Cisco Switching/Routing :: 2851 - Service Module Won't Accept IP Stating
Oct 18, 2012
[code]....
I can access the ACNS with this config. The issue is that it will not cache anything when I enable WCCP on both ends. I am unable to set the gateway to the IP (even when static) to the WAN interface IP with the error Network Unreachable by content engine. If I address it within the 192.168.2.X network and gateway to 2.1, it locks up when cache is enabled. 192.168.0.5 (the external wan int) is unreachable as a gateway.
I've tried the unnumbered ip on the internal interface but then the service module won't accept an IP stating that the router side must have an IP set.
I had WCCP attempting to cache but timing out on everything without caching a thing. I want/need to understand the IP routing before I get ahead of myself.
Using the new SUP-2T, need to clarify one query. If we are using the new SUP-2T in VSS mode, will the new ASA service module and NAM-3 are supported? From Cisco site, ASA module FAQ:
Q. Will the ASA Services Module support the Cisco Catalyst Virtual Switching System (VSS) at FCS?
A. Yes, depending on which supervisor you use. The ASA Services Module supports VSS either as a single firewall or as a failover pair of firewalls, when used with the Supervisor 720-10G (VS-S720-10G-3C and VS-S720-10G-3CXL). Transparent and multi- context modes also work with the VSS in this configuration. However, though the SUP 720-3B (WS-SUP720-3B and WS-SUP720-3BXL) is supported by the ASA Services Module, it is not capable of supporting the VSS. No reference to Supervisor-2T.
we are planning to implement a VSS solution with a 6500 series switches with sup 2T. We also need to include an ASA service module on the design, however the budget is not enough to buy two asa service modules. So i want to know if is possible run a VSS cluster, whit only one ASA service Module. and also i would like know what happens if the single ASA service module fails? can the switch cluster continue operating just as if there is not a firewall installed?
we have approx. 70 Cisco 1941W routers deployed in our company. I used to be able to console into the internet wireless AP by issuing the below command:
service-module wlan-ap0 session
However lately this hasn't been working and AP just simply refuses connection. Here is what I have for Status. I have tried reseting the Service Module to no avail.
Router#service-module wlan-ap0 status Service Module is Cisco wlan-ap0 Service Module supports session via TTY line 67 Service Module is failed Service Module reset on error is disabled Service Module heartbeat-reset is enabled Service Module is in fail open Service Module status is not available
I m planning to implement VSS in core but want some inputs on IOS as i have FWSM as a service module Core :- Ii am running 12.2(33)SXH2a on my Core 6509 and i checkd cisco sites and Fwsm release notes but it states only I-Train of IOS while mine is H-Train so can I directly upgrade to I-Train or I was thinking of SXH8b IOS.
I have one cisco 3750G-48 switch, one cisco 3560G-PS switch, Cisco UC520, cisco 2851 and cisco wireless access point.i have setup up intervlan routing between the two cisco switches and the uc520 with a total of four VLANS, the problem i'm having is with the 2851 router, I have created a trunk between the 3750 switch and the 2851 router. should I create subinterfaces on the 2851 router for the four vlans by doing gigabieethernet 0/0.1, 0/0.100 and so on or should I create BVI subinterfaces.
reason I ask is I created four vlans on the vtp server switch which is the 3750 and I connected the uc520 to the 3750 switch via a trunk interface and set up vtp client on the uc520, after I setup p the vtp on the uc520 the vlans were automatically created on the uc520 with each vlan having its own BVI interface.
So I am not sure how to configure the 2851 router to interact with the four vlans. also the 2851 router have two hwic 1adsl wics installed which will have two adsl connections coming in.how to set up the 2851.
I have a cisco 2851 router as the edge router, I have a 3750G and a 3560G switch and configured intervlan routing with four vlans, also connected to the switches a four servers and one has active directory and a dns server.i am able to ping from all te servers fine from different vlans and the servers are able to ping the edge router. the problem I am having is with DNS, in the edge router i have configured the isp's dns server address in ip name-server and i am able to reach the outside world.
the problem im having is the servers are not able to reach the outside, do i need to do something in the edge router to forward it to the 3750g or do i have to add my isp's dns servers on the 3750g with ip name-server.
I am a networking student and was playing around with a Cisco 2800 series router. Couldn't figure out the password or user name so was following these steps from this KB {URL}.
For Password and User Reset..... Although by the time I got to selecting a username and password the computer had went to sleep so I started over again. When I restarting this process I ejected the Flash memory told it to reset but failed to reinsert the flash card before it rebooting. Now in the terminal I get symbols instead of words. What can I do ?
I had these error messages on both my Cisco 2851 and on my Cisco Catalyst 6506.
On Cisco 2851: %SYS-SP-3-CPUHOG: Task is running for (2000)msecs, more than (2000)msecs (4/4),process = SEA write CF process. [code]...
And on 6506: Dec 27 15:20:55 MET: %SYS-SP-3-CPUHOG: Task is running for (2000)msecs, more than (2000)msecs (129/129),process = SEA write CF process.[ code]...
I have these IOS versions on my Cisco: Cisco 2851: 15.0(1)M4 Cisco 6506: 12.2(33)SXI
I have a Head Quarter and a remote site running over a OC3 circuit. [code]
On the HQ, I have a Cisco VXR7204 running IOS 12.4.15T(10) Advanced IP Serviceand the remote site is a Cisco 2851 also running IOS 12.4.15T(10) Advanced Ip Service. The HQ has a Riverbed Steelhead 5050H capable of delivering 100MbpsWCCP throughput. The remote site has a Riverbed Steelhead 1050H which can deliver 10Mbps WCCP throughput. At the HQ, the LAN network is 192.168.251.0/24.The Steelhead residing on the 192.168.251.0 network.At the remote site, the LAN network is 192.168.103.0/24 and 192.168.211.0/24.The Riverbed resides on the 192.168.103.0/24 network.
When a host on network 192.168.211.0/24 download a file from network192.168.251.0/24 network via http, the CPU on the Cisco 2851 goes to 99% utilization and that it stays there for the duration of the http session. There is very little traffic goes across the WAN whichis the way it should be but the CPU on the 2851 stays at constant at99% CPU utilization.
Why would WCCP consume so much CPU on the Cisco 2851? By the way, I am only getting about 5Mbps download instead of 90Mbps download, I think because of the high CPU on the router?
We are upgrading from 3550 - 3560 switches.On the 3550's we have this on each interface: [code] The 3550's wont accept the wrr-queue commands. How to set these on the 3560's.
I'm in the process of upgrading the IOS of our 6500 switch and unfortunately, the images were messed up by other users. Here's the output of show redundancy. [code] would i have any issues if I reload this slave supervisor engine to load the SXI8 IOS?
I have a site that is very dense, but not high throughput. I have 4x48 port switches all 3560 and 1 2851 router. The switches are pretty much full to the brim but the site is never completly lit, they just like to move around a lot. However i wanted to provide this site with as much redundnace as possible. So my first thought was to build redundant pathing with the switches so that they could loose a switch and not have a single point of failure. So therefore I built a ring. SW1 to SW2, SW2 to SW3, SW3 to SW4, SW4 to SW1. To make this even more redundant against port hardware failure, i used two uplinks for each and built an etherchannel. is it good practice to use Etherchannel and Spanning Tree together?So i now have a good redundant LAN switching topology. I have multiple VLANs at the site so I am using Rapid-PVST. I did not set priorities on the switches as I don't think that is really truly necessary, but correct me if I am wrong!Ok so next step is to make sure that my WAN connection for all of these switches is redundant. I have a 2851 router, with 1 of the built in interfaces dedicated to our ethernet hand-off WAN connection (MPLS in this case using BGP routing). The other would be used as an uplink. I also got an additional card for the Router so that i can have redudant local LAN connections. I then built up some IRB bridges so that I could uplink the Router to SW1 and SW3. Is it good practice to use IRB Bridging on a Router to provide redundancy?So at this site i have the first part running, and it works pretty well but I have had 1 strage issue, which has to do with after a failure and re-convergence of spanning-tree, it seems that DHCP starts failing to work. I actually had to go into each of my switches make a dummy VLAN interface and put on helper-addresses to get them to work. They are not L3 switches (programatically speaking) so they should just forward the broadcast packet onto the router, which DOES have the helper-addresses programmed,Also at another site I have the bridge router setup configured, just without so many switches, and no etherchannel between the switches. This seems to work flawlessly, but the site is very small so performance issues would be difficult to spot since they are just thin-clients coming back to a Citrix server over a single T1.
I am having issues (nothing new there) I have a bad IOS on a switch module, and the config is set to boot to that IOS, and as such I get a nasty boot loop, I am trying to figure out how to get into rommon but all the documentation I can find for this just says go into rommon and never tells me how to get there on a switch module that thinks it has a good IOS. (The IOS is for our normal service module but this one is an odd-ball switch)
can I install and Cisco WAAS and Cisco Prime Network Analysis Module (NAM) together on a single Cisco Service-Ready Engine (SRE) 910 module? Or it can only run 1 of the software?
I have some confusion about some hardware components. I watched the video datasheet of cisco routers and switches. In cisco 2901 and 2911 models of routers there is service module . What is meant by service module. what does it do ? If we buy a new 6500 switch, what are the components we get bydefault. Is there any special configuraton to be done for 6500 . like Sup engine config etc. What is the difference between ASIC and Sup engine ? In which slots, we need to insert Supervisor Engine ? does it vary with the model . (6503, 6505, 6509, 6513 etc).
Is there any risk to install an HWIC-2FE card into a production 3845 router while it is in a powered up state? Is it recommended to power it down first, then install it?
I just got 2 Cat6504 Chassis and 2 ASASM pluged in them. show version from submodule ASA as follow:
SVC-APP-HW-3#show ver Cisco IOS Software, trifecta Software (trifecta-SP-M), Version 15.1(1)SY, RELEASE SOFTWARE (fc2)
[Code].....
I want to upgrade new OS for ASA to 8.5 (asa851-smp-k8.bin) but after copy this soft to the module, I can not "write" command or when I reload this box, everything was no changed. SVC-APP-HW-3#write startup-config file open failed (No such device)
I am currently installing a NM-AIR -WLC 6 wireless module in a 2811 and its giving me the follwing errors below and status.I have checked the trouble shooting pdf and says might be possible hardware error. [code]
I have an ACE10-6500-K9 (Application Control Engine service module for Catalyst 6500) but I can't access it because I lost the admin password.I would like to know how to perform a Password Recovery Procedure on this device.Is it similar to the password recovery procedure on an ACE 4700 appliance?
Does ACE service module support SHA2(256) certificates? I see that private key generation defaults to SHA1 and does not provide any option, also the cipher suites in SSL parameters map do not show SHA2 options. Can it handle SHA2 in any software release? I am currently running A2(2.3) build 3.00
My ACE module ACE30-MOD-K9 crashed today, and at the show ver output i see "last boot reason: Service "cfgmgr" ".the curent version we running is Version A5(1.2) [build 3.0(0)A5(1.2).
After doing some research i found known bug that supposed to be fixed in this version: CSCtu36146
CSCtu36146—The ACE becomes unresponsive due to a configuration manager (Cfgmgr) process failure with the last boot reason: Service "cfgmgr."
I'm migrating from a failover pair of FWSM modules across to a failover pair of ASA Service Modules. In order to avoid a "big bang" switchover I intend to migrate subnets from one to the other over a protracted period.With that in mind, whether there is any restriction on having FWSM and ASASM modules in the same chassis? A trawl of the relevant documentation hasn't revealed anything.In this specific case it is Catalyst 6509E VSS chassis pairs with Sup-2T.
I have been tasked with creating a VPN tunnel between our site and a vendor's support center. I successfully created the tunnel, which negotiates fine, but I can't seem to get the traffic flowing properly. The issue that I think I am having is that the vendor is using a public IP address for their remote internal network instead of a public one. At least that's what I think the problem is, but I'm probably wrong Here is a diagram of how the traffic should be flowing:
Office #3 Office #3 Office #1 Office #1 Vendor Vendor Desktop PC Gateway Gateway Firewall Public IP Private LAN 192.168.5.158 -> 192.168.5.1 -> EVPL -> 192.168.0.11 -> 192.168.0.5 -> Internet -> 68.x.x.x -> 192.68.48.0/22 Cisco 2851 Cisco 2851 ASA 5510 Cisco 7206
When I trace a route from the desktop PC to an IP address on the remote vendor end, instead of going to the ASA the traffic goes to another office. Here is what is happening to the traffic:
1 <1 ms <1 ms <1 ms 192.168.5.1 (Office #3 Gateway) 2 3 ms 3 ms 3 ms 172.20.254.5 (Office #3 EVPL VLAN to Office #2) 3 3 ms 3 ms 3 ms 192.168.1.14 (Office #2 Gateway) 4 4 ms 4 ms 4 ms 173.xxx.xxx.xxx (Public Internet)
The office with the desktop PC has no local internet access, so all internet traffic gets routed to office #2 (192.168.1.0) as shown above. I'm asuming this is happening because the vendor is using a public IP address instead of a private IP address for their network. The routers look for the shortest route, which would be the internet, and then route the traffic there. Instead they should be routing the traffic to office #1's ASA and then on to the remote vendor site. The 2851 routers are using EIGRP. I don't know if that is causing this to happen but I tried adding static routes and the traffic always goes to the same place. I can provide configurations on any of the devices mentioned, save for the vendor's.
i have a cisco router (3900 series) and a add on module (4 x 1 Gig port module). For some reason i cant seem to port channel them and cant do routing (can set an ip address on those ports). I can do port channel and routing on on-board ports. Do i have to enable any commands to do this ?
When you use the command switchport trunk allowed vlan add [vlan-id]There should be no drop in service to the existing VLANs, correct? I am trunking from a 7K to a 2960S via 2G PoCh.
I got this 3640, trying to apply a service-policy (output and input), but seems like I do it something wrong...because he only apply the output policy... here the config, I already try to config the service police inside the fa0/0, but is not showed at all, he only show the output, its like I never apply that
