Cisco Switching/Routing :: 4900 Span Configuration On Switches
Sep 16, 2012i have configured SPAN on cisco 4900 series switches its a Loacal SPAN . as there is only commnads to complete this activity but hard luck its not working.
View 5 Replies
ADVERTISEMENT
Cisco Switching/Routing :: SPAN Configuration In Catalyst 3750
Dec 31, 2011I have CISCO catalyst with VLANs (VLAN ID 33, 36, 40-53) configured. I need to configure port mirroring in Switch 3750 for NAC (Network Access Control). I need to Monitor all the VLANs. Here is the SPAN configuration of switch: [code] Monitor session 1 source vlan 33 , 36 , 40 – 53.Monitor Session 1 destination interface fa 1/0/8 (here I am not able to set encapsulation dot1q ) because the error occurred saying %one or more dest port do not support the encapsulation%.
View 5 Replies View RelatedCisco Switching/Routing :: 3750 - SPAN Configuration For Websense
Jul 3, 2012I have configured SPAN in cisco 3750 switch as below mentioned. but the destination port protocol is down.
Network Diagram:
switch(config)#monitor session 1 source interface gigabitethernet1/0/1switch(config)#monitor session 1 destination interface gigabitethernet1/0/11 ingress vlan 1
[Code]....
Cisco Switching/Routing :: SPAN SIP And Wireshark 2950 Configuration
May 26, 2013I have cisco 2651 with one L3 interface ip 172.26.18.200. This Cisco is gateway from E1 PRI (PBX Aastra MX-ONE TSW) to SIP (Asterisk). This cisco 2651 connected to cisco 2950 in port Fa 0/12. Fa 0/12 is in VLAN 518 (dot1q).
On cisco 2950 i made next commands:
# monitor session 1 source interface Fa 0/12 both encap dot1q
# monitor session 1 destination interface Fa 0/9
#sho monitor session 1
[Code].....
Cisco Switching/Routing :: SPAN Port Configuration On 3750?
May 23, 2012I'm trying to configure a mirror port on a 3750. This configuration needs to replicate data from local ports, but I need that also act as a regular access port.
With the initial configuration, SPAN port, there is no problem, all the data of the configurated ports is replicating in the configurated port. On the port configurated as mirror there is a PC connected for audio recording. When the port is not operating as SPAN there is communications without problem over the LAN. But when I configure the port as SPAN, communication is interrupted.
Here is the actual configuration:
SWITCH1-PISO7#sh monitor session 1
Session 1
---------
Type : Local Session
[Code]......
Cisco Switching/Routing :: Effects Of SPAN Port Configuration On 4507R+E Switch?
Oct 29, 2011I read quite a few documents on configuring SPAN on a cisco switch but none of them mention any limitations or any kind of CPU load it can have on a switch. I need to configure this on one of our switches and would like to know if there are any implications related to SPAN.
View 5 Replies View RelatedCisco Switching/Routing :: 1433 - Span Port Configuration To Listen To Specific Traffic Only?
Nov 2, 2011Is it possible to configure the span(switch port analyzer) port and restrict it to only listen to ingress and egress of TCP/1433 from the source port?
View 2 Replies View RelatedCisco Switching/Routing :: 6509 / 4900 - Network Down Cause Switching Supervisor With Redundancy
Jan 11, 2012we've had an issue with our network, we have 2 6509 connected with redundancy, which are connected with 2 x 4900 Switches, from which are connected to a ESX Chassis for visualization, the thing is that the ESX stopped working, and the 4900 switches, and the main core were suffering from overload, they hang on it very well, in order to stop the overload, one of the links to the ESX Chassis were disconnected from one of the 4900 switches. The CPU usage from the 4900 and the core(6509) went down below 40%, and then they started to migrate the virtual servers from the chassis to another 2 chassis that were added right after. They were actually working well, but suddenly the 6509 changed to the other supervisor after everything was OK. We were wondering what could have been the cause of this, maybe the virtual servers migrations, maybe the overload from the ESX ? We also had a few question, is there any need to reload the cores every few months as a planned task ? Because the cores have been up for more than 1 year. And also is there any kind of of tool to monitor the CPU status, or the status overall from the cores or the switches ?
View 3 Replies View RelatedCisco Switching/Routing :: L3 Routing With Catalyst 4900 Series?
Mar 19, 2013I have peculiar challenge ahead of me and would like to get new perspectives.
The objective is to route specific VLAN traffic and the caveat is that I have multiple VLANs with the same network address.
For example:
VLAN100 10.10.10.0/28 VLAN101 10.10.11.0/28 VLAN102 10.10.12.0/28
VLAN103 10.10.12.0/28
VLAN104 10.10.11.0/28
I need traffic going from VLAN100 with a destination of 10.10.11.0 forwarded to VLAN101 and NOT VLAN104.
This task is currently being completed by a multi context firewall and we're trying to decommission the asset.
Cisco Switching/Routing :: 4900 HSRP For LAN Fail-over
Jan 23, 2012Planning to implement HSRP in layer 3 switch.
We have two numbers of Cisco 4900 ME Switches. Basically want LAN failover from these devices. There are about 400 users in our network. I have attached rough network topology for your reference(I am not good at Microsoft Visio). Need to know implementation of the HSRP in these switches. Two distribution switches(Cisco 4900 ME Switches) are connected to 4 Access switches and these are connected to the LAN.
Cisco Switching/Routing :: Mac Filter Not Working On 4900 Switch
Aug 28, 2012 VLAN MAC address filter does not seem to be working on my 4900 switch. However the same config works fine when tested on my 3750 & 3560 switches.
Since user from different VLANs requires to be blocked, Unicast MAC address filter will not be feasible solution. VACL did not work on my 4506 switch too. K
Below is the config done on 4900 switch
mac access-list extended ABCpermit host 0003.0de9.d5ea anyexit
!
vlan access-map drop-mac 10
[Code]......
Cisco Switching/Routing :: ME 4900 Private VLAN Config
Feb 9, 2012We need to connect several DSLAMs on the 4900 switch, every DSLAM has 4 VLANs configured (VOIP service, MGMT, ADSL Private, ADSL Public), and sends the traffic for each service tagged with appropriate VLAN id according to the table:
VOIP: 608
MGMT: 594
ADSL PRIVATE: 2900
ADSL PUBLIC: 2930
On the DSLAM side it is very simple configuration, just a normal trunk with 4 VLANs transversing the link. On the 4900 I need to isolate the traffic for ADSL PRIVATE & PUBLIC service so DSLAMs connected to the same switch do not have L2 connectivity between them. For VOIP and MGMT they must communicate with each other. DSLAM acts also as a VOIP GW so it must communicate with other DSLAMs for VOIP service. Also VLAN 200 is configured on ME 4900 for switch management traffic.
This 4900 Switch connects to MPLS PE router, which offers L3 VPN service for VOIP & MGMT service, and L2 VPN for ADSL service (PPPoE traffic to BRAS). Fortunately we have ES+ linecard to support many ethernet features. I tried this config:
1) VOIP, DSLAM-MGMT, MPLS-MGMT configured as normal VLANs
2) ADSL PUBLIC & PRIVATE configured as isolated secondary VLANs, primary VLAN for ADSL PRIVATE is 2008, for PUBLIC 2308
3) Configure DSLAM facing ports on ME 4900 as private-vlan trunks
4) Configure ME 4900 uplink port to MPLS PE as a private-vlan promiscous trunk
5) Configure ethernet services on MPLS PE for each tag that comes from ME 4900 (ES+ cards are awesome, i love them:D )
6) Apply L3 VPN service for VOIP and DSLAM-MGMT, and L2 VPN for ADSL service.
But at least this last command should list on spanning tree forwarding state also the ADSL VLANs or not?
Here is the output of the show interface switchport.
Cisco Switching/Routing :: 4900 - How To Verify Link Before VLAN Extension
Mar 23, 2012we got a dark fiber betwwen two sites away from each other 30 Km,i need to connect this sites acts as backup dc to main dc in main site using cisco 4900 Switches in BK-DC anf 6513 in the main site,how can i verfiy if this fiber oparates as L2 and i can extend vlan servers,is it via "sh cdp neigh" and "sh vlan br"?
View 2 Replies View RelatedCisco Switching/Routing :: 4900 Failed To Read Transceiver Serial
Jul 30, 2012When I insert the TwinGig Converter in a Catalyst 4900M you get the following error message: Failed to read transceiver serial eeprom on port Te2/1, try reinserting.This error is probably because the device expects 10Gig transceivers to be connected to the device not 1Gig.I used the TwinGig 4 module and 8 SFP ports are connected. But when i type in the the "hw-module module <slot> port-group <group> select gigabitethernet" the command is not available. [code]
View 1 Replies View RelatedCisco Switching/Routing :: Setup TwinGig Converter To Use GLC-SX GBIC In 4900?
Jun 17, 2012I am having problems configuring a 4900. I have entered the following commands:
hw-module module 2 port-group 1 select gigabitethernet
hw-module module 2 port-group 2 select gigabitethernet
hw-module module 2 port-group 3 select gigabitethernet
hw-module module 2 port-group 4 select gigabitethernet
However no matter what I try, it never sees the GLC-SX gbics I have in the TwinGig converter.
PERSW001#sh interfaces status mod 2
Port Name Status Vlan Duplex Speed Type
Te2/1 inactive 1 full 10G No X2
Te2/2 inactive 1 full 10G No X2
Te2/3 inactive 1 full 10G No X2
[code]....
Cisco Switching/Routing :: 4900 Capturing VLAN Traffic And Set Destination To GE Ports
Jan 24, 2012At present we are having a 4900 series switch where we are running one monitor session.Additionaly we are in need of capturing VLAN traffic and set the destination to 2 * GE ports , both are in the same switch.Due to the limitation of two monitor sessions per switch , we thought of putting the destination ports as port channel but it looks like it is not supported.
View 1 Replies View RelatedCisco WAN :: 4900 - Outbound QOS Police Configuration
Jan 12, 2011I need to attach a QOS policy to a layer 2 WAN interface between two sites. This is actually an extended LAN circuit with 500Mb/s of allocated bandwidth. The interfaces are Gigabit so I want to make sure I don't attempt to transmit traffic faster than 500Mb/s. What is the best way to implement an outbound QOS policy that sets the minimum and maximum speed to be the same? This policy will be implemented on a 4900M with the 20 port GigE module
View 3 Replies View RelatedCisco :: 4900 Switches Support On LMS 3.1
Sep 12, 2011I need to know if Cisco Works LMS 3.1 can support 4900 switches series or not?
View 2 Replies View RelatedCisco Switching/Routing :: 6509 - Doing IDS Via SPAN Ports
Dec 13, 2011I am hoping you can provide me with some opinions, feedback, thoughts on the following. We have some Cisco 6509 switches in our environment currently hitting around 60% usage on the Router overall statistics.
Now we are looking at implementing an intrusion detection system but by being as least invasive as possible to the network. Our thoughts are to utilize a SPAN port on the switches to send traffic to the NIDS device but we have concerns of the following. The limitations of SPAN sessions on 6509's . The overhead on the switch of turning a SPAN session on and leaving it on permanently.
Cisco Switching/Routing :: Remote Span With C2960
Mar 12, 2013I am trying to configure RSPAN for one of my client. They have Server-Client VTP architecture. Voice Recording Server is connected to C4507. Agents are connected to C2960 and C3750. I got 2 sessions configured and the connectivity is a as follows:
1. Voice Recording Server-----C4507-----C2960-----C2960-----Agent IP Phones (Session 1)
2. Voice Recording Server-----C4507-----C3750-----Agent IP Phones (Session 2)
Recording works with Session-2 but not with Session-1. I understand the problem could be due to multiple reasons: 1.1. C2960 is working in client VTP mode so i cannot add remote span command under the vlan configuration. 1.2. C2960 has LANLITE IOS image which i am not sure if it supports Remote Span.
Cisco Switching/Routing :: 7000 Switches In VPC Configuration
Jan 28, 2013I have a pair of Cisco Nexus 7000 switches in a VPC configuration with several Nexus 5000 switches attached. The config has about 50 or so VLANs each with a /24 subnet address assigned. These SVIs include HSRP etc and are all a member of the same VRF. Unfortunatelu I am not able to advise/confirm if the issue is on the last vlans and svis configured as I am not aware of the history/chronology of the configurations applied.
The issue I have is that one of the Nexus 7000s seems to take some time providing output or even freezing until I issue a Ctrl+C when issuing simple commands such as "show ip arp vlan 123 vrf abc123" or "show mac address-table dynamic vlan 1234". This seems to affect only some but not all vlans or all SVIs in the VRF. This behaviour is the same whether accessing the cli via a console, SSH and/or telnet session.A check of CPU and mem reveals little utilisation to cause any concern and will begin a bug toolkit hunt for version 6.01.
Cisco Switching/Routing :: VSS Configuration On 6513 Switches
Mar 10, 2013My question is regarding VSS configuration on Cisco 6513 switches. My understanding is that the hardware and software configuration on the devices must be exactly the same for the VSS to function correctly. Do the Bootstrap versions also have to be identical?
The production switch is running Bootstrap Version 12.2(17r)SX5, while the new switch is running Bootstrap Version 12.2(17r)SX7.
Cisco Switching/Routing :: How To Setup SPAN On 4900m Switch
Feb 12, 2013I currently have IOS image cat4500e-entservices-mz.122-53.SG5.bin. According to my research it appears SPAN is supported on this OS. However, after looking at procedure notes using websites like here:
[url]... I cannot find and obviously not figure out how to use the SPAN command. My main objective is to simply setup a port mirror on one of my TenGigabitEthnet interfaces and from what I read SPAN is the best way to setup a tap interface on a cisco switch.
Cisco Switching/Routing :: VTP Traffic Not Seen On SPAN Port On 3750
Dec 12, 2011Been dealing with a strange problem for several days now. It started out with a problem that I thought was VTP related but ended up being something else. I setup a span port on a 3750 that I am connected to that was mirroring the trunk connection coming into the switch.
Never saw an VTP traffic come across the connection but doing a sh vtp status indicated the traffic was arriving and getting processed. When I found some debug commands (debug sw-lan vtp), I was also able to see the packets go between switches. Seeing this issue concerns me that there is other traffic that isnt showing up during a span session.
I know that doing a span on a switch, especially using a trunk port as a source, isnt a good idea. Since I didnt have a TAP at time, this was my only choice. I have since borrowed a NetOptics TP-CU3 tap from a good friend and was able to confirm the VTP traffic was going across the trunk connection between switches.
All of my 3750's are running 12.2.55.SE.
Cisco Switching/Routing :: Can't Configure SPAN On 800 Series Router
May 1, 2013I have a Cisco 881 router running 15.1(4)M4. I am trying to configure SPAN on it to mirror my outside interface (source) to one of my LAN interfaces (dest).
!--- WAN interface
interface FastEthernet4
description Comcast WAN$ETH-WAN$
[Code]......
As you can see from the above output there is a problem with the command on this interface. When I try to set Fa0 as my source it works fine:
rtr(config)#mon session 1 source int fastEthernet 0
rtr(config)#
Is this because fa4 is layer 3 and fa0 is a switchport? If so, is there another way to set fa4 as the source?
Cisco Switching/Routing :: 6513 Span Session Limit?
Jul 12, 2012I have a need to capture some traffic but my core 6513's are already using the limit of 2 span sessions. I can't edit any of the sessions either because I want to source traffic from vlans and you can only do one or the other. Is using a VACL with 'switchport capture' on the destination interface an option ? E.g. I want to source traffic from vlan 10,20,30,40 and send the all to interface Gi10/10 ? Is there any caveats ? I dont need to be too granular with the ACL's but just capture all traffic in those vlans.
View 2 Replies View RelatedCisco Switching/Routing :: How Many Span / Rspan Can Configure In Cat6500
Mar 16, 2011i will be creating combination of SPAN and RSPAN on catalyst 6506 according to the link
[URL]
im planning to implement this on two 6506 switches will this work? or do i violate the number of monitor session? sorce span?
sw1
monitor session 1 source interface Fa5/18monitor session 1 destination interface Fa5/48
monitor session 2 source interface Fa6/34monitor session 2 destination interface
[Code].....
Cisco Switching/Routing :: Nexus 7000 Span Limitation
Apr 18, 2012I've learned recently that the Nexus 7000 only allows the configuration of a maximum of 2 Monitor sessions for spanning traffic. I only have one monitor session left and I need to do the following. 2 Core Nexus 7000 boxes with 2 different traffic probes/sniffers to each nexus( eg Sniffer 1 connects to Switch A on interface eth 1 and to Switch B on eth 1 ; Sniffer 2 connects to Switch A on eth 2 and to Switch B on eth 2.) My plan was to setup a standard session with multiple sources and destinations then on the interfaces connecting to the sniffers run a trunk and do 'sw trunk allowed xxxxx' and filter what I need to go to each sniffer box. However I've recently found out that some of my source traffic is coming from Port-Channel interfaces. Is there a way I can get around this and still do the filtering within only 1 monitor session ?
View 1 Replies View RelatedCisco Switching/Routing :: 6509 - Nexus And Span Sessions
Oct 24, 2011I am in the early planning stages for a 6509 to Nexus 7K migration. Based on my experience with the 7K's at a previous company where we ran into a lot of issues, I am trying to be very careful.
I am more at home with the 6500 chassis and know what I can do with them. I remember running into a limitation on the Nexus that involved their not supporting span sessions like the 6500's do. Is that still the case ?
If that isnt an option in the short term, I will need to look at a substantial investment in ethernet tap's to replace the lost span functionality because the security group's heavy use of span sessions.
Cisco Switching/Routing :: 802.1 Span And Wireshark To See P-bits And Vlan Tags
Dec 30, 2009I do not see 802.1Q tags nor do I see p-bits (COS) in my wireshark captures. My setup is not working and I have no way to verify (sniff) that the 6509 is setting the p-bits to 3. [code]
View 4 Replies View RelatedCisco Switching/Routing :: 2960 -Destination Port Not Responding Over SPAN
Jun 8, 2012i have configured SPAN over cisco 2960 to monitor source port traffic but after configuration i dont able to get response from destination port as my NMS is attached on destination port so i lost its web interface.
Configuration is as under.
monitor session 1 source interface gigabitEthernet0/5 (Source Port on Vlan 100) monitor session 1 destination interface gigabitEthernet0/1 (Destination Port on Vlan 200)
Cisco Switching/Routing :: Nexus 7K (6.x) / SPAN To Multiple Destinations Does Not Work
May 18, 2013I have a single Nexus 7K (6.x) with only F2 modules and I would like to SPAN the same source interfaces and vlans to mulitple destination servers (interfaces). When configuring SPAN to a single destination traffic gets replicated successfully but when I add an additional destination to the same SPAN session then none of the destination interfaces receive any traffic. As soon as modify the SPAN to include only a single destination interface it works again. I'm guess this is a limitation of the Nexus 7K 6.x code or the F2 modules.
View 4 Replies View RelatedCisco Switching/Routing :: NEXUS 7k Span Session Getting Twice Data To Port
Jun 9, 2013I'm setting up a montitor session on a NEXUS 7K as below.we are receiving in 150M of data and 0 data going out port 9/25.but port 4/24 shows 300M to the span port?
View 1 Replies View Related