Cisco Firewall :: Configure IOS IPS On Catalyst 3560?
Mar 18, 2012is it possible to configure an IOS Firewall IPS on a Catalyst 3560? Which IOS version would I need if it were possible?
View 3 Replies
ADVERTISEMENT
Cisco WAN :: Configure Catalyst 3560 As Internal Router
Oct 3, 2011I am trying to configure my catalyst swtich as an internal router.
I want to route traffic between 4 different subnets.
192.168.200.0 /24
192.168.201.0 /24
192.168.202.0 /24
10.10.10.0 /24
Cisco Switching/Routing :: Configure The IOS NetFlow 122-58.SE2 In A Catalyst 3560?
Jun 4, 2012It is possible to configure the IOS NetFlow 122-58.SE2 in a Catalyst 3560?
View 5 Replies View RelatedCisco Firewall :: Can Configure 3560 To Listen To Relayed DHCP Requests
Apr 18, 2013I'll start out with the fact I work mostly with Wi-Fi and not a lot in the security realm... If I plug my workstation into the 3560, my wired client adapter can get an IP address. But the WLAN adapter will not when associated to WLAN.Usually this is not a problem since you may only have two access points on the controller and a dozen or so hosts. In my case, however, I want to put a few of the ports on the 3560 into the same VLAN as the WLAN on the 2106 so I can give them the same guest access as the WLAN. The hosts plugged into the 3560 get an IP address without issue from the ASA. When I disable dhcp proxy, the WLAN clients get an IP address, but then the APs cannot get an IP address from the internal DHCP server on the WLAN controller, and cease to function when rebooted since they cannot get to the controller without an IP address.
Any way to configure the ASA to accept the modified DHCP packets from the WLAN controller? It appears to me that the ASA is not able to accept DHCP relayed packets.
Cisco :: How To Upgrade IOS Catalyst 3560
May 1, 2012I want to upgrade a Catalyst 3560-48PS to the last IOS.I get an errormessage stating that there is insufficient space in flash: I have deleted all files in flash - but I still get the same error message. According to the documentation there should be enough memory. Messages are pasted below:
Switch#dir
Directory of flash:/
No files in directory
15998976 bytes total (15997952 bytes free)
Switch#archive download-sw tftp://192.168.9.13/c3560-ipservicesk9-tar.122-55.SE.tar
Loading c3560-ipservicesk9-tar.122-55.SE.tar from 192.168.9.13 (via Vlan9): !!!!!!!
[OK - 15964160 bytes]
Loading c3560-ipservicesk9-tar.122-55.SE.tar from 192.168.9.13 (via Vlan9): !!!!!!!!
examining image...
extracting info (109 bytes)
[code]....
Error: There is insufficient space in flash: to install the required
Error: image. Clean up some old images, and try again.
Cisco Switching/Routing :: QOS On Catalyst 3560
Oct 28, 2012We have a IP-phone system connected to port 1 on a 3560 switch, the phone system tags traffic with dscp. The switch uplink is on port 24.
Is this configuration correct:
interface 1:
auto qos trust
interface 24:
priority-queue out
Cisco LAN :: Two Logical Switches Within One Catalyst 3560
May 20, 2012I have purchased two catalyst 3560 switches (with 24 interfaces) on Ebay to prepare for ccnp switch exam. It would be great if I have 4 switches. Is it any possibillity to create two logical switches from one? I mean, not by assigning interfaces to different vlans?
View 1 Replies View RelatedCisco WAN :: Packet Latency On Catalyst 3560?
Nov 8, 2011I have installed a Catalyst 3560 as my internal router. I have created 4 vlans to route the traffic.
Here are the interface "show run"
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport access vlan 2
switchport mode access
spanning-tree portfast
[code].....
I have been getting notifications of large packet loss and latency for itnernal traffic going to servers. I have a simple setup of nagios who pings servers and will notify me of large packet loss or complete packet loss. I have implemented this L3 switch a few hours ago, I am currently running a constant ping to my servers, but I am not niticing packet loss right now.This packet loss happened 4 time spans within the last hour of many large packet losses to all my servers within all subnets. It is now stopped.
I am not sure why this would be happening, the predessor of the internal router was just a normal linux box with 3 NICs on it. Nothing crazy going on since the business is closed.
Cisco :: Monitoring Catalyst 3560 Health Using MIB / SNMP
May 23, 2011I'm a C# programmer and as part of my software I need to monitor some Cisco Catalyst 3560V2 24 switches using SNMP (By reading MIB/S data).Apparently this switch supports more than 50 different MIBs.My question is which MIB/MIBS contains general health data (parameters) that may determine if the switch is OK, Degraded or Malfunctioned.
View 0 Replies View RelatedCisco Switching/Routing :: Catalyst 3560 With GRE Support
Feb 7, 2012Does the Catalyst 3560 support GRE ?
I know that Catalyst 3750X support GRE ,but Catalyst 3750X cannot work in hardware it.
Does the Catalyst 3560 cannot work in hardware too?
Cisco Switching/Routing :: Ingress QoS On Catalyst 3560?
Oct 28, 2012I'm currently configuring per port policing on a 3560 and want to limit inbound traffic to 750mbit:
mls qos
access-list 1 permit any
class SET_IF
match access-group 1
policy-map SET_QOS
class SET_IF
[code].....
When I test the setup with iperf I always get different results when I change the nummber of parallel connections.Isn't there a way to limit the throughput regardless of the number of conns (INGRESS!) like with srr-queue bandwith limit?
Cisco Switching/Routing :: Catalyst 3560-X IOS 15.0(2) IP Base?
Nov 29, 2012We have observed increase of CPU utilization of 50% after upgrade from 15.0(1)SE3 to 15.0(2).The SDM template is "desktop default" template.The increase of CPU utilization in Switches with LAN Base after upgrade is about 10%.
How to find the cause for the 50% increase ?This is command is the output of 15.0(2). The calculated sum for 5min process-utilization is 21% plus 1% interrupt is 22 %. Where is the rest ?
switch#sh proc cpu sorted 5min | exc 0.00
CPU utilization for five seconds: 30%/1%; one minute: 29%; five minutes: 28%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
169 135084171 33273787 4059 9.92% 8.94% 8.73% 0 Hulc LED Process
83 80075989 13546109 5911 5.60% 5.39% 5.38% 0 RedEarth Tx Mana
[code].....
Cisco Switching/Routing :: Catalyst 3560 Not Booting
Aug 11, 2012I'm having an issue with 2 of my 3560s which are not booting. The last thing I did on both switches before it hangs was:
>write erase
>reload
restarted as normal
[Code]....
I've tried powering-off the switch and pressing the Mode button and power on. I got to swtch: mode switch:reset
It restarted past the POST but just hang halfway at the same bootp-up process as shown on the attached. The SYST LED is Green color when it hangs.
Cisco WAN :: VLAN Routing On Layer 3 Catalyst 3560
Jan 15, 2013My first question is I have an access layer switch which is a single VLAN and I am trunking that VLAN to a distribution layer switch, I can ping the gateway on the distribution layer switch for THAT VLAN, But cannot ping the gateway address for the second VLAN I have on the distribution layer switch. I know it is simple, But I have forgotten and just need a push
Also I have a third VLAN set to route traffic not bound for those 2 VLANs out to a router is the statement "ip route 0.0.0.0 0.0.0.0 172.16.252.2" good enough and do I actually need to create a VLAN for that traffic? and if so, is an access switchport the best option?
Cisco WAN :: How To Remove Subnetted Route On Catalyst 3560
Nov 15, 2011I have been researching a way to remove this subnetted route from my L3.There is an extra subnetted route that should not be there when I execute the command: show ip route
Below if part of my Show Run and the Show IP Route commands. You will see the 10.0.0.0/24 subnet as subnetted. I dont know why the L3 uses the 10.0.0.0/24 when I enter 10.10.10.0/24? But thats a whole different questions.
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 10.10.10.1 255.255.255.0
!
interface Vlan3
[code].....
Cisco WAN :: Connect 2960-S To 3560 Catalyst Switch?
Feb 22, 2012Im trying to Connect a 2960-S Catalyst Switch to a 3560 Catalyst Switch. It worth pointing out im newish to switching although i know some commands and what they do This is my first time connecting 2 switches together.They are connected via a crossover cable and have green lights flashing on the connected ports When i run "show CDP neighbours it sees the new switch Unable to ping new switch...just timesout Here is the the interface on the 3650
GigabitEthernet0/40 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 001b.532f.8428 (bia 001b.532f.8428)
Description: Uplink to Switch 2
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
[code]....
Cisco Switching/Routing :: AutoQoS On Catalyst 2900 And 3560?
Oct 15, 2012Cisco C2960S IOS:12.2(55)SE5
Cisco C3560X IOS: 12.2(55)SE3
The 3560 switch is serving as an access and distribution layer switch. End devices are connected to it and it also implements IP routing via SVI and L3 ports.Auto qos voice cisco-phone has been implemented on applicable access layer ports. SRND4 is being used.
2960:
mls qos map policed-dscp 0 10 18 24 46 to 8
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
[code].....
Question 1:Why is the auto qos generated policed-dscp map different on these two switches?The Cisco Smart Business Architecture LAN configuration files guide [URL] does not specifically use the 3560 in their examples, they use the 3750 but it's my assumption that the same techniques, configs apply with regard to my specific feature questions. When using a 3750 in the Access layer, the guide shows (page 15) the same auto qos generated policed-dscp map configuration that is on my 2960. The SBA LAN config guide shows that when using a 3750 as a Distribution layer switch (page 26), the policed-dscp map configuration is the same that I see on my 3560.In the configuration guide for the 3750 distro switch, there is no auto qos applied as there are no access ports, so the mls qos commands are manually input. Since my 3560 does have access ports, auto qos generated the mls qos commands, and the results are the same be it following the guide and manually entering (per distro switch guidelines) or using auto qos. This leads to question 2...
Question 2:Why is the mls qos map policed-dscp configuration different depending on use as an access vs. distribution switch?
Question 3: On the 3560, access ports that have "auto qos voice cisco-phone" applied are put into queue-set 2 (output). Queue-set 2 (output) uses default values (not configured). Is this correct and desirable? If so, why? The 2960 has all ports in queue-set 1, regardless of being an access device port or a trunk port connected to the 3560 (as per the SBA LAN config guide EgressQOS macro commands). The 3560 trunk ports are all also configured to use queue-set 1 (output), again as per the SBA LAN config guide EgressQOS marco commands.
Cisco Switching/Routing :: Catalyst 3560 Discards Second Device With Same IP?
Dec 10, 2012I have one specific trouble with Catalyst 3560CG switch and Stardom reserved industrial controller. Controller has 2 processors, one of them after(!) negotiation become main with IP 192.168.1.1, other one stays in reserve with IP 192.168.1.129. If main one shuts down, spare one becomes main with IP 192.168.1.1. This perfectly works with DLINK and MOXA level 2 switches, but fails with Catalyst 3560, because spare one cannot even connect to switch port. I don't know the exact reason of it, but i suspect, that it happens because of before negotiation both controllers have ip 192.168.1.1 (i know, that it is wrong and weird, but so it goes). First of them correctly connects to switch port, which goes up and passes pings. Second processor tries to connect to switch port, which goes several times up and very soon down, then processor lefts his tries to connect to anybody and become idle. The switch seems to some way check IPs of 1-st and 2-nd port packets, and shuts down 2-nd port. I have connected via hyperterminal and tried to disable some level 3 functions and checks of the switch, but this wasn't useful. how exactly(or at least approximately) should i configure a switch to make this bundle work?
View 1 Replies View RelatedCisco WAN :: How To Make Use Of Full Bandwidth Catalyst 3560 Series
Feb 10, 2013I have two Catalyst 3560 series switches with a 100Mb Ethernet microwave link and a 250Mb Ethernet microwave link between them. Can the switches be set up to make full use of the added bandwidth (350 Mb).
View 3 Replies View RelatedCisco Catalyst 3560 Auto-load Config On Boot?
Apr 4, 2011possible to configure a Cisco Catalyst 3560 switch to auto-load a config when it boots up?
View 10 Replies View RelatedCisco Switching/Routing :: Port Mirroring On A Catalyst 3560-X?
Oct 21, 2012I've just installed 2 of these in my workplace on a PLC network.I'm now looking to set one of the ports up as my diagnostic port and would like to be able to mirror any of the other ports to this port.I believe it is called SPAN on Cisco switches.The only reference I can find to it is configuring via Telnet which I haven't got a clue about.On my old Wiedmuller switches it was just a few clicks away.
View 3 Replies View RelatedCisco Switching/Routing :: Catalyst 3560 SVI - VMs Cannot Access Internet
Aug 12, 2012I have 5 SVIs configured for VLAN Interfaces 121-125 for my vSphere environment.
All VMs can ping IPs on all the VLANs (VMs on VLAN 124 can ping VMs on VLAN121)
All VMs, except those on VLAN 124, can access the Internet or even ping my router IP.
If I change one of the VLAN 124 VMs to use a different VLAN, and update the addressing appropriately, it can access the Internet.
The problem is exhibited with Windows and Linux VMs. So, I believe something in my switch setup is the problem with VLAN 124 in particular.
If i do a show vlan brief, VLAN 124 is listed.
If I do a show ip int brief, VLAN 124 is listed as upup. I also tried to shut o shut the VLAN 124 interface.
Only one specific VLAN has connectivity problems?
My topology is Catalyst 3560 to home router to Internet.
Here is my IOS image: c3560-ipservicesk9-mz.122-55.SE6.bin
Here is my show run output:
3560_02#sh run
Building configuration...
[Code].....
Cisco Security :: Catalyst 3560-X - MACSec Possible With IEEE 802.1Q Tunneling
Apr 16, 2012To use MACSec between 2 Catalyst 3560-X on both sides with a provider network between that is configured for IEEE 802.1Q Tunneling ?
Since MACSec uses 0x88e5 Frames and the Cisco SAP protocol uses 802.1x for negotiation, can that be working ? (I haven't success)
Cisco Switching/Routing :: RPS 600 Is It Support Catalyst 2960 And 3560
Sep 13, 2012I have CISCO RPS 600 (PWR-AC-RPS) is it support Catalyst 2960 and 3560 ? and which type of cable require since i have cable 22-18 pin and on my switch require 22-14 pin.
View 2 Replies View RelatedCisco Switching/Routing :: Connecting Two Catalyst 3560 Routers?
Oct 15, 2012Scenario: Two buildings connected with a private leased fiber line, so it does operate as a LAN. There are several subnets and everyone at both buildings needs to be able to access all subnets. However the physical machines on those subnets are building specific:
-Building 1: 10.2.0.0/24 (vlan20), 10.4.0.0/24 (vlan40), Internet connection
-Building 2: 10.1.0.0/24 (vlan10), 10.3.0.0/24 (vlan30)
The majority of the traffic between the subnets is specific to the buildings as well (i.e. most of the traffic is between 10.1 and 10.3 or 10.2 and 10.4).
Currently I have a Catalyst 3560 at Building 1 operating as the single "core" L3 router (and then a variety of switches connected to that). I have another 3560 at Building 2 that I'd like to turn in to the "master" L3 router for the two subnets primarily used by Building 2. In other words, make it so traffic from 10.1 to 10.3 doesn't have to run to building 1 just to get back to building 2.
I've got a basic knowledge of adding VLANs, VLAN interfaces and a static routes. The part that I'm getting confused on is that the Building 1 core router needs to make its default route to the firewall (and on to the internet) but "know" that traffic on vlans 10 and 30 gets sent across the fiber line to the other router. So I'm assuming this gets done with some combination of vlan definitions, vlan interfaces and static ip routes on each router.
Cisco Switching/Routing :: Catalyst 3560 / Other Alternatives To IP Unnumbered?
Jul 1, 20121. i have a few sites which are interconnected.
2. there are multiple mobile sets of equipment(servers and catalyst 3560 switch) which i need to connect at different sites. (i cant use repeated subnets)
3. i cant change the ip address/subnets/configuration of the servers and switch, when deploying at different sites. (big problem to me)
i was previously looking at IP unnumbered + OSPF to apply on the mobile sets of equipment. but noticed that IP unnumbered on non pt-to-pt interfaces (which happens to be a 3560) does not work with dynamic protocols. is there any solutions/alternatives which i can achive mobility on equipment?
Cisco Switching/Routing :: Catalyst 3560 / IOS 12.2SE - Software Maintenance
Oct 10, 2012I am currently deciding which IOS to use for various catalyst 3560 models. Version 12.2(55)SE3 seems fitting for this case, but I cant find out when the 12.2SE reaches End of Software Maintenance. I have checked this link: urls...
Where do I get info on 12.2.SE?
Cisco :: Magic Number Mismatch / Bad Mzip File - Catalyst 3560
Jul 21, 2012I was trying to upgrade my 3560 in the lab and I think I might have bricked it. I tried to load up IOS image c3560-ipservicesk9-mz.122-55.SE5.bin so I would have SSH support. I originally was running c3560-advipservicesk9-mz.122-25.SEE2.bin and now I can't get either to load, I get the error message 'magic number mismatch: bad mzip file'.I've formatted the switch and attempted to load the 122-55.SE5.bin image and got the error message above. In hope I could revert back to my old IOS I tried to load up the 122-25.SEE2.bin image but got the same error message! I've verified that the image was indeed on the flash. I'm at a loss here because I know both images are valid. I've tested them both on my other 3560's.
View 11 Replies View RelatedCisco Switching/Routing :: Port Numbering On A Catalyst 3560 / 3750X
Apr 10, 2012Assume I had Catalyst 3560X/3750X with 24 ports. The partnumber is WS-C3560X-24P-LI would like to how is the numbering defined if the switches have a C3KX-NM-10G installed with 4 SFP-GE-L.
View 1 Replies View RelatedCisco Switching/Routing :: Catalyst 3560-X Proprietary AC Power Cable
Jul 22, 2012I just recieved a new 3560-x switch with the C3KX-PWR-715WAC. It looks like Cisco is now using a different AC power cable. Not the StackPower connector, but the standard AC power cable. My data center is setup to supply 208v using C13 power cables. The switch uses a C15 power cable, and comes with a standard NEMA 5 to C13 power cable. Does Cisco make, or officially support a C13 to C15 power cable? Can I still use a 208v power supply with these switches?
I'm using an APC AP8861 power distribution unit, see [URL]
Cisco Switching/Routing :: Catalyst 3560 Can't Access Radius-server In Vrf
Aug 23, 2012My configuration:
radius-server host 10.138.44.57 auth-port 1645 acct-port 1646 key 7 ******
!
aaa new-model
!
aaa authentication dot1x default group radius local
[code]....
Cisco Switching/Routing :: Catalyst 3560 / 3750 - Can Ping PC From Switches But Not From PC
Feb 19, 2013We have a couple of Cisco switches and connected a (Windows 7) laptop to one of them and it gets its IP address from a DHCP server.I can now ping the IP from all of the switches, no problem, also not when I log on to the core switch in the same VLAN as both notebooks. But from my (Windows 7) laptop, which is in the same VLAN as the target laptop, I cannot ping it.
I checked, default gateway is good on both sides, as are DNS servers.
Target notebook ---- Catalyst 3560 V2 switch === Core Catalyst 3750 switch (stack) === Catalyst 3560G switch --- My notebook
Cisco Switching/Routing :: Catalyst 3560 Vlan Trunks Over Etherchannel
Jun 20, 2012I'm configuring two etherchannel groups (2 ports in each) on a 3560 switch. I need to trunk multiple vlans over each channel group.
I created the vlan trunks and allowed vlans on each physical interface. I notice that I can also configure the vlan trunks on the port-channel interfaces that were created. Should I configure them under those interfaces, or leave them on the physical interfaces? Relevant config is below:
interface Port-channel1
!
interface Port-channel2
[Code].....