What is the point of it? It is not a remote console. If i reboot the switch i cannot get back to the out of band management port unless the switch is fully running. Is this only for security purposees? so all telnet/ssh is from an Out of band network?
View 15 RepliesI'm trying to get an IP_ADDR set on the management port in SWITCH: mode but for some reason the port seems disabled. PC shows connection unplugged. MGMT_INIT is not a valid command (not listed under '?' ). Bootloader version is 12.2(53R)SE2 FC1.
View 4 Replies View RelatedI've got a 3750X, IOS 15.0 IP Base license, reset to factory defaults, and I want to use the FastEthernet0 out-of-band management port on the backside next to the console port. The idea is that this port should provide a management interface that does not participate in the routing table. Problem is, contrary to the documentation, that configuring an IP address on the interface does make it show up in 'show ip route'. So it's still part of the routing table. Also, I'm unable to find the commands to change this and set a default gateway for just the management interface. I'm pretty sure this has to be possible, I remember seeing something similar on an ASA once. The 3750 configuration guide on Cisco.com does not seem to mention it.I considered using VRF but it's an IP Base license, no VRF.
View 1 Replies View RelatedI have a stack of 3750-X that are used to both switch traffic inside V LAN and also to route a couple of WAN ranges from our up link provider to the DMZ v LAN.Now I'd like to have a SVI Vlan1 with an IP in the "management v LAN", but I'd like that SVI not to be rout able.
More exactly :
- no traffic should ever exit that interface that's not the generated by the router itself (ssh/snmp/...)
- no incoming traffic on that interface should be forwarded anywhere
- I'd also like to have a different default gw to be used by traffic generated by the switch itself. (for eg, ssh traffic coming from any another sub net like 10.2.0.0/24 to the switch SVI Vlan1 ip 10.1.0.1/24 should be routed back through the Vlan1 gw and not through out up link ptp gateway)
I think I can achieve the first two with ACLs on the SVI. But not sure about the last one ...
regarding to the out of band Management interface , if I configured an intervace vlan to be as a managment interface for one vdc ( the default vdc ), when I connected to this vdc via telnet , can I switch to any other vdc ? ( suppose that I have the Admin role which allows me to enter and config all the vdc's )If that is possible so that I dont have to make a dedicated managment ip for each VDC I need to do that only if I want to make vdc admin's account to allow some users to access specific vlans only , is that true ?
View 2 Replies View Relatedi have: two nexus 5596 connected each other the mgmt0 is NOT in use SVI for keepalives with IP address and /30 netmask vpc-keepalives running over fiber in e1/1. this works well uplinks to datacenter distribution switch (Cat 6500 VSS) over fiber on port-channel 1 (e1/2 and e1/10), also carrying the management VLAN (vlan 14). SVI with an IP address for management purposes
I can't get this to work. i can ping my whole network from the nexus, but not the nexus from my network. also pinging inside the mgmt vlan is not possible.
is it possible to shutdown a specific port on my 3750x and monitor this port at the same time .for example , im dealing with a mac authenticated network using port security , i want to shut down all the ports that are not used at the moment , however , if some one gets connected to the one of the shutdown ports i want to know the mac address of the user or atleast to know that i have someone who is just plugged in to the one of the shutdowned ports .
View 4 Replies View RelatedI have an all gigE 3560. I don't use the management FE0 port on the back. I was thinking to use that for a 100Mbps WAN connection.
Seems to work just fine when I plugged in an test. But I am not routing across that link yet as I still need to setup the far end.
Is there any reason this would not work? I would like to not burn a gig port if the max throughput of the circuit is 100Mbps.
How does the IP address is assigned on management port of WS4507 R, syntax.
View 2 Replies View RelatedIs there some kind of trick to getting the fastethernet 0 management port to come up? My adjacent switch is up/up, but fe0 is down/down. I dont' see how this could be possible. I am getting all my info remotely, but I am pretty sure it's wired up correctly.
View 2 Replies View Relateddont seem to be able to get policing working inbound on a port 3750X v 15.0(2)
Config is below:
ip access-list extended SMB
permit tcp host 192.168.1.14 host 172.16.1.30
permit tcp host 192.168.1.14 host 172.16.1.31
[Code]....
I can not find any information about management port of Cisco ISR 2911, 2921 and so on. There is management port in specification of 2911 and 2921 and I do not know if this port can be as a simple Ethernet port – forward traffic in/out on L3.
View 2 Replies View RelatedAssume I had Catalyst 3560X/3750X with 24 ports. The partnumber is WS-C3560X-24P-LI would like to how is the numbering defined if the switches have a C3KX-NM-10G installed with 4 SFP-GE-L.
View 1 Replies View RelatedI would like to know if it possible to create a policy map in order to redirect the traffic ( 80 , http, 8080) to a proxy.
My current equipment its a 3750X using a IP Service License ,I was reviewing some options but i want to be sure before implement in production.
I want to limit the bandwidth going to remote site on the switch connecting to our netapp.We have a 4 port channel group setup on our 3750x switch going to our netapp storage. We have a Wan 100mb link to our remote site and we want only 60MBs of that link to be used for Netapp traffic all other local traffic needs to use the full amount of the bandwidth to the netapp.
Is possible to allocate bandwidth in this way and how would I go about this? We dont have access to the routers for the link and they plug directly into a port on our cisco.
We purchased a number of 3750X 48 and 24 port switches for the College Campus. Am finally getting around to getting them inserted on the network. Working with a WS-3750X-48PF-S and a WS-3750X-24P-L. Have them stacked with the 10Gb uplink on the 48 port switch. Have not been having fun.In the boot sequence, the switches recognize they are stacked, but as soon as they finish boot, I get the message on the 48 port switch: “Stack Port 1 Switch 1 has changed to state down.” Then “Stack Port 2 Switch1 has changed to state down.” Am noticing that I have a message preceding that: “Major version mismatch with stack neighbor.”The 48 port is running c3750e-universalk9-mz.150-1.SE3, HBOOT 12.2(53r)SE2.The 24 port is running c3750e-unversalk9-mz.122-55.SE3, HBOOT 12.2(53r)SE2Most of our 3750X and older switches are running 122-55 or 122.58 code. IP base or Universal. There is speculation that the problem is the 24 Port is Lan base, as the part number might indicate. (WS-C3750X-24-P-L.... I think that is the part number) and the 48 is IP base. Both switches are Universal, and my understanding is that they don't care about LAN or IP Base until you enable a function that falls in the IP Base domain. Then I have to call Cisco Licensing.For these switches, LAN Base is fine, based on the boot message, I feel the real problem is 122-55 versus 150-1 in the stack. So.. the question is: Do I downgrade the 48 port to match what we have in our environment, and what is on the 24 port switch. Or... Upgrade the 24 port switch to match the 48 port switch and have an installation that is not consistent with our environment? I do have two more edge closets to install with this purchase of 3750X 48 port switches.
View 2 Replies View RelatedWhat I am attempting to achieve is to aggregate trunk ports out of a VMware server into a single logical connection to give as much bandwidth as possible, the switches are 3750X and are three stacked together with the server connections spread across the stack. What I am not sure about is if two port channel load balance protocols can happy co-exist on the switch, by default the switch is using MAC address load balancing and Vmware wants to use IP Source load balancing. As other trunks and channels exist on the switch I don't want to make a change that will affect the other live connections if changing this is a global setting and not local on the channel.
View 2 Replies View RelatedPossible to configure multichassis port-channel between a VSS and 3750X (Port-channel not in the same switch on the 3750X stack). I got it using LACP but I need Pagp to get VSL redundancy “dual-active detection pagp trust channel-group 1”. I am using the last VSS IOS version 15.0(1)SY. I can’t get the option “switch 1 preempt”, has it changed with other option?
View 2 Replies View RelatedI need to tear down an existing port-channel on a 3750X running c3750e-universalk9-mz.150-1.SE3.bin. This port channel is currently down down. It has three ports in it that will be added one each to three existing port-channels, I am assuming as long as the "channel-group" command is exactly the same as it is on the three existing port-channels I should be ok just adding the new port. One point to note is that the three existing port-channels all have three ports so this will be adding the fourth port to each port-channel. I know after reading that it is a best practice for load balancing to use either 2, 4, or 8 ports for a port-channel. Also what is the command to see all ports that are in a port channel?
View 1 Replies View RelatedIs it possible to connect 3750X with C3KX-NM-10G to X2 10G port on sup2t in 6500E switch.There is Cisco OneX Converter Module, but I could not find that it is supported on sup2t.
View 2 Replies View RelatedI have two stacks 3750X on two different sites with two links L_2_L, and I want to configure the port channel to aggregate the two links.
Site A Site B
3750X -A1 --------------------------------------( )--------------------------------------- 3750X -B1
( L-2-L )
3750X -A2 --------------------------------------( )--------------------------------------- 3750X -B2
Below the configuration that I have put the two stacks.
site A
interface Port-channel5
description Etherchannel group entre le stack 3750X-A et Switch Lan_2_Lan
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 11,12,999
switchport mode trunk
switchport nonegotiate
speed 100
But the problem is only one link is Bundeled in channel group, see below
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
5 Po5(SU) LACP Gi1/0/15(I) Gi2/0/15(P)
i have a VSS core that has 4 downstream links to 4 stacked switches. I connected each of the 4 links to different switch in the switch stack. I then created a port-channel that combines all the links from each switch. Is there any issues associated with this setup?
View 9 Replies View RelatedI have created a management vlan on my network of 2950 and 3750 switches. One 3750 has a trunk to each of the 2950 switches which includes the management VLAN. On that 3750 the vlan and line protocol are both up even though there is no specific port assigned to the vlan; I believe the trunk connections allow the vlan line protocol to come up. On another 3750 stack I have my VLAN defined with no ports designated or trunks; the VLAN is up however the line protocol is down.
View 12 Replies View RelatedI've got a client with a Management Port set up for Out-of-Band management. Here's the configuration of the interface and some relevant static routes:
interface Management0/0
description MGT
speed 100
duplex full
nameif Mgt
[code]...
The route through Mgt interface is required as my client accesses the device from a subnet that isn't local to M0/0.Unfortunately, now any traffic originating from outside and destined to 10.48.0.0/16 is choosing the Mgt interface. I had thought that the 'management-only' keyword prevents this from happening (traffic traversing between interfaces).
There is a broad scope of /16 addresses on the 'inside' so just swapping destinations won't work (the client wants to avoid a routing table with 50+ static entries, understandably)My temporary solution was to do this:
route inside 10.0.0.0 255.128.0.0 10.38.103.1
route inside 10.128.0.0 255.128.0.0 10.38.103.1
route Mgt 10.0.0.0 255.0.0.0 10.38.100.254
If 'management-only' doesn't prevent traffic from using the Mgt interface, what is the point of the command?
Our out of band connections with the new routers (1941 & 2921) with the new IOS 15.0 are not working.
Here is our configs:
Router:
line aux 0 exec-timeout 3 0 modem InOut transport input all stopbits 1
Modem(D-Link):
at&fs0=1s2=127s37=9e1q1&c1&d2&s1&k0&r0&w
Here is an output of the debug command:
*May 17 05:02:14.206 UTC: TTY1: CTS went down on IDLE line*May 17 05:02:17.206 UTC: TTY1: CTS came up on IDLE line*May 17 05:02:22.206 UTC: TTY1: CTS went down on IDLE line*May 17 05:02:25.206 UTC: TTY1: DSR came up*May 17 05:02:25.206 UTC: tty1: Modem: IDLE->(unknown)*May 17 05:02:25.206 UTC: TTY1: EXEC creation*May 17 05:02:25.206 UTC: TTY1: create timer type 1, 30 seconds*May 17 05:02:25.674 UTC: TTY1: create timer type 10, 30 seconds*May 17 05:02:26.154 UTC: TTY1: pause timer type 10 (OK)*May 17 05:02:26.154 UTC: TTY1: resume timer type 10 (OK)*May 17 05:02:26.174 UTC: TTY1: pause timer type 10 (OK)*May 17 05:02:26.206 UTC: TTY1: DSR was dropped*May 17 05:02:26.206 UTC: TTY1: Set
[code]....
It goes into the handshake but then disconnects immediately.
My management has tasked me to give them a high level overview of the different switching we can choose for our new building.
This is what I know so far.4 Closets, each closet has 450 ports,One MDF room that is will contain one UCS Chassis and a Nimble iSCSI SAN.
I am working on the spreadsheet and it looks like this (Not totally filled):
2960s3560x3750x45064510Approx cost (Each, 48PORT, POE+, 10G uplink, Dual PS, IP BASE)
6K7K8K45K75KMax Capacity192432432192384Backplane speed206464520520ProLeast ExpensiveStackable to 9Stackable to 9ProDual PSDual PSDual PSDual PSDual PSProLayer 3 opt
Layer 3 optDual SupsDual SupsConExpensiveExpensiveConNo Dual PSConLayer 2 OnlyCannot stack more than 4
For the MDF I would like to use 2 Nexus 5548's with FEX's, and the layer 3 daughter board. For the IDF's I was thinking of two 4010's.
i cant find any difference in these two devices when i am trying to compare throughput.I need upgrade our new POP and there will be around 4900 MAC adresses in VLAN 150 and 130 MAC adresses in vlan 200.Uplink is 1 gig routed internet connection and there is 14 downlinks to separate villages.i found a few differences for eg stack interface on 3750x but i dont need it.
View 2 Replies View RelatedI have a stack of 2 x 3750X switches these are running 12.2(55)SE5. I needed to add some static IP routes and found that the ‘ip routing’ command is not supported. I came across a document that stated “On switches running the LAN base feature, static routing on VLANs is supported only with Cisco IOS Release 12.2(58)SE and later.” So I have upgraded to 12.2(58)SE2, but ‘ip routing’ is still not a valid command.
The release notes state:“On the Cisco Catalyst 3560-X and 3750-X Series, it adds support for 16 static IPv4 routes in the LAN Base image.”
I have read other posts that talk about running the ‘sdm prefer routing’ command which I have done, but I am still unable to add any routes or run the ‘ip routing’ command.
I have an 1811 with several subnets connected to it.I recently installed a 3750x plant and want to bring my interior routing back to it.
All the routing is handled by the 1811 via secondary interfaces on vlan1?
I have 192 ports, and subnets show up on almost all of them. None of the ports are assigned to any specific vlans. Most ports have several subnets on them.
What is the best approach to getting the 3750x to handle the routing?
my company pay a switch 3750 X. WS-C3750X-24T-E. It uses IP services basically but I failed to configure InterVLAN routing. why interVLAN routing doesn't work on my switch?
View 10 Replies View RelatedI am setting up a vm environment for a customer in my lab off site. I have two stacked 3750-x switches, a san, and threes UCS c220 M3S servers for hosts. I am trying to separate the lan traffic, san iscsi traffic, and san management traffic using vlans. The problem is i'm unable to communicate cross vlan with my current config, which I have attached to this post. The only noteworthy things in my conifg is that the ip route 0.0.0.0 0.0.0.0 192.168.83.6 is referring to a switch stack they have on site, that I will connect this stack to using the first two trunk ports on each switch, that I do not have here in the lab. I don't want to cause any confusion in why I have things set a certain way.
View 1 Replies View RelatedI have got ASA 5520. How to use the management port as a normal port on ASA. What are the basic reqirements for that.
View 3 Replies View RelatedWhy does my 3750x-12s switch say it's not supported in CNA??? I upgraded to CNA 5.7.1 and still says unsupported. This device is supported or I'm just missing something.I use CNA heavily to manage our MANY vlans.
View 1 Replies View Related