Cisco Switching/Routing :: 6509 - Client Mode / Enable VTP Transparent?

Mar 25, 2012

My current production network is setup using VTP in Client mode, and I am looking to enable VTP Transparent so I can enable the extended VLANs. My main question would be, would enabling VTP Transparent on my 6509 affect all of the access switches it is connected to? And if so, would changing all of the access switches to VTP Transparent allow them to regain connectivity quickly with little downtime? Or is there another way that I should be handling this situation to enable the extended VLANs?

View 2 Replies


ADVERTISEMENT

Cisco Switching/Routing :: Set Port Vlan On 6509 Running In Vtp Client Mode

Jan 14, 2013

I'm working at a company that has several 6509 switches running CatOS.  They have two of the 6509's running in vtp server mode and the rest as clients.  I set up a new vlan from one of the vtp servers and it propagated out.  The problem comes when I try to assign a port on one of the vtp clients to this new vlan.  It gives me an error that the switch must be in vtp server mode to add/delete vlans.  I'm not trying to add/or delete a vlan just trying to add a port into an existing vlan.  I'm hesitant to put the switch in vtp server mode.  Is this a CatOS thing or is there a specific command to accomplish this?             

View 5 Replies View Related

Cisco Switching/Routing :: 2970 VTP Changed From Client To Transparent

Feb 29, 2012

After changing the VTP mode to from client to transparent, I noticed the output of 'show run' now displays the vlans. I don't have any spare 2970s to check this with at the moment. Output of 'show run' looks like this now with vlans info, this was not shown before changing the VTP mode.
 
vlan 2
name 16.6.16.0/27
!

[Code]......

View 3 Replies View Related

Cisco Switching/Routing :: Maximum VLANs In Transparent Mode 2960

Nov 22, 2011

On a low-end switch like a 2960 the maximum VLANs is 255, as shown in the output of VTP status:
 
Maximum VLANs supported locally : 255
Number of existing VLANs : 245
 
When the VTP mode is changed to transparent, VLANs from the extended range can be added without increasing the number of existing VLANs - e.g. if I create VLANs 3000 - 4000 the number of existing VLANs is still listed as 245.
 
If MST is used to cut down on the number of spanning-tree instances - and assuming propagation of VLAN configuration via VTP is not required - is there any downside to using transparent-mode VTP to increase the number of available VLANs? It does feel like I'm cheating the maximum listed in the datasheet.

View 4 Replies View Related

Cisco Switching/Routing :: 3560 - Moving From VTP Server / Client To VTP Transparent

May 1, 2013

We are moving a small network of 3560 and 3750X switches from VTP Server and Client to VTP Transparent. I noticed the vlan database is stored differently depending on the VTP mode.
 
Is there any chance of losing vlan database on a given switch when moving from Server or Client to Transparent?

View 11 Replies View Related

Cisco Firewall :: ASA Firewall Positioning In Transparent Mode Between 6509 Core Switch And WLC

Apr 26, 2011

I do have the below setup,,
 
1. I have 6509 switch
 
2. I have 2 WLC configured in Active/Active mode connected in Trunk mode (L2 Port-Channel) connected with 6509 switch
 
3. On switch side i have configured the port as Trunk
 
4. L3 SVI for wireless users are created in 6509 switch (attached the diagram).
 
I would like to introduce a Cisco ASA 5520 firewall with AIp-SSM module so that all wirelees traffic can be inspected.
 
The issue is: Without changing any configuration in the network (switch & WLC) is it possible to introduce the firewall?

View 2 Replies View Related

Cisco Switching/Routing :: 2650 - Getting Enable Mode On Router?

Jan 14, 2012

On my 2650 Router it just has only Telnet password.It has no enable mode password set.After reboot it is goes to prompt mode BB.I am unable to go to enable mode .how can i go back to enable mode on this router?

View 13 Replies View Related

Cisco Switching/Routing :: Can't Get Into Enable Mode On 2911 Router

Oct 31, 2012

My engineer onsite can't get into enable mode on his 2911 router. I've seen this before but I can't find out how I fixed it.
 
He gets an error saying : no password set
 
Here is the config:
 
Router#sh run
Building configuration...
Current configuration : 1784 bytes
!

[Code]....

View 3 Replies View Related

Cisco Switching/Routing :: 6509 - 802.1x And Voice VLAN / Enable Dot1x On User's Ports On The Switch

Sep 17, 2012

I have a Cisco 6509 with IOS "s222-ipservicesk9_wan-mz.122-18.SXF16.bin"I need to enable dot1x on user's ports on the switch. each user is connected to the switch through the IP phone.
 
I just found out that I can not enabled dot1x on trunk port. I have tried to use "switchport voice vlan " but I got:
 
Switch(config-if)#switchport voice vlan 123
Command rejected: Gi7/20 is Dot1x enabled port.
 
let me know what should I do to get dot1x working?
 
Note: I have connected a laptop directly to the port and dot1x is working fine.

View 5 Replies View Related

Cisco Switching/Routing :: 6509 Stuck In ROMmon Mode?

Dec 16, 2012

I have 6509 E.  Actually what happen it last 3-4 times it reload its self and got stuck in rommon mode, i tried to boot it with boot by connecting a console cable on supervisor 720 2b. What and where is problem and why is stuck in rommon after reload.

View 11 Replies View Related

Cisco Switching/Routing :: Policy Routing Based On Client Gateway (6509-E)

Feb 26, 2012

If client gateway = 192.168.64.9 then next-hop = 192.168.64.8 else use default-route 0.0.0.0
 
I know it's possible to do a route-map match ip-address ACL list. But is it possible to match on gateway?
 
Some info about hardware and config:

6509-E in VSS (IOS 12.2(17r)SX5) withVS-S720-10G supervisor.

All routes are static, IP for 192.168.64.9 is on SVI vlan.

View 3 Replies View Related

Cisco Switching/Routing :: 2691 - Unable To Reach Enable Mode By Console Connection

May 10, 2012

I have 2691 router with following config
 
line console 0
login local
password xty
 
When i remove the login local from the line console i connect to console port and press enter it shows router prompt 2691Router> but i am  unable to go to enable mode.If i telnet to router then i put username and pw then it goes straight to enable mode.
 
vty config is
 
line vty 0 4
exec-timeout 600 0
logging synchronous
login local
length 500
transport input telnet ssh
escape-character 3

Any reasons why i can not go to enable mode by console?

View 3 Replies View Related

Cisco Switching/Routing :: Switch 6509 In ROMmon Mode After Power Outage?

Nov 28, 2012

We have a cisco catalyst 6509 with Supervisor Engine . After power outage, the switch always start in Rommon mode. Configuration register is 0X2102,  we want to it always start in normal mode. What should i do?

View 3 Replies View Related

Cisco Switching/Routing :: 6509 - In Auto Negotiation Mode It Comes Up In Half Duplex

Jun 11, 2012

We are facing to an annoying issue. We have a 6509 running in Catos 8.3(4) with WS-X6548-GE-TX, WS-X6348-RJ-45 and WS-X6148-RJ-45. When we configure the mode in auto negotiation, it comes up in half duplex. We need to configure the speed mode at 100Mbit/Full to make it work. But if the chassis or port restarts (not the server), the link becomes half duplex. This happens only on module in Gigabyte like WS-X6548-GE-TX.

Cable have been replaced but does not work. It is not happened on another chassis running on IOS 12.2(18)SXF17b with WS-X6548-GE-TX.

View 4 Replies View Related

Cisco Switching/Routing :: 3750X / 6509 - Trunking Over Single Mode Fiber

Oct 26, 2011

I'm having a problem with some new gear and can't seem to figure it out.  I have a 3750X-48P-S with a C3KX-10G-NM using SFP-10G-LR transceivers and I'm trying to trunk that with a 6509 that has a X2-10G-LR transceiver over single mode fiber.  This is not working.  Cisco TAC says the SFP+'s that we just got brand new are both bad and we need to order new ones.  I find that hard to believe but who knows.
 
The switch recognized the module and I tested all 4 ports in gigabit mode using GLC-SX-MM transceivers, all worked great.  I have the SFP+'s in tengig1/1/1 and 1/1/2 as they should be.  There are no other SFP's in the module either.
 
When I do a sho int tengig1/1/1 and 1/1/2 the media type doesn't show the transceiver that is installed like it does for the GLC-SX-MM ones.  Maybe it's not supposed to or maybe it just doesn't recognize them and it's a hardware issue.

View 5 Replies View Related

Cisco Switching/Routing :: 6509 Core Switch Command / IP PIM Sparse-dense-mode

Oct 23, 2011

What is PIM? give me an example when I will use and not use the PIM command.

View 4 Replies View Related

Cisco :: Get An ASA5510 Working In Transparent Mode?

Jun 29, 2011

I am trying to get an ASA5510 working in transparent mode, multi-context.  I am on revision 8.2.5, so there are no bridge groups (those are enabled in 8.4). I first set it to transparent mode, then set it to multi-context mode.  I am doing trunking through the Ethernet0/0 to Ethernet0/1, and have two vlans on subinterfaces of each interface.  These interfaces are in the 2nd and 3rd contexts, and all trunking between vlans is working correctly in transparent mode.
 
But I can't telnet or ssh to the ASA itself.
 
I have an IP address on the inside vlan interface in each context, and can ping tthe IP in context 2 and context 3.  There is an IP also in the admin context, but I am unable to ping this.  I have tried putting it in the same vlan as the 2nd context, and putting it on the management interface, but since there is a global IP only in transparent mode, I don't think the management interface is used (even though it is in the admin contexts included interfaces).
 
Since I can't connect to the ASA, I can't easily get the running config to post it here, even though that would likely
 
To summarize:

- transparent mode

- multi-context

- trunking (dot1q) through Eth0/0 and Eth0/1, so each interface has four sub-interfaces, each in its own vlan

- these VLANs are in each of the contexts except the admin context

- the IP of each conext is able to be pinged, but can't telnet or ssh to it

- telnet and ssh are setup for allowing a /16 subnet range access, in each context

- access-list is setup for permit ip any any and permit icmp any any on the inside and outside interface of each context

- all thru-traffic is passing correctly, but can't manage the ASA other than sitting at the console of it
 
What I'm going to try now is putting the admin context into one of the vlans in the trunk and see if I can use it that way.

View 6 Replies View Related

Cisco Firewall :: 5512X IPS In Transparent Mode

Dec 19, 2012

I need to know if the 5512X IPS will work if the ASA is in transparent mode and/or any limitations.

View 5 Replies View Related

Cisco Firewall :: Is It Possible For 5505 ASA To Be In Transparent Mode

Feb 20, 2013

Is it possible for an 5505 ASA to be in transparent mode such as ethernet0/0 outside, ethernet 0/1 inside, and use ethernet 0/2 for syslog only on a seperate network other than the one that 0/0 and 0/1 is using.  The tranparent part being on a 192.168.168.X/24 and the syslog server being on say a 10.2.1.X/24 network?

View 1 Replies View Related

Cisco Firewall :: ASA 5505 - Transparent Mode

Sep 15, 2012

I just have 1 question. I am going to be getting U Verse installed at my house and have been having a hard time finding this in the documentation. The modem I am going to be getting is the 3800HGV-B. Over on the ATT forum users are stating that the modem needs every MAC of every potential IP. I thought about using it's DMZ Plus mode but I am getting a block of 8 IP's and it doesn't seem to play nice unless it see's 5 different MAC's. Right now I have my 5505 in routed mode so I don't believe it passes the MAC of the client's through. Will the ASA pass the MAC of the client's through to the modem with the appropriate ACL's applied?

View 2 Replies View Related

Cisco Switching/Routing :: 6509 To 6509-E Chassis Upgrade?

Nov 21, 2011

I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:

     x3     48 ports
     x1     NAM
     x2     Sup720
     Running 12.2(18)SXF3
 
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?

View 2 Replies View Related

Cisco Switching/Routing :: Upgrade Of 6509 To 6509-E Chassis

Nov 21, 2011

I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:

x3     48 ports
x1     NAM
x2     Sup720

Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?

View 2 Replies View Related

Cisco WAN :: ASA5500 Transparent Multi Mode Firewall

Feb 4, 2012

Recently i have configured ASA5550 with 2 Contexts in Transparent mode. Traffic can pass through a single Firewall context but through both contexts it couldn't.

View 0 Replies View Related

Cisco Firewall :: ASA 5500 - Transparent And Routed Mode

Jun 26, 2012

have a Cisco ASA that I am trying to configure in a unique way, I want it to perform a variety of tasks;
 
VPN SSL
VPN Tunnels
Firewall Inside to Outside via versa
 
But the difficult task, is creating a DMZ with devices that are assigned fully routed IP addresses from our ISP directly, these are H323 and SIP devices that cannot use NAT, and must have a fully routed IP address assigned to them.
 
Obviously the problem I have with the Firewall in its default routed mode, is that it wont allow me to overlap IP addresses on the outside interface with the DMZ interface.
 
Could the Firewall be configured for Transparent mode between Outside and DMZ, but Routed mode between Outside and Inside?
 
Eth0/0: 10.0.0./24 (inside)
Eth0/1: 190.0.0.0/24 (dmz)
Eth0/2: 190.0.0.0/24 (outside)
 
[Code]....

But could the new Cisco ASA with the latest firmware and model be ale to do this with 1 physical firewall?

View 5 Replies View Related

Cisco Firewall :: Failover Transparent Mode ASA 5520?

Sep 19, 2012

Recently, I unable to configure the failover on bridge group in transparent mode . I have five interfaces .out of this only 3 is showing in the show run config . Whether I can config failover on on of the data interfaces.
 
I have the ASA 5520 with the version ASA Version 7.2(4) <context>

View 3 Replies View Related

Cisco Firewall :: ASA 5505 Transparent Mode Setup?

Dec 5, 2011

i need to configure a ASA 5505 in transparent mode.learned from Internet, my configuration is :

int e0/0 --- vlan 1---->nameif outside
int e0/4 --- vlan 2------> nameif inside
gloable ip is 172.17.104.10 255.255.255.0
 http server enable
http 172.17.104.0 255.255.255.0 inside
 
when i connect the outside interface to one PC with ip addr 172.17.104.194 my PC connect to inside interface with ip 172.17.104.249 cannot ping each other even when i set rules as permit any any on both direction

View 2 Replies View Related

Cisco Firewall :: ASA 5505 In Transparent Mode Traffic?

Oct 23, 2011

I've  setup my Cisco ASA 5505 in transparent mode. I have a Cisco 1841  connecting to the ISP (DHCP client) and F0/0 for inside. The 1841 is the  DHCP server.  I have my ASA 5505 behind the 1841 in transparent mode  (Vlan 1 for Outside and Vlan 1 for inside). The router config is  good as when you connect a computer straight to the inside interface I  get DHCP and can go to internet, no problems what so ever. But When  you're trying to go through ASA isn't not working.  if I add a ip any any statement to the access list it will work but  having an "ip any any" in a access list is like having no firewall at  all.

ciscoasa(config)# sh run
: Saved
:
ASA Version 8.2(4)
!
firewall transparent
hostname ciscoasa
enable password zmQ6OnxvsOOEDNAy encrypted

[code]....

View 4 Replies View Related

Cisco Firewall :: ASA5505 Transparent Mode Not Working

Feb 19, 2013

I have a cisco ASA5505 configured in transparent mode. This evening we attempted to plug a couple of new servers in but they simply didnt work, despite our test server working absolutely fine. The server IP's are all in a network object group (the same as the test server) and they're all using the same ACLs etc. I'm relatively new to configuring cisco equipment.
 
the only thing I can think of is a static route I had to add to get the managemet IP to work might be causing problems.route outside 0.0.0.0 0.0.0.0 XX.XXX.132.1 1(IP addresses obfuscated- servers are all in the same range so assume XX.XXX is the same across all IP's).

View 7 Replies View Related

Cisco WAN :: Configuring 1721 For Transparent Bridge Mode?

Jan 1, 2013

I'm supposed to configure this 1721 for bridged mode, taking a Level 3 T1 into the serial 0 side and passing it out the f/e 0 side.  So, basically that's a T1 to ethernet conversion.  I guess this customer is buying a T1 from us but they have to use a different make/model router due to the large hospital requiring that of doctors offices.Encapsulation from Level 3 is ppp static ip address, no password or anything like that. 

View 3 Replies View Related

Cisco Firewall :: ASA5510 - LACP In Transparent Mode

Mar 3, 2013

I understand that in transparent mode an ASA5510 would only be able to have two interfaces, inside and outside. My question is could one of those logical interfaces be an LACP'd interface, made up of two physical interfaces. Topology below. I understand that the router and ASA5510 are SPOF here, so it is a bit of a moot point, but we're connecting already existing infrastructures together!
 
|-------–---|      |---------|        
| Switch 1  |------|         |        
|-----------|      | ASA5510 |         |----------|
     | |           | (transp |---------|  Router  |
|-------–---|      |  mode)  |         |----------|
| Switch 2  |------|         |        
|-----------|      |---------|        

View 4 Replies View Related

Cisco Firewall :: ASA 5510 - Can Transparent Mode Use / 30 And Still Work

Oct 9, 2012

I have a ASA 5510 that is connected to my ISP and the inside interface that is connected to my router.  I have a /30 and need to determine if the configuration of x.x.x.121/30 which is my ISP and also the BVI address on the ASA.  The inside router address is x.x.x.122/30 same subnet as my ISP will allow me to pass traffic.  Management interface works using a different ip address but not able to get the traffic to pass traffic out to the internet thru the ASA
 
ISP-------->ASA-------->Router 
 
Bottom Line is that I only have one usable address that is being used by the router and the ISP and ASA are using the other.  Will this work?

View 4 Replies View Related

Cisco Firewall :: ASA 8.4 Transparent Mode Creation Of Sub Interfaces

Jul 30, 2012

On the ASA running  the 8.4.4.1 code in transparent mode. Can I create sub interfaces in different vlans and attach them to different BVI groups?
 
switch---trunk---ASA---Trunk---switch
 
Gig0/1.1 vlan 100 bridge-gr1          Gig0/2.1 vlan 101 bridge-gr1
Gig0/1.2 vlan 200 bridge-gr2          Gig0/2.2 vlan 201 bridge-gr2

View 6 Replies View Related

Cisco Switching/Routing :: 3750 - VTP Transparent Configuration

Jan 28, 2012

We have a few stacked 3750 switches with vtp transparent configured...some plugged in a fiber from another network into our stacked switches...that network/switch has vtp server configured...once that switch connected to our stack of switches, it turned that stack switch into vtp server...causing the previous vlans configured to erase thus causing management issues with the stacked switches..

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved