Cisco Switching/Routing :: 3725 SPAN Not Supported On Some Routed Interfaces?
Dec 12, 2012
I'm trying to configure a SPAN session on a Cisco 3725 router, but it won't let me complete the command. The router has two Fast Ethernet interfaces: 0/0 and 0/1. I'm trying to configure a SPAN session with Fa0/0 as the source interface and Fa0/1 as the destination interface. [code] But when I try to configure the session, it seems like it's giving me the option to configure the SPAN session, but in the end the router won't let me: [code] When I type "?", why would it give me the option of using the Fast Ethernet interface as source port, then when I try to execute the command, it doesn't like it?
View 7 Replies
ADVERTISEMENT
Sep 26, 2012
I would like to do the following architecture with the same C3750 : network X,Y,Z connected to 3750 in VRF D the 3750 uses a routed interface on subnet E for the default route in VRF D on this routed interface a BYPASS EQUIPMENT the other BYPASS EQUIPMENT interface is connected also to another routed interface on subnet E "also" this routed interface is in another VRF C with other network A and B.do you know if it will work because of 2 routed interfaces on the same IP subnet or is there a way to do that ? the only goal for me is to catch traffic from network X,Y,Z on SYN and ACK.
View 5 Replies
View Related
Jan 15, 2013
we are trying to configure one to one NAT translations on a Cisco 527W-U, but are having some problems. We are running firmware version 1.2.4 (003) on the 527.
The DSL line is assigned with a /29 address range x.x.x.64 /29?
The DSL WAN interface picks up x.x.x.65 /32 from the Radius server. We are using the default private IP address range 192.168.15.0 /24 on the LAN (VLAN1), and can get to the internet ok with a PC connected to the LAN.
However when we try to set up a public IP address in the same range (eg x.x.x.66 /29) on VLAN1 (with x.x.x.67 on the PC) it will not connect. (won't allow us to configure an address from the same range as the WAN on a new VLAN interface).
we would want to be able to do one to one NAT translations eg x.x.x.66 on the outside to 192.168.15.2 inside, x.x.x.67 outside to 192.168.15.3 inside etc, but this will not either. We have tried this on a normal IOS router (887) and it worked ok. We have also tried the same on a small DSL router / modem product similar to the 527 from another manufacturer and it worked ok on that, but we wanted it to be able to work on the 527.
We have tried the NAT bypass feature without any success, reading several other discussion forums on this website leads me to believe that one to one NAT is not supported on this equipment at the moment, or at least not at the current firmware release.
One work around would be to just assign a /32 to the WAN interface on the DSL and route statically to a different routed subnet configured on the LAN, however we were wanting to avoid having to do that if possible.
View 1 Replies
View Related
Jan 30, 2012
Cisco 3725
IOS: (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T9
Wireless Module NME
Brief current running config below:
interface FastEthernet0/0
description WAN LINK
bandwidth 8192
[Code].....
View 2 Replies
View Related
Dec 26, 2011
I have 3725 router with internal CF and external slot for CF. I tried upgrading and ended up deleting the iOS version on the internal flash, and can not now put the iOS back!! I turned it off.... so there was no active iOS..
I have tried formatting the CF card on an 1841 but the 3725 won't read it. It is obviously stuck at ROMMON
What is the correct way to format a CF card so my 3725 will read it and I can get an iOS back on it!!
View 1 Replies
View Related
Jun 4, 2012
I am setting up multiple vlan interfaces on a pair of HSRP Routers that will provide layer 3 routing for a network. I am seeing this command sporadically show up in the router config mac-address-table static 0000.0c07.acd2 vlan 210
I am not entering this command. So far, it has not shown up on the companion 3725 router. I have a 2nd vlan I have just created and the problem hasn't shown up for that vlan as yet.Using C3725-ADVSECURITYK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3) on the routers.
View 4 Replies
View Related
Jan 24, 2013
I seem to be having a problem with DNS name resolution after configuring my router (Cisco 3725 running IOS image: c3725-adventerprisek9-mz.124-25.bin) for handling DHCP requests.
Before I made the change, everything was working correctly; I could ping Google.com from a computer inside my LAN and would get response from one of Google's public IP's like normal.
I had a separate DHCP/DNS server running Windows Server 2008 handling the DHCP request and DNS queries.
When I made the change, I turned off the DHCP/DNS server and issued the following DHCP commands to my router:
Code...
View 5 Replies
View Related
Jan 24, 2012
I read that there are internal and external flash memory in 3725 router that can max up to 128mb. So adding the sizes of internal and external flash memory, will that total to 256mb?
And also is the internal flash of 3725 just the same with its external flash?
View 8 Replies
View Related
Dec 2, 2012
I'm developing a project where I use the SNMP protocol to discover the network. By discovering the network I mean go through all the routers and switches and retrieve the IP routing table from routers and the forwarding table from switches. With the routers I have no problem. For the switches I need to know for each port the MAC addresses and the Vlans. Basically it's use SNMP to find a port number from a MAC address. To do that i followed this tutorial: [URL]
The problem is that I'm using a Cisco 3725 Router with IOS 12.4 (21) and a NM-16ESW module to work as a Switch and when I use the OID .1.3.6.1.2.1.17 corresponding to the BRIDGE-MIB as it follows:
snmpwalk -v2c -c myrouter 10.1.1.5 .1.3.6.1.2.1.17
it returns:
SNMPv2-SMI::mib-2.17.1.1.0 = Hex-STRING: 00 00 00 00 00 00
SNMPv2-SMI::mib-2.17.1.2.0 = INTEGER: 0
SNMPv2-SMI::mib-2.17.1.3.0 = INTEGER: 4
From this I guess there's no information on the router about Vlans or anything. Other thing is that when I use community string indexing it returns a timeout. My theory is that this version doesn't support indexing but I don't know.
how can I get the Port Number from a MAC address from this "switch" (it's a router working as a switch) using SNMP?
View 2 Replies
View Related
Mar 2, 2011
is ASR 1006 supported span port or port mirroring? Any config about that?
View 2 Replies
View Related
Dec 13, 2011
I am hoping you can provide me with some opinions, feedback, thoughts on the following. We have some Cisco 6509 switches in our environment currently hitting around 60% usage on the Router overall statistics.
Now we are looking at implementing an intrusion detection system but by being as least invasive as possible to the network. Our thoughts are to utilize a SPAN port on the switches to send traffic to the NIDS device but we have concerns of the following. The limitations of SPAN sessions on 6509's . The overhead on the switch of turning a SPAN session on and leaving it on permanently.
View 1 Replies
View Related
Mar 12, 2013
I am trying to configure RSPAN for one of my client. They have Server-Client VTP architecture. Voice Recording Server is connected to C4507. Agents are connected to C2960 and C3750. I got 2 sessions configured and the connectivity is a as follows:
1. Voice Recording Server-----C4507-----C2960-----C2960-----Agent IP Phones (Session 1)
2. Voice Recording Server-----C4507-----C3750-----Agent IP Phones (Session 2)
Recording works with Session-2 but not with Session-1. I understand the problem could be due to multiple reasons: 1.1. C2960 is working in client VTP mode so i cannot add remote span command under the vlan configuration. 1.2. C2960 has LANLITE IOS image which i am not sure if it supports Remote Span.
View 2 Replies
View Related
Dec 31, 2011
I have CISCO catalyst with VLANs (VLAN ID 33, 36, 40-53) configured. I need to configure port mirroring in Switch 3750 for NAC (Network Access Control). I need to Monitor all the VLANs. Here is the SPAN configuration of switch: [code] Monitor session 1 source vlan 33 , 36 , 40 – 53.Monitor Session 1 destination interface fa 1/0/8 (here I am not able to set encapsulation dot1q ) because the error occurred saying %one or more dest port do not support the encapsulation%.
View 5 Replies
View Related
Feb 12, 2013
I currently have IOS image cat4500e-entservices-mz.122-53.SG5.bin. According to my research it appears SPAN is supported on this OS. However, after looking at procedure notes using websites like here:
[url]... I cannot find and obviously not figure out how to use the SPAN command. My main objective is to simply setup a port mirror on one of my TenGigabitEthnet interfaces and from what I read SPAN is the best way to setup a tap interface on a cisco switch.
View 2 Replies
View Related
Dec 12, 2011
Been dealing with a strange problem for several days now. It started out with a problem that I thought was VTP related but ended up being something else. I setup a span port on a 3750 that I am connected to that was mirroring the trunk connection coming into the switch.
Never saw an VTP traffic come across the connection but doing a sh vtp status indicated the traffic was arriving and getting processed. When I found some debug commands (debug sw-lan vtp), I was also able to see the packets go between switches. Seeing this issue concerns me that there is other traffic that isnt showing up during a span session.
I know that doing a span on a switch, especially using a trunk port as a source, isnt a good idea. Since I didnt have a TAP at time, this was my only choice. I have since borrowed a NetOptics TP-CU3 tap from a good friend and was able to confirm the VTP traffic was going across the trunk connection between switches.
All of my 3750's are running 12.2.55.SE.
View 8 Replies
View Related
May 1, 2013
I have a Cisco 881 router running 15.1(4)M4. I am trying to configure SPAN on it to mirror my outside interface (source) to one of my LAN interfaces (dest).
!--- WAN interface
interface FastEthernet4
description Comcast WAN$ETH-WAN$
[Code]......
As you can see from the above output there is a problem with the command on this interface. When I try to set Fa0 as my source it works fine:
rtr(config)#mon session 1 source int fastEthernet 0
rtr(config)#
Is this because fa4 is layer 3 and fa0 is a switchport? If so, is there another way to set fa4 as the source?
View 4 Replies
View Related
Jul 12, 2012
I have a need to capture some traffic but my core 6513's are already using the limit of 2 span sessions. I can't edit any of the sessions either because I want to source traffic from vlans and you can only do one or the other. Is using a VACL with 'switchport capture' on the destination interface an option ? E.g. I want to source traffic from vlan 10,20,30,40 and send the all to interface Gi10/10 ? Is there any caveats ? I dont need to be too granular with the ACL's but just capture all traffic in those vlans.
View 2 Replies
View Related
Mar 16, 2011
i will be creating combination of SPAN and RSPAN on catalyst 6506 according to the link
[URL]
im planning to implement this on two 6506 switches will this work? or do i violate the number of monitor session? sorce span?
sw1
monitor session 1 source interface Fa5/18monitor session 1 destination interface Fa5/48
monitor session 2 source interface Fa6/34monitor session 2 destination interface
[Code].....
View 1 Replies
View Related
Apr 18, 2012
I've learned recently that the Nexus 7000 only allows the configuration of a maximum of 2 Monitor sessions for spanning traffic. I only have one monitor session left and I need to do the following. 2 Core Nexus 7000 boxes with 2 different traffic probes/sniffers to each nexus( eg Sniffer 1 connects to Switch A on interface eth 1 and to Switch B on eth 1 ; Sniffer 2 connects to Switch A on eth 2 and to Switch B on eth 2.) My plan was to setup a standard session with multiple sources and destinations then on the interfaces connecting to the sniffers run a trunk and do 'sw trunk allowed xxxxx' and filter what I need to go to each sniffer box. However I've recently found out that some of my source traffic is coming from Port-Channel interfaces. Is there a way I can get around this and still do the filtering within only 1 monitor session ?
View 1 Replies
View Related
Sep 16, 2012
i have configured SPAN on cisco 4900 series switches its a Loacal SPAN . as there is only commnads to complete this activity but hard luck its not working.
View 5 Replies
View Related
Jul 3, 2012
I have configured SPAN in cisco 3750 switch as below mentioned. but the destination port protocol is down.
Network Diagram:
switch(config)#monitor session 1 source interface gigabitethernet1/0/1switch(config)#monitor session 1 destination interface gigabitethernet1/0/11 ingress vlan 1
[Code]....
View 8 Replies
View Related
May 26, 2013
I have cisco 2651 with one L3 interface ip 172.26.18.200. This Cisco is gateway from E1 PRI (PBX Aastra MX-ONE TSW) to SIP (Asterisk). This cisco 2651 connected to cisco 2950 in port Fa 0/12. Fa 0/12 is in VLAN 518 (dot1q).
On cisco 2950 i made next commands:
# monitor session 1 source interface Fa 0/12 both encap dot1q
# monitor session 1 destination interface Fa 0/9
#sho monitor session 1
[Code].....
View 2 Replies
View Related
Oct 24, 2011
I am in the early planning stages for a 6509 to Nexus 7K migration. Based on my experience with the 7K's at a previous company where we ran into a lot of issues, I am trying to be very careful.
I am more at home with the 6500 chassis and know what I can do with them. I remember running into a limitation on the Nexus that involved their not supporting span sessions like the 6500's do. Is that still the case ?
If that isnt an option in the short term, I will need to look at a substantial investment in ethernet tap's to replace the lost span functionality because the security group's heavy use of span sessions.
View 1 Replies
View Related
May 23, 2012
I'm trying to configure a mirror port on a 3750. This configuration needs to replicate data from local ports, but I need that also act as a regular access port.
With the initial configuration, SPAN port, there is no problem, all the data of the configurated ports is replicating in the configurated port. On the port configurated as mirror there is a PC connected for audio recording. When the port is not operating as SPAN there is communications without problem over the LAN. But when I configure the port as SPAN, communication is interrupted.
Here is the actual configuration:
SWITCH1-PISO7#sh monitor session 1
Session 1
---------
Type : Local Session
[Code]......
View 5 Replies
View Related
Mar 24, 2012
working through a lab and can't seem to configure frame relay on subints. I assume it's not supported but this seems basic; am I doing something wrong?
View 4 Replies
View Related
Mar 12, 2013
Quick question here. Using 3750E series switches with multiple VLANS configured. These switches serve as our 'core'. I have SVIs configured for the different VLANs and add inbound ACLs in each of the SVIs to control traffic between VLANS. This switch also terminates a P2P Ethernet link which connects to our Colo facility. The port used for this is configured as an L3 port. I noticed today that I was able to send traffic across this L3 link that I thought should have been blocked by an ACL I had in place but it wasn't. So the traffic flowed from a port in say VLAN 20 across this L3 link (assigned with an IP address). Would this traffic flow not cause traffic to be checked against an ACL applied in the inbound direction on the SVI of VLAN 20 (int vlan 20)? Traffic does get checked when routing between SVIs. Why would it not get checked when routing between SVI and L3 interface?
View 2 Replies
View Related
Apr 18, 2012
I have a collapsed core design with routed ports between all components. Access layer switches, data center switches, core/aggregation. All routed (no spanning-tree at all).Now...I have to add an IBM BladeCenter with a BNT layer 3 switch to my topology. However, those nasties don't seem to support routed ports.How can I have a routed port on my cisco switch and a standard access port on the BNT and still establish an adjacency with an SVI? I am running OSPF, but I am labbing this in my home lab with 2 x 3550s and EIGRP.
On SW2:
*Mar 1 00:57:00.711: EIGRP: Received HELLO on Vlan100 nbr 10.1.1.1
*Mar 1 00:57:00.711: AS 999, Flags 0x0, Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1
*Mar 1 00:57:02.303: EIGRP: Sending UPDATE on Vlan100 nbr 10.1.1.1, retry 9, RTO 5000 tid 0
*Mar 1 00:57:02.303: AS 999, Flags 0x1, Seq 17/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1
[code].....
View 10 Replies
View Related
Dec 30, 2009
I do not see 802.1Q tags nor do I see p-bits (COS) in my wireshark captures. My setup is not working and I have no way to verify (sniff) that the 6509 is setting the p-bits to 3. [code]
View 4 Replies
View Related
Jun 8, 2012
i have configured SPAN over cisco 2960 to monitor source port traffic but after configuration i dont able to get response from destination port as my NMS is attached on destination port so i lost its web interface.
Configuration is as under.
monitor session 1 source interface gigabitEthernet0/5 (Source Port on Vlan 100) monitor session 1 destination interface gigabitEthernet0/1 (Destination Port on Vlan 200)
View 2 Replies
View Related
May 18, 2013
I have a single Nexus 7K (6.x) with only F2 modules and I would like to SPAN the same source interfaces and vlans to mulitple destination servers (interfaces). When configuring SPAN to a single destination traffic gets replicated successfully but when I add an additional destination to the same SPAN session then none of the destination interfaces receive any traffic. As soon as modify the SPAN to include only a single destination interface it works again. I'm guess this is a limitation of the Nexus 7K 6.x code or the F2 modules.
View 4 Replies
View Related
Jun 9, 2013
I'm setting up a montitor session on a NEXUS 7K as below.we are receiving in 150M of data and 0 data going out port 9/25.but port 4/24 shows 300M to the span port?
View 1 Replies
View Related
Oct 1, 2012
i am running c3640-is-mz.124-21.bin on a cisco router 3640. i am trying to create a monitor session in the CLI and everytime i type the command Router(config)#monitor session 1 interface ethernet2/1 % Invalid input detected at '^' marker. Router(config)#monitor session 1 interface ethernet2/1 ^% Invalid input detected at '^' marker. i get the error invalid input ?
View 10 Replies
View Related
Mar 2, 2012
I have two servers, connected on two(Different) 6513 directly connected switches. Both these servers are in the same Vlan.
I have to monitor communication these two servers. I have a system connected on one of the 6513 switch, where network tool wireshark is installed.
How to configure span port.
switch 6513-1# show run int Gi10/43 --------------------Server 1 is connected
switch 6513-2# show run int Gi9/45 ------------------------Server 2 is connected
switch 6513-2# show run int Gi9/46 ------------------------System on which network tool wireshark is installed.
View 9 Replies
View Related
