I recently installed a cisco 2901 router. The router is connected to hosts using a SG 200-50 50-Port Gigabit Smart Switch
Problem is the router internal interface keeps shutting down without notice and randomly. At that time I cannot ping the interrface from a LAN PC even though I can ping other hosts on the LAN. The ISP link is okay since I can put a static IP on my computer and access the net.
I have a 892 router configured on fa0 with vlan1 and a catalist 3560. On catalist all ports are in access mode and vlan1. When I'm connecting port fa0 from router to catalist, the catalist port is shuted down What should I do on router on catalist to make the connection working ?
View 4 Replies View RelatedHow I can shutdown a module when I am running vsl.I can use the following command #hw-module module 2 shutdown.As I have modules in both switch 1 and switch 2 how can I ensure I only shut down module 2 in switch 1.
View 1 Replies View RelatedI converted a Cisco Aironet 1142 Lightweight access point to Autonomous and at first it works properly but every some days the dot11Radio0 interface is down (similar case than the cisco support community case "Autonomous 1142 AP shuts down 2.4 radio interface" The 802.11g radio shows as “Dot11Radio0 is reset, line protocol is down” while the 802.11a radio appears to be up and running, I have to reload the device so that the Dot11Radio0 is up again.
View 1 Replies View RelatedWAN link plugs into a 2821 Router with an switch module in it. About 8 clients are plugged in to the 2821.2821 connects to super cheap netgear switch (I'm 99% sure it's stripping dot1q headers) via one of the ports in the switch module. About 4 people are connected to the netgear.Now, I sent a catalyst 3560g to the branch because they wanted to extend into a new building. Someone decided to run a single cable from the netgear to the 3560. On the 3560, I have about 5 clients and a couple of APs.
So it goes 2821 -> Netgear -> 3560. All of these are single connections.When the 3560 gets plugged in, all clients on the netgear lose their connection, and nothing on the 3560 works. It happens almost instantly. I can't figure out why connections are dropping. The APs have about 4 VLANs onn them, and the PCs are on their own VLAN (the native VLAN).
I converted a Cisco Aironet 1142 Lightweight access point to Autonomous and at first it works properly but every some days the dot11Radio0 interface is down (similar case than the cisco support community case "Autonomous 1142 AP shuts down 2.4 radio interface"
The 802.11g radio shows as “Dot11Radio0 is reset, line protocol is down” while the 802.11a radio appears to be up and running,
I have to reload the device so that the Dot11Radio0 is up again,
I have a c2969-48PST-L switch running IOS Version 12.2(55) SE. The switch is configured for 802.1x authentication. The radius server is a Cisco ACS 5.2. We are using PEAP and allowing EAP-TLS and EAP-MS-CHAPv2. Windows 7 PCs (HP Elitebooks) are using the "windows" supplicant and configured to 802.1x authentication is enabled using Microsoft Protected EAP (PEAP), we are not validating any certificates and the authentication method is Secured password (EAP-MSCHAP v2). What is occurring every so often is that the PC will fail authentication (intermittently) and the ACS shows the reason as being 5411 EAP session timeout. This is a pretty generic message according to TAC. The interesting part to me is the Authentication Method showing on the ACS when the authentication fails is simply PEAP. However, when it does not fail the Authenication Method is shown as PEAP (EAP-MSCHAPv2). We have the Cisco TAC looking at the ACS and they are saying the issue is the client not reponding to the request correctly from the switch.if the version of IOS softare on the switch maynot be handling the communication to the ACS correctly. I have wireshark traces of a successful authenication and unsuccessful one. There does seem to be any difference from the client side at all.
View 1 Replies View RelatedWhy I cant correctly use ip sla command. I only have on my 2901 such commands: ip sla ?
key-chain Use MD5 Authentication for IP SLAs Control Messages
responder Enable IP SLAs Responder
server IPPM server configuration
There is my "sh ver"
ROM: System Bootstrap, Version 15.0(1r)M15, RELEASE SOFTWARE (fc1)
And...What should i do. if i want to create a failover with to WANs
I have a strange behavior between a WLC 5508 (version 7.0.116.0) and NEXUS7010.
WLC
The WLC is configured in DHCP Bridging Mode (it sends DHCP requests without change)
Nexus
The VLAN interface is configured as follows
interface Vlan501
ip access-group acl-int-vlan501-in-1 in
no ip redirects
ip address 10.12.56.4/21
ip ospf network broadcast
ip router ospf 100 area 10.23.0.0
hsrp 51
Clients can not obtain an IP address intermittently. If I deactivates the ACL when the problem appears(when the client can not obtain an IP@) the probleme is resolved
Note: Before the WLC was connected to Catalyst 6500 and worked properly for 2 years (with same configuration)
I saw this note about differences between DHCP relay on the NEXUS7000/NXOS an Ip helper one the 6500/IOS URL. Do you think the problem may come from the DHCP relay or ACL on the NEXUS.
I am attempting to configure a Cisco 2901 router using IOS 15 to properly perform NAT/PAT translation between LAN and the internet connection.
My Configuration:
interface GigabitEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
no cdp enable
no mop enabled(code)
I am trying to implement an etherchannel on a cisco 2901 (IOS 15.1). i have already created the port-channel but i cannot assign the gig interface to the channel group.
View 1 Replies View RelatedWe've have a client who had a ordered 2 units of 2901 router to have site to site connectivity. User has bought a leased line of 256kbps from service provider in between two sites, but the issue is the service provider has layed a rj11 cable and there is no rj11 interface on 2901 router it only has two rj45.
View 5 Replies View RelatedI'm trying to enable port security on several 4507R's. When I try to configure a range of ports the switch will randomly put 1 or 2 in err-disable. It's different every time I apply the config to the same group of ports. However if I do them one at a time it seems to work. But I really don't want to configure 6 fully populated switches one port at a time. We also have a lot of 3750's and they gave me no problem using a port range. [code]
View 4 Replies View RelatedI need to break into a 2901 router to recover the passwords. Cisco's methodology for password recovery on 2900 seriews routerssays to remove the compact flash card and reboot into RMON. There is no external compact flash card on a 2901. Is there acompact flash card inside the box? Or can you use the older method of rebooting and then hitting ctl+break to boot into RMON?
View 5 Replies View Relatedi'm interested if it's possible to set the NTP server via DHCP on an 2901 Router with 15.2(2) image.
i configured the interface gigabit 0/0 as dhcp client. The DHCP Server sends to me DNS, Default GW and NTP. All is working fine, but the NTP will not be configured. i tried to add an DHCP option request, but there is no NTP (42) value. [code]
is there any way to add the value NTP (42) for the DHCP request or isnt it possible?
Does the 2901 have etherchannel capabilities? If so, how to configure it? I mean, I can type "show etherchannel 1" in it, so I would assume if I can show it, I better be able to configure it, right?What about the 2911?
View 1 Replies View Relatedi want to use the cisco 2901 router with two adsl cards(EHWIC-VA-DSL-B) and would like to know if that possible without any restrictions with the ip base license.
View 2 Replies View RelatedI have a Cisco 2901 with the 4port gigabit ethernet switch module that I'm trying to get configured to have a seperate subnet for each port. So far I have it set up so each subnet is a vlan, then on each port I use the switchport access vlan command to tell it which subnet I want that port to be on. However, there is one port that I need to have 2 subnets on. The way I found to do that was to use switchport trunking on that port, but it doesn't seem to be working properly. how they would configure this? Right now I have vlan 101 as x.x.x.17/28 and vlan 103 as x.x.x.53/30. I think where I'm getting hung up is the proper association between the physical port and the vlan subnets.
View 5 Replies View RelatedI have always done my port monitoring (SPAN) on Cisco layer 3 switches with no issues. This time I am trying to do this on a Cisco 2901 router:
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(4)M2, RELEASE SOFTWARE (fc1)
System image file is "flash0:c2900-universalk9-mz.SPA.151-4.M2.bin
I need to have the source port gig0/0 and destination port gig0/1. There is something about the gig port enumeration (slot/port#) that makes the command rejected. It is self explanatory:
#sh ip int brie
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 xxx.xxx.xxx.xxx YES NVRAM up up
GigabitEthernet0/1 unassigned YES NVRAM up up
Serial0/0/0:0 unassigned YES unset up up
[code]....
It doesn't matter what slot or port number I use, it is always rejected. The command is rejected for Both destination and source gig interfaces. I tried a wide variety of slot/port numbers. To my best understanding the complete port names are: GigabitEthernet0/0 and GigabitEthernet0/1, so why does it think there has to be another digit after 0/0 or 0/1? Does it have anything to do with the Embedded-Service-Engine0/0 being administratively down?
I have a Cisco ASA 5505 and I have my internal and external interfaces configured but I currently cannot ping from the inside to an IP Address on the outside. I had this setup and working and I have another set of equirement that I am replacing that is working with my service provider so I know it is a configuration issue. When I ping 4.2.2.2 for example I get:
Destination host unreachable
Do I need to add a static route from my inside interface to my outside interfaces?
: Saved
:
ASA Version 8.2(5)
!
hostname pxasa
[Code].....
Everything in my network works as a charm. Every host in my vlans can access and ping the internet with no problems. But, my main router does not ping the internet (Pinging either ip "173.194.71.104" or domain "www.google.com" do not work). I don't know how is that possible since my hosts can ping the internet. Below is my main router confiurations
!
hostname Internet_Router
!
boot-start-marker
[Code].....
Quick question here. Using 3750E series switches with multiple VLANS configured. These switches serve as our 'core'. I have SVIs configured for the different VLANs and add inbound ACLs in each of the SVIs to control traffic between VLANS. This switch also terminates a P2P Ethernet link which connects to our Colo facility. The port used for this is configured as an L3 port. I noticed today that I was able to send traffic across this L3 link that I thought should have been blocked by an ACL I had in place but it wasn't. So the traffic flowed from a port in say VLAN 20 across this L3 link (assigned with an IP address). Would this traffic flow not cause traffic to be checked against an ACL applied in the inbound direction on the SVI of VLAN 20 (int vlan 20)? Traffic does get checked when routing between SVIs. Why would it not get checked when routing between SVI and L3 interface?
View 2 Replies View RelatedOn a pair of my CISCO7609-s (engine:sup720-3B IOS Version:12.2(33)SRD4),some interfaces is configured as routing interface but also them are attend MSTP caculation and i really caught BPDU packet go out from these ports. [code]
View 1 Replies View RelatedWe got a layer3 switched network, with one vlan for every switch, routed by a cat4006. [code] So can we put some ports on different switches in, let`s say vlan 50, with different ips? For example, Port 0/3 on Switch 1 and 0/8 on Switch 2, but keeping the ip of the "old" vlan? Or is it necessary to configure a specified vlan interface with ip-adress for every vlan if i want to route it?
View 4 Replies View RelatedI am a recent student to Cisco products and I have purchased some (what I thought was good) lab equipment to learn with on a budget. What I have is a 2948G switch and a 2620 router. My issue is this: the router has only one fast Ethernet port. Is it possible to use V LAN's and V LAN Interfaces on the router and switch to somehow emulate a second interface to connect to a WAN or sub net?
View 11 Replies View Relatedi've got a Cisco 877 router connected to an ADSL link. i'm using the show dsl interface atm just to have a look on its performance. i've tried to search on Cisco website on how to interpret the output but a blog gave me more info [URL]. My question now is, what readings do i consider? is it on the left (ATU-R) or on the right (ATU-C)?
877ROUTER#sh dsl int atm0 ATU-R (DS) ATU-C (US)Modem Status: Showtime (DMTDSL_SHOWTIME)DSL Mode: ITU G.992.1 (G.DMT)ITU STD NUM: 0x01 0x01Vendor ID: 'ALCB' 'ALCB'Vendor Specific: 0x0000 0x0000Vendor Country: 0x00 0x0FCapacity Used: 31% 85%Noise Margin: 34.0 dB 10.0 dBOutput Power: 16.0 dBm 12.0 dBmAttenuation: 10.0 dB 6.0 dBDefect Status: None None Last Fail Code: NoneSelftest Result: 0x00Subfunction: 0x15Interrupts: 1453 (2
[code]....
I notice strange input rates on the interfaces of a 881 router:
show int fa4
..
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec
..
30 second input rate 85000 bits/sec, 11 packets/sec
30 second output rate 16000 bits/sec, 9 packets/sec
221434 packets input, 287889736 bytes
..
..
142286 packets output, 15683576 bytes, 0 underrun
How can 11 packets/sec be 85000 bits/sec -- average packet size of 8KB?. The total packets input (221434 packets versus 287+ MB) also shows this kind of a 10KB+ average packet size. There is ahardly any traffic through the router when the above snapshot was taken so 11 packets/sec sounds right, but not the 85Kbits/sec.
The router is running c880data-universalk9-mz.151-4.M4.bin and config is simple with a single Vlan (inside NAT) with a public IPs on fa4 and a couple of IPs for dynamic NAT. Everything works fine except for these interface counters that look worng.
I can't accsess web-interface on SF-300-24. My computer is on the same subnet. Can only access by RS232. The Switch doesn't answer on ping either. In the manual it says the switch has ip-adress 192.168.1.254.
View 4 Replies View RelatedThere is some way to increase the speed of changing the interface state from DOWN to UP when the cable is connected. I need to configure a port of Cisco 4503 in a way that when a cable is connected the port goes immediatly UP.
A solution can be to keep Cisco interface always UP and I remember that with "no keepalive" command to the interface configuration it was possible. But I tried and nothing happens.
How to confirm if a 10Ge interface can be set down to 1Ge if required ?
View 4 Replies View RelatedI have a switch WS-C4507R + E, added two SFP SFP-10GBase-SR, and they stayed with inactive status, activate these interfaces in 10Gb.
SWC-DC01#sh interfaces status module 4
Port Name Status Vlan Duplex Speed Type
Te4/1 connected trunk full a-1000 1000BaseBX10-U
Te4/2 notconnect 1 full auto No XCVR
Te4/3 inactive 220 full auto 10GBase-SR
Te4/4 inactive 220 full auto 10GBase-SR
[code]......
Got a shiny new SG 200 26P which seems to work fine operationally.owever, when I am trying to access the web interface from a different IP subnet, the web brower just times out.If I put my PC on the same IP subnet, it works just fine. From the other subnet, I can ping the switch fine. The default gateway is set on the switch, and from the web interface I can ping and dns resolve other hosts and on the internet. I've tried to create a management profile to 'allow all from everywhere' basically, but still no luck.I'm completely stumped. I've tried to reset to firmware defaults, and I'm now runinng the latest firmware. I woudl suppose that the switch would allow itself to be managed via the web interface from all subnets by default. Any thoughts? The fact that the switch can ping internet hosts makes be believe it's own default gateway and IP are all ok and working.. (and I can ping it from anywhere in my network).
View 4 Replies View RelatedI have a CISCO2921. I am not able to bring up its gi0/1 interface. It stays down down.
[URL]
I know that interface is not coming up because of "no media" below. Router#sh int gi0/1 | i media Auto Duplex, Auto Speed, media type is no media
I have tried media rj-45 and media sfp which have also not worked. The other end of this link is ethernet handoff. What is it that I have to do for the link to come up? If I change the connection to gi0/2, I think that will work because I see this for gi0/2:
Router#sh int gi0/2 | i media Auto Duplex, Auto Speed, media type is RJ45
