Cisco Security :: Which IOS Version Of 3560-X Switch Support NAC-L2-IP
Apr 20, 2011Which IOS version of 3560-X switch support NAC-L2-IP ?
View 1 RepliesWhich IOS version of 3560-X switch support NAC-L2-IP ?
View 1 RepliesI have a problem, i would like todo MACSEC betwwen two switches cisco catalyst 3560-x but I know that for this operation i needed ACS server 5.1 is it possible to encryp dataflow without ACS server and if you have the configuration
View 7 Replies View RelatedI am using Packet Tracer to simulate Cisco networking.As the existing IOS of the 3560 and 2960 switch are in older version which has no new feature in new IOS, how to upgarde the IOS of Cisco switch at Packet Tracer?
View 5 Replies View RelatedI believe the answer is yes, but incorperating more layer 3 features of our 3750's, I want to know if they fully support EIGRP or OSPF?
Also for a small business of 4 locations, each with a 10mbps fiber and a 1.5mbps mpls... wouldn't you say EIGRP would be easier? Want to look at making the failover automatic if the 10mbps fiber goes down between a site, then the network fails over to 1.5mbps mpls. When the fiber returns in service then the network automatically preferr the fiber again.
Currently we use static routes and if there is a provider outage we have to manually edit the config to flip flop the routes.
I am using 3560 switch senerio is that we have dhcp server on and I want that switch filter mac on whole switch ports not on a some port. Switch only give IP to the mac whcih is in mac table of switch/particular which we enter manually.I have read chapter 62 of port security but it doesnot fulfill my requirements.I am also using 3com 5500Ei switch in which we dont have to bind a mac on every port, we just enter a mac in the switch and it filter itself by using simple commands.DHCP server is not in our hands, we cant do any things there.
View 1 Replies View RelatedCan we use ACS 4.1 version recovery disc on 4.2 verison to recover the forgotten password.
View 1 Replies View RelatedI have PIX515 with version 7.0 installed, so can i install version 8.3 on it?and what will be the memory requirements?
View 2 Replies View RelatedI have ACS 1120 appilance does it support ACS version 5.2.0.x and corresponding patches.
View 2 Replies View RelatedACE version A2(3.6) is no longer available on CCO. Replaced by A2(3.6a).
1. Is version A2(3.6) a problematic version? If so, suggestion is to implement A2(3.6a) or revert to version A2(3.5)?
2. If ACE version A2(3.6) is OK, on ANM version 5.2, will this support this ACE version? It is not listed in SDT for ANM 5.2, just need confirmation.
Is there reason why WS-C3560C-8PC-S and WS-C3560C-12PC-S is not supported in Cisco Network Assistent? According to the data sheets for these switches CNA should be supported. I saw another forum post stating that the Gigabit versions has been added to the supported list as of version 5.7."The Cisco Catalyst 3560-C and 2960-C Series compact switches offer both the traditional Cisco CLI for detailed configuration and Cisco Network Assistant software, a PC-based tool for quick configuration based on preset templates."
View 2 Replies View RelatedI have a 2 cisco switches that are at different sites one is a Cisco CAT4500 and other 3560. The connection between the switches is a layer 2 fibre link. CAT4500 and 3560 both have VLAN interface ip addresses in order for me to connect to the switches.
I have PC A connected to CAT4500 and PC B connecting to 3560. All these devices are the same VLAN and in the same subnet. I do have trunk links all the way though allowing this vlan as we run vlans. From PC A, I can ping CAT4500, 3560 and even PC B. This tells me everything is fine regarding Layer 2 & 3.
As soon as I move PC B and connect it to the other switch CAT4500 or move the other PC vice versa (this happens in both directions). Both switches learn that the mac address has moved locations and updates its mac address table accordingly. So when I do a show mac address table and show arp, everything has learned and moved fine. However when I try to ping any other device from PC B I cannot. So the 3560 switch PC B was originally connected to, I can no longer ping, the switch cannot see the pc also. It is as if PC B has not learned anything from the switch and cannot respond or reply to any icmp. I have tried this with different end devices, same thing. I am now thinking it has something to do with the switch.
Does the Catalyst 3560 support GRE ?
I know that Catalyst 3750X support GRE ,but Catalyst 3750X cannot work in hardware it.
Does the Catalyst 3560 cannot work in hardware too?
I would like to properly configure my L3 to support iSCSi traffic. My L3 acts as an internal router between 4 different sub nets.
I have a iSCSi SAN on my network. A Windows server has Microsoft iSCSi initiators connecting to the SAN.
Does LMS 4.1 or any newer version support Cisco Access Point 4410 N ?
View 1 Replies View RelatedI need to confirm that the 4510R+E switch with the SUB7-E/2 running version 15 IOS will not support NAT. I am 99% convinced that it does not but i am looking for confirmation, as i am a bit surprised by the lack of NAT support on this platform.
View 0 Replies View RelatedWe are running ACS 4.0 so understandably so we are looking to upgrading to a Cisco supportable version of ACS. The limitation of our current version of ACS does not support nested AD groups. The latest version of ACS (I think it is 5.4) will?
View 1 Replies View RelatedI have CISCO RPS 600 (PWR-AC-RPS) is it support Catalyst 2960 and 3560 ? and which type of cable require since i have cable 22-18 pin and on my switch require 22-14 pin.
View 2 Replies View RelatedI´m Trying to synchronize the clock with NTP server external, these ntp server only support NTP version 3.Can I change the NTP version in the ACE4710 Appliance to support the ntp server external?If is possible, How I can change it ?
This is the version:
Cisco Application Control Software (ACSW)
TAC support: [URL]
Copyright (c) 1985-2011 by Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
[code]....
Does the 3750G-12S-E support Advanced IP Services version of IOS?
View 3 Replies View RelatedI Have a requirement to migrate from ipv4 to ipv6, I have checked the scalability of all the devices for this migration except ACS 1113 Solution Engine, Version 4.2. I couldnt reach the proper documentation to check its support for ipv6.
View 1 Replies View RelatedI'm looking at implementing a new DMZ and wanted Netflow capability for security monitoring.The architectural principles I have to adhere to dictate that the switches within the DMZ are layer 2 however to get Netflow I need a minimum of a 3560/3750X, Network Services module, IP Base IOS with ip routing and CEF enabled.To do this and still keep the switch functioning as a layer 2 device the intention was not to configure SVI's or any static/dynamic routing protocols.Will Netflow still work in that scenario?
View 4 Replies View RelatedOSPF normally only comes with IPservices image and not IP Base image. The 3560-C series data sheet says that it only suport IP Base image, yet it mentions that support for OSPF in included. Are there any restictions in the OSPF support?.
View 7 Replies View RelatedI have the cisco 3640 with IOS Version 12.2(46) , and it with DRAM:32M , Flash:8M.What IOS version can support IPv6 RIP in the hardware limit?
View 3 Replies View RelatedI have a Cisco E1200 router that is currently running firmware version 1.0.03 build4 Mar 1, 2012. Can I upgrade to the latest version 2 firmware ? How do I know if my router hardware will support it ?
View 4 Replies View RelatedI heard that the WS-C3560E-24PD-S and the WS-C3750-48PS-S have a limitation on the number of 7945s supported (ie i can only run 10 or 15 on each switch before the power runs out). Any knowledge with these pieces of equipment verify the maximum supported? I'm having trouble finding documentation showing any maximums.
View 3 Replies View RelatedHow to know the Red Hat OS version in the ACS 1121 appliance?
View 1 Replies View RelatedI cant find the WUSB600n ver.2 drivers on your support page: url...When I click "Version 1.0" it shows me the Win7 driver but by clicking "Version 2.0" it just says: "Guides and Information" but theres no drivers. I suppose it's a bug.I have a new Laptop so I need the Win7 64bit driver for ver.2.
View 2 Replies View RelatedI am piloting an 802.1x implementation for a client who has Mitel IP Phones. I have setup the switch and ACS based on previous experience and a windows PC can authenticate onto the network OK. When I use a Mitel phone however, it seems to skip past the first 802.1x LCD message and goes straight to LLDP and DHCP discovery, which obviously fails. The phone are 5224s and the controller is on the original v10 release. I have cleared the 802.1x config on the phone and rebooting as per Mitel documentation which leads me to believe it should then prompt for a user/pass on next reboot. It does not do this.
I known the ACS is setup to support EAP-MD5 and I have tried all the various types of host modes including the default and Multi-Auth, Multi-Domain and none of them seem to make any difference. I have tried with and without a PC attached to the phone as well.
A wireshark shows the EAP identity request from the switch, and I see an EAP response from the phone, although it is slightly different to the PC's response. In the end the phone issues an EAP 4 failure message. So something in that EAP conversation doesnt seem to work.
I am looking for recommendations on a device to put at the forefront of our network, mainly for web content filtering. Our network is currently setup as this:We have two Internet providers. One for each network that are physically separate except a a Cisco 3560 which is used for failover. In the event one ISP goes down, one network can use the others ISP, however, it has no access to the other network beyond that switch.Currently, each network has a web content filter (SmartFilter) server which is going end of life in a year. We would like to replace each server with a single box at the front of the network for filtering. Other bonuses would be things such as bandwidth control, virus protection, etc.Perhaps the most important thing is to make sure our ISP bandwidth download speed does not get hampered by the device we choose to put at the front. We have 50mb download on one and 30mb on the other. If the device throttles the download at 10mb then it's useless to us.
View 9 Replies View RelatedI have a tunnel between a PIX 515E version 7.2(2)and a Cisco 3800 version 12.3(11r). There is a mismatch somewere in the configs but I cannot find it. I have included the configs and the syslog errors.
View 5 Replies View RelatedI have read that nat control is no longer exist in this version,However, I am trying to permit traffic from lower security interface to higher interface security,Is it need to be Natted ?
When I try to route, i have never succeeded, but when I put a nat, I can access and the traffic go through Do I miss anything on the nat control statement ?
Is it possible to use Port Security mechanism between two switch (3750 or 3560) ports while trunk has been configured? If it's not possible, is there any other way to ensure that no other Switch can be connected other then the one switch which has been configured/placed by a network engineer?
View 4 Replies View RelatedTo use MACSec between 2 Catalyst 3560-X on both sides with a provider network between that is configured for IEEE 802.1Q Tunneling ?
Since MACSec uses 0x88e5 Frames and the Cisco SAP protocol uses 802.1x for negotiation, can that be working ? (I haven't success)