Cisco LAN :: 3560 Switches - Static IP Routing
Oct 17, 2012
I have been looking at deploying a small core switch design for an important branch office that would consist of 2 cores with an etherchannel link and then 4 POE access switches linked to both cores utilising STP. I will also want static IP routing on the cores and will set up HSRP for gateway failover.
The initial switch I looked at for the core was WS-C3560E-24TD-S however after finding that there is no stock around of this at the moment I have seen the WS-C3560X-24T-S which looks like it will do everything I need including IP routing, HSRP and QoS for VOIP. The thing that concerns me is this is about £1000 cheaper so i'm slightly worried im missing someting.
View 6 Replies
ADVERTISEMENT
Dec 6, 2011
I have one Cisco 3560, and it is connected to Firewall...I already turn on the ip routing, which is able to do interVLAN..In 3560, the static route is 0.0.0.0 0.0.0.0 192.168.2.2
3560 (port 1) =====> Firewall (port 1) ======> Internet (WAN)
192.168.2.1 192.168.2.2
Which mean... anything from 3560 will be rote to Firewall port 1 (192.168.2.2) and all the user behind 3560 will able to connect to Internet (WAN).
I want different setup now, I'm trying to configure another port (port 2) from Cisco 3560 connect to Firewall port 2...
3560 (port 2) =====> Firewall (port 2) ======> Internet (WAN)
10.1.1.1 10.1.1.2
I want subnet 10.1.1.x route to different gateway (10.1.1.2) to Firewall go out to WAN... and not using 192.168.2.2 gateway to WAN.
View 10 Replies
View Related
May 31, 2012
i am not sure if this is something with my DHCP setup or not, but it certainly seems to be the culprit. I am running a 3560G and using it as DHCP and to do V LAN routing (Geiger protocol). I have 10 pools configured with a few static addresses per pool. Now to get down to the problem. I have a computer (and this problem seems to be a gremlin as it changes what computer is affected quite often) that will connect, get its IP, immediately disconnect, then send out a DHCP req again. The computer has a static assignment in the pool, and for the brief second that it connects, it gets the right address. If i move the computer to another v lan, all works right. If i delete the static entry it will get an address in the right v lan no problem. The command i have been using to add static entries is:
address xxx.xxx.xxx.xxx client-id 01xx.xxxx.xxxx.xx
That seems to have been working on all my static routes except for a bank of computers in vlan3. I have went as far as to delete the pool and recreate it, heck i even recreated the v lan and i am still having issues. Below are some snippets of the running config for review.
The DHCP Pool for the affected LAN:
ip dhcp pool Dev3
network 192.168.3.0 255.255.255.0
boot file bootx86wdsnbp.com
next-server 192.168.1.78
dns- server 192.168.1.8 192.168.1.78
[Code] .....
View 4 Replies
View Related
Jul 4, 2012
A check out a network segment and want to know why SwA has a static route to SwB if SwA already has a Default GW to Core?
(SwA, SwB - Catalyst3560, Core - Catalyst4948)Note, there are distribute list on SwA - it does not has any OSPF route (exclude O*IA).
Does this mean when SwA send out packet with DA 10.5.64.0/26, Core will use only L2 switching (instead of L3)? Is this more effectively for Core Switch?
Pleace check my reasoning:
1. When use a static route: SwA receive packet from Vlan 20 with DA 10.5.64.0/26 it will strip out Dest. MAC and replace it with MAC of SwB. Core will switch this packet to SwB based on mac add. table (l2 switching)
2. When SwA has only Default gateway and receive packet from Vlan20 with DA 10.5.64.0/26 it replace Dest. MAC with Core MAC. Core receive this packet, lookup route table for 10.5.64.0 entry and forward packet base on this.
View 6 Replies
View Related
Dec 6, 2011
Is it possible to have ether-channel across 2 switches? As an example, having a server with 2 ports connect, 1 port to Switch-A and the other to Switch-B and then use those two links on the sepatate switches but to the same server to form an Etherchannel.
The Switch-A and Switch-B are 3560 series
View 2 Replies
View Related
Jul 22, 2012
Was building a small network in Cisco Packet Tracer and ran in to an issue. I have 4 routers running OSPF, and off one of the routers I have 5 3560 Multilayer switches. The router that the switches hang off of, I have a sub-interface with dot1q encapsulation, set for vlan 10 and an IP Address. 10.14.16.1/24. The switches have interface vlan 10 configures, and have IPs in the same subnet. From that router, I can ping/telnet to all the switches without issue. My problem arises when I try and reach those switches from any other router. OSPF is set to redistribute static and connected subnets.The routing table is populated correctly on all the routers. When I ping and trace the packet, it looks like it makes it all the way to the respective switch, but the packet never makes it back. I've played with the default route on the switches to no avail. Am I trying to implement this incorrectly, or am I just missing something?
View 4 Replies
View Related
Sep 5, 2012
whether VSS technology support on 3560 switches.I'm planning to intergrate new Cisco 2x6509 with VSS and all the access swtiches 3560's uplink to core 6509..if not support, what will be the solution or any bug fixing or new IOS releasing
View 1 Replies
View Related
Sep 9, 2012
In cisco documentation for the 3560 it is mentioned that blocking appletalk will not work .It shows up in command line but it is not working due to hardware limitation.Is there any other way to block appletalk on 3560 swiitches.
View 3 Replies
View Related
Apr 24, 2012
I have a question about RSPAN, is this feature only supported on 6500 and 4500 switchs?
we have 2 3560 switches and want to use RSPAN to monitor different source ports.I checked thorugh the cisco feature navigator and the IOS we have on 3560 has the RSPAN fature listed in them.
View 2 Replies
View Related
Jul 16, 2012
OSPF normally only comes with IPservices image and not IP Base image. The 3560-C series data sheet says that it only suport IP Base image, yet it mentions that support for OSPF in included. Are there any restictions in the OSPF support?.
View 7 Replies
View Related
Sep 3, 2012
I have a 5K with 5 downstream 3560's. I now have a new 5k that I would like to add to the existing 5K as a HA peer. What is the best way to accomplish this with the least amount of downtime for the downstream switches.On the 3560's, i plan setting up port-channels once HA is setup on the 5k's.
View 1 Replies
View Related
Sep 21, 2012
We have 7 3560's in 7 different locations connected to our providor for wan access. Our provider has given us a copper cable at each point and we have connected it directly to our 3560 switch at each location. Each port is configured the same way at each location. Each switch is running eigrp.All of the switch ports on each switch are configured as a trunk and vlan 299 had the ip address for the eigrp connection: [code] This setup is working as each switch see's all of the other switches as an eigrp neighbor. We have also made sure that the switch at our head office has spanning tree priority for vlan 299.
So the problem is, if there is a change in the topology at one of the locations it usually causes one or more of the other connections to go down for some reason. We just cannot pinpoint what is causing this change. There are no log's or anything other than an eigrp hold time expired message.?
View 9 Replies
View Related
Feb 19, 2013
We have a couple of Cisco switches and connected a (Windows 7) laptop to one of them and it gets its IP address from a DHCP server.I can now ping the IP from all of the switches, no problem, also not when I log on to the core switch in the same VLAN as both notebooks. But from my (Windows 7) laptop, which is in the same VLAN as the target laptop, I cannot ping it.
I checked, default gateway is good on both sides, as are DNS servers.
Target notebook ---- Catalyst 3560 V2 switch === Core Catalyst 3750 switch (stack) === Catalyst 3560G switch --- My notebook
View 4 Replies
View Related
Jul 9, 2012
For some special arrangement, I would like to connect 2 access ports from a 3550 switch to 3560 switch.1 port for vlan 200, another port for vlan 201.Will this introduce bad thing to the switches?
View 4 Replies
View Related
Sep 12, 2012
I have a Cisco 3560 connected via fiber to a Nortel 1612G. The connection is up/up, the V LAN's on the switch work as needed, but I can not ping the switch from the Nortel, and as a result I can not remote into the Cisco for management. I see in the configuration for the trunk that it is configured for a native v LAN, but I don't see it defined which v LAN's are allowed, could this be the issue? I will provide some of the config information for the Cisco side, I understand the issue may be on the Nortel end but if the Cisco part looks OK?
Port config for the trunk:
interface GigabitEthernet0/49
description port_6_1612G
switch port trunk encapsulation dot1q
switch port trunk native v LAN 120
switch port mode trunk
Native v LAN config:
interface Vlan120ip address 172.16.120.11 255.255.255.128
View 3 Replies
View Related
Apr 25, 2012
I have a connection between switches, There are a 3560 (Gi0/37) and a 2960 (Gi0/1), the problem is in the port Gi0/37 of the 3560 switch and this is the log. [code]
I dont understand what is the problem, actually i have added the command power inline never on the port and the problem is solved, but we haven´t changed configuration.
View 3 Replies
View Related
Jun 3, 2012
We have two Cisco switches with one 3560 and one 3750 we have created a new Vlan 4 with IP 10.1.3.x 255.255.255.0 - no shut then assigne to gi 2/0/46 on the 3560 Vlan 4 ip address 10.1.3.x 255.255.255.0 no shut then assign to FA0/45. All interfaces are up up along with the Vlan up up, we can ping the local IP address bu not able to pint the other switch.
View 2 Replies
View Related
Jan 16, 2013
We are in the process of rolling out iPads to our offices. As part of this implementation, we need to print from the iPads to our network printers. Our network printers are mostly HP and Xerox and do not have native Apple AirPrint capabilities. As such, we have been using the FingerPrint software to share out the network printers as Apple AirPrint printers. We have a mixture of switches at our offices. Most offices utilize a 3550 PoE switch. In these offices the AirPrint traffic is being transferred successfully and everything works great. In the offices which are using 3560 PoE switches, the traffic is never seen at the iPads. We are using EnGenius EAP300 access points connected into the Cisco switches to provide wireless access to the iPads. Both 3550 and 3560 switches are running iOS 12.2(25). What might be stopping/blocking the AirPrint traffic on the 3560 switches?
View 3 Replies
View Related
Nov 7, 2012
I have a couple of 3560 switches running c3560-advipservicesk9-mz.122-44 and they are randomly experiencing the following:
- The switch locks up with no preceding error message in the log (I am forwarding syslog to Splunk).
- Upon reboot, the switch goes through the normal startup sequence with no error messages, then for some reason reloads the flash and starts all over again. (refer to doc)
This could happen after days or weeks. Sometimes they will go through two of these reloads on boot and be fine for awhile, and other times they will be stuck in the loop infinitely. I am using this same image with all of our 3560s, but am only having this issue with two of them.
View 2 Replies
View Related
Jul 15, 2012
I have 3 3560 switches which are configured with trunks between them. They run vlan 10, 11 & 12. I have a 'core' switch (switch 1) of these 3 to which an MPLS router is connected on vlan12. I in addition have another switch hanging off the 'core' switch via a routed link (switch 4). I have EIGRP configured as a stub and as such the IP address on the routed link at the core switch end is of a /24 from v lan 1 on the other switch. This makes the route directly connected and therefore distributed via EIGRP stubs. Switch 1 is then exchanging routes with the MPLS router (via EIGRP).
The problem I have is that from any sub net on any switch (switch 1, 2 or 3) I can ping 192.168.13.1 (switch 4). When I try and ping switch 4 from over the MPLS I am unable to. If I trace to the switch I see it reaches the outside of the MPLS router, but is then unresponsive. The same applies if I try to ping switch 1 on 192.168.13.2. Any of the other IP addresses of switch 1 respond.
The MPLS network is a managed solution to which I have no access. I'm told that the MPLS provider is able to ping switch 1 & switch 4 on the 192.168.13.x addresses from a remote router (192.168.32.2). I have tried from a switch on the same L2 sub net (192.168.32.1) and I don't get a response.
From switch 4 I am able to ping the switch on 1 of it's interfaces (192.168.19.1), but not the interface I mentioned above 192.168.32.1. There are no access lists in place on the switches and no firewalls between the sites.
View 22 Replies
View Related
Feb 5, 2013
I have 3560's in my current environment, operating in the core/distro/access layers. The switches are in a star configuration, performs only layer 2 switching, and utilizes copper (no plans on moving to fiber).
With a fairly limited budget, I've been contemplating on upgrading the central node to a stacked 3750X to eliminate that single point of failure, and trunk the rest of the 3560's to the stacked switch. I wanted to be sure that the 3750X switches will be right for my environment (90-100 hosts), and if what I explained above is a good solution.
I'm also looking like to upgrade 6-7 of my servers (and SAN) with 10GB network cards. Do the ports on the 3750X have port densities capable of 10GB? If not, what switches provide that capability?
View 10 Replies
View Related
Feb 20, 2013
I need to support a bunch of security cameras mounted on poles in our parking lot and an IP intercom system mounted on some gates. Because of environmental factors the switches at the poles need to be hardened and the spec from the vendor installing the gear is for GarretCom Industrial unmanaged switches which would make sense.
However when Information Security got wind of this scheme they (probably correctly) are requiring me to secure the ports that these unmanaged switches connect to. I have 2 choices: port security w/ MAC filtering or 802.1x. Because all the devices at the poles and gates support 802.1x and because I may need to go out there to troubleshoot stuff (and will invariably forget to add the MAC of whatever device I am using) I would prefer 802.1X multi-auth mode.
Problem:
When I ran a quick test on a test 3560 running some 15.0.1 code I could get a laptop to connect via 802.1x EAP-TLS successfully if it was directly connected but when I connected the same laptop via a dumb Netgear switch I confiscated from a luser it would not connect. The 3560 error said that the laptop never responded.
Question:
Before I spend a whole lot of time on this, is this something that should work? I don't see any practical use for the feature if it won't however the documentation I am using specifically mentions downstream hubs but I am not sure if they mean real hubs (which I don't think are even made anymore) or if they mean unmanaged switches.
I plan to try a couple of different unmanaged switches tomorrow and digg a little but I would like to know if I am wasting my time on something that will never work or if there is a little gotcha somewhere.
View 2 Replies
View Related
May 10, 2012
Does a portable RPS device either from Cisco or another manufacturer exists, that would allow you to move primary power for a switch without causing an outage? I realize that for the Catalyst 3560 for example, you can get an RPS 2300 or 675, but my understanding is that these are made for a more permanent installation, not to mention rather costly.
It looks like the RPS 675 is rather inexpensive after all, especially in the secondary market, but still rather large for toting around.
View 1 Replies
View Related
Dec 12, 2011
Is there a chart to show what modules will fit what swithches for fiber applications ex 2950 and 3560 switches
View 1 Replies
View Related
Jan 10, 2013
I've been fighting what seems to be an increased number of outqueue drops on our core stack and edge switches for the last 3 or 4 weeks.(The core consists of a stack of 5 3750s in 32-gig stack mode. The wkgrp switches are 3560s. all are at 12.2.52) The wkgrp switches are directly connected to users. We use Nortel IP phones with the phone inline with the user PC. auto-neg to 100/full. [code] However I have tried turning off QOS on a couple of workgroup switches (no mls qos, but left individual port configurations the same) but am still seeing drops.Since I have disabled qos on the switches in question (no mls qos) (not the core tho) I am presuming these commands have no affect on the switch operation and therefore cannot be related to the problem. With QOS turned off one would presume that it is general congestion - especially at the user edge where busy PC issues might contribute. So I wanted to see if I could see any instances of packets in the output queues building up.
I wrote some scripts and macros that essentially did a snapshot of 'show int' every 20 seconds or so, and looked for instances of 'Queue: x/' where x was greater than zero.What I found after several days of watching the core stack, and a few of the workgroup switches that are most often displaying the behavior, was that I NEVER saw ANY packets in output queues. I often saw packets in Input queues for VLAN1, once in a great while I would see packets on input queues for fa or Gi interfaces, but NEVER on output queues. [ code] Additionally, when I look (via snmp) at interface utilization on interfaces showing queue drops (both core and wkgroup), they are occurring at ridiculously low utilization levels (as low as 4 to 8%). I've tried to look for microbursts between the core and a wkgroup switch where the core interface was experiencing drops, but haven't seen any (using observer suite). [code] While the queue-drop counts aren't critically high at this point, they are happening more frequently than in the past and I would like to understand what is going on... In most cases, no error counters are incrementing for these interfaces. Is there some mechanism besides congestion that could cause output queue drops?
View 4 Replies
View Related
Jun 11, 2012
I currently have 4 3560 switches connected in a Mesh topology. These are all set to use Jumbo Frames and so are all the Servers that are connected to these.I now need to connect a 2950 switch to 2 of the 3560's which will have only desktop computers connected to it but i do not want to configure Jumbo Frames on this and any of the desktops.
View 3 Replies
View Related
Nov 30, 2011
have few doudts on MIB file upload.
1) What will be the extension of MIB file ? *.mib or *.my
2) I am running with 12.2(25)SEB IOS .Is thre any dependency with IOS for downloading MIB file.
3)I have 3560 switch and 2960 switch. Is thre any difference in the MIB file extension.
View 1 Replies
View Related
Dec 14, 2011
Looking for Information about Latest IOS Available for switch Series 3560, Guide the latest IOS sopprted Features Specification And Also Guide the Switch Minimum Hardware capacity Require to upgrade with the latest IOS.
View 2 Replies
View Related
May 20, 2012
I have purchased two catalyst 3560 switches (with 24 interfaces) on Ebay to prepare for ccnp switch exam. It would be great if I have 4 switches. Is it any possibillity to create two logical switches from one? I mean, not by assigning interfaces to different vlans?
View 1 Replies
View Related
Apr 10, 2011
We had a new building thats gone up and complete now and we're trying to get a ip phone working down that end of the school on a vlan. We seem to be having trouble with the VLAN going through on the 2960 switch but it works fine on our core 3560 switch.
There looks like a slight variation in the config of the switches, the 3560 switch supports the "switchport trunk encapsulation dot1q" command on the interface where as the 2960 doesn't support the "switchport trunk encapsulation dot1q". Is this why the vlan is working on the 3560 and not the 2960, or is it something else?
Both switches are using the 12.2 IOS
Heres the trunk port configured on the 3560 going down to the new building and connecting into the 2960 with a 1gbit fiber link
interface GigabitEthernet1/2 description 3560X Port UpLink as Trunk Mode switchport trunk encapsulation dot1q switchport mode trunk udld port storm-control broadcast level 60.00 spanning-tree guard root
Heres the trunk port configured on the 3560 going to a Linksys switch which then connects to the DHCP server (The other end of the 3560 is also configued as trunk)
interface GigabitEthernet0/6 description Edge Switch port for clients switchport trunk encapsulation dot1q switchport mode trunk spanning-tree portfast
Heres the working vlan port on the 3560, the ip phone is able to get an ip and ring all other phones etc
interface GigabitEthernet0/7 description Edge Switch port for clients switchport access vlan 2 switchport mode access spanning-tree portfast
Ok now heres the config for the 2960
Heres the trunk port configured on the 2960 going back upto the 3560 switch
interface GigabitEthernet1/0/25 description Port UpLink as Trunk Mode switchport mode trunk udld port storm-control broadcast level 60.00
Heres the access port configured on the 2960 which isn't passing on vlan information. Is there another command i need to use to enable encapsulation as dot1q?
interface GigabitEthernet1/0/19 description Edge Switch port for clients
switchport access vlan 2 switchport mode access spanning-tree portfast
View 11 Replies
View Related
Oct 27, 2011
How can I edit a static interface IP address? I don't seem to be able to edit the static IP address for my switch. How do I go about changing it? As you can see the IP Address field is not editable.
I have also upgrade to the latest firmware and I cannot figure out how to edit it via that as well.
View 1 Replies
View Related
Sep 2, 2012
Is it possible to use Port Security mechanism between two switch (3750 or 3560) ports while trunk has been configured? If it's not possible, is there any other way to ensure that no other Switch can be connected other then the one switch which has been configured/placed by a network engineer?
View 4 Replies
View Related
Jan 16, 2013
I am implementing QoS on our MPLS network. Our environment exists of a mix of Cisco 2960 and 3560 switches. The IPT system is Avaya CM with Avaya phones.The WAN network is a MPLS network.Ports are configured for access and voice vlan (no trunking), one vlan for voice, one for data (vlan 1 is disabled).I dont have Qos coonfigured on LAN just wanted to configure on WAN Router where my Mpls link is connected.I have 45 Mb Mpls links on all sites connected to each other.
I have multiple sites connected via MPLS and i have control at both sides.Current config is mentioned below in which DSCP marking is not done for signaling. What is the best config with example.Current Config on all Cisco Router where MPLS link is terminated at all sites. [code]
View 10 Replies
View Related
