Cisco LAN :: 3750 How To Filter DHCP Packets From / To Server
Dec 27, 2011
a power analyzer in my network is sending some packets that are unexpected and incorrectly recognized as DHCPOFFERS. As a workaround, I would like to filter those packets with my Cisco switch 3750.Suppose IP_POWER_ANALYZER is the ip address, what could be the best choice
1. deny udp any IP_POWER_ANALYZER eq bootpc
2. deny udp any IP_POWER_ANALYZER eq bootpc; deny udp IP_POWER_ANALYZER any eq bootps
3. deny udp any eq bootpc IP_POWER_ANALYZER eq bootps
View 2 Replies
ADVERTISEMENT
Feb 20, 2013
I'm trying to enable dhcp server on it. done this how to [URL] It works, but unfortunately the client takes almost 2 min to get an ip.
View 3 Replies
View Related
Aug 16, 2011
I have a WCS that I use to manage 8 controllers (2 WiSM's totaling 4 controllers, and 4 more controllers at remote locations). All controllers connect to 3750 switches. The layer three interfaces for all V LAN's that are related to the wireless network are created on these switches. Each layer three interface has a helper address that points the devices in the sub net to the correct DHCP server.
When a wireless device requests a DHCP request I believe it gets to that server based on the relay from the layer three interface on the 3750. However, I know that the virtual interface on the controller is also requesting an address because my firewall is flooded with deny statements. The virtual interface is configured for 1.1.1.1 and so it gets blocked. I am starting to question the use of this interface considering the fact that it is getting blocked and the clients are still getting address.
Are both interfaces trying to act as DHCP relays? Could I setup the controllers to be the only relay (without using the virtual interface)?
View 3 Replies
View Related
Dec 13, 2010
Can we Configure DHCP server in 3750 ? we have configure DHCP server in 1841 router but some reason we want remove router .
View 2 Replies
View Related
May 28, 2013
I have customer who has as Core Switch one Cisco Catalyst 3750 with the IOS c3750-ipbase-mz.122-35.SE5.I know that this image support DHCP Server configuration, but I like to implementate new vlans (approx 15) and I want to know if this switch support 15 DHCP Servers.
View 3 Replies
View Related
Jan 8, 2012
I have a 1250 AP connected to an Switch Cisco 3750. We have a SSID(v lan 1 - native) which get an IP Address from our DHCP Server(located in a Windows 2003 server). I added a new SSID in VLAN 2 and I would like no to use the DHCP Server but to make the AP get an IP Address from the pool I created in the own AP (ip dhcp pool Guest) but every time I try to connect the new v lan, it doesn't get an ip address.
Follow the settings of the AP.
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
[Code]...
View 10 Replies
View Related
Dec 11, 2012
a new LAN installation, two VSS pair 6509 core, 15 closets, with 3750 stacks. Floor 15 only, devices/hosts can ping teh DHCP server but cannot aquire IP addresses. no such problem on other floors?
portfast an dother parameters are intact.
View 2 Replies
View Related
Dec 15, 2012
Setting up a stand-alone WDS/PXE server.Current we have helper addresses setup to forward the DHCP requests from the different VLAN's to the DHCP server. The WDS/PXE server we are setting up is on its server. How do we craft the helper addresses so DHCP requests go to the proper server hosting DHCP and PXE requests go the WDS server?
Everything I seen on Microsoft Technet, lists using Helper Address as the recommended way, but assume both services are on the same server. Our helper address is as follows on each VLAN interface in router: ip helper-address X.X.X..This is a Cisco 3750.
View 6 Replies
View Related
Feb 23, 2012
Haveing issue with DHCP server handing out IP addresses to client connected to VLAN5 interface.ISP Router>Firewall -(WatchGuard Drop-in mode) I have several 3750 switches and one acting as a L3 switch. The L3 is configured as follow: [code]
If I connect a laptop to int fa1/0/10 I DO NOT get an IP address from the 10.100.0.8 scope. If I connect to another interface within the VLAN 1, I get an address from the 10.100.0.0 range.
View 7 Replies
View Related
Feb 21, 2012
I have Cisco 2821 with NM-AIR-WLC6-K9 installed. And number of AIR-AP1131AG-E-K9. Now I set up trivial task to make WLC6 to work as bridge between on of WLANs and one of VLANs on a network segment. I have already attained the following: all is working fine while I use on my test notebook statically assgned IP-address. Broadcasts as ARP-requests are going through the network free. But as soon as I change IP assigning method I hear nothing on DHCP's side. Notebook is unable to acquire address through DHCP. But when I assing IP-address to vlan20 interface on WLC6 and set up correct DHCP-server all works fine again. Now with DHCP. But I don't want use IP on vlan20! [code]
View 8 Replies
View Related
Aug 21, 2012
The wireless client can't get the DHCP address when I enable the On-MAC-Filter-failure, MAC Filtering and Web Auth. Client can get the DHCP address when I only enable the Web Auth in the same WLAN SSID. The WiSM verion is v7.0.235.0. [code]
View 1 Replies
View Related
Oct 27, 2011
If i fully populate all switch port (Cisco 3750 series) with 100 filter list on each port is it recommendable.
View 4 Replies
View Related
Jul 29, 2012
I am seeing a problem with our Cisco 300 switches. We use these switches as access switches, with a stacked 3750-G at the core, two 2960-S at the distribution layer, and about 10 300 Series switches at the access layer (10 port and 28 ports, all PoE).
We use Voice VLAN (VLAN 14) for our Mitel phones – there is a DHCP server on the Mitel system. Phones come up, get tagged VLAN 14 (LLDP), Traffic flows (including Broadcast for DHCP etc…). The system works, and has worked for months.
One day, suddenly, I find that all the Mitel phones on a particular access switch are not working. I look on the Mitel system and the lease on DHCP has expired, and the phone is stuck on renewing its DHCP IP address. I run port mirroring on the switch for VLAN 14 to see what is happening. The phones are stuck on DHCP discover, and I see the DHCP Discover broadcast packets on the switch but nothing else, no DHCP offer packets – hence the phone stuck at boot cycle.
I then do a port mirror from another access switch (that is currently working) – I can see the broadcast packets from the Mitel phones on the broken switch, but on this switch I can also see the DHCP offer packets from the Mitel system. I run two port mirrors simultaneous from the two switches (one working, one not) and I can see that the DHCP offer packets are not coming through to the broken switch. Panic ensues – I look at the distribution layer and there is no problem what so ever.
For some strange reason, the Cisco 300 28 port has stopped passing DHCP broadcast packets on a particular VLAN, even though they are being sent. I power cycle the switch – and hey presto, DHCP offer packets are coming through, and the phones get an IP address and boot properly.
Forward a couple of weeks later, and to today. I have another phone that is showing the same symptoms, luckily it is the only phone on this particular Cisco 300 28 port. The same issue is occurring as described above. I gather as much diagnostic information I can then reboot the switch – but still no joy. I then remember that this switch is not directly attached to the distribution layer and instead gets trunked to another Cisco 300 28 port. I give that a reboot and 5 minutes later, DHCP broadcast offers are passing and the phone boots.
I am listing this problem as not just a ‘one off’ now, and is recurring. It has happened to two of my 300 28 port switches.
All Switches running 1.1.2.0. No link to up time – first instance of the problem, switch was up for 14 days – second instance (another switch) uptime of 39 days LLDP is working fine on the switches, as is Voice-VLAN (Port is tagged and broadcasts out DHCP Discover which is seen by other devices throughout network) Nothing in the log file on the access switch Nothing on the Dist/Core regarding STP – Spanning tree set up is fine throughout.
View 3 Replies
View Related
Nov 20, 2011
In fact i receive traffic on a one client per vlan basis (traffic is PPPoE), i receive all this traffic on a router, collecting all these vlan on a bridge where the pppoe packets are treated.When I use a transeiver to convert operator fiber arrival to my router copper media interface, i have no problem....
When I use dot1q-tunnel to make the same on my 3750, packets seems to be corrupted.I get PPPoE timeouts and packet loss, not regulary, totally stochastic...
I made dozen of tests and different settings, without success I first thougt of MTU issues. [code] I made tests with system MTU and/or system jumbo MTU above 1500, without success.I didn't found any known caveats on 3750 running Version 12.2(25r)SEE4 related to dot1q-tunnel.
View 7 Replies
View Related
Apr 18, 2012
What other command can be used to debug packets on a 3750 switch ?
View 2 Replies
View Related
Mar 23, 2013
I am trying to block all dhcp packets through 2960S lan base IOS. But when i set no trust interface for dhcp snooping, the dhcp packet source port will be err-disabled. Is there any other solution to block any DHCP packet through switch without interface or other service outage?Is possible to block DHCP packet through specific VLAN?
View 6 Replies
View Related
Jun 27, 2010
A specific switch port which happens to be part of a 2 switch 3750 Switch Stack is seeing multiple CDP packets from 3 extra switch port interfaces that are not directly connected. Noteworthy is that the far end devices have the correct CDP entries and I physically confirmed at least two of those connections that lead to the switch "upstream to the culprit switch". Tricky part is that its production so room for maneuvering is limited. At some point I disabled all Ports save for the real uplink and the problem momentarily disappeared. Re-enable the interfaces problem resurfaces. Is there an explanation, technique to eliminate the culprit with minimal disruption?
View 4 Replies
View Related
Dec 29, 2010
We are testing a new 1Gbps WAN circuit between 2 sites. We have cisco 3750 and 4507 on each end. Every time we run extended ping sweep ranging from 36 to 18024 bytes the packets are being dropped randomly once the size goes above 1500 bytes. Our ISP claims Demark to Demark test are clean and they don't want to acknowledge the problem, they blame our switches. To prove the problem is not on our end we've put different switches at each end, still facing the same issue. Ping success rate is around 98 to 99 percent.
View 11 Replies
View Related
Jan 9, 2013
I recently installed DHCP snooping on a 3750v2 switch (Version 12.2(55)SE4) and configured the uplink(Po2) as a trusted port. The problem is that clients cannot receive an IP address. When I disable DHCP snooping it is working properly. DHCP snooping is configured correctly but I don't have an idea how to resolve it. [code]I tested the solution on the same kind of hardware switch and firmware and it worked out fine. What is causing the clients not to receive an IP address from the DHCP server?
View 10 Replies
View Related
Mar 29, 2012
I faced with issue on ME3800. [code] With that configuration there is no problem with DHCP Relay packets.But if I add on interface #xconnect 82.199.1 19.1 77 encapsulation mpls it will stop forward DHCP relay packets immediately. All other traffic transfers without problem.
View 2 Replies
View Related
May 26, 2011
Do you know if it is possible to filter TOIP flows between call server (Siemens technology) and phones ?Specialy, PIX is able to support dynamic ports opening?? Is there an ALG embeded?Is it required to upgrade PIX or not? is required a special licence??
View 1 Replies
View Related
Apr 10, 2013
we need to be required to import MAC filter databse from Cisco Wireless LAN Controller (4400) to Cisco ACS Server (v4.2).
View 2 Replies
View Related
Feb 5, 2012
Basically I have netflow which i'm trying to use to export to a netflow collector. I'm pretty sure that the 3750-X does support netflow. I've recently updated IOS on the 3750-X to support flexi netflow.For some reason the netflow packets are not being exported to the server. I'm using Opmanager which should present the netflow stats in the form of a graph. I'm using a universal IOS image. (C3750E-UNIVERSALK9-M), Version 12.2(58)SE2 3750-X WS-C3750X-24T-S
View 12 Replies
View Related
Jan 10, 2013
I have a Cisco ACE 20, and I´m trying to set up a serverfarm for my radius server to load balance ldap udp accounting packets. The ACE has an LDAP authentication probe but I see no native way of setting up an LDAP accounting probe, without resorting to probe scripting.
View 2 Replies
View Related
Sep 29, 2011
i am facing the same problem now but am using windows 2003 server
View 1 Replies
View Related
May 6, 2012
[code]...
I am able to obtain IP addresses through the DHCP server for my clients and I am able to browse internet on the server 2k8.Server 2008 - Share Internet through DHCP server
View 10 Replies
View Related
Dec 4, 2011
I got a set of dhcp pool in one 3750 attached to diferent Vlans in the network, the wired network works fine, you can get from any switch port across the LAN a diferente VLANs IP. In my wlc2504 I got 5 WLANs with the DHCP server pointed to the VLAN in the 3750, but I just got one set of ip when i tried to connect to diferent WLAN, without connectivity, I can see all the Ap's, and ping the VLANs in the 3750,
View 4 Replies
View Related
Apr 16, 2013
We are configuring ACLs for a dhcp pool on Sw3750
ip access-list extended Test
permit ip any 192.168.1.0 0.0.0.31
permit ip any host 172.16.1.1
And, here is dhcp pool:
ip dhcp excluded 192.168.1.1 192.168.1.3
ip dhcp pool Name
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
But when a PC try to obtain IP automatically, it doesn't work.
View 3 Replies
View Related
May 13, 2012
i created the 10 V LAN in my Cisco 3750 switch.All other V LAN DHCP IP's (192.168.2.X - 192.168.10.X) will be release from the DHCP server except VLAN1 . In my 3750 switch i created DHCP pool(192.168.14.X).... and i assigned to VLAN10.... but one of the client is assigned to V LAN 2(192.168.2.X) configuration. but its getting IP from the Cisco DHCP instead of DHCP server.
View 2 Replies
View Related
Jul 16, 2012
I want to clear following things regarding Cisco 3750 switch.
1. Can I configure Multiple DHCP pool on C3750?
2. Performance effect due to same?
3. Can I resrve IP addrese from DHCP pool for specific MAC address.
4. Can I Exempt IP address from DHCP pool ?
View 5 Replies
View Related
May 10, 2013
I configured an DHCP server on cisco 3750 switch . Wher in w3750 gets connected to plain l2 switch 2960 on floor and machine gets connected to 2960 port. [code] Below is the description of problem:
-> The Cisco 3750 switch is the DHCP server. VLAN 108 is named as internet vlan.
-> Ports in Cisco 2960 switch has been configured with "switchport access vlan 108".
-> There were no problems at all and everything had been working smoothly.
-> 3 days back, users started complaining that they couldn't access the internet. Up on troubleshooting the issue, I found out that there was an issue with the DHCP server as the computer couldn't get any IP address at all. After setting static IP address, the internet started working again.
If I bind IP to MAc address reservation on core 3750 switch for some time of moment it works but after that machine gets unreachable .I restarted the 3750 switch and also all the 2960 switches over the weekend, however, the issue still hasn't been resolved yet. I did issue the command "clear ip dhcp conflict *", clear ip dhcp binding * but no joy at all.
View 2 Replies
View Related
Jul 20, 2011
I've been working with a client's integrated 3750 WLC running 4.0.179.11. I want to upgrade the code because it is old plus I am having DHCP trouble. I have a couple of questions:
1. Is it OK to upgrade to SWLC3750K9-5-2-193-0.aes ? or do I need to go through 4.2 first ?
2. Will that code upgrade the bootloader at the same time?
3. How can I make sure there is enough flash space on the WLC?
4. Are there any special considerations to plan/prepare for?
The DHCP issue is failure of associated clients to get an IP address with this message found in WLC debugging:
[Code]...
View 10 Replies
View Related
Nov 2, 2011
Had a problem with a 3750 this morning not handing out DHCP addresses. The following is a sanitized config of what the switch is using. [code] The IOS installed on the switch is c3750-ipbasek9-mz.122-55.SE1.bin. What got my attention was that the sh ip dhcp pool PC showed 180 addresses being excluded. In doing the math from the dhcp excluded addresses, only 64 should be excluded.
My next step was to remove the second dhcp excluded-address line above. Doing a clear ip dhcp binding * started letting the DHCP service hand out addresses but the sh ip dhcp pool PC stil showed 180 addresses excluded.
It finally took removing the dhcp pool and putting it back in to drop the number of excluded addresses down to a value that matches the first excluded-address line. Didnt see a dhcp bug in the bug database that would explain this.
I tried re-entering the second excluded-address line from above and saw the number of excluded addresses rise as expected. When I negated the line, the number of excluded addresses dropped back to its previous value.
View 1 Replies
View Related
