Cisco LAN :: SA 500 - DMZ Over Single Uplink And Switches
Feb 7, 2013
I have an SA 500 with the optional port configured as the DMZ. The LAN ports are running the 192 range and the DMZ is the 172 range.
I have seperate offices (A few hundred feet apart) that have been connected with 2 un managed switches up linked with a single wire. The 192 range stuff runs over this. I need to get the DMZ out to the second room and was asking about how to do this over the single up link and switches. (Trying not to run a second wire)
My lack of understanding had me draw up this diagram attached as a picture, to ask about. What it shows is me trying to get the DMZ through the up linked switches to the other room. I thought of using 2 routers, one on each end. I've been told this is incorrect and wont work.
Maybe a purchase of a second hardware and eliminate the switches? (up link the SA 500 to another device?) What should that device be?
View 19 Replies
ADVERTISEMENT
Apr 25, 2013
i was checking the datasheet of 500X series and got confused regarding the 10GE uplinks. how many 10GE ports can be used for uplink and which transceiver should be used for 10GE copper uplink? for example, SG500x-24 switch has 24GE ports and 4x10GE uplinks. can i use the 4x10GE ports for uplinks or only 2 ports are for uplink and the rest for stacking?
View 6 Replies
View Related
Nov 15, 2012
We have a single HP 2810 switch being used for an iSCSI SAN.We want to replace it with dual higher end switches.But we've got another SAN to also setup now - Dell Equallogic PS6010E - that has 10gb iSCSI SFP+ ports.Can the 4 x SFP+ uplink ports on the Dell PowerConnect PCT5548 or the HP 3800-48G-4SFP+ switch be used for just the 10gb iSCSI, while the other 48 handle the 1gb iSCSI?We were told the uplink ports don't have buffering, making them bad ports for iSCSI traffic and only useful as uplinks to another switch.We only need 8 x 10gb ports (4 for 2 servers, and 4 for the Equallogic SAN), so if the above would work, it would probably save us $10,000 from having to buy a separate 24 port dedicated 10gb switch to handle it.
View 5 Replies
View Related
Nov 14, 2011
If I have two stackable switches one that connects to the 6509 core switch and the other switch does not, do I have to uplink the switch to the other switch so that switch has route to the core switch or because the switches are daisy chain there is not need to cable one switch to to the other switch connected to core switch?
View 6 Replies
View Related
Feb 26, 2013
At our office we have a weird performance problem with the following switches and connectivity:
Internet |
SG300-24 (L3) core switch (in our server room)
|SG300-10P (L2) access swtich (in our meeting room) |
SG500-28P (L3) switch (in our meeting room)
We are building a new computer infrastructure that is connected to the the SG500-28P. As you can see above the SG500-28P in our meeting room has an uplink to the SG300-10P in the same meeting room. And again the SG300-10P has and uplink to the SG300-24 in our server room. From the server room, there is connectivity to internet. The network uses a multiple VLAN's and routeing between them. Bootom line is, the internet VLAN ID 10 is tagged to trunk ports and available on the SG500-28P. So client get connected straight into the internet based VLAN.
The performance on the SG500-28P switch itself from VLAN to VLAN is very fast. But... the uplink connection tot the internet and other VLAN's on the core switch are very and very slow! At least 10 times slower than normal. So if I plug a laptop in the SG500-28P and go from uplink to uplink, it is slow! But... when I connect the same laptop to the SG300-10P the connection with only one uplink it is fast. As if three switches is to much. I can't figure out why.
View 2 Replies
View Related
Nov 3, 2011
I have three switches:
primary - Cisco Catalyst 3750G-24TS-24
and two SG300-28
I need to apply uplinks as follows:
3750G-24TS-24 SFP (1) -> SG300-28 (first) mini-GBIC (1)3750G-24TS-24 SFP (2) -> SG300-28 (second) mini-GBIC (1)SG300-28 (first) mini-GBIC (2) -> SG300-28 (second) mini-GBIC (2)
I would like to know, What type of mini-GBIC and SFP and cable I should use for SX Multimode?What max speed rate I will get?
View 8 Replies
View Related
Aug 22, 2011
I've just purchased 2 switches SG100-24 and use fiber cable to connect these switch together. I plugged cable in module MGBSX1 and then put it into miniGBIC uplink port but despite trying many times, also rebooted devices, I still not make these uplink ports up. how can I bring them up?
View 5 Replies
View Related
May 9, 2013
We have a remote site that is using 3750X switches as layer 2 switches back to our home site. The uplink port is showing dropped packets but the utilization on the link is never about 10%. We have a 100Mb circuit to this site. Our speed tests and iperf tests are not showing any issues that we can see. However the port is still droping packets. It is not dropping at a high rate but they are dropping.
switch#sh platform port-asic stats drop gi1/1/4
Interface Gi1/1/4 TxQueue Drop Statistics Queue 0 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 1 Weight 0 Frames 52876 Weight 1 Frames 2 Weight 2 Frames 0 Queue 2 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 3 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 1330874 Queue 4 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 5 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 6 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 7 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0switch#
Is there a way to capture these dropped packets to see what they are? We do have VOIP phones at the site and are using Qos.
View 5 Replies
View Related
Dec 2, 2012
We have a project in which we are using 34 Cisco SG200-18's each with a MGBLX1 (LC Single Mode Fiber) SFP mini-GBIC.All the fiber's come back to one building where we must "bridge" all 34 fiber connections. What hardware should be used to accomplish this? A L2 switch? For example, a 12 port SFP Switch with Fiber SFP's accepting the first 12 fiber connections, then other switch with SFP for the next 12 and so on, until there is a overall capacity of 36 and having patch cables between the 3 switches?
what cisco or non cisco hardware would work with these SF200-18's to accomplish this?
View 9 Replies
View Related
Feb 8, 2012
Can I connect a single Cat5e cable between two SG300-28 and link them? If so what must I configure?
View 1 Replies
View Related
Sep 28, 2012
Question: how would STP or RSTP behave in a star topology with a hub in the middle?i.e. you have four switches all linked to the same central hub. Single links, no loops.Each switch would then get BPDUs from everybody.Going by theory, it should be OK since it still sees the root's BPDU and will see the link to the hub as the root port, despite presence of other BPDUs from other switches? No different from receiving an inferior BPDU from an upstream switch and a superior BPDU from a further upstream root switch.I guess I could lab it by turning off spanning tree on a switch to simulate a hub? I've never previously had to deal with STP issues where there are hubs that aren't strictly point to point bridging so to speak (ok they're not bridging but you get the drift).I've got a scenario I'm examining at the moment where this is the topology, except all switches have bpdufilter running hence effectively no spanning tree. I'm curious to know what would happen should I remove the bpdufilter.I realise there is zero benefit in spanning tree in this instance as I don't have any redundant loops to fall back on, but I'm reluctant to turn off STP on those vlans (since obviously theres stuff behind those switches). The BPDUfilter method seems like an elegant solution but I wonder if its actually necessary.(the hub is actually a VPLS mesh, most sites terminate PE to CE router but I'm playing around with switches as the termination points – run our own Q in Q, split vlans off before it gets to layer 3 as separation, etc.)
View 1 Replies
View Related
Jan 17, 2013
i have configured my network like below:
I have three lan ports in my server the IP is:
(1) IP: 10.10.10.2 SUBNET: 255.255.255.224
(2) IP: 10.10.10.34 SUBNET: 255.255.255.224
(3) IP: 10.10.10.69 SUBNET: 255.255.255.224
I have given IP as mentioned below to 1 to 30 pc connected in First Switch.
IP Starts From : 10.10.10.5 To IP : 10.10.10.30
Subnet Mask: 255.255.255.224
Gateway: 10.10.10.2
For 31 to 50 Pc in Second Switch
IP Starts From : 10.10.10.40 To IP : 10.10.10.65
Subnet Mask: 255.255.255.224
Gateway: 10.10.10.34
IP Starts From : 10.10.10.74 To IP : 10.10.10.85
Subnet Mask: 255.255.255.224
Gateway: 10.10.10.69
Pc are connected internally in separate switch. but can not connect all three switches & with server. Only Gateway 10.10.10.69 is connected with server.
View 4 Replies
View Related
Sep 30, 2011
Connecting ASA 5520 to two Catalyst 3560G layer 3 switches. What's the best practice to connect the asa-5520 at the edge, to the core of my network? What I'm looking to do is connect two routed gigabit ports (gi0/2 and gi03) to two seperate layer 3 routed ports on catalyst 3560G. I'm wondering how to do it, or if there's any type of failover method? I'm running EIGRP in the network and the link to the first core switch has a /30 point to point connection. Everything works fine, I'm just not sure how to connect the second switch to the firewall. Should I use the a different /30 for the point to point connection to csw02 gi0/48? (See attachment) How would this affect traffic flowing through this interface? Would I have to duplicate rules I have on my inside (gi0/2) interface? Is there a way to make the inside2 interface standby some how? I want to know the best way to set this up, so in the event csw01 goes down I don't loose internet. Will EIGRP work it's magic and only use 1 path to the ASA? Should I even be using routed interfaces on the ASA and just use trunked mode?Running ASA 8.4?
View 1 Replies
View Related
Jun 2, 2013
What tools are you using to manage multiple SG300 in a single network ? I can't find any good solutions on the cisco website.
View 1 Replies
View Related
Feb 28, 2011
We are in the process of installing time clocks at some of our sites around the USA. Our security department has asked that the time clocks be completely isolated from the rest of the network. The time clocks will be administered by ADP via a centralized firewall utilizing NAT. We have multiple subnets available at each site. Let me give an example to calrify what I would like to do. Example: Site A has 10.168.19.0 /24 user subnet and is configured for VLAN1 using 10.168.19.1 on the router as the default gateway. I would like to use subnet 10.168.20.0 /24 for the time clocks, configure it for VLAN2 and use 10.168.20.1 as the router gateway address for VLAN2. This should allow me to NAT one of our additional public IP addresses to the 10.168.20.1 gateway address thus completely isolating the time clocks from the remainder of the network. Problem is I have not done this before so I'm a little confused about how to configure it in the Cisco 3750 switches.
View 6 Replies
View Related
Jan 28, 2011
This is the situation in our Lab.We have one telephone line with broadband connection and a system which is connected to a modem to use this broadband facility. Recently we have taken two static IPs over this connection for a project work.Now what I want to know is, how to configure these static IPs, so that I can connect two systems (each one to one static IP) to use these static IPs and continue to access the internet in the 3rd (already present) system.
View 7 Replies
View Related
Mar 31, 2012
I have six Cisco 300 Series switches in Layer 2 mode. They are all connected using ports in Trunk mode. These Trunks are tagged members of all VLANS.
I have one 300 series in layer 3 mode with IP address assigned to each VLAN.I would like to use one Internet gateway for multiple VLANS. This gateway has numerous IP ports that forward to internal ip addresses on various machines.
All i9nternal clients use their respective VLAN IP as their default gateway.The Layer 3 switch is connected to one of the Layer 2's using a Trunk that is a tagged member of all of the VLANS.
I understand how traffic routes from a client to its respective VLAN gateway. Where I am confused is how it routes from there to the Internet gateway? Internet gateway is 192.168.1.1.VLAN IP's are 192.168.2.1, 192.168.3.1, etc...
Should the Internet Gateway be patched into the Layer 3 switch or one of the Layer 2's using a separate "Internet" VLAN?
View 5 Replies
View Related
May 28, 2012
Could I configure and connect 3 Dell switches to an ASA-5525 Firewall which has got 8 interfaces.
View 7 Replies
View Related
Jun 4, 2013
I'm working with a customer who has an SGE2000P and a Catalyst 2960 to setup and configure a single mode fiber link. The SGE2000P has an MFELX1 fiber GBIC and the 2960 has a GLC-LH-SMD GBIC. When I have the customer plug in his fiber, there is a power light that comes on on the MFELX1 GBIC. Neither GBICs/switches show that a link or activity is occurring, but the presence of that light makes me think that they are connecting somehow. Are these two switches/GBICs compatible?
View 1 Replies
View Related
Mar 5, 2012
I'm looking for switches that support single mode fiber connections and would like to know if "WS-C3750-FS-S Catalyst 3750 24 100BaseFX + 2 SFP" and "WS-C3750G-12S-S Catalyst 3750 12 SFP" can serve the purpose?
View 6 Replies
View Related
Oct 22, 2011
Prior we only had 62.5u multi mode.I've got 3750x switches and new SM SFP and yellow fiber patch cables. None of my links show connected. No lights and trunk port interfaces show down/down.
Is there a special command you have to do on a port when using SM fiber? Do you think I need cross over fibers?
Also, should I be able to see a laser signal light like MM or is SM a different frequency so it's not as visible as MM?
View 8 Replies
View Related
Jun 4, 2012
I am troubleshooting a fiber connectivity issue.Now I have two switches, one is 3750, and another is small biz 300 series switch. Both switch has a single mode smf gbic. Now I have two swtiches face to face and connect with a single mode cable. Do you think if I would get a link light on? Both ports are no shutdown.
View 3 Replies
View Related
Oct 13, 2011
About a week ago I changed over 9 HP Procurve switches that were previously stacking in series (yeah, daisy-chain) to a Access-Distribution type scenario with 2 (or 4 on server switches) Gb ports on each switch Trunked together connecting to a central full 48x Gb switch.
During this I updated firmwares on all the switches (most still on their shipped 5-8 year old versions) to the latest stable release (and in the process found out that HP switch firmware is absolutely brutal and untested - See ProCurve 2510G FW 11.16 as an example) .
I saw vast improvements across the network immediately after the change (wow, really? 9 48-port switches effectively sharing a single 1Gb line to the servers and internet was a bit slow? Don't tell my co-workers, they don't think that's possible ) .
The only thing that I didn't see an improvement in was on some Linux and BSD servers, which would top out at 11MB/s doing a SMB (SAMBA) transfer. These are managed systems part of our business system, but we still need to be able to pull local backups for ourselves. So I contacted our vendor. The vendor confirmed that the line speed is showing as 1000T-FDx (same as the switch is showing).
Vendor is now claiming that after these changes were put in place, the speed on their servers (and their servers ONLY) was reduced to a maximum of 5MB/s (~60Mb/s?) doing rsync transfers between themselves. And they are all on the same 2510 (48 port all 10/100/1000), which makes absolutely no sense whatsoever to me. Furthermore this is on the ONLY switch on the entire network that had an updated firmware already installed - that's not even a possibility here.
I put some windows servers on that switch and can get 60MB/s+ all day (SMB transfers). I've also tried from their one server that I can access to doing an rsync or scp to another BSD box, and max out at 15MB/s (with 100% CPU usage on the test box - I'm assuming the decryption is pretty heavy?)There is absolutely no QoS, limiting, or any possibility of throttling the links the servers are on the switch. There are no excessive broadcasts saturating it, and the ports and cables test fine.
View 15 Replies
View Related
Feb 12, 2012
I have a couple of WS-C3750X-48T-L and a couple of WS-C3750X-12S-S, I want to stack all four of them together into a single stack. WS- C3750X-12S-S are running c3750e-universalk9-mz.122-58.SE2 whereas WS-C3750X-48T-L are running c3750e-universalk9-mz.122-55.SE3.I have got a couple of queries as under:What are the options to achieve putting all these 4 switches into a single stack? Can the LAN Base switches upgraded to IP Base?
View 3 Replies
View Related
Jan 4, 2012
Two different WAN links get connected to the firewall via two routers.(Different ip subnets).I need to get this two wan streams seperatly to the core switches.Core switches sits.Active/Stanby senario. If the Active core goes down Stndby Core will have take over the traffic. My design is correct ,if not what do i need to change. ASA is 5520.
View 8 Replies
View Related
Mar 6, 2013
I've got a Cisco 877-M at home which i picked up to replace the old Linksys/Cisco WAG160N, which was having dropout issues on my line?I've got a running config going on the router which is currently quite happily handling our LAN requirements (DHCP,IGMP Proxy, Firewall,DNS), but what I want to do is have an upload link QoS policy, which makes sure everyone can be able to access the net with little hassle (Not so much worried about the Downlink QoS, our connection can burst at time to 900k/sec (Currently on a 8160/384 ADSL1 Line, RIM, 300m Cable Length verified by ISP)I'd have to get the running-config from the router when I get home, but for a Home based network, what would be required in setting up a policy for Upload, to allow the following Protocols prioritised access to the net:
HTTP (Top Priority)
IMAP (Top Priority)
POP3 (Top Priority)
Streaming Audio (Med Priority)
BT (Low Priority)
These are the main ones.
View 9 Replies
View Related
Dec 31, 2012
So the 2T comes with 2 10GE and 3 GE uplink ports. Can you use all 5, one or the other, a mix, or what? How does that work? It's not really clear from reviewing the products webpage or data sheet.
View 3 Replies
View Related
Mar 19, 2013
I have a question regarding uplink ports on a switch. Specifically the SFP+ variety. Could these uplink ports be used to connect directly to a fileserver? To be more specific, would the uplink port on the HP 3800 Switches connect directly to a file server that has the SFP+ card installed?
View 6 Replies
View Related
Dec 7, 2010
We need rededunt uplink in Cisco 2960 from Cisco 3550 , one uplink is primary and one is for backup.As per current scenerio one uplink in Cisco 2960 interface fe0/1 from Cisco 3550 int fe0/1 through OFC cable configuration 2960 int fe0/1 interface fe0/1desciption *** Connect to Cisco 3550 port 1 ***switchport mode accessswitchport access vlan 2spanning-tree guard loop Configuration Cisco 3550 int fe0/1desciption *** Connect to Cisco 2960 port 1 ***switchport mode accessswitchport access vlan 2spanning-tree guard loop We have facing the problem when OFC cable down , so now we are considering anather OFC via anather route to connect same Cisco 2960 Switch in Fe0/2 from Cisco 3550 int fe0/2 so when primary uplink goes down then backup uplink which is connect to Cisco 2960 fe0/2 from Cisco 3550 fe0/2 it's up.what is the command we need configure as per my require in both the Cisco 2960 and 3550 swith in interface and global mode also.
View 10 Replies
View Related
Jul 6, 2012
Im now in charge of a medium/big size network (around 1200 machines).I found some connection pattern that im not shoure if it is correct.I migth be wrong, but i think this kind of connection would cause a continue RSTP change of topology (confusing about the 'direction' of the route to take), so having some latency period (this pattern of connection can be repeated several times in the whole network).BTW, there is no special configuration in switch A for saiyng that port 50 is not being used as a uplink port.
View 5 Replies
View Related
Jun 26, 2011
My DIR655 is A4 with firmware v.135.
My normal uplink speed is above 4 Mbps but the speed goes down to 0.4 to 0.8 Mbps. The above unit was received from D-Link as a replacement for the same reason, but it worked for at lease 12 hours.
If the power is OFF/ON cycled, the normal speed comes back but last only about 10 minutes.
View 2 Replies
View Related
Mar 10, 2013
I have a router with 2 service providers connectivity with different ASN and running with BGP.I've announce few IP-prefix by ISP-A and Few Prefix by ISP-B.Both are working well with redundancy.But,Problem is here, that the all uplink bandwidth goes through ISP-A link.I want to make it that, ISP-A routed ip-Prefix's upload data will go through ISP-A & ISP-B IP-Prefix's Upload data will go through ISP-B Link.
View 9 Replies
View Related
Dec 9, 2012
Why the nexus 2k has 8 uplink ports ?
the nexus 7k or 5k can be devided into 4 virtual devices ( using vdc)and making 8 uplink ports in the 2k will allow us to use the extender for all the 4 vdc's with 2 uplinks ( for redundancy ) from each vdc
View 4 Replies
View Related
