Cisco Switching/Routing :: 3560 / ISR 2911 - NAT Of Network That Is Not Directly Connected
Dec 1, 2011
I have a CAT 3560 connected to a ISR 2911 The 3560 has 2 subnets ( 192.168.1.0 /24 and 10.10.10.0 /24) The 2911 has interface GigabitEthernet0/1 on the 192.168.1.0 /24 and another GigabitEthernet0/0 on a WAN connection 172.16.7.246 I need to NAT both the 192.168.1.0 /24 and the 10.10.10.0 /24 to the single address 172.16.7.246 I have to use route-maps . I have IPSec VPN's and ZBF on the 2911 My problem is the NAT does not work for the 10.10.10.0 /24 network!Why?is my only option to use trunking between the 3560 and 2911 and subinterfaces on the 2911? I want to avoid sub-interfacing.
=============================================================
On the Cat 3560=====================!vlan 40name the 192.168.1.0 /24 subnet!vlan 60name the 10.10.10.0 /24 subnet!interface FastEthernet0/7description Connection to Router Gig0/1switchport access vlan 40!interface FastEthernet0/16description Connection pc host on the 10.10.10.0 /24 subnetswitchport access vlan 60!interface Vlan1no ip address!interface Vlan40ip address 192.168.1.4 255.255.255.0!interface Vlan60ip address 10.10.10.10 255.255.255.0!ip classlessip route 0.0.0.0 0.0.0.0 192.168.1.1
=========================
The host on the 10.10.10.0 /24 network has the 10.10.10.10 address as it's default gateway The host can not access the WAN thru NAT....
View 3 Replies
ADVERTISEMENT
Aug 15, 2012
we have the following setup for our network :
UserNetwork - ASA5550 - WAN Router 2911 - ISP Netowrk - Branch Routers 877s / 1941s
Since last week we started noticing this problem that the branch users started to complain of slow application response.. After verifying it with the ISP and middle network we noticed that if i ping from my machine (ie usernetwork) to the WAN Router interface (facing the ASA) , i get time outs.. which is strange cause this is directly connected to it via ethernet cable.
View 5 Replies
View Related
Jan 9, 2012
My Data Center has one single core switch where is connected several servers, one port is the link to the router wan and other port is the link to the FW, my boss wants to install 2 nexus in order to replace the single switch. All my network has only one address, for example 192.168.10.0/24 if I connect two nexus 7010 in VPC and Domain, each nexus is going to has 2 modules with 48 port 10/100/1000 rj45 and i wan to connect servers directly to each nexus, with this figure i'm going to have a group of servers connected in two different nexus, Do they can have the same network 192.168.10.0/24 considering that the nexus are in the same vdc and vlan and have only one gateway for both groups? If the answer is positive, which nexus would be the gate way for that address, the primary or secondary? Or i must have a different address for both group of servers, i mean for example 192.168.10.0/24 and 192.168.12.0/24?thus each nexus would be the gateway for that new address?
To have two nexus connected by VPC in a Domain mean that one computer connected to one nexus can share the same address or vlan with other computer connected to the other nexus????
View 2 Replies
View Related
Sep 9, 2012
We have a 3750X VTP Server and the rest of the switches are clients.
Due to cabling issues, we have a switch (Switch F) that we can't connect directly to the 3750X so we have it connected through another switch. Everything is set to VTP client with the correct domain and password but this not-directly-connected switch isn't receiving any VTP VLANs.
Anything I need to do on Switch D so that Switch F can receive the VTP updates?
View 3 Replies
View Related
Jun 27, 2010
A specific switch port which happens to be part of a 2 switch 3750 Switch Stack is seeing multiple CDP packets from 3 extra switch port interfaces that are not directly connected. Noteworthy is that the far end devices have the correct CDP entries and I physically confirmed at least two of those connections that lead to the switch "upstream to the culprit switch". Tricky part is that its production so room for maneuvering is limited. At some point I disabled all Ports save for the real uplink and the problem momentarily disappeared. Re-enable the interfaces problem resurfaces. Is there an explanation, technique to eliminate the culprit with minimal disruption?
View 4 Replies
View Related
Jul 18, 2012
I have a Cisco 7206VXR running 12.4(24)T3 IOS. It is configured with WCCPv2 using L2 mask redirection. I am using service groups and associated extended ACLs to select which subnets I want to redirect port 80 traffic from.
It is working fine for the subnet 192.168.1.0/24....
int gi0/2
ip wccp 10 redirect in
ip address 192.168.1.99 255.255.255.0
... however, there is OSPF running between the router and a Mikrotik device directly connected to this interface. The gateway addresses for all the client subnets are on the Mikrotik. Traffic from other subnets, e.g. 192.168.2.0/24, 192.168.3.0/24 come in on this interface and I want to redirect those too. But it appears that the redirection doesn't work for those subnets (I don't see any hits on the relevant ACL for any subnet except 192.168.1.0/24).
It seems like the router only wants to redirect traffic for subnets that it has an IP address in itself. Admittedly, all of the example configs i've found on cisco.com are for redirecting traffic from directly connected subnets but I can't find anything that denies thie possibility of redirecting any traffic that comes in on a given interface.
The question is, is this how WCCPv2 redirection works? i.e., the router must have an IP address in the subnet to be redirected?
View 1 Replies
View Related
Oct 24, 2011
I have an Cisco 6500 CS and there is a Cisco Unified Communication Manger Server connected directly to the Core Switch.I tried to change duplex and speed ( fix and auto ) for both sides, but the same problem.
View 9 Replies
View Related
Oct 14, 2012
show cdp neighbors command shows two devices connected through the same local port?I have a Cisco 3560 that when I issue the "show cdp neighbors" command I get the following results: [code]
the question is why is this showing that Gig0/3 is being used twice to connect to two different devices. I have verified there is no hub connected to this port and in fact Switch3 is not connected to Switch1 at all yet it still shows up in the CDP table.
I have cleared the CDP table on every device at this location and still get the same results.
View 4 Replies
View Related
Dec 30, 2012
I am trying to connect my Cisco 2911 router to my community in CNA. I can see the routers on the topology map, but when I try to add to community I get an error message stating that the router is unreachable (Unable to connect). I can ping device from ame client. I can view Device Properties for map (Device type: CISCO2911/K9). Telenet attempt to connect but we only use SSH for connectivity (the same as all of my switches that are connected to community). 2911 is listed as a supported router on Cisco site.
View 3 Replies
View Related
Jun 4, 2013
I am trying to get my workstation to talk to a workstation on a different sub-net through a Cisco 3560 switch. The switch is running the following IOS version: [code]
My primary network is 172.16.0.0 and I am trying to connect to a device on a 192.168.111.0 sub-net. [code]
What would be the best way to get the two workstations talking via the switch?
View 3 Replies
View Related
Dec 11, 2012
We have CISCO2811 model with VWIC2-2MFT-T1/E1 module working good over the E1 line. Since it's getting hard to find new model of CISCO2811 we decided to connect new branches with CISCO2911/K9 model (according to migration doc)
My question is can we use 2811's old config file with the 2911 model directly?
View 1 Replies
View Related
Sep 11, 2012
creating an Access List on my Intervlan network.how I create my network.I've managed to get the Inter-vlan working and my problem now is to restrict some vlan from accessing one another.
- I've enabled IP Routing on 3560 switch.
- All vlans can PING each other.
- All vlans can access the internet (172.16.1.2)
View 8 Replies
View Related
Nov 21, 2012
Looking for input/thoughts on the upgrade of our 3560's and 3750's while on production network.
While we could remotely send the IOS over the network to the device, I'm concerned about errors and the lack of physical control of the device. So, the thought is to just go to the comm closet, plug in with laptop to the console port, and upgrade the IOS over the console port. But this would require xmodem, correct? I know the fastest way would be to a. configure an empty fa0/0 port to no switchport, add an IP address, and use tftp. BUT, we would have to isolate the switch from the production network while connected to it with our laptop. Otherwise, our laptop would be seen on the network as an unknown device, and there would be repercussions...
So, we console into the device, and u/l the IOS that way. Is there a way to increase the baud rate on the switch to 115200, change putty to 115200, then do the x modem? I just say we should shut all the ports to isolate the switch from the network, then tftp the IOS to the switch. Unplug, reopen the ports, then reboot the switch.
View 11 Replies
View Related
Jun 2, 2013
How many secondary network config possible???
Switch - Cat3560
IOS Ver 12.2(50)se5
View 6 Replies
View Related
Feb 6, 2013
I have 5 linux and 3 Microsoft 2008 Servers, each connected to 2 Cisco 3560 Switches. The 2 Cisco 3560 switches are connected to 2 different Cisco 515e Pix. Is it possible that if i enable Port SPAN in any of the switchport and send a copy of traffic to any of the windows 2008 server, will i be able to monitor the bandwidth of the servers (Here I am only looking for traffic going from servers to PIX and then to internet, also vice versa).
Also will wireshark be able to differentiate specify the bandwidth of each servers seperately ?
View 3 Replies
View Related
Jan 21, 2013
i have 300 user in network in 2 building and firist buiding 5 flors.i use subnet /22.i have core switch 3500xl fiber and 8 swith 3560 and my network have 2 router one for adsl and other for mpls so i want upgrade it to make voip network and wireless
so if i need replace switch what i model and how many?
View 5 Replies
View Related
Jan 31, 2012
Our network feels slow and trying to find the best way to investigate this properly. We have Cisco chassis 4500 with mix of 3560/2950 Edge switches 1GB backbones and WLC/WCS in place. The network is broken into multiple V LANS and IOS on our switches haven't been updated in 3-4 years.
On a wireless laptop (G) with get throughput of 1-2MB/s transfer speed with usually 10 clients per AP and LAN we get anywhere between 7-15 MB/s transfer. Using wire shark on a wireless laptop we see a lot broadcast traffic from other clients and the same for LAN. What is the best way to troubleshoot performance issues on the network and where do I start?
View 1 Replies
View Related
Jun 12, 2012
I want to copy a file from one ASR1001 and copy it to another. I ntried using tftp 32 but this is not going to work as the image is 315 MB.
how to copy an image from one router directly to another router's flash, if possible?
View 5 Replies
View Related
Feb 29, 2012
Why isn't it possible to make following configuration:
View 9 Replies
View Related
Mar 27, 2012
Can an ip address be NAT'ed to an ip address on a PIX 515 which isn't an ip address of a network directly connected to an interface on the PIX?
Specifically, can a host with an ip address of 150.140.102.3/26 which is connected to a network whose PIX firewall interface is 150.140.102.1/26 be NAT'ed to an ip address of 150.90.70.1/24 which is not a ip address of an interface that is directly connected to that same PIX 515?
I've attached a PDF depicting the network topology and describing the above.My first response to this question is that it can't be configured to do this, but need either a confirmation or correction to this.
View 2 Replies
View Related
Jan 14, 2013
i'm using WLC AIRCT5508-K9 software version 7.3.101.0, ISE, cisco prime infrastructure 1.2 (1.2.1.012), and using Odyssey access client manager all running well but here the problem, when a user connected to our SSID, the status of connection information especially on access point.. there appear that "Access point : WLC2-ISC-JKT-GCC".that is the WLC not the access point, is there any miss configuration from me..
View 5 Replies
View Related
Mar 28, 2013
I'm trying to configure a 2800 series router. .I'm consoled in and put a basic config on the router (see attached). After putting this basic config on, I plugged it into a small unmanaged switch, changed my laptop's IP and plugged it in the switch also. I can't ping the router from the laptop and vice versa. This is the second switch I've tried this with, so it must be.The first switch, I installed at location, connected a cisco cable to it and a local server, so i could remote in and finish configuration. In that scenario, I had plugged the switch into a managed switch and had the same result as I'm getting now--can't ping IP addresses (can't ping the switch's IP, not can it ping local IPs).
View 2 Replies
View Related
Nov 3, 2012
We had a problem where a 4500 would not ping directly connected devices dispite being able to telnet to them and also view them in CDP. It was mostly forwarding packets between devices but some hosts could not connect to others.
View 1 Replies
View Related
Jan 16, 2012
if you have two no of win 7 computer , and you run ping command at the same time at both PCs but the successfull at only one PC , second computer shows unsuccess full ping
View 2 Replies
View Related
Apr 19, 2012
I have a 3560G connected to an ASA FW, both running layer 3 and hosting 6 or so VLANs. The switch is the default gateway for all VLANs (client request) and therefore see's all networks as connected. I used route maps to push the traffic from the switch to the FW so that it got firewalled before being delivered, but I cannot use one of the commands for failover should the FW fail (I wanted to route locally should the FW fail). If I placed all VLANs in their own vrf, NETA would not longer see NETB as a connected network and would follow the route to the FW's NETA interface. I could then inject the connected into each vrf but adjust theirf metric so that they are less preferable than the route to the FW. Should the FW route die, the next route would become active and traffic would route internally to the switch.
View 5 Replies
View Related
Nov 2, 2011
I want to know is it possible to check Internet speed directly in the cisco router thru any command or activating any service in the cisco router?.As it is seen most of the times internet speed offer by ISP is different as compared to clients.and Clients most oftenly not satisfied with internet speed The problem is that our ISP has given us 100MB leaased line.But when we deployed in production network the speed is same as DSL.We have reported this issue to ISP they then carried out Iperf test by connecting laptop directly with the ISP router.They have tested the speed and it shows about 94-96 Mbps and argu that it is up to the mark and there is problem at your side(i.e our internal network).Now our internal network has cisco 1841 router connected directly to ISP 3825 cisco router.Our router has minimum configuration as required to pass traffic out and in.Our internal 1841 router is connected to switch to which different clients are connected.We have performed some online tests using different speed checking websites and also perform real time tests by uploading and downloading files.The speed is much low as compared to 100Mbps and it is nearly or slightly higher then as DSL connection. how can we check internet speed in the specified scenario?Is there any command or service available in cisco router to check internet speed as we want to check ISP connection speed directly thru 1841 router?what about authenticity of online speed checking websites?Any specialize software/tool you recommend to check Internet speed in specified scenario?
View 11 Replies
View Related
Apr 11, 2013
I am trying to test (if possible) the idea of having 2 6509-E switches connected directly to each other while using VRF-lite (Sup 2T). The idea is to have 3-4 separate networks. For example Net-A, Net-B,Net-C, Net-D. There is no PE router*, just these two switches. Also, there sin't any other access layer switches. All users connect directly to the 6509-E's via switch 48 port switch blades.
Net-A and Net-B on separate VRF's, but able to talk to each other. Net-C and Net-D* on separate VRF's without being able to talk to any other. Net-D* will have a PE since it comes from an external network. This is something I would like to test in a lab environment, but I am not familiar with VRF's.
View 1 Replies
View Related
Jan 15, 2012
I usually connect my PS3 to a switch which then goes to the BuT Home Hub and it works fine. However, I want to connect the PS3 directly to my Hub but when I plug it in to the Hub, it doesn't connect to the internet at all. Is there something I have to configure in order to get it to work?It is a PS3 160 GB Slim with Firmware 4.0.
View 2 Replies
View Related
Nov 11, 2012
I've been trying to find a response or a fix to this issue for a few weeks now.My DIR-655 RevB router is currently at firmware 2.07NA, and has speeds of around 30Mbps down and 10Mbps up when connected directly through wired connections.However over wifi, I am only getting around about 5 Mbps down and 2 Mbps up. I've tried the 'usual' fixes suggested on here, change broadcast signal to manual, not auto, shutting of QoS shaping, all of that. However nothing seems to be improving the speed.
View 8 Replies
View Related
Jul 17, 2012
access points are directly connected to 2016 wlc.Event log from the wlc
AP event log download completed.
======================= AP Event log Contents =====================
*Mar 1 00:00:30.157: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:00:30.161: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:00:30.190: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:00:30.191: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
[code]....
but still access points are not functional ?
View 17 Replies
View Related
Oct 27, 2011
I have a setup where there are two networks. A 172.16.0.0/16 and a 10.1.0.0/16 that are separated by the dlink router. I am able to ping from the 172 network to the 10 network using a laptop that is directly connected to the router and that laptop can also browse the web fine. However, I cannot ping to that router or access that subnet at all from the 10 network (if I try to access its LAN (the 172 network)). The 172 network is on its LAN and the 10 network is its WAN. I can access its WAN fine. Also, there the router is not recognizing the laptop as a "directly connected deivce" but its not preventing the laptop from using the router. I have tried to make the router as least secure as possible but still nothing.
I thought about making Static Route to point towards the router's LAN but the only option it gives me is the WAN for the exit interface.
View 1 Replies
View Related
Jun 9, 2011
I have been using my DIR-655 for about 2 weeks now with Road Runner wideband services. Starting yesterday my internet became very slow and I discovered the cause was the router. I tried resetting it to factory settings and things will be fine and run smoothly for about 5-15 minutes but after that it goes back to being extremely slow. My speed tests would go from 10ms (normal) to 250-450ms. Before this issue occurred the Dlink was perfect, had full speeds. I am running a wire Ethernet connection.
I am currently using revB and tried upgrading firmware to 2.01NA which had no effect, but make my internet seemingly go back to normal for the first few minutes then nosedive again. I have also changed my speed/duplex settings in Network Config to 1gbs Full Duplex. I've also disabled QoS, and still no change. Not sure what else to do. When directly connected to the modem everything seems fine. The modem is also the provided Motorola SBG6580 which I have called Time Warner to set the modem into bridge mode and have the DIR-655 connected to it.
View 12 Replies
View Related
Feb 7, 2013
I wounder if there is any way to ping the local deviceses connected to a network hosted by a Cisco 1921 router? I wan't to be able to ping the device(computer name) but currently cant do that.
View 1 Replies
View Related
