Cisco Switching/Routing :: 3750G Switch With PBR With IP SLA Not Working?
Oct 8, 2012
I am having a switch 3750G (WS-C3750G-24TS-S) running a software version (c3750-ipservicesk9-mz.122-55.SE6.bin) and using the PBR with IP SLA.While, i am applying it on interface, it says not supported....
route-map TO-CAS-E0 permit 10
match ip address 125
set ip next-hop verify-availability 10.116.199.200 10 track 100 (if i change this command to set ip next-hop 10.116.199.200, it works)
!
WAN-L3-3750SW01(config-route-map)#interface GigabitEthernet1/0/11
[code].....
View 2 Replies
ADVERTISEMENT
Sep 17, 2012
I am trying to create an ACL that walls off a VLAN and only allows it to the internet. This is on a 3750G, currently the 3750G I am attempting this on is in a stack. I have another 3750G that is a standalone.
The first way I attempted this was to create two access-lists: access-list 101 permit tcp 10.249.1.0 0.0.0.255 any eq 80 access-list 102 permit tcp any 10.249.1.0 0.0.0.255 established
Let's call the 10.249.1.0 VLAN 2. I applied this to the VLAN2 interface, 101 out, 102 in. It didn't work. If I place a deny statement with nothing else, that works.
The second attempt was this: access-list 101 deny ip 10.249.1.0 0.0.0.255 any access-list 101 permit ip any any
I applied this to a VLAN I wanted to block VLAN2's traffic from reaching, let's call that one VLAN 3.
This lets all traffic from any VLAN (including the one I'm trying to block). If I remove the "permit ip any any", then all VLANs are denied. Which I understand is correct due to the implied deny all. What I don't understand is why it isn't applying the ACL to the specific VLAN.
View 3 Replies
View Related
Jan 2, 2013
I have one switch 3750G12S I joined the company new, I found that they want to replace it with Alcatel stack switches. I didnt configure this Cisco switch before. how to configure it. I have 4 other new cisco switches in the topology which is not created yet. the 4 switches are all 2960.
View 17 Replies
View Related
Jun 17, 2012
have one 3750G stack with 4 switches and this stack is presenting the follow log message:
%PLATFORM_UCAST-4-PREFIX: One or more, more specific prefixes could not be programmed into TCAM and are being covered by a less specific prefix, and the packets may be software forwarded.
In this stack we are using the layer 3 with OSPF routing, and the current sdm prefer is default:
switch-01-3750#sh sdm prefer
The current template is "desktop default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.(code)
View 2 Replies
View Related
Feb 7, 2011
I have two 3750G switches that are in a stack, and I am seeing these errors in the log:
002258: Feb 4 17:06:06.355 UTC: %PM-3-INTERNALERROR: Port Manager Internal Software Error (vlanid >=0 && vlanid < PM_MAX_VLANS: ../switch/pm/pm_vlan.c: 1279: pm_vlan_get_vlan_data) (CBAC01-3750-2)
-Traceback= 190F078 19729A0 1972A64 1963764 110BC24 195F2F8 110BB9C 196D2C8 195ECD4 110BC24 19658B0 110BB9C 196D1D8 194C2B8 195D24C 110BC24 (CBAC01-3750-2)
002259: Feb 4 17:06:06.355 UTC: %BIT-4-OUTOFRANGE: bit 4096 is not in the expected range of 0 to 4095 (CBAC01-3750-2)
-Traceback= 10273BC 1027478 1972B50 1963764 110BC24 195F2F8 110BB9C 196D2C8 195ECD4 110BC24 19658B0 110BB9C 196D1D8 194C2B8 195D24C 110BC24 (CBAC01-3750-2)
002260: Feb 4 17:06:06.355 UTC: %PM-3-INTERNALERROR: Port Manager Internal Software Error (vlan > 0 && vlan < PM_MAX_VLANS: ../switch/pm/pm_vlan.c: 773: pm_vlan_set_portlist) (CBAC01-3750-2)
[code]....
View 9 Replies
View Related
Apr 8, 2013
I'm due to replace a stack of 2 x 3750 switches very soon with 2 x 3750Gs. These 2 current switches are the VTP server for a small domain. I have put the config on the new switches switches and I made it a server and used the same VTP domain and password etc and got the VLAN info ported over.Now I did this a while back and noticed the switches are in transparent mode with a revision number of 0, I need to set this back to server and swap the switches out but the revision will be lower than the client switches (around rev 200), what do I need to do?
View 7 Replies
View Related
Mar 7, 2013
I am having an issue bypassing a switch 3750G series. How i can bypass the old configuration in the switch.i have tried the CTRL+BREAK at startup but it wont work.
View 2 Replies
View Related
Apr 14, 2012
if we can stack the 3750G switch with a 3750X switch ?
View 7 Replies
View Related
Apr 23, 2013
I am looking few information on IOS up-gradation for the switch WS-C3750G-48TS-S . I loaded new Image on the flash and current flash and sh boot as below
Switch#sh flash
Directory of flash:/
2 -rwx 8859636 Mar 1 1993 00:08:14 +00:00 c3750-ipservicesk9-mz.122-37.SE.bin
3 -rwx 556 Mar 1 1993 00:02:38 +00:00 vlan.dat
4 drwx 64 Jan 9 2012 03:17:56 +00:00 crashinfo_ext
5 -rwx 5768 Apr 24 2013 04:25:28 +00:00 private-config.text
[code]...
1) I would like to set boot sytem parameter for the new IOS and secondary old IOS as well is below command works??? if IOS not coming up with new one 12.2.58 is it boots with old 12.2-35 ?
boot system flash:c3750-ipservicesk9-mz.122-58.SE2.bin;flash:c3750-ipbase-mz.122-35.SE5
2) If I set only boot system flash:c3750-ipservicesk9-mz.122-58 , if new image corrput swicth will check valid image and boot up with old image ?
3) If switch went to room1 switch mode and still I have valild running IOS c3750-ipservicesk9-mz.122-37.SE.bin at flash memory, how to restore with old image
View 2 Replies
View Related
Feb 21, 2013
The two stacked Cisco 3750G Access switches on a particular floor in my coy just lost connectivity to the distribution Switch this morning. This meant that all Users connected to it couldnt connect to the Internet nor access local network resources.I couldn't ping the Switch IP, I couldn't also access the Switch via Console port. Each time I tried to gain access via the console port, I keep getting "Authentication Failed" message.What should I do next? How do I gain access to the Switch?
View 1 Replies
View Related
Mar 30, 2013
i am not able to add new 3750G switch into existing domain even after the domain name is correct and unable to authenticate with tacacs.
View 5 Replies
View Related
Nov 3, 2011
I am about rip and replace my current 3750G stack with a 3750X stack. I have trunked over vlan and vtp info and implemented a config so it should be ready to go other then moving cables onto it. However one thing I want to correct with our current setup is that the root bridge on our vlans including vlan 1 is on a separate set of switches that we control, however I would like this new stack to be the root bridge for all of our vlans. It will be the central set of switches that all other switches trunk into. I have pre-set higher spanning-tree priorities for each vlan on the new stack so I expect as I move lines into it that the tree will be re-calculated with it as the root bridge. I've ensured that there are no root guards on any of the other switches trunks and priorities are all at default levels for each vlan. Should I enforce root guard on the trunk interfaces of the new master stack? Most of the trunks are port-channels to the other switches - do I need to set root guard on the Port channel interface or on the individual ports that make up the Port channel? On both? Any other recommendations in regards to implementing spanning-tree with the new stack? I know using port channels eliminates a lot of potential for loops but not every trunk is and I'd still like to have spanning-tree on.
View 1 Replies
View Related
Feb 19, 2013
I wan to migrate from a router 2800 to L3 switch 3750G , the thing is that we have several vlans and we use a router sometimes with each interface configure with correspoinding vlan subnet ip to route traffic between vlans there is no static or dynamic routing only directly connected interfaces on router routing traffic to each other ?How would i configure a L3 switch interface for simillar functionality , below is my current router configuration
!
ip domain name yourdomain.com
multilink bundle-name authenticated
!
vtp mode transparent
[code]...
View 15 Replies
View Related
Apr 22, 2012
Can we stack a 3750G-12S-S switch with a 3750-E-24TD-S switch?
View 4 Replies
View Related
Nov 24, 2011
I try to connect two switch Catalyst 3750G without success.switch1 (192.168.2.10 vlan 2) <=> (192.168.2.11 vlan2) switch2.I use this configuration for swich1 [code]
View 23 Replies
View Related
Mar 30, 2013
I am cascading one new switch 3750G (int Gi1/0/1) with an existing 3750G (int fa1/0/26) switch.. But the interface fa1/0/26 goes in err-disable state even after NO SH.. also i have diable Spanning treebpdu guard and disable spanning tree portfast. But still the issue is not resolved.
View 6 Replies
View Related
Dec 7, 2011
I am facing switch reboot issue when power of switch restore from RPS to AC.
View 1 Replies
View Related
Feb 29, 2012
I currently have Cisco 3750G which is currently live and active and fully populated and only have remote access.
I have an additional same switch which I would like to stack. My initial plans were to have 2 GIbit etherchannels, but I came across the option to Stacks both switch with each other.
When I do a show switch on the live switch its set as a Member: [code]
I would like to add the new switch to the stack without losing the config for the switch which is live. I understand that the highest priority of the switches becomes the Master but as the live switch is Priority 1, would chancing this affect the switches config, or would it lose connection at all?
Also when I plug in the new switch and it reboot how do I ensure it becomes the slave without rebooting the live switch?The cables on the switch do they have to go to port1 on the live switch and port 1 on the new switch or can they be port 1 and port 2?
View 19 Replies
View Related
Jan 15, 2012
Has any come across show ver memory details on 3750G-48PS as below, One of our Catalyst 3750G running software 12.2(44)SE2 shows unexpected DRAM as below:
cisco WS-C3750G-48PS (PowerPC405) processor (revision F0) with 0K/12280K bytes of memory. This would equate to around 11MB memory which does not seem right... Is it a known IOS bug?
View 1 Replies
View Related
May 21, 2013
I have a Cisco SG 300-20 as the core switch, layer 3. It is 192.168.4.6 on VLAN1 and 192.168.5.1 for VLAN2 (VOIP). All the ports are set in trunk mode. DHCP relay is setup on this switch.
The phones connected into a layer 2, Catalyst 2960-S switch. All ports are set in trunk mode. Default gateway on it is set to 192.168.5.1.
DHCP for both VLANs is provided by a Windows Server 2008 R2 server (the relay IP 192.168.4.15).
There is also an ASA 5510 in the mix which is 192.168.4.1. It has a route added to it for the 192.168.5.0 network to go to the SG 300 (192.168.5.1).
Just the two switches can ping each other on the 192.168.5.x network when I "add vlan 2" to the trunk port that is connected between the SG 300 and the 2960. The phones don't get DHCP on the 2960 switch. And I cannot ping 192.168.5.x from the ASA or anything else on the 192.168.4.x network.
After a bit of reading on intra-vlan routing for the SG 300 switch, I am thinking the SG 300 has to be the "center" of things so I need to make it 192.168.4.1 to be the gateway for both VLANs and change the ASA to 192.168.4.2 for VLAN1, etc. And I really can't do asymmetric routing with this switch.
View 1 Replies
View Related
May 2, 2012
I'm on a Cisco 2955 switch and need to get ssh working which I have done on another 2955 (but don't have near me), what am I doing wrong?
2955-02-PJ-CamdT.LU#sh run Building configuration...
Current configuration : 4061 bytes!version 12.1no service padservice timestamps debug datetime msec [code]....
View 4 Replies
View Related
Aug 28, 2012
VLAN MAC address filter does not seem to be working on my 4900 switch. However the same config works fine when tested on my 3750 & 3560 switches.
Since user from different VLANs requires to be blocked, Unicast MAC address filter will not be feasible solution. VACL did not work on my 4506 switch too. K
Below is the config done on 4900 switch
mac access-list extended ABCpermit host 0003.0de9.d5ea anyexit
!
vlan access-map drop-mac 10
[Code]......
View 2 Replies
View Related
Jan 13, 2012
I have configured cisco 6509 to do nating and its not working. Static nat is perfectly working fine below is the config.
View 6 Replies
View Related
Jan 30, 2012
I have a Catalyst 3750 switch configured in a network. I would like an additional 3750 switch as a "hot" standby. A 2nd 3750 switch was purchased, and the same configuration was entered in to the new switch, so I have 2 switches with the exact same configuration.
When I move the connections to the new switch, I have a few VLANs that do not come up. One VLAN does come up and work normally. The VLANs in question show down, protocol down, and a show ip route reveals routes to the networks on these VLANs are not there When I put everything back on the original switch, everything works normally.
Why would the new switch not work with the exact same configuration?
View 6 Replies
View Related
Jun 2, 2011
In change network topology, we are going to assign PC's Gateway as Switch (3750X) IP Address rather than server IP Address. Currently we have configured all Sytems's Gateway is Internet Server IP Address which we are going to replace with Switch IP as Gateway.Issue is while connecting specific application like team viewer in which application tried to send keepalive message to the live server and in case of switch/router IP as gateway. Connection doesn't established. However it is working fine when Internet Server IP treated as gateway.
View 1 Replies
View Related
Apr 12, 2012
I only want SSH to be allowed when accessing this switch, but telnet is still allowed, why? Whe authenticate via radius.version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname 3750!boot-start-markerboot-end-marker!logging buffered 64000logging console informationallogging monitor informationalenable secret 5 $1$1K$!username admin privilege 15 secret 5 $1$Bs$cLHusername users view priv3 secret 5 $1$Jfnviwp!!aaa new-model!!aaa authentication login default group radius localaaa authentication enable default lineaaa authorization consoleaaa authorization exec default group radius local !!!aaa session-id commonclock timezone GMT 0clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 3:00switch 1 provision ws-c3750g-12sswitch 2 provision ws-c3750g-12ssystem mtu routing 1500udld aggressiveno ip domain-lookupip domain-name CB!!login on-failure loglogin on-success log!!crypto pki trustpoint TP-self-signed-3817403392enrollment selfsignedsubject-name cn=IOS-Self-Signed-Certificate-3817403392revocation-check nonersakeypair TP-self-signed-3817403392!!crypto pki certificate chain TP-self-signed-3817403392certificate self-signed 01 3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33383137 34303333 3932301E 170D3132 30343133 31303539 33395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38313734 30333339 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100C31D AE6DD8B5 56245317 AD96F4F4 727385D4 97A5B138 488A215E 4294FC40 1C5B2F26 2B75E1CF E562F240 118F2F50 0CFF2449 16EC66EA 2D489F5F F36BFD05 ACCC79CA DDDA984D 4CB7AB DD95A5E0 9274A225 3F5A3634 DEBF1A2A 416E2189 B35B4473 C7D5EE2C E3D41675 A86F31CD.
View 3 Replies
View Related
Sep 9, 2012
We have a 3750X VTP Server and the rest of the switches are clients.
Due to cabling issues, we have a switch (Switch F) that we can't connect directly to the 3750X so we have it connected through another switch. Everything is set to VTP client with the correct domain and password but this not-directly-connected switch isn't receiving any VTP VLANs.
Anything I need to do on Switch D so that Switch F can receive the VTP updates?
View 3 Replies
View Related
Oct 30, 2011
I am trying to limit traffic inbound to 10Mbps on a gig interface 0/48 set to 100/full. So I downloaded some big files over this link and I'm able to see 30- 40Mbps or more. You can see from the show int - rate-limit command that parameters are never showing exceented so nothing has been dropped. [code]
View 3 Replies
View Related
Nov 29, 2011
i'm trying to enable command authorization for ssh as well as console access to a Nexus 7010 box (version 5.0). Following is the config:
aaa group server tacacs+ ACS5-1
server 10.12.19.11
server 10.12.19.12
source-interface loopback0
snmp-server enable traps aaa server-state-change
aaa authentication login default group ACS5-1 local
[code]....
As you can see, the default group configuration ACS5-1 for authenticatoin has applied to both defaults and console. But the command authorization does not appear to be applied to the console. As a result, when i login from the console and get authenticated, the command authorization does not trigger and i can run commands I'm not supposed to. In the configuration, I do not see "aaa authorization console" option unlike we have in IOS.
View 2 Replies
View Related
Apr 9, 2013
a switch port is shutdown, but when i use NO SHUTDOWN command it is working and shows administratively down. like this command does not affect on it. i should enable this port? what can i do btw, port is not in errdisable and portfast is enabled.
View 3 Replies
View Related
Nov 12, 2012
In change network topology, we are going to assign PC's Gateway as Switch (3750X) IP Address rather than server IP Address. Currently we have configured all Sytems's Gateway is Internet Server IP Address which we are going to replace with Switch IP as Gateway. [code]
Issue is while connecting specific application like team viewer in which application tried to send keep alive message to the live server and in case of switch/router IP as gateway. Connection doesn't established. However it is working fine when Internet Server IP treated as gateway.
View 33 Replies
View Related
Mar 21, 2012
I got Two Distribution Switches of Cisco 3750G. Each Distribution have two 3750G switches stacked. I also have one Cisco 3750V2 Access Switch connected to both Distribution. When I am checking for redundancy, I can only get redundancy test pass for one link not atall for other. If I have a link up with Distribution 1 only then its fine; but disappointment with Distribution 2 link. I can see that the switch priorities of Dist 2 is not correct ie. Master's priority is 10 and Member's is 15.
My question is that due to misconfigured priorities on Distribution 2 stack switches I am failing with redundancy if ONLY Dist 2 is up and Dist 1 is down.
View 4 Replies
View Related
Mar 7, 2012
I just added a X6704 card to our 6513 switch, and it is not working correctly. We are running 12.2(33)SXI5. [code]
View 5 Replies
View Related
