Cisco Switching/Routing :: 3640 Can't Route Traffic Until Pinging
Nov 1, 2011
We have a Cisco 3640 router running c3640-is-mz.123-3g.bin Switching ports are devided into several VLans. Each VLan has its own IP subnet. We can't ping IP address X in subnet A from subnet B unless we log into the router and ping it from there first. (and then the IP address will show up in "show ip arp" command. Then we can ping X in subnet A from subnet B, and browse web on device X from subnet B, etc. )
View 6 Replies
ADVERTISEMENT
Jan 12, 2012
I'm performing tests with following desired scenario: We have several remote offices, connected to our HQ via MPLS. In these remote offices, we have several vlan's. Each vlan has it's own ip-range. The MPLS cloud is routed, so we cannot switch our HQ vlan's to the remote offices. In this case, the client pc is in a guest vlan which allows him internet access. The uplink for this internet access is hosted in our HQ datacenter.
basic scheme:
client pc --> MPLS cloud (managed by ISP) --> 6500 switch LAN --> Checkpoint Firewall --> 6500 switch DMZ --> ASA Firewall
My test scheme:
Client pc is in a subnet A (guest vlan range office).
We receive this traffic on our first LAN 6500.
[Code].....
View 29 Replies
View Related
Jun 3, 2013
Actually i have a design from my customer who have ( Cisco core switch 3750 (allports fiber ports) which is connected to L2 switches , these switches carry servers and end users .the only routing protocol on the access switches is static route ,
My question how can i route the traffic from the server to the end user , as the the server is not direct connect to the core switch.
View 6 Replies
View Related
Jan 14, 2012
i have a strange issue with an HSRP Setup. I have two (S1+S2) 3560 as Core/Distribution Layer. Inter-vlan routing are enabled on both Switches. S1 and S2 are connected with an ether channel over four fibre ports. S3 -S5 are the (L2) access layer.
Gi0/1 on S1 and S2 are L3 ports, connect to a Linux Firewall.
HSRP is enabled, S1 is the active router and the STP root bridge.
But, my monitoring via cacti show me, that the Gi0/1 on S2 is active, too! But it should not be active? Only if S1 fails, should S2 the active switch.A client from the access ports on S3 - 5 gets traffic from the Internet via Gi0/1 from S2. Gi0/1 on S1 is active too, but will send mostly traffic to the Internet. Why is S2 active and why route it traffic from the Internet to the client?
View 15 Replies
View Related
Jun 5, 2013
I'm fairly new to Cisco products am in the process of developing my network knowledge on a deeper level. I have a 3825 with a HWIC-4ESW and I'm struggling to fully understand how the two "see" each other. I've setup a V LAN with a layer 3 address on the HWIC and added the switch ports to it. This seemed to allow devices connected to the switch ports to talk to the built-in router ports. I thought this was all making sense until i applied an access-list to the router port. It's a simple ACL i'm just using for testing and the only thing it does is blocks telnet from anywhere. I know the ACL is setup properly because if I connect a device directly to the router port i cannot telnet to the port. However, if i connect a device to one of the switch ports, i am able to telnet to the router port successfully.
It seems that I'm missing something with how traffic flows from the switch port to the router ports and how the two "see" each other.
View 2 Replies
View Related
Apr 28, 2013
I'm using 3640 router running on c3640-js-mz.124-25d.bin IOS. I'm using NM-1A-OC3SML= (ATM OC3, long reach single mode) interface card. Now my pc is connected an fast ethernet interface of the router. Need to know the ATM configuration on this cisco 3640 router in order to achieve the ATM over ethernet traffic get success. As of now i've confugred as below but it's not working it seems.
interface ATM2/0
bandwidth 120000
ip address 10.2.2.1 255.255.255.0
no atm ilmi-keepalive
pvc 0/36
protocol ip 10.2.2.10 broadcast
cbr 70000
encapsulation aal5mux ip
let me know the correct encapsulation type for the connectivity.
View 2 Replies
View Related
Sep 23, 2012
The Cisco 3600 series (3640) is hanged during booting proccess, the IOS is decompressed, but after some text it hanges and I even cannot go to user exec. ROMmon and bypassing the config setting, but the result is still the same.
View 5 Replies
View Related
Mar 21, 2013
I got this 3640, trying to apply a service-policy (output and input), but seems like I do it something wrong...because he only apply the output policy... here the config, I already try to config the service police inside the fa0/0, but is not showed at all, he only show the output, its like I never apply that
View 1 Replies
View Related
Apr 8, 2013
I got some unexpected System crash, and this happens to 2 different routers on the same network.. (We suffer a Crash and change the router, happens the same to the new router after some time, maybe 40 minutes!!)
Here is the last console report for the new router....
%Software-forced reload
Preparing to dump core...
4w1d: %SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IP NAT Age
[Code]....
View 3 Replies
View Related
May 29, 2013
I am getting RTO while pinging my L3 switch 3750 that happened after restarting switch,i have restarted it because I am not able to browse internet through URL,i am able to do it trough ip address, so I restarted it not I am getting RTO.
View 1 Replies
View Related
Oct 1, 2012
i am running c3640-is-mz.124-21.bin on a cisco router 3640. i am trying to create a monitor session in the CLI and everytime i type the command Router(config)#monitor session 1 interface ethernet2/1 % Invalid input detected at '^' marker. Router(config)#monitor session 1 interface ethernet2/1 ^% Invalid input detected at '^' marker. i get the error invalid input ?
View 10 Replies
View Related
Dec 6, 2011
So I have 2 routers (cisco 3640) that each go to their own ISP and then back to the same switch. I have setup ospf and glbp, and now have pretty good redundancy. If either internet connection or routers go down everything is still golden.
So I was thinking that if an interface went down then the router would not be load balanced with glbp which got me thinking whats the best way to get interface redundancy (and I was going to add a 2nd switch with the second interface).
1) Setup BVI on the 2 interfaces.
2) Setup a 2nd interfaces (on each router), I would have to split the subnet, for instance: [code]then the machines could be on the subnet 192.168.0. 0/23 and setup glbp for 1 ip across all 4 interfaces (I'm not even sure if you can do this but think it would work).
3) Is there a way to utilize etherchannel or anything like this
A negative to option 2 would be that if 1 of the interfaces went down, all the sudden 2/3 (or so) of your traffic would be going through 1 router.
View 5 Replies
View Related
Feb 5, 2012
How to configure my serial modules on my 2600 and 3640? Each router has the WIC-2T with two cables connecting them. I tried to ping one router from the other, but no luck. Serial IP address I just made up, this is my home lab, so if I messed those up some how,
Here is the running config for each rotuer:
2610:
Current configuration : 1071 bytes
!
version 12.3
[Code]...
View 22 Replies
View Related
Dec 28, 2011
I have two routers at our core data center, a 3845 and a 3640. These are configured with GLBP. There are 4 remote sites:
Site #1: One T1 link to the 3825
Site #2: One T1 link to the 3825, and One T1 link to the 3640
Site #3: One T1 link to the 3825, and One T1 link to the 3640
Site #4: One fractional T1 link to the 3825, and One T1 link to the 3640.
My question regards site #4. If i understand correctly, GLBP works on the premise of "host" balancing, and not true "load" balancing. The reason I ask is that the large majority of our WAN traffic is from our Exchange server to our remote sites. In the case of site #4, our exchange server is sending traffic on the fractional T1. Is there any way with GLBP to either split this traffic from a particular host across two links in a round-robin fashion, but leave other hosts to travel wherever the router sends them, or, to force at least our exchange server to use the full T1, rather than the fractional?
I've read up on the weighting mechanism, and it appears that tracking an interface has nothing to do with bandwidth use. If I understand correctly, if I were to track the Site #4 PPP to the 3640, and give a weight of 10 to glbp on there, it would really only take affect if the interface is down. It will have nothing to do with host AVF election.For the record, exchange traffic is constant to this site, so there is no chance for the host connection to reset and potentially elect to use the larger pipe. I would like to "tweak" this to make better use of available bandwidth.
View 2 Replies
View Related
Jun 25, 2012
I have the cisco 3640 with IOS Version 12.2(46) , and it with DRAM:32M , Flash:8M.What IOS version can support IPv6 RIP in the hardware limit?
View 3 Replies
View Related
Apr 30, 2012
I have an Issue.In my networks, 1 single user is facing Network Slowness issue. i needs to check to which port user is coneected in switch to CHeck whether that port has any errors.But problem is, i am providing support from remote location.And my concern LAN segment is Very big,I have only user Ip address details,when i ping the Ip address from Core switch it is pinging. but when i give show ip arp & give Ip address then its not learning and listing out the Mac address to trace down to the specific port.
View 3 Replies
View Related
Aug 4, 2012
last day i went to one client for the installation of C(WS-C4507R+E)
current ios :cat4500e-ipbase-mz.122-53.SG2.bin
there is only one sup engine installed and redundant slot is empty.
I installed one ethernet module in the slot 6 and it get detected working fine. I also want to install one fiber module but that module is only supported by 12.2 54 sg or later ios version.so i need an ios upgrade.
For the ios upgrade I decide to do it through svi interface For that i igive an ip address to vlan 1 (192.168.1.2) and plug cable in gigabit 6/1 and added that port into valn 1.
my laptop's ip is 192.168.1.1 @ this point i faced a rare problem the PING IS NOT WORKING.(switch is directly connected to my laptop).
Then i create another VLAN (2) and add that port into vlan 2 still ping is not getting.last thing i tried is that making that gigabit port into a routed port and result is same.
View 4 Replies
View Related
Feb 2, 2012
I'm having an issue routing between vlans. I have vlan 1, and 2. I want to ping something on vlan 2, from vlan 1. I cannot ping from a computer on vlan 1 to a computer on vlan 2. I can ping each computer from the ASA 5505. I get an error on the ASA when I try to ping from the computers. The error is Failed to locate egress interface for UDP from voice:192.168.0.199/137 to 192.168.1.200/137. I can't understand why it even mentions IP 192.168. 1.200/ 137... I reset the unit configuring it from scratch and still no go. I have no given a static route to the out yet.. I need to get inter-vlan routing working first. [code]
View 13 Replies
View Related
Feb 4, 2013
i configured the VLAN810, with DHCP services, while i try to ping the host which is connected to gi 1/0/2 from my gi 1/0/1 , i can't ping the same vlan host , while i try to debug ip icmp its showing ,
C3750XB11#sh running-config
Building configuration...
Current configuration : 12053 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
[code]....
View 5 Replies
View Related
Oct 12, 2012
In my preparation for my coming CCNA certification I am experimenting with different network configurations. In my test network I am currently working with a "Router on a stick" setup. A Cisco 2611 router connecting a Cisco 2950 switch. VLANs configured on the switch and subinterfaces + dot1q encapsulation configured on the router. Switch only supports dot1q.Router's Eth0/1 is connected to the Switch Fa0/24 port which is also set to trunk mode. I am using a normal Cat5e twisted pair cable to connect the 2 devices.
VLANs are working since I can connect a workstation to an access port for example fa0/2 (vlan2) and get Internet access.I can also ping any of the subinterfaces of the router from the workstation.With the current setup I am not able to ping the switch from the router, or the other way around, so in other words I can't remote manage the switch from a telnet or SSH session with this setup. What I am missing?Just to be clear I am pinging the switch directly from the router (Router2611#ping 172.16.100.2), so please ignore all static routes and OSPF. [code]
View 3 Replies
View Related
Jun 3, 2013
I have two 1841's, setting up a Lab WAN in Packet Tracer. I have one of the 1841's run to a DSL modem, then out to the cloud and the same setup on the other end... from the cloud to the DSL modem and to the 1841 on that end... I have all green lights, so that tells me layer 2 is up, but I'm trying to figure out
what IP to assign the routers to test pinging and getting traffic flowing. but the DSL Modem's have the public IP's and dynamically assign an IP to the routers? I've also tried setting up a static IP on the routers fa0/0 interfaces and the pings fail.. Wondering what I am missing to get these two talking.
View 2 Replies
View Related
Feb 16, 2012
I have a new MPLS circuit being stood up for my site; it’s going to replace a site to site VPN connection to our "Headquarters." I want to test this without affecting my production networks. Without getting into alot of details, the admin at the remote site is not very cooperative and basically doesn't want to set this up and I don't have access to his switching/routing. He is prepared to do minimal tasks if necessary. Ultimately, I am looking to test the new Vlan, once successful, route the traffic away from the Site to Site VPN connection to the MPLS circuit. Here is what I plan on doing, I need to determine if it is going to work.
LAN in my office uses EIGRP for routing. MPLS (10.1.1.253) uses OSPF (area 0) and BGP. Currently, traffic destined to headquarters (10.10.1.1/24) uses the default route on a CAT3750 pointing to the firewall (ASA5520) (10.1.1.254).Create new VLAN/DHCP scope to use as a test Vlan to test the new MPLS circuit. 10.1.199.0/24Create static routes on 3750 destined for headquarters for L2L VPN traffic pointing to firewall so traffic to headquarters remains on the L2L connection. ip route 10.10.1.1 255.255.255.0 10.1.1.254 (once I share routes with OSPF, routes to Headquarters will be advertised over the MPLS)Create OSPF instance on the 3750 advertising only the new subnet so that the MPLS network knows to route this traffic over the MPLS for return traffic from headquarters. (this is where it is grey as I don’t know OSPF at all) The switch has a L3 interface which the MPLS router uses as its gateway, so there is direct communication.router-ospf 0 network 10.1.199.0 0.0.0.255 area 0 4. On 3750 create a PBR for the new subnet so that it is routed over the MPLS, (imagine test PC is 10.1.199.100), the remaining production subnets will use the static routes and ignore the OSPF routes because of the shorter administrative distance.Will the PBR route win over the static route for that one subnet? Is that all I need in the OSPF configuration? I see some configs that have neighbor statements with costs, authentication types etc..
View 3 Replies
View Related
Jan 20, 2013
Everything in my network works as a charm. Every host in my vlans can access and ping the internet with no problems. But, my main router does not ping the internet (Pinging either ip "173.194.71.104" or domain "www.google.com" do not work). I don't know how is that possible since my hosts can ping the internet. Below is my main router confiurations
!
hostname Internet_Router
!
boot-start-marker
[Code].....
View 16 Replies
View Related
Feb 8, 2012
I have two routers I am trying to connect via the WIC-2T port. I can ping from router to router, but not from my PC (192.168.2.122) to the 3745 (10.0.1.3)..
3640:
Current configuration : 1846 bytes
!
version 12.2
[Code].....
View 15 Replies
View Related
Feb 25, 2013
We have two catalyst 3560 switches running c3560-ipbasek9-mz.122-58.SE2.bin They are connected using etherchannel using gi 0/21 - 24 interfaces.
on 3560-1 switch, there isn't any ip-default gateway or ip route configured. It only have 1 interface vlan configured.
on 3560-2 switch, there is ip default gateway configured along with 1 interface vlan.
What i dont understand here is that, i can reach out to other subnets from 3560-1 switch in which the routing is not enabled?
View 4 Replies
View Related
Nov 15, 2012
Configured cisco 881, WAN has static IP address and LAN is nothing fancy. I can ping out to url... or anywhere from the router but cannot from LAN client computers. [code]
View 4 Replies
View Related
Apr 19, 2010
I have a 2821 router with two T1 WICs and have the need to route FTP down one T1 and all other TCP traffic down another T1. All traffic is going to the same remote IP address. The remote sites are in different states, and I assume that the remote subnet is being bridged between the states. It's kind of a weird set up, but it's not my design.
Anyway, can I use a route map to split off FTP traffic to host A and send it down one T1 and have the rest of the IP traffic to host A go down the other T1? I also need to be able to have all traffic use one T1 in case the other T1 goes down.
My first thought was to static all IP down T1-1, then route map FTP traffic down T1-2, then have a floating static for all IP traffic down T1-2 with a higher metric. But something would have to track the T1 interfaces and I'm not sure if route maps or static routes can do that. Any thoughts on this?
View 2 Replies
View Related
Jan 22, 2012
I haven't got time to test different configurations yet. Just want to quickly ask here about the fall-over route-map configuration. I saw lots of example using pip prefix-list to specify the next-hop for tracking. Is that the only way you can do it? Can you just use a standard ACL to specify that host like permit host 10.2.2.2? ip prefix-list will do like ip prefix-list seq 5 permit 10.2.2.2/32. And you apply the prefix-list to route-map then. ACL will work?
View 2 Replies
View Related
Nov 18, 2008
I have a 3750g on which I am trying to configure the ip policy route-map command on each of the vlan interfaces. However after entering the command it does not appear. I'm not sure what to do at this point. I have changed the SDM template to routing and I am running the IPServices image.
View 2 Replies
View Related
Apr 3, 2012
I have a router with two interfaces what i need to filter the HTTP traffic from one interface and the rest of the traffic through the other on my cisco router 2800.
View 3 Replies
View Related
May 22, 2013
I have an MPLS network router(Router1) and an internet router(Internet1) at a site of mine(Site1). the MPLS router sends all unknown traffic out the internet router. Router1 is the default gateway for all hosts and directs the traffic.I also have another network at an alternate site (Site2) on the same mpls network also with an internet egress. It is composed of an MPLS router (router2) and an internet router (Internet2).I would like Router1 to send internet bound traffic out Internet2 if Internet1 is down. Basically the statement on Router1 for the unknown traffice is ip route 0.0.0.0 0.0.0.0 172.31.1.254I have never heard of IP SLA before but it seems to be the best method for this situation.
View 2 Replies
View Related
Apr 2, 2013
I have a cisco 890c-w with routing and wireless,contain 8 switch ports(fastethernet 0 - 7),one 100m route port( fastethernnet 8),one giga port gigagethernet 0
configuration pppoe,dialer1 can get WAN IP。
0-7 ports in vlan2,vlan2 config ip add 192.168.1.1
In router,ping 8.8.8.8 is ok,but ping 8.8.8.8 source 192.168.1.1 can not ok,so my pc can not go internet through 0-7 ports。
I think routing problem,but don't find reason
service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Router!boot-start-markerboot system flash c890-universalk9-mz.151-4.M2.binwarm-rebootboot-end-marker!!enable password password!no aaa new-model!memory-size iomem 15service-module wlan-ap 0 bootimage autonomouscrypto pki token default removal timeout 0! ip source-route!ip cefip name-server 61.234.145.102ip multicast-routing no ipv6 cef!multilink bundle-name authenticatedvpdn enable!vpdn-group PPPoE!license udi pid CISCO892C-
[code]....
View 4 Replies
View Related
Mar 19, 2012
We're running a simple policy map on a 3750 stack (IOS version 12.2(53)SE2), but the route-map counters do not show any matches:
NYKIRDRCX01#sh route-map
route-map remote-route, permit, sequence 51
Match clauses:
ip address (access-lists): remoteACL
Set clauses:
ip next-hop 192.168.101.5
Policy routing matches: 0 packets, 0 bytes
However, I've confirmed via our netflow monitor that the traffic we're trying to send to the appropriate next hop is, indeed, getting there correctly.
I've seen issues in the past with a 3750 not reporting counters correctly.
View 2 Replies
View Related
