Cisco Switching/Routing :: 3750 - How To Block Unauthorized DHCP SOHO Router

Jan 20, 2012

If it's possible, how do you protect/block a unauthorized DHCP SOHO router with NAT form a Cisco 3750?

View 16 Replies


ADVERTISEMENT

Routers / Switches :: How To Block Unauthorized User

Jul 18, 2011

i have distributed my internet through lan by router .but i think that, that user whom i have gave my net is forwarding to other users too through hub.

View 1 Replies View Related

Cisco Switching/Routing :: 3560x / Block DHCP Requests Over VLANs

Jan 10, 2012

I have two 3560x Catalyst switches setup between two different locations. They link via a PTP line (Layer 2). I have setup Intervlan routing between the switches and that works fine.Each location has a separate subnet and a Windows DHCP server for each subnet.I want to block any DHCP requests to be sent from hosts on one subnet to the DHCP server on the other side (i.e across the PTP link) What is the best method to do this?

View 5 Replies View Related

Cisco Switching/Routing :: Block All DHCP Packets Through 2960S LAN Base IOS?

Mar 23, 2013

I am trying to block all dhcp packets through 2960S lan base IOS. But when i set no trust interface for dhcp snooping, the dhcp packet source port will be err-disabled.  Is there any other solution to block any DHCP packet through switch without interface or other service outage?Is possible to block DHCP packet through specific VLAN?

View 6 Replies View Related

Cisco Switching/Routing :: Block Potential Denial Of Service In 3750 Switches?

Jan 11, 2012

How to block Potential Denial of Service in cisco 3750 switches.

View 1 Replies View Related

Cisco Switching/Routing :: Block / Permit Intra Vlan Traffic On 3750

Feb 21, 2013

I have One switch 3750 and many switch 2960 c.I use one ASA 5510 to reach emote branche site (vpn conexion).I use one router 1841 for internet conexion.Router 1841, ASA and catalyst 2960 are connected on the 3750.Default gateway of all user is ASA IP
 
I configured Vlan 3750 and it work.Now I need to implement security : permit/block specific traffic between vlan [code] From vlan 72 I cannot have remote access on computer in vlan 34 and I cannot ping computer in vlan 34.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: 6509 - Detect And Block Unauthorized Devices / Users In Network

Sep 25, 2012

we have Cisco 6509 as a access switch in our network. Each user has an IP phone and a computer. we are going to implement 802.1X for end users by next month. I need to check all the users activity in the network like if someone plug an access point to the network or a router.I just checked Cisco NAC and how to detect those activities on the network.
 
I need to get more details on Cisco NAC or other products for that purpose. also what is the difference between Cisco NAC and application like Microsoft TMG?
 
is it agent less or I have to install something on computers? is it working as a default router for users computers?

View 1 Replies View Related

Cisco Switching/Routing :: SW 3750 - ACLs For DHCP

Apr 16, 2013

We are configuring ACLs for a dhcp pool on Sw3750
 
ip access-list extended Test
permit ip any 192.168.1.0 0.0.0.31
permit ip any host 172.16.1.1
 
And, here is dhcp pool:
 
ip dhcp excluded 192.168.1.1 192.168.1.3
ip dhcp pool Name
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
 
But when a PC try to obtain IP automatically, it doesn't work.

View 3 Replies View Related

Cisco Switching/Routing :: 3750 - DHCP Release

May 13, 2012

i created the 10 V LAN in my Cisco 3750 switch.All other V LAN DHCP IP's (192.168.2.X - 192.168.10.X)  will be release from the DHCP server except VLAN1 . In my 3750 switch i created DHCP pool(192.168.14.X).... and i assigned to VLAN10.... but one of the client is assigned to V LAN 2(192.168.2.X)  configuration. but its getting IP from the Cisco DHCP instead of DHCP server.

View 2 Replies View Related

Cisco Switching/Routing :: SOHO RIPv2 Redistribution To OSPF On 2900?

Jul 27, 2012

I am having a problem reaching a soho linksys e1000 router through a second hop cisco 2900 router.Here is a brief topology of the network: I am using OSPF area 100 for all networks except for

192.168.2.0 on R1 to E1000 which is RIPv2
R1 directly connects to R2 with a point-to-point serial on network 192.168.12.0 /30 with ip 192.168.1.13
R1 directly connects to a a switchport using network 192.168.2.0 /24 with ip 192.168.1.75
R3 directly connects to a switchport using network 192.168.1.128.0 /25 with ip 192.168.1.129
R3 directly connects to a different cisco router using ethernet on network 192.168.1.0 with ip 192.168.1.1
E1000 directly connects to a switchport using network 192.168.2.0 /24 with ip 192.168.2.1

The switch has a vlan ip on 192.168.1.128 /25?I can ping from R1 to E1000?I can ping from R3 to R1 192.168.2.75? I can't ping from R3 to E1000 192.168.2.1?show ip route on R2 indicates that network 192.168.2.0 is reachable via the serial connection on 192.168.1.12?I have redistributed rip to ospf area 100 and OSPF to RIP on R1?I am wondering why R1 can reach E1000 on network 192.168.2.0, and why R3 can reach R1s 192.168.2.0 newtork, but R3 can't reach the E1000.There is an R2 router than can reach R1 and also cannot reach E1000, but I assume it's for the same reasons R3 can't, so I've omitted the remainder of that topology for this question.

View 4 Replies View Related

See Unauthorized Dhcp Servers In Network?

Apr 20, 2011

how can i see unauthorized dhcp servers in my network

View 1 Replies View Related

Cisco Switching/Routing :: DHCP Server Catalyst 3750

May 28, 2013

I have customer who has as Core Switch one Cisco Catalyst 3750 with the IOS c3750-ipbase-mz.122-35.SE5.I know that this image support DHCP Server configuration, but I like to implementate new vlans (approx 15) and I want to know if this switch support 15 DHCP Servers.

View 3 Replies View Related

Cisco Switching/Routing :: DHCP Limitation On 3750 Switches?

Jul 16, 2012

I want to clear following things regarding Cisco 3750 switch.

1. Can I configure Multiple DHCP pool on C3750?

2. Performance effect due to same?

3. Can I resrve IP addrese from DHCP pool for specific MAC address.

4. Can I Exempt IP address from DHCP pool ?

View 5 Replies View Related

Cisco Switching/Routing :: 3750 Not Handing Out DHCP Addresses

Nov 2, 2011

Had a problem with a 3750 this morning not handing out DHCP addresses.  The following is a sanitized config of what the switch is using. [code] The IOS installed on the switch is c3750-ipbasek9-mz.122-55.SE1.bin.  What got my attention was that the sh ip dhcp pool PC showed 180 addresses being excluded.  In doing the math from the dhcp excluded addresses, only 64 should be excluded.
 
My next step was to remove the second dhcp excluded-address line above.  Doing a clear ip dhcp binding * started letting the DHCP service hand out addresses but the sh ip dhcp pool PC stil showed 180 addresses excluded.
 
It finally took removing the dhcp pool and putting it back in to drop the number of excluded addresses down to a value that matches the first excluded-address line.  Didnt see a dhcp bug in the bug database that would explain this.
 
I tried re-entering the second excluded-address line from above and saw the number of excluded addresses rise as expected.  When I negated the line, the number of excluded addresses dropped back to its previous value.

View 1 Replies View Related

Cisco Switching/Routing :: Adding A New DHCP Scope To 3750 Stack

Apr 2, 2012

The company I work for owns a remote manufacturing facility that houses a stack of five 3750 switches that function as the core switching system for the plant.  DHCP services are configured on the 3750 stack.
 
There are currently three VLANs configured, one for data and one for voice (144 and 244 respectively) and one for UCM servers (200), with corresponding subnets of 10.44.32.0 /19, 10.44.0.0 /19 and 10.44.100.0 /24.
 
The current DHCP scope configurations are as follows:
 
ip dhcp pool Plant-44_DHCP
network 10.44.32.0 255.255.224.0
default-router 10.44.33.254

[Code].....
 
My question is will the addition of this scope in the manner presented cause any problems with PCs or IP phones outside the targeted recepents receiving the wrong IP information from this scope? 
 
I plan to identify the users that should be members of this VLAN 444 and change the switchport mode access configuration on the corresponding switch ports from VLAN 144 to VLAN 444.  The voice VLAN 244 will remain the same.

View 2 Replies View Related

Cisco Switching/Routing :: 3750 - DHCP Server Doesn't Provide IP Address

Dec 11, 2012

a new LAN installation, two VSS pair 6509 core, 15 closets, with 3750 stacks. Floor 15 only, devices/hosts can ping teh DHCP server but cannot aquire IP addresses. no such problem on other floors?
 
portfast an dother parameters are intact.

View 2 Replies View Related

Cisco Switching/Routing :: 3750 - Multiple Subnets In Single DHCP Pool On Device

Mar 25, 2012

3750 can not support multiple subnets in it's DHCP server pool config.

Is this an issue that can be fixed with a different iOS or is there a different Cisco switch that I can replace the 3750 with that will handle multiple subnets within an individual pool?

View 1 Replies View Related

Cisco Switching/Routing :: 3750 DHCP Server Handing Out IP Addresses To Client Connected To VLAN5 Interface

Feb 23, 2012

Haveing issue with DHCP server handing out IP addresses to client connected to VLAN5 interface.ISP Router>Firewall -(WatchGuard Drop-in mode) I have several 3750 switches and  one acting as a L3 switch. The L3 is configured as follow: [code]
 
If I connect a laptop to int fa1/0/10 I DO NOT get an IP address from the 10.100.0.8 scope. If I connect to another interface within the VLAN 1, I get an address from the 10.100.0.0 range.

View 7 Replies View Related

Cisco Switching/Routing :: 3550 / 2950 DHCP Relay Option To Router Handing Out DHCP

Apr 3, 2012

Have a client wanting to hand out public ip addresses to all clients from a PFSense Firewall terminating the internet connection.
 
How do I allow the Cisco Switches currently in place, configured with private ip addresses in the 10.10.x.x ranges and Vlans, where the main 3550 layer 3 has defined dhcp scopes for each vlan, to relay dhcp requests from all vlans to the PFSense firewall?
 
I assume I would take off the currently defined dhcp scopes for the vlans and configure each vlan/switch with the ip helper address and specify the PFSense firewall and that Nat would have to be disabled onthe firewall?

View 1 Replies View Related

Cisco Switching/Routing :: 2921MS DHCP NACK With DHCP Relay?

Nov 11, 2012

I have some DHCP trouble since I subnetted my network with a 2921. My clinets are in 172.16.2.0/23 and DHCP servers are in 172.16.5.0/24.Sometimes, randomly I guess, I get NACK from my DHCP server, and if I look into DHCP logs I got something like this:
 
15,11/09/12,09:52:27,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
15,11/09/12,09:52:28,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
15,11/09/12,09:52:29,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,

[code]....

View 6 Replies View Related

Cisco Switching/Routing :: Perform STFTP On 3750 Or 3750-X?

Jun 30, 2012

Do I need the Universal image to perform stftp on a 3750 or 3750-X?

View 8 Replies View Related

Cisco Infrastructure :: 801 - SoHo Router Recommendation

Sep 27, 2012

My team were going to purchase the Cisco 801's to build our SoHo. However, they are now EOL.          

View 1 Replies View Related

Cisco Switching/Routing :: 819 Router - NAT With DHCP

May 12, 2013

I am a newbie to Cisco. I am trying to setup NAT with DHCP in our office on CISCO 819 router. I am having a problem with DHCP not assigning an IP on vlan1. I cannot figure out what i'm doing wrong. Below is my config and  debug from DHCP.
 
router#sh config
Using 4328 out of 262136 bytes
!
! Last configuration change at 05:56:39 UTC Mon May 13 2013 by cisco
! NVRAM config last updated at 05:57:16 UTC Mon May 13 2013 by cisco
[Code]....

View 3 Replies View Related

Routers / Switches :: Public IPs Using A Soho Router?

Mar 7, 2011

How can I give endpoints public IPs, that I can remote to or access (electronic whiteboard) from the Internet using a soho router? Will I need to purchase more than one public IPs or is there something I can do with subnet masking?

View 1 Replies View Related

Cisco Switching/Routing :: 4500 - Run Dhcp Off The Router

Jan 2, 2013

I have setup a 4500 series core/router.. the customer decided to run dhcp off the router for whatever reason... I have 20 different scopes handing out to their vlans. Does each vlan interface need an helper address?
 
vlan 1 on router is 10.85.0.1
i used the ip dhcp-server command pointed to 10.85.0.1
 and then for ex. 
int vlan 20
ip add 10.85.20.1 255.255.248.0   
ip helper-address 10.85.0.1 
 
i am now getting a loopback error on the router, and i believe this is the cause...

View 2 Replies View Related

Cisco WAN :: Linksys E1000 - Telnet To Private IP Through Soho Router?

Sep 22, 2011

My Setup / I've been lurking on here a while, working hard to understand the basic networking concepts and eventually pursue the CISCO certs. I bought a lab and have since managed to setup a four router config (2610XM-DTE, 2621-DTE, 2501-DCE, and a linksys E1000 with routing, DHCP, and NAT turned off to make it a wirelss access point) with three switches (2@2950 and a 2924XL).
 
So far, I have managed to bring in my public IP using DHCP, and setup PAT. The network is fully functional, I can ping every interface, and reach the web on host PCs from any switchport. I am also able to telnet into the FastEthernet interface IPd with my public address.
 
My Issue : My concern right now is in feature support. I recently read on here that CISCO does not support UPnP, and due to my limited resources, I am using the only public IP I have to allow remote testing/learning on my lab. The issue is that I also have a PS3 and XBox 360 on this network that is requiring UPnP for certain online games and features.
 
The only solution I can see to this problem is to return my public IP back to the E1000 router, which is running RIP Version 2 (white papers said version 1, but a debup ip rip showed that updates were being ignored due to illegal version), and then poing my other three routers to it for outside access.
 
The questions I have in this scenario:

1. Will NAT still function if I use the E1000 and set the interfaces connecting to it as ip nat inside? I'm assuming that PAT is already hardcoded onto the router to allow for multiple connections to public IP space.
 
2. If my IP is 68.X.X.X, I set the E1000 to an IP of 192.168.1.1 and the FastEthernet it connects to is on my 2621 with an IP of 192.168.1.2, would it be possible to telnet into 192.168.1.2? If I were to forward port 23 out of the E1000 to the 192.168.1.2 address. Will my login and password for line vty 0 4 understand the request if the original telnet was to my public IP?
 
3. If all of that is just non-sense, is there another work-around that allows me to acheive UPnP through my E1000, while retaining telnet ability to my lab so I can try things in different scenarios or while I'm away from home?

View 5 Replies View Related

How To Give Endpoints On A SOHO Router Network Public IPs

Mar 7, 2011

how I can give endpoints on a SOHO router network Public IPs so I can access an Electronic Whiteboard over the Internet. Do I need to purchase more that one Public IP or is there something I can do with subnet masking?

View 2 Replies View Related

Cisco Switching/Routing :: 3750 / Manage Multicasting On Another Router?

Feb 28, 2012

Within our small lan we have a core 3750, that handles our intervlan routing and is the core of the network. I recently looked into multicasting and set up a lab test with a 3550 with an EMI image and got the config to multicast to all vlans from one vlan, ready to go, at which point I found that our 3750 is IPBASE and doesn’t support multicasting. Currently upgrading the switch or image is not an option due to funding. My question is would it be possible and advisable to install our lab 3550 as a leg off the core, and in some way route multicasting traffic through that?I just cant get my head around the concept of having a core switch essentially routing all vlans, and then having another switch route the same vlan traffic again for multicasting to all the vlans again.

View 1 Replies View Related

Cisco Switching/Routing :: Can Use Switch 3750 As Router Layer 3 Without NAT

Jan 13, 2013

I've created a scenario using a 3750 cisco as core switch ad other 6 switch model 2900 in access level.my problem is this, the router is not a cisco router, and this router is not able to make NAT on more than one subnet.Into the core switch I've created 4 VLAN and I must to give internet access to 3 of them, 192.168.0.0/24 (vlan1), 172.16.0.0/24 (vlan2), 172.17.0.0/24 (vlan3).I've connected the switch to router via  gigabit ethernet 0/1 and I've assigned to this interface ip address 192.168.10.2, the router ip address is 192.168.10.1, Switch ip default-gateway is router ip address 192.168.10.1, ip default route is 0.0.0.0 0.0.0.0 192.168.10.1 I've enabled ip routing feature and I've set no switchport feature to interface gigabit ethernet 0/1.From core switch I can ping router ip address but I can't make it from all other user, and the users not able to have internet access.

Below the switch configuration (only necessary strings)
 
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption

[code].....

View 6 Replies View Related

Cisco Switching/Routing :: DNS Query Fails Behind DHCP / NAT - Router ISR 861

Nov 18, 2012

in my simple network setup, I cannot resolve DNS queries from inside my NATted network. On the router I can ping both IP-addresses and names. Ping from the  local machine works for IP-Adresses but not for names. When doing nslookup, addresses are not found and a SERVFAIL  message is returned. I use a Cisco ISR 861 Router to connect our local LAN to the Internet (The WAN of the 861 is connected to another DHCP/NAT-Router, which in turn connects to the ISP-Modem). Addresses in the local LAN are DHCP-distributed, the DNS-Servers from my ISP are configured on the Router and the DNS-Information is distributed correctly to my local LAN machines (as I can verify by doing nslookup on Linux).

View 21 Replies View Related

Cisco Switching/Routing :: Configure 881 Router To Act As DHCP Server?

Jul 9, 2012

Is it possible to configure an 881 router to act as a DHCP server to 4 VLAN's each with a different scopes all through a single ethernet interface? 

View 2 Replies View Related

Cisco Switching/Routing :: DHCP Options On C1812 Router?

May 1, 2012

I am going to get some wyse thin clients up and running on our departments. Each department communicate with the main-office through Cisco C1812 routers.
 
In order to get functionally DHCP up and running, I need to
 
A - Configure some Dhcp options on the C1812 routers
B - Perform a DHCP relay from each department to the main-office
 
Option B will cause some additional issues, so is not preferred.
 
The question is: Does the Cisco DHCP-client have an option for configuring DHCP options? I need to put in among others, an option 161, a string value pointing to a ftp-server. Can this be done? And if it can, what is the right syntax
 
I have recently started working here, therefore I am not certain of the IOS-version on the router, as I still not have the logon-information, but I will aqquire this shortly.

View 4 Replies View Related

Cisco Switching/Routing :: Possible To Set NTP Server Via DHCP On 2901 Router

May 2, 2012

i'm interested if it's possible to set the NTP server via DHCP on an 2901 Router with 15.2(2) image.
 
i configured the interface gigabit 0/0 as dhcp client. The DHCP Server sends to me DNS, Default GW and NTP. All is working fine, but the NTP will not be configured. i tried to add an DHCP option request, but there is no NTP (42) value. [code]

is there any way to add the value NTP (42) for the DHCP request or isnt it possible?            

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved