Cisco Switching/Routing :: 3560 - Dhcp - Excluded Address Range
Apr 29, 2012
we have a 3560 switch configured with EIGRP with dhcp. We have a user that we cannot ping, however the interface show up / up and no errors on interface. the ip address is 10.2.0.199 - however we have dhcp configured to exclude the range from dhcp ip dhcp excluded-address 10.22.0.1 10.22.0.200 how can this work station get a dhcp address if we have that ip range excluded from the dhcp pool?
The user is off a different switch that is a uplink to this distribution switch. Traceroutes shows that the problem is with the distribution switch.
View 4 Replies
ADVERTISEMENT
Nov 8, 2012
I have a Cisco Catalyst 4506-E Swtich,I configure it as a DHCP and gw for the Wireless Cisco AP through the WLC 5508,the DHCP pool reached the maximum limit I run the Show ip dhcp pool (pool name) it's show the below result
GIR906.PCIRQ.DC.CR.1#show ip dhcp pool 406
Pool 406 :
Utilization mark (high/low) : 100 / 0
Subnet size (first/next) : 0 / 0
Total addresses : 126
Leased addresses : 76
[Code]....
View 4 Replies
View Related
Feb 22, 2012
I have encountered some weird issue on our Cat3750 running as DHCP Server.I have excluded 5 IP addresses only on the running configuration. [code]
View 1 Replies
View Related
Jan 5, 2012
My actual Scenario
1 x 4500 and 1 x 3560?They are gateways of 8 Vlans?They are doing HSRP in each of those Vlans?The 4500 is the Active?There is a DHCP Pool for each of those Vlans on both gateways using "ip dhcp excluded-address" I ensured that the range of provided ips by each DHCP server will not be overlapped Obs.: Reducing the lease time, I ended with the calls bringing related problems.
OK, every thing is blue, every thing is fine.But the network diagram is realy complex(41 switchs, 89 uplinks), and depending of how is the network flow, one or other server answer first or latter.
For many reasons I would like that the secondary DHCP server would answer only if the primary DHCP server goes down.To me, the bigger reason is that DHCP database would be only in one DHCP server.But there is other reasons.
I passed by many frustrated solutions:Try to force a delay on the answer on one of the servers. - Impossible.Try to disable DHCP server, and, using EEM, enable it only if router became active in HSRP. - I couldn't do It.
What I'm thinking now is use the HSRP resource to resolve it.On both routers I would put a "ip helper-address" pointing to an Virtual_HSRP_IP.And depending on which router is the active, him will answer the request.
My first doubt is:Would it work?The second doubt is:Could I use the same Virtual_HSRP_IP that exists on that Vlan(see example 1),or I would need to point it to a Virtual_HSRP_IP in a different Vlan(see example 2)?
Example 1
-----------------------------------
| 4500 |
-----------------------------------
interface Vlan1
ip address 10.10.0.2 255.255.0.0
ip helper-address 10.10.0.1
standby 1 ip 10.10.0.1
[code]....
View 3 Replies
View Related
Apr 12, 2012
Would like to impliment VLAN's on Cisco IOS Software, C3560 Software (C3560-IPSERVICES-M), Version 12.2(25)SEB4...But I need a DHCP Realy to my Windows Based DHCP Server. How do I enable DHCP Relay on the 3560?
View 8 Replies
View Related
Oct 12, 2011
I have attempted to implement DHCP snooping and have been having some strange issues. I have 5 3560s taht I use for my edge and when I attempt to implement on all five, the VLAN that houses my voice data appears to no longer be able to recieve DHCP lease renewals so after the 24 expiration all of my phones lose their configs. Once I roll back the changes the voice VLAN comes back. The other VLANs seem to function correctly as theya re able to renew their DHCP addresses.
The 3560s tie into each other using GIG Ports 1 & 2 and the top and bottom switches tie into our core switch, a 4507. The config that I use is below, failry simple and straightforward.
4 of the 5 switches feed our general office vlans for voice and data however the 5th switch is there for expansion and not in use. As such I have left the config changes in place on it and have tied myself and a colleague into it and have been operating fine for over a week now. So the config that I use seems sound in theory and should work on the other 4 switches with no issue.
View 14 Replies
View Related
May 25, 2012
I have made a topology by using one 3560 switch and 2 2950 switches. I have also made 2 vlans name Clients and other Servers and vlan 1 is for anagement purposes. The left 2950 switch is for clients and the right is for servers. Clients is vlan 2 and servers is vlan3 . Now what i want is that my dhcp is should assign ips to clients in vlans 2 provided that servers are in vlan 3. I am also using a border router and i have introduced a default route on the 3560 to the border router.
Now when i assign static ips to my clients pc and server dhcp then i can ping between vlans but when i try to assign ip through dhcp then it wont work. Also the default route on the switch to the border router doesnt seem to work. I can ping only the border router when i put a default route on the border router instead of the 3560 switch.
View 3 Replies
View Related
Jul 23, 2012
I have a cisco 3560 24PS and its connected to two ADSL broard band routers.one is a personal broadband line using a Billion ADSL broadband router, and the other is a business broardband line using BT's 2wire broadband line.on the Billion routers i have various things attached like a NAS and a printers, both wired connections. then i have laptops and phones that connect over wifi, so its configured to act as a DHCP server
the only thing conncted to my 2wire router is my company's laptop (wired or wifi depending on where i'm working from), so again i have it working as a dhcp server.The switch is configured with multiple vlans, with dhcp scopes assigned for each vlan.I have a static route pointing all traffic to my Billion ADSL for internet connectivity.
The problem i'm having is that when i turn on the cisco switch, all wifi conected devices loose their conection. only 2 things get it working again, a reboot of the router, or disabling then enabling the DHCP service on the router.upon further analysis i was able to find out that the devices were not able to pick up an address from the router. again i looked deeper into this and i can see the following on logs of my router: [code]
so it seems that the router tuns off its DHCP capabilities because it detects that my Cisco switch is running DHCP services. I need to figure out how to keep the billion routers DHCP running when ever the switch is turned on.is there a way of filtering out any DHCP chat from the switch to the router?
View 7 Replies
View Related
Jan 18, 2013
I am trying to understand the basics of DHCP snooping. I have a just a 3560 switch and a laptop ( to get a DHCP address) and my DSL router which has a DHCP server running. On the switch I have enabled "IP DHCP Snooping" and "IP DHCP Snooping VLAN 1" plugged the laptop and DSL router in and the laptop gets and IP address, should it?
I thought all ports were untrusted by default so the DHCP server should be blocked at offering IP addresses? If I wanted the DHCP server to be allowed to offer IP's I thought I should need to trust the port.
View 3 Replies
View Related
Jul 29, 2012
how can I show the DHCP-range of a router if I don't have privilege level? (not in enable-mode),I can do a "show ip dhcp pool" - this will show me the range which is configured with the network-command.But there are also some dhcp-exclude-addresses which I can't see.... (I did a test on a router with full privilege-access)I need this because I have a router with limited access from our provider.
View 0 Replies
View Related
Jan 16, 2013
I have two WAP4410N plugged into my Catylist 3560 switches.One of these switches is my Default Gateway for the LAN.The only way I can get a device to connect to the WAP4410N is by assigning it a static IP. Then it works perfectly.
View 10 Replies
View Related
Jan 3, 2012
I want to implement port-based and MAC-based in these two switches: 2960 & 3560 (both of them have this IOS version: 12.2(55)SE1). And I haven't found a way to implement both of them at the same time. This is what I got:
ip dhcp use subscriber-id client-id
ip dhcp subscriber-id interface-name
ip dhcp excluded-address 192.168.0.0 192.168.0.2
ip dhcp excluded-address 192.168.0.251 192.168.0.255
[code]....
With this configuration I can use port-based, but not MAC based. If I remove the first two lines and change the last line for this one:
address 192.168.0.7 client-id 0112.ae1d.af58.60
Then, the computer with that MAC address got the correct IP, but then the port-based doesn't work. Also, I got this line in the interface what I want to use MAC-based:
ip dhcp server use subscriber-id client-id
View 3 Replies
View Related
Mar 19, 2012
can you enable dhcp service on a 3560 switch.
View 3 Replies
View Related
Apr 26, 2012
I'm attempting to configure a Catalyst 3560-X Switch to act as a DHCP Server. There is documentation that supports this feature. Below is my config procedure however after the completed procedue no IPs are handed out to clients. [code]
View 1 Replies
View Related
Sep 2, 2012
Using a Cisco 1800 series router (1802) with IOS 15.1(4)M2.I am quite sure the following should somehow be possible in IOS, but I can't figure out how to do it ... :I have the situation that I need to bind specific devices by DHCP to the same IP range.
These devices (medical equipment, used in hospital) are all from the same vendor.So the first three octets in the MAC address (Organizationally Unique Identifier , OUI) are the same for each device. The next three are always 'unknown'.I know how to bind a fully known MAC address to a host ip or ip range , but is it somehow possible to do this by the OUI ?Like using some wildcard option.
View 1 Replies
View Related
May 31, 2012
i am not sure if this is something with my DHCP setup or not, but it certainly seems to be the culprit. I am running a 3560G and using it as DHCP and to do V LAN routing (Geiger protocol). I have 10 pools configured with a few static addresses per pool. Now to get down to the problem. I have a computer (and this problem seems to be a gremlin as it changes what computer is affected quite often) that will connect, get its IP, immediately disconnect, then send out a DHCP req again. The computer has a static assignment in the pool, and for the brief second that it connects, it gets the right address. If i move the computer to another v lan, all works right. If i delete the static entry it will get an address in the right v lan no problem. The command i have been using to add static entries is:
address xxx.xxx.xxx.xxx client-id 01xx.xxxx.xxxx.xx
That seems to have been working on all my static routes except for a bank of computers in vlan3. I have went as far as to delete the pool and recreate it, heck i even recreated the v lan and i am still having issues. Below are some snippets of the running config for review.
The DHCP Pool for the affected LAN:
ip dhcp pool Dev3
network 192.168.3.0 255.255.255.0
boot file bootx86wdsnbp.com
next-server 192.168.1.78
dns- server 192.168.1.8 192.168.1.78
[Code] .....
View 4 Replies
View Related
Sep 25, 2012
My Network Layout is as, Firewall (with Routing)------>Cisco 3560 Switch (L3)------> connected 8 Cisco 2960 switch (L2)----> all users I have configured 20 VLAN's on cisco 3560 switch with Dynamic Pool and Static, Means, 5 Vlan's are Dynamic and remaining are Static Our Company process provides only internet access to existing clients computers. Problem is that, I configured Static VLAN 5 for one of our Client in their seperate room, mean to say, i activated all ports of their room with Static VLAN 5. one day they configured own DHCP server on Windows 2003 Server with same subnet (Same as VLAN5) in their room without any information and now their all computer/ Laptop acquiring ip address Dynamically.
If i have configured Static vlan on that port's then how it is get Dynamic ip from same port's.How to restrict to permit another DHCP server/Service in our premises. I Do not want to give administrative control to Clients to do such kind of thing with LAN.
View 8 Replies
View Related
Jul 30, 2012
How to configure cisco 3560 to force the client only can get ip by dhcp-relay server ?
The company i am working in has 5 vlans which have been set an lay-3 switch(3560), uses the dhcp-relay server .(in svi configuration: ip helper-address X.X.X.X) well , that works ok~
Now , I got my problem: I need to force the client only can get ip by dhcp-relay server, that means if anyone set static IP manunally , he can't really access to anywhere (to provent anyone set static IP with malignancy )
I know if a h3c router , how to set this configuration n svi configuration : dhcp relay security address-check enable )
the how to configure on a cisco 3560 ?
View 1 Replies
View Related
May 20, 2012
I need to only allow 5 Mac Addresses on a range of ports on a 2955 switch. If I do the following it only changes the first port in the range:
interface range fastEthernet 0/5 - 10
no spanning-tree portfastswitchport port-securityswitchport port-security maximum 5switchport port-security violation restrictswitchport port-security mac-address 00:1D:24:25:F7:AA
[Code].....
View 2 Replies
View Related
Dec 2, 2011
A small network and uses the Linksys Router BEFSR81 as dhcp.the default Number of addresses is 50 and starts 10.0.0.100 to 10.0.0.149.A new Cisco IP Phone just introduced requires ip addresses and have noticed running out of addreses.Can I increase the number to 120 so that the address range would start from 10.0.0.100 to 10.0.0.219, also, I have a VPN device which automatically configures itself for 10.0.0.199 address and this is /24 network configuration.
View 1 Replies
View Related
Nov 7, 2011
i'm using some catalysts 3560 with 10 VLANs and inter vlan routing. we use a windows deployment services server to install our workstations. the pxe boot works fine. the image is loading, and when the windows 7 PE is booting, the dhcp request failes. when i use a small not manageable switch between the computers and the catalysts, it works fine.all other things work fine.
View 9 Replies
View Related
Mar 6, 2013
Problem is that at some C65K I have directly connected Unix servers and the don't show MAC address at port, and same has happened at 3560 switched where I have too Unix based equipments connected. When use show mac-address interface XXXX, nothis appears at port and tested them with other equipments that worked fine.
View 2 Replies
View Related
Feb 7, 2012
We have a server connected to a 3560 switch which in turn connects to 6500s. The gateway interface is on the 6500. We will be changing the 6500s so the mac address for the gateway will change, however the IP address will remain the same. As we change out the 6500s the uplink connections to the 3560 will go down. This will flush the old mac address from the 3560.When the 3560 removes a MAC address does it update servers so they have to relearn the correct MAC address?
View 4 Replies
View Related
Jun 7, 2012
We have observed that one of the 3560 switch was rebooted with "System returned to ROM by address error at PC 0x0, address 0x0"
View 1 Replies
View Related
Nov 8, 2012
I have Cisco 3560x layer 3, but there is one problem with MAC ACL. Here is sample scenario:
I have two V LANS 2 & 3. There is one device (D1) on V LAN 2 and three (D2,D3,D4) devices on V LAN 3. D1 can talk only to D2 and D3. D4 can talk only to D2 and D3. D1 and D4 cannot talk at all. I got the IP access list all set, but I was asked to get the MAC ACL on it. The problem is that as soon as packet is routed, its MAC addresses will change, correct? Is there way of preventing device with same IP but different MAC from talking to device it should not to, keeping in mind that the packet will be routed?
View 1 Replies
View Related
Nov 19, 2011
I keep getting some additional IP addresses logging onto my home network that have an address outside what should be allowed by the router. The server is running at 192.168.2.1 and is set to only allow clients from 192.168.2.2 - 192.168.2.10 so a total of 9 clients should be allowed on.The problem is that something keeps logging in with an address of 192.168.169.2 or 3 etc. Sometimes more than one device at a time.I have assumed that it is some automated or virtual client as I'm pretty certain my network has not been breached. I have a 9 character password with a relatively random alphanumeric combination, although I haven't tried changing the password (I live in a share house with with a bunch of devices using wireless, so I haven't yet bothered). What I don't understand is how it has connected with the xx.xx.169.xx range at all. I have a Belkin 'Share' Wireless N Modem Router and at some stage there was a 'guest' network but that has since been disabled and I still am seeing the extra address. I have attached a screen shot of the DHCP client list on the router.The following is a list of devices that may be on the network at times, I'm thinking one of these may be responsible for the problem:
Windows Vista Desktop - Only LAN device
PS3
Macbook
Epson wireless printer
Android HTC Desire Mobile Phone
Laptops running various Windows versions (XP, Vista and 7)
A few thoughts I had:
- the android phone is capable of running a wireless hotspot, may have to look into it to see if if has been operating as an access point into the Belkin router, but assumed this wouldn't bring up clients connected to the phone on the home router.
- The desktop has PS3 Media server installed to stream video to the PS3 over the network (not that I have ever managed to get it to work), however this is not ever open on the desktop.
View 10 Replies
View Related
Apr 26, 2011
Using Android phone and have to set up Port Forwarding to access the cameras. I have to change the IP Address to a static one instead of the one issued by the Router. How do I change the IP Address of the camera to one outside the DHCP range?
View 14 Replies
View Related
Nov 1, 2011
I've set up my 3560 to do routing. Now, I'm looking for a way to apply acl restrictions to the vlan interface ip address itself.
View 1 Replies
View Related
Aug 9, 2012
I have some Ethernet-connected cameras that all have the same Ethernet MAC address FF:FF:FF:0A:0A:0A. They were originally designed to directly connect to a Windows PC, but they can also connect through a simple unmanaged switch.A Catalyst 3560 switch won't forward packets to or from anything with that MAC address, at least not by default. Is there a way to convince the switch to do so?
It was my hope to replace the dedicated connections we have for these cameras with a separate VLAN for each camera, and switch them through our existing switch network. Given that all of the cameras use the same MAC address, putting them on the same network is out of the question, but different VLANs, where the only two devices on each VLAN were the camera and the PC that uses it, would be fine.
The switches run IOS 12.2(55) SE through SE3. I learned the camera MAC address from the PC's ARP table while the camera software runs; it turns out the cameras don't have a full IP stack either and don't even do ICMP.
View 2 Replies
View Related
Feb 28, 2013
I have 2 3560 switches that are running 12.2(25)SEE2. Port security is enabled on some of the ports. Whenever there is a power failure, when power is restored, 1 port on each switch goes to err-disabled. The mac address that causes this is a valid address for that port. Below is the configuration on one of the ports.
View 1 Replies
View Related
Aug 10, 2011
I disconnected and reconnected the powercable while holding on to the setup button until system, alert, setup go amber. The system led light began blinking green. I waited until one of the leds lights on the ports starts blinking green I then connected the ethernet cable connected to my pc. I made sure my lan connection on my computer was set to dhcp.In the docs claim it should take about 1 minute to grab a new ip address. After a few minutes i check the ipconfig on my pc and I get the apipa address.The setup light on the switch remains green while system is amber. The led for port 1 stopped blinking and remains green.My pc is not grabbing an ip address I don't know what else to do.
View 7 Replies
View Related
Mar 26, 2013
E4200v2, firmware 2.1.39.145204
Router says "Invalid IP address" when I try to make a manual IP address reservation of the IP address range.
Example: local network 192.168.1.0/24, where .1 is a router, .2 is a reservation, .20-.50 is a range for DHCP.
Before upgrade I didn't have this problem.
View 6 Replies
View Related
Nov 13, 2012
Not sure if this is a problem with the switch or the wireless AP connected to the switch, but I have a couple of 3560's, one is a 3560G and the other is a 3560, both have phones and wireless ap's connected to them. The ap's on both of these switches continue to loose there ip address and thus disconnect from the controller. This happens about once a week, but the odd thing is that the phones never loose there ip address. All of my other 3560s and 3560g's that have AP's and phones connected are working fine.
View 2 Replies
View Related
