Cisco Switching/Routing :: 2960 - Choice Of Equipment For Multi-tenancy?
Mar 9, 2013
A client I have just taken on wishes to provide internet data and VoIP for multiple tenants in their new office they move to in a few weeks.
they currently have a Cisco 2811 router with a 24 port Catalyst 2960 PoE managed switch serving just their staff and one tenant company who is plugged into a single port on the switch. I dont know what the tenant has the other side of that at this time.
when they move they currently will provide single port access points on the switch for each tenant, so the tenant can deal with their own network LAN. The client will provide phones to all the tenants using VoIP phones on a single subnet and hosted on an external PBX the phones all plug into the Catalyst and use the PoE. the WAN is a 20mbps fibre connection.
The client has 16 staff, the tenants are 3 companies with 3,6 and 9 staff. They may all increase or decrease in size to a total size of about 30 or 40 people.
I have a few questions
1. should I look at Vlan setup for this instead of the current basic routing setup or is that overkill since they only use one port access point per tenant as gateway.
2. can the cisco 2811 handle this or is it a bit old.
3. what router replacement would be recommended for this task given the above info especially if I went with Vlan solution.
4. any thoughts on the current switch's capability for this task.
5. managing bandwidth solutions? is there any router designed with this in mind. the ASA maybe or something like it with nice visual webgui management capabilities for monitoring and controlling bandwidth use of tenants?
Mark
View 2 Replies
ADVERTISEMENT
Feb 20, 2013
i am trying to monitor some UPS equipment,for that i am using a cisco 2960 switch and when the UPS is down it sends a L1 loop.when the switch detects the loop the int in which the UPS is conected to will get a link and go up.now my problem is this, as you probeblly know the switch has a protocol which protects it from getting loops and cuasing all kinds of problems.i need to remove this protocol and allow the switch to get L1 loops?
P.si have tryed to use UDLD, KEEPALIVE, BPDU guard, down-when-looped and errdisable commands with no success?
View 2 Replies
View Related
Aug 29, 2012
I have some questions in regards to network equipment I want re-utilize for my distribution layer in one of my buildings.The choices at the moment are:
OPTION 1.) 2x WS-3550-12G's (HSRP)
OPTION 2.) 1x WS-6509 with cards:
What option would be better from a performance aspect? We want to have network, voice, and wireless data go through this distribution layer switch(es).This is exisiting equipment I already have and can not buy anything else at the moment.
View 2 Replies
View Related
Oct 28, 2012
I have a network with several catalyst 2960 switches and one catalyst 3750. I have created two VLAN and set up the proper routing and everything is working fine there. I have a client/server application that used multicast in the initial start up for the client to determine available servers, the issue is one of my clients is on a different VLAN then the server. I am able to route the multicast using MVR as long as both the server and the client are plugged into the 3750 by creating a static route, making the server a source port and the client a receive port. Unfortunately I need the client and the server plugged in to different 2960s. My question is how do I establish multicast routing between the two and perferably do it dynamically (always route multicast traffic from one VLAN to another).
View 2 Replies
View Related
Feb 7, 2012
I have an existing stack of 4 x 2960-S switches connected by stack cables.I would like to add another 2960-S switch to the stack but am unable to as the 2960-S will only allow 4 x 2960-S switches per stack.how I would add the 5th 2960-S switch to the existing stack of 4 x 2960-S switches.
View 12 Replies
View Related
Feb 11, 2013
I have a 24 port 2960-S that is not communicating with a 2960-LST that it is directly connected to over fiber. The link is up on the LST but will not come up on the -S. What command should I use to bring up this link? I have tried no shut from the (Config-if)# prompt.
View 3 Replies
View Related
Jul 10, 2012
Can I use the SFP-10G-SR 10g interface woth Multi - Mode fiber?
View 3 Replies
View Related
May 21, 2012
I have a 3750 switch with IP routing enabled and have lots of VLANs configured on this switch.What is the best way to prevent VLANs from talking to each other?At the same time, hosts inside their respective VLANs should not be blocked from reaching any private networks as they could be doing some L2L with another site.Blocking the VLANs from accessing/telnetting the switch was very simple as I was able to do this in the VTY line section. However blocking VLANs from accessing the other VLANs on the switch seem to be hard and I think there has to be a recommended way of doing this. For example, if hosts in one of my VLANs, in this case VLAN-204 (10.10.10.0/24) want to hack or scan hosts on one of my other VLANs, in this case VLAN-330 (10.20.20.0/24), how can I accomplish this without blocking VLAN-204 hosts from accessing another network they have a site to site tunnel with with the same destination address of 10.20.20.0????
View 2 Replies
View Related
Jan 2, 2012
I am doing an small project, I have to connect 4 cisco switches SF 302-08 (1 GBIC each one) to a core switch SGE 2000 (4 GBICs). Because of cable length I have go connect all 5 switches with fiber. The fiber termination is multimode LC duplex. My confusion is on the mini GBICs. There is compatibilities issues i been reading. [code]
View 3 Replies
View Related
Apr 30, 2012
we are moving to different providers. We currently have multiple sites that have MLP bundles going to our current provider. We are trying to limit our network disruptions by creating a new MLP bundle group and connect it to the new provider, but are having no luck. In a GNS3 lab I have setup I am able to keep my existing MLP bundle up/up over the current provider network. When I attempt to bring up a new MLP group to the other provider my MLP does not come up and keeps going up/up then down/down and shows inactive. Is it possible to have one MLP group go to current vendor router, then create another MLP group and go to the other router?
View 6 Replies
View Related
Oct 11, 2012
I have a new building to add to our campus and I have been encouraged to run single mode fiber. All of my other buildings are connected with multi-mode fiber. I just want to make sure i will not have an issue if I run single mode to the new building with SM SFP's.
View 2 Replies
View Related
Jul 18, 2012
The module WS-X4306, support fibber fiber single mode ó fiber multi mode? what GBIC is for fiber single mode or fiber multi mode?
View 1 Replies
View Related
Feb 7, 2013
I have two ospf processes running on a single 3570 edge router that has a dedicated transport circuit back to our network core. We are adding an additional "transport" only circuit into a new location that is also apart of the second ospf process backbone which will connect back to our core. There will also be a 3750 for this new circuit termination. Currently we are only redistributing ospf process 2 into ospf process 1 (1 = core backbone).
#router ospf 1
#redistribute ospf 2 subnet
We have no need to have ospf process 1 redistributed into the process 2 tables. That being said, when we add an additional transport ciruit, or path back to our core backbone, will this configuration present any issues with the redistribution process and failover.
View 2 Replies
View Related
Feb 26, 2012
Possible to configure multichassis port-channel between a VSS and 3750X (Port-channel not in the same switch on the 3750X stack). I got it using LACP but I need Pagp to get VSL redundancy “dual-active detection pagp trust channel-group 1”. I am using the last VSS IOS version 15.0(1)SY. I can’t get the option “switch 1 preempt”, has it changed with other option?
View 2 Replies
View Related
Mar 15, 2011
I have an 891W that I initially configured using CCP Express (2.5). So it has a WAN IP set, and through CCP Express I had enabled via the checkboxes the various default settings for security. This includes zone-based firewall. I then added a number of NAT entries in the setup wizard.
What never occured to me at the time was that I should have added entries that allow for remote access. So it seems I've locked myself out of accessing the router via the WAN interface even though I know it's IP. I'm sure it's just a matter of adding port exceptions for SSH and/or whatever port(s) CCP uses.
So I"m wondering what the proces woudl be. In the IOS while showing the running config., I see pages and pages of class-map stuff which at present I don't know enough about to risk editing anything directly. But maybe I don't have to? What would be the best way to, for example, enable SSH access through the firewall? I already have transport input ssh set on the interface itself so I believe it's ready to allow the connection, just that I can't get to it via WAN int. so I assume it's the firewall.
View 3 Replies
View Related
Feb 20, 2013
I need to support a bunch of security cameras mounted on poles in our parking lot and an IP intercom system mounted on some gates. Because of environmental factors the switches at the poles need to be hardened and the spec from the vendor installing the gear is for GarretCom Industrial unmanaged switches which would make sense.
However when Information Security got wind of this scheme they (probably correctly) are requiring me to secure the ports that these unmanaged switches connect to. I have 2 choices: port security w/ MAC filtering or 802.1x. Because all the devices at the poles and gates support 802.1x and because I may need to go out there to troubleshoot stuff (and will invariably forget to add the MAC of whatever device I am using) I would prefer 802.1X multi-auth mode.
Problem:
When I ran a quick test on a test 3560 running some 15.0.1 code I could get a laptop to connect via 802.1x EAP-TLS successfully if it was directly connected but when I connected the same laptop via a dumb Netgear switch I confiscated from a luser it would not connect. The 3560 error said that the laptop never responded.
Question:
Before I spend a whole lot of time on this, is this something that should work? I don't see any practical use for the feature if it won't however the documentation I am using specifically mentions downstream hubs but I am not sure if they mean real hubs (which I don't think are even made anymore) or if they mean unmanaged switches.
I plan to try a couple of different unmanaged switches tomorrow and digg a little but I would like to know if I am wasting my time on something that will never work or if there is a little gotcha somewhere.
View 2 Replies
View Related
Mar 30, 2012
Do the cisco 4503 switches support virtual clustering feature ? I have a requirement where switch ports on two different 4503 switches need to combined in the same Link aggregation group . This is needed because the firewall notes say that the aggregated interfaces need to be conected to a single switch and combined in the same LAG . So according to the diagram below , the interfaces marked RED need to be in the same LAG in the switches , same for the interfaces marked BLUE . I have done the same setup using Juniper switches where it uses VIRTUAL CLUSTERING to group the different switch ports in the same LAG.
View 2 Replies
View Related
Sep 26, 2012
I came across this Multichassis EtherChannel Features when read about information from Cisco Smart Business Architecture.After checking further, knowing that Cataly stwitch 6500 supports this feature.provide information that beside Catalyst 6500, is there any other model of Catalyst switch can support this feature?
View 4 Replies
View Related
Jan 17, 2013
My management has tasked me to give them a high level overview of the different switching we can choose for our new building.
This is what I know so far.4 Closets, each closet has 450 ports,One MDF room that is will contain one UCS Chassis and a Nimble iSCSI SAN.
I am working on the spreadsheet and it looks like this (Not totally filled):
2960s3560x3750x45064510Approx cost (Each, 48PORT, POE+, 10G uplink, Dual PS, IP BASE)
6K7K8K45K75KMax Capacity192432432192384Backplane speed206464520520ProLeast ExpensiveStackable to 9Stackable to 9ProDual PSDual PSDual PSDual PSDual PSProLayer 3 opt
Layer 3 optDual SupsDual SupsConExpensiveExpensiveConNo Dual PSConLayer 2 OnlyCannot stack more than 4
For the MDF I would like to use 2 Nexus 5548's with FEX's, and the layer 3 daughter board. For the IDF's I was thinking of two 4010's.
View 12 Replies
View Related
Nov 21, 2012
I am using a 3750 as a default gateway for multiple Vlans on a few 2960 switches. The trunk lines are configured and working and I have assigned ip addresses to each of the Vlan interfaces on the 3750. My issue is that I can only ping the ip address on the Vlan interface of the 3750 if I have a working computer plugged directly into the Vlan on the 3750. I only have 3 vlans on the 3750 that have hosts directly connected (vlans 2, 10 and 40) the other vlans ( 20 and 70) don't have any clients plugged into them on the 3750 but the hosts reside on 2 different 2960s that connect via trunk ports. How do I keep the vlan interface on the 3750 switch pingable when I don't have hosts directly connected in that vlan on the 3750? (yes, I have enabled ip routing on the 3750)
View 5 Replies
View Related
May 21, 2013
I have a Cisco SG 300-20 as the core switch, layer 3. It is 192.168.4.6 on VLAN1 and 192.168.5.1 for VLAN2 (VOIP). All the ports are set in trunk mode. DHCP relay is setup on this switch.
The phones connected into a layer 2, Catalyst 2960-S switch. All ports are set in trunk mode. Default gateway on it is set to 192.168.5.1.
DHCP for both VLANs is provided by a Windows Server 2008 R2 server (the relay IP 192.168.4.15).
There is also an ASA 5510 in the mix which is 192.168.4.1. It has a route added to it for the 192.168.5.0 network to go to the SG 300 (192.168.5.1).
Just the two switches can ping each other on the 192.168.5.x network when I "add vlan 2" to the trunk port that is connected between the SG 300 and the 2960. The phones don't get DHCP on the 2960 switch. And I cannot ping 192.168.5.x from the ASA or anything else on the 192.168.4.x network.
After a bit of reading on intra-vlan routing for the SG 300 switch, I am thinking the SG 300 has to be the "center" of things so I need to make it 192.168.4.1 to be the gateway for both VLANs and change the ASA to 192.168.4.2 for VLAN1, etc. And I really can't do asymmetric routing with this switch.
View 1 Replies
View Related
Nov 16, 2011
Does the Model "WS-C2960-24PC-L" Supports IP Routing or not?
View 9 Replies
View Related
Dec 26, 2012
I'm having a strange problem where I'm not able to get through a Cisco 2960-S L2 switch when connected through vpn, while LAN-WAN traffic is working fine.The situation on site is the following:When inside the network I'm able to get to the internet without a problem. The problem is within a vpn-session. When this session is succesfully started I can ping and manage the Cisco 2960-S switch, but I can't ping or manage the Dell switch from my laptop. I can however ping the Dell from the Cisco-switch. [code]
View 7 Replies
View Related
May 15, 2012
set up my QoS on two 2960
-------------------- ------- ------- ------------
PBX Asterisk |----|2960-1 |------|2960-2 |-----|Voip client2|
-------------------- ------- ------- ------------
-------------- |
[Code].....
This will be this configuration for all input interface right ? For the Output part I'm lost, what do I have to do ? And for the 2960-2 do I have to put the same configuration ?
View 5 Replies
View Related
Nov 7, 2012
we hava a couple of 2960 switches and we are logging to a syslog server. Ports keep going up and down is it normal severity (error) ?
View 2 Replies
View Related
Feb 23, 2012
We recently updated a site2site link to metro ethernet, ISP call it 100mbps LAN Extension, but to me it is just QinQ over fibre connection. Most went well, one thing (annoying to me) is we can not ping our switches on both ends anymore.
We have a 3750 in headend and another 2960 on the other end. I used to be able to ping/telnet to the management IP from one to the other. Now we can not. I think the ISP is applying some configuration on ports of their customer-premises equipments (both are Cisco switches) but agent in ISP told me no. I thought there is some configuration on Cisco switch to block "MAC discovery" but i just can not remmenber what was that and google also failed me this time.
View 3 Replies
View Related
Apr 20, 2013
I have got two links from the same ISP, primary and secondary and connected to two different switch. The ISP have passed the trunk vlan of 30, 31 and 32 on both of the links. The ISP can't provide stp. I have got another managed 2960 series switch. How can I obtain failover on switch level.
View 2 Replies
View Related
Feb 21, 2013
I have IP phones connected to 2960 i want to segregate traffic traffic comming from IP phones which has a COS value of 5 and want to allocate a band width of 200 MBPS for those traffic .
Can any one share sample QOS configuration for achiving this in 2960 ?
View 2 Replies
View Related
Mar 10, 2012
My cisco ios 2960S is crashed and the ios is gone The issue is i am connecting my pc to management port and i give switch:
IP_ADDR x.x.x.x/255.255.255.0 and also switch: DEFAULT-ROUTER
But i can not copy tftp to flash,according that i have L3 port (management) why should i use xmodem?
View 3 Replies
View Related
Mar 16, 2012
I have 2 switches connected Via MM fiber cable one of them SRW2024-K9-NA with MGBSX1 Transceiver and the Secand One 2960 with GLC-SX-MM
are there is any configration must be done or not ?
View 2 Replies
View Related
Jul 22, 2012
Have Cisco catalyst 2960 IOS ver12.2(53)se2 when power on the power LED does not come up and on this is what shown on hyper terminal. what need to be done for this switch ?
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: b4:d9:8d:27:4c:00
Xmodem file system is available.
[code]......
Interrupt within 5 seconds to abort boot process. Boot process failed. The system is unable to boot automatically. The BOOT environment variable needs to be set to a boot able image.
View 12 Replies
View Related
Jul 2, 2012
I currently have a network with (8) 2960 Cisco Switches. (6) of the 2960 switches are etherchanneled back to (2) 2960 switches in the computer room. I would like to setup QOS on the (8) switches, however the traffic is very differnt on each of the switches. I have video, ip phone, server, printer, PC traffic. I am not sure what the best method of separating this traffic into differnt QOS queues.
View 3 Replies
View Related
Jan 6, 2012
we have a cisco 2960 48 port tcl switch port and i've enable ssh on my switch and now :
1) how can i login to ssh ? how should create username for ssh ?
2) how can i disable telnet ?
3) how can i change main (master) password?
View 7 Replies
View Related
