Cisco Switching/Routing :: 2960 Segmenting One Workstation
Oct 22, 2012
We have a workstation that processes sensitive information and we want that workstation to only have access to very select endpoints on our LOCAL LAN and also internet access.
Solutions:
1. At first we explored VACL, this worked well except when the workstation needed to be moved around the environment to a switch that didn't support VACL (2960).
2. We explored a VLAN but thought that a routable VLAN with one single IP Address was somewhat wasteful, hoped there was something easier
View 2 Replies
ADVERTISEMENT
May 21, 2012
I'm building a new colo presence with a full class C of public IP's. The idea is to connect to our ISP with a 3750x switchstack and they will be providing two ethernet drops that conect directly into two seperate switches on their side with HSRP and BGP at the routing level, so we will just point to their virtual IP (gateway address).I'm not sure how to either segment the public ip block or statically route each ip address and the interaction of vlans/svi with HSRP groups. Just use the switch at layer 2 or handle the internal routing with eigrp or ospf at layer3?
View 2 Replies
View Related
Feb 7, 2012
I have an existing stack of 4 x 2960-S switches connected by stack cables.I would like to add another 2960-S switch to the stack but am unable to as the 2960-S will only allow 4 x 2960-S switches per stack.how I would add the 5th 2960-S switch to the existing stack of 4 x 2960-S switches.
View 12 Replies
View Related
Feb 11, 2013
I have a 24 port 2960-S that is not communicating with a 2960-LST that it is directly connected to over fiber. The link is up on the LST but will not come up on the -S. What command should I use to bring up this link? I have tried no shut from the (Config-if)# prompt.
View 3 Replies
View Related
Jan 17, 2013
My management has tasked me to give them a high level overview of the different switching we can choose for our new building.
This is what I know so far.4 Closets, each closet has 450 ports,One MDF room that is will contain one UCS Chassis and a Nimble iSCSI SAN.
I am working on the spreadsheet and it looks like this (Not totally filled):
2960s3560x3750x45064510Approx cost (Each, 48PORT, POE+, 10G uplink, Dual PS, IP BASE)
6K7K8K45K75KMax Capacity192432432192384Backplane speed206464520520ProLeast ExpensiveStackable to 9Stackable to 9ProDual PSDual PSDual PSDual PSDual PSProLayer 3 opt
Layer 3 optDual SupsDual SupsConExpensiveExpensiveConNo Dual PSConLayer 2 OnlyCannot stack more than 4
For the MDF I would like to use 2 Nexus 5548's with FEX's, and the layer 3 daughter board. For the IDF's I was thinking of two 4010's.
View 12 Replies
View Related
Nov 21, 2012
I am using a 3750 as a default gateway for multiple Vlans on a few 2960 switches. The trunk lines are configured and working and I have assigned ip addresses to each of the Vlan interfaces on the 3750. My issue is that I can only ping the ip address on the Vlan interface of the 3750 if I have a working computer plugged directly into the Vlan on the 3750. I only have 3 vlans on the 3750 that have hosts directly connected (vlans 2, 10 and 40) the other vlans ( 20 and 70) don't have any clients plugged into them on the 3750 but the hosts reside on 2 different 2960s that connect via trunk ports. How do I keep the vlan interface on the 3750 switch pingable when I don't have hosts directly connected in that vlan on the 3750? (yes, I have enabled ip routing on the 3750)
View 5 Replies
View Related
May 21, 2013
I have a Cisco SG 300-20 as the core switch, layer 3. It is 192.168.4.6 on VLAN1 and 192.168.5.1 for VLAN2 (VOIP). All the ports are set in trunk mode. DHCP relay is setup on this switch.
The phones connected into a layer 2, Catalyst 2960-S switch. All ports are set in trunk mode. Default gateway on it is set to 192.168.5.1.
DHCP for both VLANs is provided by a Windows Server 2008 R2 server (the relay IP 192.168.4.15).
There is also an ASA 5510 in the mix which is 192.168.4.1. It has a route added to it for the 192.168.5.0 network to go to the SG 300 (192.168.5.1).
Just the two switches can ping each other on the 192.168.5.x network when I "add vlan 2" to the trunk port that is connected between the SG 300 and the 2960. The phones don't get DHCP on the 2960 switch. And I cannot ping 192.168.5.x from the ASA or anything else on the 192.168.4.x network.
After a bit of reading on intra-vlan routing for the SG 300 switch, I am thinking the SG 300 has to be the "center" of things so I need to make it 192.168.4.1 to be the gateway for both VLANs and change the ASA to 192.168.4.2 for VLAN1, etc. And I really can't do asymmetric routing with this switch.
View 1 Replies
View Related
Nov 16, 2011
Does the Model "WS-C2960-24PC-L" Supports IP Routing or not?
View 9 Replies
View Related
Aug 27, 2011
A month ago my ISP was routing half my subnet (129-254) over DSL. I just moved and routing no longer works without NAT. The issue is probably with the new DSL 'modem,' a zhone 1611-A1, but I am not sure how it should be configured.The 1611 is connected to a WRT610N, which works in NAT mode with the following settings:[code] With the previous settings, networking doesn't work from a workstation, though I can traceroute from the 610. I would like all workstations on the "LAN" to have fully addressable internet addresses like the previous configuration.There is an admin interface on the 1611, but the cursory settings I've tried don't work and I'm not a routing expert. The ISP is kindly routing my network, but they don't provide much support.
View 11 Replies
View Related
Dec 26, 2012
I'm having a strange problem where I'm not able to get through a Cisco 2960-S L2 switch when connected through vpn, while LAN-WAN traffic is working fine.The situation on site is the following:When inside the network I'm able to get to the internet without a problem. The problem is within a vpn-session. When this session is succesfully started I can ping and manage the Cisco 2960-S switch, but I can't ping or manage the Dell switch from my laptop. I can however ping the Dell from the Cisco-switch. [code]
View 7 Replies
View Related
May 15, 2012
set up my QoS on two 2960
-------------------- ------- ------- ------------
PBX Asterisk |----|2960-1 |------|2960-2 |-----|Voip client2|
-------------------- ------- ------- ------------
-------------- |
[Code].....
This will be this configuration for all input interface right ? For the Output part I'm lost, what do I have to do ? And for the 2960-2 do I have to put the same configuration ?
View 5 Replies
View Related
Nov 7, 2012
we hava a couple of 2960 switches and we are logging to a syslog server. Ports keep going up and down is it normal severity (error) ?
View 2 Replies
View Related
Feb 23, 2012
We recently updated a site2site link to metro ethernet, ISP call it 100mbps LAN Extension, but to me it is just QinQ over fibre connection. Most went well, one thing (annoying to me) is we can not ping our switches on both ends anymore.
We have a 3750 in headend and another 2960 on the other end. I used to be able to ping/telnet to the management IP from one to the other. Now we can not. I think the ISP is applying some configuration on ports of their customer-premises equipments (both are Cisco switches) but agent in ISP told me no. I thought there is some configuration on Cisco switch to block "MAC discovery" but i just can not remmenber what was that and google also failed me this time.
View 3 Replies
View Related
Apr 20, 2013
I have got two links from the same ISP, primary and secondary and connected to two different switch. The ISP have passed the trunk vlan of 30, 31 and 32 on both of the links. The ISP can't provide stp. I have got another managed 2960 series switch. How can I obtain failover on switch level.
View 2 Replies
View Related
Feb 21, 2013
I have IP phones connected to 2960 i want to segregate traffic traffic comming from IP phones which has a COS value of 5 and want to allocate a band width of 200 MBPS for those traffic .
Can any one share sample QOS configuration for achiving this in 2960 ?
View 2 Replies
View Related
Mar 10, 2012
My cisco ios 2960S is crashed and the ios is gone The issue is i am connecting my pc to management port and i give switch:
IP_ADDR x.x.x.x/255.255.255.0 and also switch: DEFAULT-ROUTER
But i can not copy tftp to flash,according that i have L3 port (management) why should i use xmodem?
View 3 Replies
View Related
Mar 16, 2012
I have 2 switches connected Via MM fiber cable one of them SRW2024-K9-NA with MGBSX1 Transceiver and the Secand One 2960 with GLC-SX-MM
are there is any configration must be done or not ?
View 2 Replies
View Related
Jul 22, 2012
Have Cisco catalyst 2960 IOS ver12.2(53)se2 when power on the power LED does not come up and on this is what shown on hyper terminal. what need to be done for this switch ?
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: b4:d9:8d:27:4c:00
Xmodem file system is available.
[code]......
Interrupt within 5 seconds to abort boot process. Boot process failed. The system is unable to boot automatically. The BOOT environment variable needs to be set to a boot able image.
View 12 Replies
View Related
Jul 2, 2012
I currently have a network with (8) 2960 Cisco Switches. (6) of the 2960 switches are etherchanneled back to (2) 2960 switches in the computer room. I would like to setup QOS on the (8) switches, however the traffic is very differnt on each of the switches. I have video, ip phone, server, printer, PC traffic. I am not sure what the best method of separating this traffic into differnt QOS queues.
View 3 Replies
View Related
Jan 6, 2012
we have a cisco 2960 48 port tcl switch port and i've enable ssh on my switch and now :
1) how can i login to ssh ? how should create username for ssh ?
2) how can i disable telnet ?
3) how can i change main (master) password?
View 7 Replies
View Related
Jun 4, 2012
I have an switch 2960 and i have made an SSH connection . But the problem is that whenever i try to open with my teraterm or putty it ask for username and after that password but does take the password. It shows an error of password what should be the problem.
Commands that i entered to make SSH
config# username admin password pankaj
config# ip domain-name home.local
config# crypto key generate rsa
config# 1024
config# ip ssh version 2
View 6 Replies
View Related
Jun 4, 2012
I have an switch 2960 and i have made an SSH connection . But the problem is that whenever i try to open with my teraterm or putty it ask for username and after that password but does take the password. It shows an error of password what should be the problem.
View 1 Replies
View Related
Nov 8, 2011
I have a problem with may Cisco, it´s not start, only works the fan, the problem began when y turn down the Cisco and turn on again, but it´s not start. can something tell me what happen whit it.
View 1 Replies
View Related
Dec 19, 2012
We are going to upgrade our IOS on our WS-C2960G-48TC-L. But before we do that i want to ask whats the best IOS release to choose. Why we want to upgrade is because our switch software now don't support ssh just telnet access
Switch details:
Model: WS-C2960G-48TC-L
SW Version: 12.2(25)SEE2
Image: C2960-LANBASE-M
I was thinking about upgrading the IOS to 12.2(44)SE6 are maybe i should upgrade it to a newer release?
One more thing we have a bunch of stacked 3750 switches, that also need to be upgraded.
View 7 Replies
View Related
Jun 13, 2012
I'm having trouble setting up SSH on my new Switch.
no aaa new-model
aaa authentication login default local
ip domain-name king.local
[Code].....
I would like to be able to use Vlan 10 192.168.155.1 for SSH remote management.
View 11 Replies
View Related
Jun 11, 2013
Any example to limit the bandwidth using the MAC address on 2960 ? I want to limit the bandwidth (IN / OUT) of a server only for Internet flows.
View 2 Replies
View Related
Nov 21, 2011
I was configuring a new Catalyst 2960 switch and had forgotten to set the speed back to 9600 after downloading the new IOS software image. I finished doing all of my configurations and went in to line con 0 to change the speed back to 9600. The change was accepted and I did a 'wr' to save the change, but when I reload the switch it is back to 115200.
View 3 Replies
View Related
Apr 10, 2012
Does this will work, is supported on a 2960 running c2960-lanlitek9-mz.12.2.50.SE5?
Customer has tried to implement this & looses connectivity as soon as config applied
View 5 Replies
View Related
Feb 5, 2013
I have a statck of 4 2960s switches, with POE powered access points on 2 of them. All of the access points appear to be functioning normally. For some reason, on 3 interfaces connected to access points, I get the following when issuing show interfaces status:
Gi3/0/9 connected: T 7 a-full a-1000 10/100/1000BaseTX
^
My question is regarding the "T" in the status field. I can't find any documentation on this.
View 5 Replies
View Related
Dec 12, 2006
I have CISCO 2960 switch at my LAN. How to configure its IP address from console or hyper terminal ?
View 11 Replies
View Related
Jan 17, 2012
At a college we have Ciscos 2960 and are trying to setup VLAN tagging and also using RST or MST. The traffic on the jack should get tagged vlan 248.We were told by the college that Ciscos in the labs will not work with the Alcatel switch that provides access to the lab. That Alcatel is in Bridge 1x1 mode. The college will not change the configuration on the Alcatel.We got the Ciscos to do VLAN tagging and can get network access. However the spanning- tree is not read properly. Cisco does not properly read the Alcatel's RSTP (since the Alcatel is doing tagging on the BPDUs). It places the root of the spanning tree under vlan1 instead of vlan248.
The college strongly recommends HP Procurves and we are using that as test.The following is the configuration on the HP and it works with no effort (it reads the spanning-tree information as MST)We will end up getting HPs instead, if the Cisco cannot work with the Alcatels.
View 3 Replies
View Related
Feb 20, 2013
i am trying to monitor some UPS equipment,for that i am using a cisco 2960 switch and when the UPS is down it sends a L1 loop.when the switch detects the loop the int in which the UPS is conected to will get a link and go up.now my problem is this, as you probeblly know the switch has a protocol which protects it from getting loops and cuasing all kinds of problems.i need to remove this protocol and allow the switch to get L1 loops?
P.si have tryed to use UDLD, KEEPALIVE, BPDU guard, down-when-looped and errdisable commands with no success?
View 2 Replies
View Related
Jan 14, 2013
I am trying to configure a new 2960 POE switch, but seem to me the int fa0 is layer 3 interface. Is any way we can convert it to a switchport, so we can connect it to other switch in trunk mode?
View 1 Replies
View Related