Has anyone implemented a working Nat on a Stick?I am looking for 3750 configurations for Nat on a stick.Our users need to access the camera monitoring from home as well as in work.We will like to setup the monitoring software with public address (and port) of the cameras, as the users use the same configuration at home and work.DNS will not work for us as the monitoring settings only accept IP.
View 4 RepliesI am trying to configure router on a stick with 2811 and 3750, but I just cannot get it to work - vlans are not getting propagated from 3750 to 2811: 3750:
Code...
It doesn't seem like I can set up trunking (dot1q) on this device. Isn't it supported on this device? Can I still set up VLANs with the router-on-a-stick concept working internal in the device, i.e no external interfaces/subinterfaces being configured? If so, can I then connect VLANs to other switches? I have:
-876 ISR
-Catalyst 2960
-SLM2008
I know the small biz switch supports VLANs and I think trunking as well--obviously the 2960 supports it. Is there a way with these devices to configure one VLAN for servers/net devices and another for regular end-user computers so that they still talk to one another, or do I need a different router in the mix?
I have not been able to figure out the resolution. The basic premise is to have 3 inside vlan networks controlled by a 1900 series router. Then have that primary LAN router connect to the inside of my ASA5505 Basic, then go out to my ISP Gateway. I have tried hundreds of different static route configurations on my router and asa. I have tried equally as many NAT and PAT configurations, but nothing seems to work. I have even tried using all the commands (specific to my topography of course) on this weblink from cisco: url...
View 12 Replies View RelatedIn my preparation for my coming CCNA certification I am experimenting with different network configurations. In my test network I am currently working with a "Router on a stick" setup. A Cisco 2611 router connecting a Cisco 2950 switch. VLANs configured on the switch and subinterfaces + dot1q encapsulation configured on the router. Switch only supports dot1q.Router's Eth0/1 is connected to the Switch Fa0/24 port which is also set to trunk mode. I am using a normal Cat5e twisted pair cable to connect the 2 devices.
VLANs are working since I can connect a workstation to an access port for example fa0/2 (vlan2) and get Internet access.I can also ping any of the subinterfaces of the router from the workstation.With the current setup I am not able to ping the switch from the router, or the other way around, so in other words I can't remote manage the switch from a telnet or SSH session with this setup. What I am missing?Just to be clear I am pinging the switch directly from the router (Router2611#ping 172.16.100.2), so please ignore all static routes and OSPF. [code]
I built a VSS pair with a couple of 6509's. This was our first pair so we took the opportunity to do some testing. One of the features we tested was the priority/preemption feature, which we decided not to use. After some time we shutdown switch 1 and relocated it to another building. Unfortunately, because of a lack of fiber, it was not connected to switch 2 for several months. Also, unfortunately, I failed to remove the priority commands. Now while switch 1 was "unconnected", we made changes to the config on switch 2. Months later, when the fiber was complete and I connected switch 1, preemption caused it to take over. I'm guessing switch 1 thought it's config file was the better one, and proceeded to overwrite switch 2's production config. I quickly disconnected the fiber but not before losing my production config on switch 2. We of course recovered from that with a backup, but now I need to connect switch 1 again. I have removed the priority command from switch 1 and rebooted it.
View 7 Replies View RelatedI have version 2 ssh configured on a Cisco 4507r-e. Unable to sync archives with CiscoWorks. V2.99 is unsupported on CiscoWorks. Does CiscoWorks need to be updated or does the switch?
cat4500-ipbasek9-mz.122-52
LMS 3.2
# show run
ip ssh version 2
#show ip ssh
SSH Enabled - version 2.99
what is the best way to remove configs from ports (GigE or Fa) in a 6500 that we aren't using anymore (i.e. best way to return a port to default). Remove each line one at a time or is there a command to default a port?
View 2 Replies View Relatedi have a simple router on a stick config which is providing dhcp to a customer SSID. however i don't want employees to stay on it and eat the band width since its open. the lease is set to an hour, is there anyway that i could set it so that once your lease expired it can't be renewed for 4 about 8 hours? I am using a cisco 2600 router in this setup.
View 1 Replies View RelatedI am trying to research the possiblity of backing up IOS and configurations from an Etherswitch module, and being able to store the files onto the Host Router's flash (3925 ISR). and then being able to recover that IOS and configuration, in case I have to replace the Etherswitch Module.
View 1 Replies View RelatedI am begining to work to apply Qos on switchs (C2960 & C6500), and I still have a doubt about the necessity to consider the cos value. I indeed want to apply Qos for ToIP, Video, perhaps create a scavenger class, ans in all cases, I classify my packets with TCP/UDPB port and mark them with DSCP. So is it really necessary to study all the DSCP/CoS mapping problematics ? Is it not possible to make the configurations only on the base of the DSCP field?
View 3 Replies View RelatedI have a SG300-28P and a SF200-24P connected via LAG Group. SG300 routes. I also have 2 VC240 IP Cameras. They are connected on ports 18 and 19 on the SF300. If I lose power, reboot or anything that makes the switches restart, the configuration is not saved. I know this by the fact that after a reboot, ports 18 and 19 are placed in VLAN 4 Untagged. If I put them back in VLAN 2 Untagged, save the configuration and reboot, they are placed back in VLAN 4 Untagged.
I read something on here about firmware the other night from my iPad so today, I upgraded both switches to the latest firmware, 1.2.7.76. After the update, I could not access the IP Cams. I went back into the configuration and they were in VLAN 4 Untagged. I once again put them in VLAN 2 Untagged, saved the configuration and rebooted. They went back to VLAN 4UP.
There was previous discussion also about xml version of files or something and that a factory reset and setting the switch up from scratch would take care of it. I cannot do this, I am a seed corn salesman. Is there a simpler way? Like saving the config to TFTP and then uploading it after factory reset? There is LLDP settings for my IP Phones too that if I lost them, I would have no idea how to regenerate them to make my switch work again. Cisco tech support had issues with it when I first got them and they set it up via remote session so I am lost beyond this. I just know that I cannot keep going into the switches to change settings and not have them saved. I lose my security cameras and video recording.
Do I need the Universal image to perform stftp on a 3750 or 3750-X?
View 8 Replies View RelatedI'm looking at adding a Cisco 3750-X switch running c3750e-universalk9-mz.122-55.SE1 (IP base license) into a stack of 3750-G switches running c3750-ipbasek9-mz.122-55.SE1.bin Given that the version and feature sets are the same I don't forsee any compatibility issues. Would there be any reason why a universal image wouldn't stack correctly with other switches running the single .bin file?
View 9 Replies View RelatedWe have a stack of switches that is at the max number of members allowed in the stack. Problem is we are running out of port density and need to add more ports. So instead of adding a whole new stack I would rather replace 2 of the 24-port swicthes with 48-port switches.
If the two 24-port swicthes we are removing are stack members and neither of them are the stack master, I should be able to replace the 24-port switches with the 48-port switches without bringing the master offline? If the new 48-port switches are running the same IOS version as the current 24-port swicthes, they should add themselves to the stack?Would I have to tell the new 48-port swicthes what switch numbers they are replacing in order for them to be added to the stack since we are at the max number of members?Also since the 48-port swicthes are replacing 24-port switches will the master give the 48-port switches the configuration for only the 24-ports?
I'm moving into a new data center. I don't consider myself a network engineer or anything but I do understand the basics. The new data center I am moving into routes my network to me a bit differently than my old data center. The IOS on the Cisco 2621 is: c2600-i-mz.123-26.bin
I am assigned a /29 block which they configure as the routing network, it looks like this: Routing Network: A.A.A.0Routing Network Sub net Mask: 255.255.255.248Routing Network Def Gateway: A.A.A.1Customer Usable Address: A.A.A.4
I've been assigned a /28 block which is B.B.B.240/28. They stated that in order for me to use my allocated blocks, I had to act as my own gateway, routing the traffic through the routing network. This goes just a bit beyond my networking knowledge, though I still understand it, I just don't know exactly how to execute. I'm assuming my 2621 with 2 Fast Ethernet interfaces should be able to handle this routing scenario.
Any sample configs, or possible a link to a how to to get this setup? I was going to use FreeBSD to do the routing, but a appliance based Cisco router is much more attractive of an option to me.
some of our switches have the switchport mode trunk command configured between the 3750 switches but other 3750 switches connected to our 6509 core switch do not have the switchport mode trunk command to permit Vlans from going across the swtiches instead it has an ip address and says no switchport what is the difference between does two. Is trunking used only for Layer 2 and L3 is used to route interface vlans?
View 2 Replies View RelatedI have a network with a Catalyst 3750 as the main switch and then some Catalyst 2960 switches that are plugged in to that. I have a server running windows server 2008 with a couple of virtual machines running in Hyper-V. I created 4 VLANS listed below and gave the 3750 the following IP Address.I would like the 3750 to only be configurable from VLAN 40 but currently every VLAN can connect to it, I noticed in the standard web page settings there was a setting for "Management VLAN" but it was set to 1 and would not let me change it, I kinda assumed that was for the management port in the back.-Now the tricky part, I was trying to set up routing between the VLANs and so far I have only been able to get a sort of "all or nothing" routing to work. I can turn IP routing on and add two or more VLANs to the routing and it works fine. But what I was hoping to do is create a couple of "junction vlans" that would only route to one or two other vlans. For instance, I wanted to create a VLAN 100 that routed to VLAN 20 and 30 but nothing else. I also want to route VLAN 1 just to VLAN 30, and so on. I am able to do each one of the cases but only one, it seems like the switch only supports one "routing table" am I missing something or is this just a limitation of the switch?
View 2 Replies View RelatedIs a 3750 sw capable of handling full routing tables and what can you recommend in a small mutihomed BGP router or switch capable of handling full routing tables?
View 2 Replies View RelatedI have a network with several catalyst 2960 switches and one catalyst 3750. I have created two VLAN and set up the proper routing and everything is working fine there. I have a client/server application that used multicast in the initial start up for the client to determine available servers, the issue is one of my clients is on a different VLAN then the server. I am able to route the multicast using MVR as long as both the server and the client are plugged into the 3750 by creating a static route, making the server a source port and the client a receive port. Unfortunately I need the client and the server plugged in to different 2960s. My question is how do I establish multicast routing between the two and perferably do it dynamically (always route multicast traffic from one VLAN to another).
View 2 Replies View RelatedI have been looking into this for a while and I can't seem to figure out why my 2nd vlan is not able to connect properly to the net.
My switch has 12 ports where my devices connects directly, they are all on Vlan 1 and they all work perfectly. on Port 12 I have a dlink router that is connected to a cable modem. the dlink router has an Ip address of 192.168.0.20
I created a second vlan (vlan2) and enabled dhcp relay on it. then I assigned port 9 on the switch to (vlan2)my laptop which is connected to port 9 seems to get an ip address fine and able to ping only some devices on my network (vlan1) and is not able to go out to the internet. I think it has to do with the routes. [code]
I have the task of replicating the router config on a 3825 router on a 3750 switch. Reason is we are taking out the router and replacing it with the switch to make use of the router for other functions.
Below is main part of the router config:
!
ip source-route
ip cef
!
!
multilink bundle-name authenticated
!
license udi pid CISCO3825 sn FCZxxxxxxx
!
vlan internal allocation policy ascending
[code].....
The 3750 switch I have runs C3750E-UNIVERSALK9-M, Version 12.2(55)SE3 on a LAN BASE license.
The first thing I have done is to order for a license upgrade to IP BASE which would give the support for OSPF routing.I do not see much of an issue with the Interface configs, however, I am not too sure about replicating the routing config on the switch.
My question is can I run the commands as shown for the OSPF routing on the switch? If not, can I get suggestions on how best to set this up on the switch?
In 3750 switch,I have configured intervlan routing.I have three vlans Vlan 10,vlan 20,Vlan 30 and I have assigned IP address for that Vlan.In vlan 10,I have connected one systen gigabitethernet 0/1 interface.From my system I am able to ping vlan 10 ip address but I can't able to ping other vlan ip address (vlan 20,vlan 30).Is it possible to up the protocol for all that time.
View 2 Replies View RelatedFor intervlan routing, Is 'IP routing' command enabled by default on a 6500 series switches based on the IOS?and on 3750 switches, do we need to enable the "ip routing" command manually for intervlan routing?
View 1 Replies View RelatedI am using a 3750 as a default gateway for multiple Vlans on a few 2960 switches. The trunk lines are configured and working and I have assigned ip addresses to each of the Vlan interfaces on the 3750. My issue is that I can only ping the ip address on the Vlan interface of the 3750 if I have a working computer plugged directly into the Vlan on the 3750. I only have 3 vlans on the 3750 that have hosts directly connected (vlans 2, 10 and 40) the other vlans ( 20 and 70) don't have any clients plugged into them on the 3750 but the hosts reside on 2 different 2960s that connect via trunk ports. How do I keep the vlan interface on the 3750 switch pingable when I don't have hosts directly connected in that vlan on the 3750? (yes, I have enabled ip routing on the 3750)
View 5 Replies View RelatedI have a simple design with 3750. I configured a route-map which define a next hop. I defined this route-map on a policy on a vlan interface.When I test some ping and a debug ip policy and it seems that my policy never match.Is there any mechanism that prevent the switch from using PBR? I think of CEF .
View 5 Replies View RelatedIn our datacenter we have a 3750 stack with IP base image. I have enabled PBR and reloaded the switch. Show sdm prefer says i am using default template. The reason i want to use PBR is that we have 2 firewalls on the same work and want to be able to have granular control over which gateway out of the network they use but still be able to access all internal resouces accross wan and locally.
Created access list to identify traffic:
access-list 10 permit 10.2.3.59 (test workstation on vlan 3)
Created policy:
route-map TestASA permit 10
match ip address 10
set ip next-hop 10.2.0.3
Assigned policy to the user vlan3:
ip policy route-map TestASA
Results:It changed the default gateway to the above gateway but i could not access any resources on any other vlan, could not access resouces accross wan.
I have been looking into this for a while and I can't seem to figure out why my 2nd vlan is not able to connect properly to the net. My switch has 12 ports where my devices connects directly, they are all on Vlan 1 and they all work perfectly. on Port 12 I have a dlink router that is connected to a cable modem. the dlink router has an Ip address of 192.168.0.20,I created a second vlan (vlan2) and enabled dhcp relay on it. then I assigned port 9 on the switch to (vlan2),my laptop which is connected to port 9 seems to get an ip address fine and able to ping only some devices on my network (vlan1) and is not able to,go out to the internet.
View 3 Replies View RelatedI have a simple design with 3750.I configured a route-map which define a next hop.I defined this route-map on a policy on a vlan interface.When I test some ping and a debug ip policy and it seems that my policy never match.Is there any mechanism that prevent the switch from using PBR?
View 10 Replies View RelatedI'm running into what seems a basic ip routing config problem with a Catalyst 3750 (IP Base) switch. I have several VLANS configured on the switch with IP routing enabled, and the switch is connected to the inside interace of a new ASA 5520 as follows:
ASA5520 IP (Default gateway): 192.168.1.1Switchport Gi1/0/1 is configured as a routed port, IP address 192.168.1.3 255.255.255.0Example VLAN is VLAN 100, IP address 192.168.100.1 255.255.252.0 From the switch CLI, I can ping all VLAN addresses, as well as the ASA5520, and the client laptop I'm testing with from VLAN 100.
From the client laptop on VLAN 100, I can ping all switch interface and VLAN addresses (inter-VLAN routing is working), including 192.168.1.3, but I CANNOT ping the default gateway at 192.168.1.1.
Here is the relevant configuration information on the 3750:
!
no aaa new-model
switch 1 provision ws-c3750x-24
system mtu routing 1500
[Code]....
I have a Cisco 3750 with private VLANS configured.. VLAN 2 is the "primary", VLAN 3 is "isolated" and VLAN 4 is "community". This is all working correctly, however I now have the need to another VLAN called "production". I need the production VLAN to be able to reach all the private VLAN hosts (community and Isolated), and vice versa
View 2 Replies View RelatedFor intervlan routing, Is 'IP routing' command enabled by default on a 6500 series switches based on the IOS?hes, do we need to enable the "ip routing" command manually for intervlan routing?
View 2 Replies View RelatedI have 2 ISP connected to Router A and Router B.Both the routers are connected to the core 3750 switch.. I want to send the traffic from the switch that goes to router A to router B..[code]
View 10 Replies View Related