I am planning to enable MAC address filtering (one port on 4510 & another 3560). I want to allow only that MAC address to communicate via that port with the rest of the network and internet.
4510 has PC connected and 3560 had polycom connected. [code]
I was wondering if i can enable url filtering on my 2691 or 2651XM routers so that if someone visits any website i can see that under router logs. right now i am using kiwi syslog that logs the router activities.
View 3 Replies View RelatedIt shows this option "Filter wireless clients: Apply MAC Filtering to devices that connect to the network via Wi-Fi. This is the normal usage of MAC Filtering. Filter wired clients: "However I don't see that option on the actual page. How can i enable Mac address filtering only for the wireless side?
View 7 Replies View RelatedWhen disabling SSID broadcast and enabling MAC address filtering on WAG320N, my other wireless laptop get disconnected. And when you try to connect, it doesn't connect again.
View 3 Replies View RelatedI am having issues working on my QOS between 4510 and 3550 switch connecting on layer 3 through a service provider. I have class maps and policy map setup on both sides and then policy map attached to interfaces however i dont see any traffic matching in policy map on 3550 switch, i do see some traffic matching on 4510 but the speed with which its increasing has my doubts about it. When i make voip calls ( VOIP switches are sitting behind 3550 and are mainly 3550 pwr 24 port switches with phone ports configured for auto qos voip cisco-phone and trusting cos) i rarely see the RTP matching in class under policy map.
View 5 Replies View RelatedI am currently running 12.2 (53) and am looking to move up to the 15+ train. Are there any pre-reqs prior to the upgrade that any one is aware of?Unfortunately I have no "lab environment" to test it in. I have production switches with minimal impact to the campus and if done late night I could have it restored back before open of business the following morning. My FW is up to the latest version and I have found nothing in the release notes specifically stating that there would require any stepped upgrades up to v15 and higher.
View 6 Replies View RelatedWe have an issue where switches are failing weekly in a switch closet. In the past month we have gone through several 3750G switches and a couple 4510s. The power supplies have eventually made a popping noise and had to be replaced. on the 4510s we've tried two chassis and gone through several power supplies.The switches have been behind UPS systems so should be receiving conditioned power.Could load from the PoE devices really be causing this? I wouldn't think it's power since they are behind a UPS.
View 5 Replies View RelatedThis has been happening repeatedly time to time! we just replace the part! But now it has come to trouble us again.It happening only in one module like 6 to 10 ports wont work.
we run IOS cat4500e-universalk9.SPA.03.02.00.SG.150-2.SG.bin will there be any bug in it?
I have two servers on one subnet that each need to replicate to a single server on another subnet. They also need to replicate to each other. This replication is unidirectional so I will refer to the 2 server subnet as the source subnet and the single server subnet as the destination subnet. In order to keep this replication running without killing the MPLS links on either end, we are trying to use a policy-map that limits bandwidth from the source subnet.The Problem:We have created a policy that polices traffic during specific times of day and limits the bandwidth as prescribed, however, bandwidth is also being limited between the 2 servers on the source subnet which is not needed or desired.Class 512K set dscp ef police 1024000 bps 1024000 byte conform-action transmit exceed-action dropClass Map match-any 512K (id 4) Match access-group name DAGExtended IP access list DAG 10 permit ip host 10.20.0.3 host 10.20.0.10 time-range DAG-REP (active) (22793 matches) 20 permit ip host 10.20.0.4 host 10.20.0.10 time-range DAG-REP (active) (14156 matches)The service policy is applied on the input side of the 2 interfaces on which our devices are connected.As you can see, the access list identifies the interesting traffic as traffic from two specific hosts to one specific host. The problem we are having is that bandwidth is also being throttled between the two source hosts even though it is not defined to do so.What can I do to limit traffic from the two source devices to the single destination device without limiting bandwidth between the two source devices?
View 1 Replies View RelatedWe have multiple switches(Cisco 4510, 4507R, 3560's) within our network. I've been looking over the port settings between them and noticed that not all ports that are connected directly from switch to switch are trunked the same. Some are desirable on one switch and forced truck on the other switch.
View 5 Replies View RelatedI am using Cisco 4510 Switch with Default LAN Base image. Now I have purchased 10G Upgrade license. The part number for Upgrade license is WS-C4500-10G-LIC. I have received a CD from Cisco (named as 'Includes License and Warranty'). Any License upgradation is required for this license? Or this is only a paper License.
I could not find out any .lic file on the CD. Also there is no paper with PAK.
I just upgraded all of our switches on campus to Version 15.0(2)SG4 after about a month of testing. On two switches so far, we are seeing that clients can not connect, and the switch isnt detecting a link. I dont see anything out of the ordinary in int status, port-security, or errors on the interface. Plugging in a different computer does nothing. Only thing that works, is a shut, no shut of the interface. After that, its connected.
View 7 Replies View RelatedI have a Catalyst 4510 that is running IOS version 15.X that has a bug and Cisco recommends upgrading the IOS. Are there additional steps required to perform an IOS upgrade due to licencing Cisco put in place?
View 5 Replies View RelatedI have cisco 2960 and Catlyst 4510 switches now we are planning to implement IPV6.
i have the fallowing IOS on my switches.
C2960-lanbasek9-mz.122-50.se5
Cat4500e-entservicesk9-mz.122-54.sg1.bin
The above ios will support for IPV6 or I have to purchase new IOS, which version will support.
I got a 6509 version 12.1(22)E2 that I am replacing with a 4510E version 3.40SG with Supervisor Engine 7-E. The 6509 is configured with 20 channel-group for dual fiver connection to ten 3550 switches with trunking enabled with isl encapsulation. The 6509 is the VTP server to each of the 3550 switch clients. There are 40 Microsoft Servers attached ot the Gig RJ45 port modules.
I have attached the 4510 to the 6509 with dual fiber connection configured as a channel group with trunking enabled. I am configuring the 4510 the same as the 6509 except I have to use trunking with dot1q encapsulation because isl is not supported on the 4510. I no longer want to use VTP with the 4510 and have set the it as transparent mode. Each of the 3550 switches are changed from isl trunking encapsulation to dot1q and VTP mode is changed to transparent when they are moved from the 6509 to the 4510.
I want to move the switches over a few at a time and not all at once. The first 4 switches attached with no problems and ran with no problems for the user access to the servers still on the 6509 for a week. Then I found out DHCP was not working for the devices attached to the switches on the 4510. I moved one of our domain controllers form the 6509 to the 4510 to fix the DHVP problem. I have now added 2 more switches with users that use an application on a server still on the 6509 and they are getting disconnect errors after logging into it and using it. Other applications on different server also on the 6509 are having no problems. I moved the switches back to the 6509 to get the users up during business hours. I now plan on moving the server for the application that was failing to the 4510 in hopes that it will fix the problem.
Is there something I can do to speed up the connection between the 6509 and the 4510 so I can continue this transition without having to move the servers to the 4510 as I move the users?
I need to convert configuration from CatOS on 4006 to IOS on 4510. I am unable to find the conversion tool.
View 5 Replies View RelatedWe are facing issue related to STP.I am getting MAC FLAP error on Cisco 4510 switch. The effect on network is intermittent Pkt drops in the network. When I checked the specific Ip address I am getting the same with two different. [code] Vlan is created on CORE switch and assign priority 0 than CORE switch should be the Root. but instead Root port is becoming the port where server is connected. Server at last connected to CORE switch via HP switch via other Vlan to CORE switch and creating a loop as shown in Diag. [code] The Priority of Vlan 102 is changed and Root port has been changed due to that. The Bridge ID is the same as CORE switch.
View 7 Replies View RelatedI am planning on deploying a 2960 switch and will need to uplink it to a 4510 switch. There are 2 TenGig Ports available and I was thinking of uplinking one of them to the 1Gb SFP port on the 2960. Would this work?
View 4 Replies View RelatedI just upgrade a license on a cat 4510. The license installed but the EULA was not accepted and it will not upgrade to the new feature set.
View 1 Replies View RelatedI am looking to find a command or counter to tell me if a cisco switch port on a 4510 was ever up and passed traffic. I want to shutdown all unused switchports on our access switches. But before I do that I need to make sure device is just not off or the person is away on vacation. If I do sh int interface, is there a counter I can reference.
View 4 Replies View RelatedI have configured Span port on our 4510. We have an application 5view server to monitor trafic connected to G9/17 Since we have changed the network connection from physical Giga port and add a Port-channel instead, we don't see any more trafic from the new Port-channel to G9/17
We have the configuration below on our 4510 :
monitor session 1 source interface Gi4/6
monitor session 1 source interface Po20
monitor session 1 filter vlan 311 - 312 , 375
monitor session 1 destination interface Gi9/17
From the commands show, we don't see the trafic duplication from the source to the destination port :
Port Source
4510-5567#sh int po20
Port-channel20 is up, line protocol is up (connected)
Hardware is EtherChannel, address is 0016.9de2.a818 (bia 0016.9de2.a818)
[Code].....
We are getting below errors on our Cisco 4500 Switche PS after Power Down activity.
Switch1
------------------ show power detail ------------------
Power Fan Inline
Supply Model No Type Status Sensor Status
------ ---------------- --------- ----------- ------- -------
PS1 PWR-C45-4200ACV AC 4200W good good good
PS1-1 off
PS1-2 220V good
PS2 PWR-C45-4200ACV AC 4200W err-disable good good
PS2-1 220V good
PS2-2 220V good
*** Power Supplies of different type have been detected***
00:01:02: %C4K_CHASSIS-3-MIXINPOWERDETECTED: Power supplies in the chassis are of different types (AC/DC) or wattage(code)
I'm having some trouble with a 4510 Switch Line Card. I need some recomendations for troubleshooting it.We have some PoE phones connected to the card number 3. When those phones were restarted, they did not go up again. In order to discard wiring issues, we connected the phone directly to the card 3, and the phone did not go up. If the phone is connected to a different card, it goes up correctly.
Additionally, to restore the service, these phones were migrated to other cards, but when we disconnect the equipment, ports in line card 3 remain in an up / up state (and nothing is connected to those ports!!), and only reflect the actual state after restarting the port.What steps could I do in order to troubleshoot this issue?. What should I look for, or how do I discriminate the problem? Might it be a hardware issue, a PoE issue?
I am trying to block clients based on MAC addresses connecting to our Wireless Guest network.
My scenario is: We have 2 interfaces (corporate and a guest). Users are connecting to our guest network after they have automatically connected to our corporate network and logged into Windows. When they realise that things are not quite working in the way they want (access to servers etc...), they reboot and then find they cannot logon to the laptop at all. This is because the laptop has automatically rejoined the guest network and has no access to AD. I then have to locally logon to the laptop and remove the guest network.
It’s starting to become a bit of a pain as we are an educational establishment and... well... you would wouldn’t you
Hardware: WLC5508, Software Version 7.3
So far I’ve tried enabling MAC Filtering under “Security -> AAA -> MAC Filtering”, but found out that it’s a white list. The opposite of what I’m trying to achieve, but I like the fact you can link it to a specific interface.
I’m just looking at the “Disabled Clients” again under “Security -> AAA ->”, but think this is more a total ban as I cannot see a method at attaching it to an individual interface. I'm kindda stuck and my good old friend Google is not yielding great results.
I’m not by any means a wireless expert, so there is probably a better method. I would prefer to use the controller as a way of achieving this, but if you think I’m wasting my time and should be looking at a Windows Group Policy method then I’ll go with that?
I've got a Cisco 4510 which shows a system uptime in excess of 56 years. [code]
View 11 Replies View RelatedAre you only able to have two sessions for port mirroring on a Cisco 4510?
View 1 Replies View Relatedi have 8 users in my office. i want to enable the URL Filtering for only 5 users in my office and 3 users will have no URL Filtring.
View 7 Replies View RelatedWhere on my router interface I could go to enable both the SPI Firewall, and the Wireless MAC Filtering? I have the D-link DIR-815.
View 1 Replies View RelatedDIR600 doesn't allow me to enable wireless MAC filtering when I setup DIR600 as access point. (I connected DIR600 (access point) to my another room's router.)
View 1 Replies View RelatedI had configured one access point CAP3602E in flex connect mode through a WLC 5508 after deploying the access point in flex control mode the local mac-filering is not working. before it was working when ap was in local mode. any body have to know is the mac-filtering working in flex-control mode ?
View 2 Replies View RelatedI received the following info from Cisco's TAC and wanted to inquire further before I start reconfiguring the switch:
In a redundant Sup-6E setup, the following configuration is supported :
- 1 TenGig uplink on Active Sup and 1 TenGig uplink on Standby Sup
- 1 TenGig uplink on Active Sup and 2 Gig uplinks on Standby Sup
- 2 Gig uplinks on Active Sup and 1 TenGig uplink on Standby Sup
- 2 Gig uplink on Active Sup and 2 Gig uplinks on Standby Sup
If you invoke shared backplane mode, the following configuration can also be supported:
- 2 TenGig uplinks(blocking) on Active Sup and 2 TenGig uplinks on Standby Sup
- 2 TenGig uplink(blocking) on Active Sup and 4 Gig uplinks on Standby Sup
- 4 Gig uplinks on Active Sup and 2 TenGig uplinks(blocking) on Standby Sup
- 4 Gig uplink on Active Sup and 4 Gig uplinks on Standby Sup
Here's the command and information about the "shared-backplane" mode :- [URL]
Currently, we have 2 SUP 6-Es(Module 5 - Active and Module 6 - Stand-by) setup in a redundent mode. I am planning on changing the redundent mode to the shared backplane mode so I can use 2 TenGig converters to uplink 2 access-switches. We purchased 2 TenGig converters and here is how I am planning on using them:
1- One will be used to uplink to two 3750 switches(stacked)
2- One will be used to uplink to a 2960 using a Gig SFP
My questions are:
1- Do I have to install the 2 TenGig converters(4-Gig Uplinks) in the same Module? Or can I use one one in module 5 and the second one in module 6?
2- Will changing the redundant mode to the shared backplane mode require rebooting the switch or disrupt the funtionality of the other linecards?
I have a router with two interfaces what i need to filter the HTTP traffic from one interface and the rest of the traffic through the other on my cisco router 2800.
View 3 Replies View RelatedI have the need to filter multicast between vlans as described below. PIM Sparse-Mode is being utilized for this multicast network and changing any Vlan to PIM Dense mode is not an option.
- Vlan 217 and Vlan 4 should not be communicating on mcast with any other vlan, including eachother (each vlan isolated).
-Vlan 64 and Vlan 80 are able to communicate witch each other on mcast but not with any other vlans (isolated vlan group).
-All other vlans can communicate mcast freely.
What I've created thus far is below. It does not appear to be the most elegant solution and would be difficult for the administrators to adjust as new requirements come along. Yes, I will be adding the appropriate link-local multicast addresses so as to not break routing and other dependent technologies.
ip access-list ext ANY_CONN
permit ip any any
ip access-list ext MCAST_INTRA_217
permit ip 224.0.0.0 15.255.255.255 133.106.197.32 255.255.224.0
permit ip 133.106.197.32 255.255.224.0 224.0.0.0 15.255.255.255
ip access-list ext MCAST_ISOLATE
[code]....
