Cisco Switching/Routing :: 3560 - Unidirectional Link
May 10, 2012
We have a switch that continues to get unidirectional links. The fiber run is very long and is working off of legacy infrastructure. We have one uplink that can sustain 100MBPS trunk link. However, the moment we plug in the second redundant uplink the port will error disable for unidirectional link. We have tested all of the patch cables involved on the run, replaced the catalyst 3560 v2 switch, and even had a contractor come and out verify the fiber was good between the buildings. No matter what the link will come back as unidirectional. Or any troubleshooting steps we could try next? We have UDLD port aggressive enabled on both the switch interface and the interface on our distro router.
View 2 Replies
ADVERTISEMENT
Jul 30, 2012
We are having two sites seperated by half a mile and we are using dedicated 100 Meg link at the moment for intranet traffic, and now we got new 1 gig link and I am working to set it up, Service Provider came on site installed two circuits on both sites and fiber connectivity is tested succesfully betweeen sites, now I need to connect the circuits to our network and make the 1 gig link active to make traffic flow between sites and as well bring 100 meg as standby.
So to brief the issue:
Connectivity at the moment SiteA: Switch1(3560)------100Meg--------.SiteB: Switch 2(3560)
I Want to configure SiteA: Switch 3(4507)------1gig (Active)--------.SiteB: Switch 4(3560) SiteA: Switch1(3560)------100Meg(Standby)--------.SiteB: Switch 2(3560)
simple as connecting a fiber or ethernet link from external circuit on both sites to respective switches on their interfaces and configuring hsrp to enable redundancy. A
View 7 Replies
View Related
Apr 9, 2012
I am setting up a link between buildings that uses wireless links. I'm using Layer 3 routed ports on 2 3560 switches to handle the routing between sites. Normally I would just put these in a /30 and then the switches handle the rest. However, the wireless access points have a web interface for managing them that I want to be able to access, but it's only available on the single NIC that also carries traffic. What would be the best way of making this work? Should I make the link a /29 and give the access points an IP in the same range? If this is the case what do I use for the default gateway for the access points?
I have included a diagram to try to explain the issue clearer. The IP addresses in black are what I would do if this were a standard cable (and indeed this will work, but I wont be able to access the admin interface of the wireless AP) and the red ip addresses are the alternative if I use a /29 (but as I said, I'm not sure what to use for the default gateways).
View 1 Replies
View Related
Jan 2, 2012
I need to implement the shaping VLAN only on the trunk link between the 6500 and 3560. [code]
View 8 Replies
View Related
Apr 19, 2012
Cisco 3560 does not support "set ip next-hop verify-availabilty". I need this command in my config. "set ip next-hop" do not do the same job.
View 8 Replies
View Related
Dec 8, 2011
The last few days I've been exploring options in getting rid of some old routers accross a wan connections. I have a cat 3560 to play with and I thought I would try and use the no switchport command test out routing with switch. I've got some type of route issue and I tried a few things which I thought would fix the issue but had no effect. I'll post the config and a few commands so you can see what the basic setup is.
Here we can see in the arp that it knows about both 10.7.1.2 (PC unable to ping 10.3.3.254) as well as 10.3.3.254 (ASA).I tried adding in a ip route of 10.7.0.0 255.255.0.0 10.3.3.110 as well as 10.3.3.254. Neither produced the results I wanted allowing 10.7.1.2 (PC) to ping the ASA (10.3.3.254). [code]
View 4 Replies
View Related
May 8, 2012
I have an environment of 3 X 3560G of which I have 1st switch-CORE(f0/10) connecting to the VPN router(CE) interface-f0/0. Remaining 2 Cisco 3560's(Access) are connected to Gi0/1 and Gi0/2 on the 1st switch-CORE via gi0/1 . On all three switches I have created multiple VLANs and assigned ports to these VLAN. The switch to switch connection is trunk allowing all VLANs created on all these 3 switches. Now the issue is how I am going to have all these VLANs routed through single interface on the routeri-e f0/0, as all these subnets will communicating to remote site over VPN. What should be default gateway on the 2 Access switches and the CORE switch, also what static route should be on router to reach all subnets(VLANs) created on these 3 switches.
I have read inter-VLAN routing i-e creating sub interfaces on router but dont want to proceed with that and looking for any other way to have my VLANs talk on all three switches and then are accessible to remote site ove VPN?
View 9 Replies
View Related
Apr 17, 2012
I have tried to make policy based routing on Cisco 3560. I use ipservices ios (SW version 12.2.(50)SE3 and SW-IMAGE C3560-IPSERVICESK9-M) For below configuration there is no problem and pbr is working.
“Access-list 100 permit ip host 1.1.1.1 host 2.2.2.2
Access-list 101 permit ip host 1.1.1.1 host 3.3.3.3
Route-map pbr1 permit 10
Match ip address 100
Set ip next-hop verify-availability 1.1.1.2 1 track 11
interface fasthethernet 0/1
ip policy route-map pbr1”
But when i add another sequence to the "pbr1" with another sequence number like that.
“Route-map pbr1 permit 11
Match ip address 101
Set ip next-hop verify-availability 1.1.1.3 1 track 12”
pbr is not working. Switch gives message "PLATFORM_PBR-3-UNSUPPORTTED_RMP:Route-map pbr1 not supported for Policy Based Routing”"ip policy route-map pbr1" command not shown in the running config. And "show ip policy" output is blank.Configuration guide says you have insert many sequence to the route-map with the same name. And also this command is not in the unsupported command list.
View 16 Replies
View Related
Jun 4, 2013
I am trying to get my workstation to talk to a workstation on a different sub-net through a Cisco 3560 switch. The switch is running the following IOS version: [code]
My primary network is 172.16.0.0 and I am trying to connect to a device on a 192.168.111.0 sub-net. [code]
What would be the best way to get the two workstations talking via the switch?
View 3 Replies
View Related
Dec 11, 2012
I implemented access list on cisco 3560 switch but it never works. I want to block access from network B to Network A and allow from Ato B
Network A. 10.0.12.0/24
Network B 10.0.24.0/24
The configuration is
interface Vlan1
description Data VLAN
[Code].....
View 14 Replies
View Related
Apr 28, 2012
We recently purchased Cisco 3560X Layer3 Switch. We need to perform simple Inter VLAN routing. We have configured VLAN1 (name-server_vlan) and VLAN2 (name- user_vlan). We have also assigned the Ports and IP address to both the VLANs. After assiging this if we plug Laptop A into VLAN1 then it doesnt communicates with Laptop B (btw, Laptop A is able to Ping VLAN2 Gateway ) in VLAN2 but on the other hand Laptop B is able to communicate with Laptop A and ping everything i.e. Gateway of VLAN1.
View 17 Replies
View Related
Aug 22, 2012
I have a Ciso L3 switch with 4 VLANs and all host computer connected to rest of 8 cisco 2960 switch's:
VLAN 1 : 192.168.1.0/24
VLAN 10: 192.168.10.0/24
VLAN 20: 192.168.20.0/24
VLAN 50: 192.168.30.0/24
There are list of my some Questions about Extended ACL serialwise :
1. For Restrict traffic from VLAN 10 to VLAN 20, I am using only one ACL is : Access-list 100 deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255.\ What will happen in this scenerio if we talk about traffic from VLAN 20 to VLAN 10. Will it communicate or not ???
2. How to Block the traffic from VLAN 10 to VLAN 20 but allow the traffic from VLAN 20 to VLAN 10 ?
View 16 Replies
View Related
Feb 25, 2013
We have two catalyst 3560 switches running c3560-ipbasek9-mz.122-58.SE2.bin They are connected using etherchannel using gi 0/21 - 24 interfaces.
on 3560-1 switch, there isn't any ip-default gateway or ip route configured. It only have 1 interface vlan configured.
on 3560-2 switch, there is ip default gateway configured along with 1 interface vlan.
What i dont understand here is that, i can reach out to other subnets from 3560-1 switch in which the routing is not enabled?
View 4 Replies
View Related
Oct 21, 2012
I have a 2504 WLC connected to a Catalyst 3560 which has multiple vlans and is connected to a 2800 series router. I know the catalyst is L3 but I am needing nat functions to get outside to the internet. From my 2800 series router I am able to ping out to the internet, also I am able to ping the vlan interfaces on the catalyst switch. Problem is from the catalyst switch I can ping the inside and outside address of the 2800 but I cannot get any further then that. I cannot ping the 2800 router gateway. Not sure what I am doing wrong as far as routing.
I've attached my 2800 and 3560 configs.
View 3 Replies
View Related
Mar 21, 2011
This issue is a bit confounding for me, but hopefully simple for one of you. I have two sites, one in Alaska and one in California, connected via 10mb QinQ service from an ISP in Alaska. The ISP is utilizing Verizon from Seattle south who is delivering the circuit on a DS3 here in California. The ISP gear on site here is a Tasman. The Tasman is directly connected to a Cisco 3845 G0/1 with a routing sub interface. In Alaska, the ISP is directly connected to a 6513 which in turn is connected to a 7206 with a routing sub interface. I cannot seem to get the 7206 and 3845 to come up as neighbors.
The 7206 receives the 3845's Hello and the 7206 shows the 3845 as a neighbor until the hold time expires. It does not see updates from the 3845 since the 3845 never sees a Hello from the 7206 and comes up as a neighbor to send an update. The 3845 does see EIGRP updates from the 7206, but no Hello. Pinging 224.0.0.10 from the 7206 does not get a response from the 3845, but it does get a response from many other sites/neighbors, including another site here in California with a nearly identical setup (same provider and gear). I am ableto ping between the devices' routing interfaces. Being QinQ, I don't believe the ISP could possibly be the issue (the circuit is clean and stable) as they don't filter any of our packets. There are no ACLs applied to these interfaces. The 3845 does have other EIGRP neighbors from sites over a TLAN around here in SoCal.
Why the Hellos may not be reaching the 3845? I have verified they're being sent from the 7206.
View 6 Replies
View Related
Oct 7, 2012
I am trying to upgrade the IOS in 3560 but I am facing one issue. Its flash is 15MB & available space is 8MB whereas the IOS is of 11MB. How can I upgrade the IOS without upgrading the flash?
View 4 Replies
View Related
Mar 10, 2013
We bought a 3560 PoE switch to replace tons of PoE-injectors but when connecting the devices our logs were flooded with
Mar 11 15:09:20.725: %ILPOWER-7-DETECT: Interface Fa0/7: Power Device detected: IEEE PD
Mar 11 15:09:20.725: %ILPOWER-5-INVALID_IEEE_CLASS: Interface Fa0/7: has detected invalid IEEE class: 7 device. Power denied
Mar 11 15:09:20.968: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
Mar 11 15:09:20.985: %ILPOWER-7-DETECT: Interface Fa0/7: Power Device detected: IEEE PD
Mar 11 15:09:20.985: %ILPOWER-5-INVALID_IEEE_CLASS: Interface Fa0/7: has detected invalid IEEE class: 7 device. Power denied
While the message seems quite clear im wondering if there's any workaround on the problem?
View 13 Replies
View Related
Jun 6, 2013
I have a Cisco SW ( 3560 ) with one Trunk link to my router ( 7606 ), Trunk link is fully utilized so i need to add 2nd Trunk.Shall all move some customers from old trunk to 2nd one and create a new subterface for them ?I am think if i can create bundle and add subinterfaces under this bundle ?Add two GE ports to be memeber of this bundle ?
View 5 Replies
View Related
Oct 28, 2012
We have a IP-phone system connected to port 1 on a 3560 switch, the phone system tags traffic with dscp. The switch uplink is on port 24.
Is this configuration correct:
interface 1:
auto qos trust
interface 24:
priority-queue out
View 3 Replies
View Related
Nov 21, 2012
I have a 3560, which is being used as our core router that I have recently installed. It still has the standard IOS which came with (C3560E-UNIVERSALK9-M) it but I need to implement policy based routing so need to upgrade it and have downloaded c3560-ipservicesk9-mz.122-58.SE2.bin and indeally would like to install it in the morning before people start work.
I have 2 questions, 1, Is the ipservices capable of PBR as I have been reading conflicting reports, in fact my friend who works for Cisco has advised that it is not possible on the 3560.
2, When I do upgrade will there be any current configurations that are not compatible with the new one, I wouldnt image that there would be any but just wanted to make sure as it would be the biggest headache ever if it went wrong.
View 7 Replies
View Related
Nov 23, 2011
I configured following command to implement QoS on Cisco 3560.
class-map match-any IND
match access-group name Lync
policy-map LyncAV
class IND
set ip precedence 4
[code]....
how to apply this QoS on interface?
View 3 Replies
View Related
Jul 29, 2012
I have a 3560 POE that will no longer boot and I am not able to load a fresh copy of software onto it. It appears that it has lost all data. When I attempt to TFTP a new IOS, I receive that following error:
Transfer cancelled by remote system
I have tried using dir flash: to see what is contained in the flash directory but I receive the below message:
unable to stat flash/: no such device
I am stuck in rommon mode so when I do switch: dir command, I don't even see flash as being a filesystem. The below list are the only systems registered.
bsdcs[0]: (read-only)
bstage[1]: (read-only)
fstage[2]: (read-write)
xmodem[3]: (read-only)
null[4]: (read-write)
tftp[5]: (read-only)
Is this switch finished or is there something else I could try?
View 8 Replies
View Related
Jun 5, 2012
I have issue with 3560 switch QoS configuration . I checked in cisco site about mentioned model QoS configuration.once we mark the frame and map the CoS to DSCP and once it enters into switch and it processes according to LAN QoS configured on interface
we have configured both the commands shape and share.
once it leaves the switch and enters into Edge router and if we do not have configured QoS in router which is normally MQC , how does it process each packet ?Do we need to have end to end QoS configured in LAN ?
View 5 Replies
View Related
Mar 17, 2013
I found that when I enabled layer 2 auto QoS in 3560 switch, I need to wait so much time to open a file in network drive. Howerver, when I disable the Qos. It can improve a lot. I have used a sniffer to capture the packet to see. Those default packet is in DSCP 0. Therefore, I think majority packet will drop to queue 4. How can I increase the buffer and threshold in order to improve queue 4 performance.
View 1 Replies
View Related
May 12, 2013
We have two L3 3560's. One 3560 has an upstream MPLS router. The other 3560 has an upstream backup VPN router. Both of these 3560's are L3 switches with IP routing enabled. I created a PBR on both so that specific traffic routes through the MPLS router, while other traffic routes over the backup VPN router. I'm trying to apply the PBR to the SVI's, on each switch. However, when I do a "sh run", the PBR does not appear under either SVI. I've enabled the SDM Routing template, made sure that ip routing was enabled, and even verified that the IOS has the capability. Not sure what else to check for.
View 8 Replies
View Related
Sep 21, 2012
I've a question about QoS classification on Cat3560 From
"When QoS is enabled with the mls qos global configuration command and all other QoS settings are at their defaults, traffic is classified as best effort (the DSCP and QoS value is set to 0) without any policing. No policy maps are configured. The default port trust state on all ports is untrusted."
Now, when mls qos cos override is configured on a port, how is the switch behavior ? From documentation "All the incoming QoS values are assigned the default QoS value configured with this command". However I believe the port state is "untrusted".....so which DSCP values are assigned to them ? Is used a Qos-to-dscp map to derive the QoS label from the (overridden) QoS value also in this scenario ?
View 2 Replies
View Related
Jul 1, 2012
Consider the following case:
PC1-----Acess link--f1/1--SW1-- Acess link---------F 0/1-R1-acess link-------Sw2-----trunk--------SW3-f1/4--------PC2
All switches are multilayer switches ( 3560) Pc1 and PC2 are running Cisco Soft phones. If we configure SW3 with: int f1/4
mls qos trust dscp.
1)Does the above command require SW3's f1/4 be configured as layer 3 port not layer 2? ( My reasoning is since Sw3 has to get to Ip header to process DSCP values, therefore Sw3'f1/4 should be configured for layer 3 operation.)
2) What if sw3 were not 3560 but layer 2 switch such as old 2900 series. can layer 2 switch be configured with: mls qos trust dscp.? Will layer 2 switch be able to interpret dscp values and perform QOS ? ( My understanding is layer 2 switch should not be able to read dscp values ). I will be posting few more questions on the above scenario.
View 7 Replies
View Related
Oct 24, 2011
I upgraded our 3560-48-ps switch from c3560-advipservicesk9-mz.122-35.SE5.bin to c3560-ipservicesk9.mz.122-55.SE4bin and is having issues now.
Since I upgraded to the new IOS our older machines on the network can no longer connect to the domain and is not getting an IP address sh ip dhcp binding and sh ip dhcp conflict does not show any output, however all newer machines on the network received dhcp addresses without any problems and can connect to the network and internet.
For testing purposes I put the old IOS back on the switch and the older machines could connect again and received dhcp addresses.No other changes were made to the config.
I did a comparison on Cisco's website and both IOS's support DHCP. Not sure why the new IOS would not give any output when I ran the commands.older machines : Apollos and NCS (They all have XP service pack 2 with Intel 2.8 processors.)
View 1 Replies
View Related
Mar 4, 2012
I have a need to use a 3560 switch to terminate a provider's internet connection, but want to secure it so that it and the vlans connected to it are not wide open. At the same time, I'd like to use stateful packet inspection.
I have IOS 12.2(44)SE2, but IPBASE running on my 3560s. Is there an IOS (perhaps the ADVIPSERVICES of that version?) that allows a 3560 to use the 'ip inspect' command?
View 2 Replies
View Related
Feb 7, 2012
Does the Catalyst 3560 support GRE ?
I know that Catalyst 3750X support GRE ,but Catalyst 3750X cannot work in hardware it.
Does the Catalyst 3560 cannot work in hardware too?
View 4 Replies
View Related
Dec 5, 2011
Is there any way to check if this VLAN is used by somedevice?
Cisco3560#sh ip int b
Vlan55 unassigned YES NVRAM administratively down down
Cisco3560#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
55 Print active Fa0/5, Fa0/6, Fa0/7, Fa0/8
View 18 Replies
View Related
Feb 26, 2012
how to take the event log of Cisco switch 3560, its argent.
View 1 Replies
View Related
Nov 22, 2011
I have a 3560-48 switch running Cisco IOS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(44)SE3 and i need to implement basic QOS commands to the fast Ethernet interfaces as well as the gig interfaces and Also I need to create port channels on the switch and need what the port channel syntax are as well for that particular IOS version?
I have only read only access and i can't see what the QOS and Port channels syntax should be for that IOS version.
View 3 Replies
View Related
