 4 Replies
View Related
Aug 4, 2011
I am trying to come up with the best way to traffic shape traffic with 3750 Me switches. the traffic will be coming from a 6504 Sup-7203b downstream and going out the wan. Core---L3---->6504--intvlan80--trunkport to--->3750Me---g/1/1/1-trunkport to---MetroE network--->int f0/0.80--branch router. The idea is to use the 3750 to traffic shape the traffic going towards the wan/branch to 500 to match the contracted rate and then to use qos on shaped rate. I tried to apply it to g1/1/1 using port based policies but it did not shape the traffic. I changed everything to IP interfaces and it worked. I need to break up the metroe into different vlans so I can bring branch offices in on different vlans.c
View 3 Replies
View Related
May 22, 2012
is there any GUI via web (like SDM for routers) to configure catalyst switches(eg 3560 or 3750)?
View 9 Replies
View Related
Apr 22, 2011
Since I am a collector of all things Cisco, I picked up a Catalyst 5505 switch today. It has two supervisor engines in it, a card with 12 fiber ports in it, and two 24 port cards in it. I am trying to console into this thing, but I am not having any luck. I have Googled it and some threads say it uses a normal straight through cable and other threads say it uses the normal Cisco rollover cable. I tried going both routes but no luck?
View 6 Replies
View Related
Oct 29, 2012
I have 2x6500s series catalyst core switch. i configurated vss. all them are working normal. but i have one problem. some of my servers link is down sometimes. I configurated server links as etherchannel.at etherchannel not both of links down only one link down.this modules i used to connect servers to core switch. modules 3 and 7 slot.
View 7 Replies
View Related
Feb 16, 2011
I tried to update Cisco Catalyst 2960 Switches through LMS 4.0
But LMS won't update the 2960 because there is not enough Flash Space on the device. The 2960 shoud have 32MB but a dir flash shows this
27998208 bytes total (15343104 bytes free)
A manual update on the switch is working perfect. Is this a bug or if there is a workaround to make LMS 4.0 working?
View 2 Replies
View Related
May 4, 2011
Two days ago, a brilliant guy inserted a different ios in a Cisco Catalyst 6500 and erased the original ios. I have twice downloaded the original ios by xmodem (too much time!) and both of them, when I reload the 6500, it doesn't work: I have the following message:
loadprog: bad file magic number: 0x0 boot:cannot load "bootdisk:s72033-ipservicesk9_wan-mz.122-18.SXF11.bin"
Second time, when the ios uploaded, I checked the sup-bootdisk: and the flashboot: and both have the wrong ios listed, but it wasn't there: I've tried to delete it and squeeze it, but had a message saying "can't delete because the ios is not there" or something like this. I finished formatting both (flashboot: and sup-bootdisk:), tftp the ios, double-checked the bootloader, compared with other identical 6500 and reloaded again, just to find the same message I've written before.
Supervisor 720 PFC3B. Slots for disk0 and disk1 are broken or I can't read them from the rommon.
View 10 Replies
View Related
May 12, 2013
I'm designing a hierarchical 3 layer campus network with different switch blocks .We need 10Giga Ethernet in the core to distributions and access layer , I was thinking about using a pair of catalyst 4509E in each block.after that I got interested in 4500Xs , in comparison with 4509Es they are much thinner and saves more room in rack space .I wanna use 4500X in my distribution layer .
The question is , as you know 4500Xs have 40 10Giga Ethernet ports , in some of my switch blocks I have more than 40 access switches (40 uplikns to distribution ) i wanna know how many of 4500Xs can i stack together ?
View 5 Replies
View Related
May 9, 2013
Why I can't get the "cdpInterfaceExtTable" by SNMP ? The other CDP info are correct, only this table is empty.
I found the configuration method in CLI:
interface GigabitEthernet3/0/13
switchport priority extend cos 5
interface GigabitEthernet3/0/14
switchport priority extend cos 5
But I still can't get anything back when I walk this node,
View 2 Replies
View Related
Jun 21, 2012
We are facing an issue with the NAM3.Version: 5.1(2-patch4)
we can not login using the GUI. when we try to login we are getting the following warning:
Initializing database. Please wait until initialization process finishes.(see attachment)
we have rebooted the NAM3 module but the issue is not solved. the NAM3 module is running on 6500 Series Switch.(Cisco Catalyst 6500 Series Network Analysis Module (NAM-3)
View 5 Replies
View Related
