Cisco Switching/Routing :: 881 Blocking Peer To Peer Applications On LAN
Feb 13, 2013I am facing issues in blocking Peer to Peer applications in LAN. I am using 881 Cisco router and below is the config done. [code]
View 1 RepliesI am facing issues in blocking Peer to Peer applications in LAN. I am using 881 Cisco router and below is the config done. [code]
View 1 RepliesI am working on wi-fi networks (ISP), So I need to block the peer to peer on my network.My network involves cisco switch 2950/2960, cisco 2800 routers and Access Points, config for peer to peer blocking, for this where I need to config either switches or router.My network basic setup is, The internet will pass from router to switch and then Access Points.
View 1 Replies View RelatedI got ASA 5510 with base license, can I block all Peer-2-Peer traffic from inside to outside.
ASA Giga 0/0 connected to ISP Router 2811
ASA Giga 0/1 connected to LAN switch 3560
I see that Application protection - blocking peer-to-peer file sharing traffic is a capability of Cisco IOS Firewall. How do i configure my Cisco 2911 ISR to block peer-to-peer file sharing traffic?
View 1 Replies View RelatedI recently bought the WAG320N can I block Peer to Peer file sharing on my Network?
View 3 Replies View RelatedI bought my WAG320N, I too have the internet drop out and from reading in here is a very common problem. Cisco really should bring out a new firmware version and address this issue. Any way you can block peer to peer file sharing with the WAG320N? If so how do you go about it?
View 1 Replies View RelatedOne of the schools whose networks I administer has a peer to peer network running about 30 xp machines. DHCP is achieved and DNS settings distributed via a basic Linksys router; is there any way of distributing proxy server address and port short of entering manually in LAN settings of IE on every terminal - there is no budget to install a server.
View 4 Replies View Relatedi just set up my 2Xp pc's and one windows7 laptop peer to peer for file and printer sharing but i can not configure internet connection for those pc's
View 2 Replies View Relatedi want to set up my two computers /win xp/ installed using peer to peer network , just tell me the needed steps
View 2 Replies View RelatedI want to prevent guest from doing peer - peer communication on my Guest (5508) controllers. Is this a feature on the WLC or only by applying an ACL on the router interface?
View 2 Replies View RelatedWhat is the function of the VPC peer-link? Should be the composite of all VPC links that are dual homed between switches? is it necessary to have 8 x 10G links as shown above. The links connecting the 7Ks to the 5Ks are VPC links.
View 3 Replies View RelatedThe setup I currently have is a server attached via an etherchannel to a 3560x switch, which is connected to a pair of 5548UP's that are connected via vpc. The 5548's both have a single connection to 6500 series switch that does the layer 3 routing, the ports that connect the 5548 to the 6504 are trunk ports. The problem that I am having is that one of the 5548's can ping the server that is connected down stream while the other 5548 can't. While the local switch can ping the server, and other servers on the same switch in the same vlan can ping it as well. The vlan interface I am pinging from on each switch is on the same subnet as the server I am trying to ping. One other thing, Nexus #1 which can ping the sever has the mac address in its mac address table, while Nexus #2 doesn't. However I added the static mac entry to Nexus #2 and that did not allow me ping either.
View 2 Replies View RelatedOn a csico 3750 switch I have ntp server < IP of stratum 1 Time Server> I want the swit to sync to the to time server and provide time to peers on my network. Do I have to be configured for ntp peer < IP of stratum 1 Time Server> for that to work?
View 7 Replies View Relatedi am in process of building a new datacenter with 2 nexus7k in core/aggregation and 2 n5k in access layer. I am running fabric path on F2 cards between 7k and 5k, also enabled vpc+ on 7k and 5 both. There are few vrfs on 7k which are communicating with each other through firewall contexts. Now there are few vlans which are used to connect differnt vrfs and firewall contexts on n7k and running hsrp as well. now since these vlans are not traversing FP network i should not logically configure these vlans as FP vlans. But since the vpc+ peer link is a FP link it will not allow non-FP vlans to communicate through itself. I have configured a vpc trunk link between 7k and fws. Diag is attched. Now my question is can i configure vlans used for connecting vrf and fw contexts as FP vlans so that hsrp running between those vlans can communicate with each other over vpc+ peer link on n7k.
View 1 Replies View RelatedWe recently had a pair of Nexus 5k switches setup in our network. We had professional services handle the initial configuration but they weren't able to setup config sync for us. Each Fex is connected to each 5k, so we need a switch-profile to maintain a consistent setup on our interfaces. I went through the process in Configuring Switch-Profiles, but when I check the status of the peer, it says not reachable. [code]
View 1 Replies View RelatedCan you use twinax cables to connect two Nexus 7010 switches for VPC peer link? They would connect on F2 modules and have Sup2 on the chassis.
View 2 Replies View RelatedI need to enable vPC "peer-switch" command on a pair of Nexus 7018s which are currently vPC peers (primary and secondary). The STP root and Secondary root are currently configured across these switches.Can I enable the peer-switch command in this configuration without impacting services, and then modify both switches to have the same bridge priority without impacting services ? We have a few downstream 5ks which are not dual homed to both vPC peers (work in progress) so need to understand if the peer-switch command will in any way break this connectivity for now.
View 1 Replies View RelatedI'm trying to create a vpc between a Nexus 5010 and Nexus 5020 switch. I recently upgraded the software so they are running the same version. I connect get a vpc link. Is there something wrong with my setup? Is a vpc between a 5010 and 5020 even possible? They are connected using a pair of Intel X520's in 802.3AD teaming mode. [code]
View 2 Replies View Relatedwe are planing to run HSRP on our Nexus 5ks (with L3 card) and we use VPC to connect the downstream UCS - Fabric Interconnects to the 5ks. I was wondering if the peer-gateway command is required under the vpc domain config? When you use HSRP with VPC, both the active and standby HSRP peers can forward layer3 traffic, isn`t that the same that peer-gateway would achieve?
View 1 Replies View RelatedI currently have Nexus 5596 pair with VPC peer link Po1 between them. My goal is to connect our new Nexus 7Ks to the 5K's using Fabric Path. My question is during this inital setup with the 7K's. Can I use the same port channel number on the 7K's as I did the 5K's? Is the port channel locally significat?
View 2 Replies View RelatedI have a pair of Nexus 5548UPs that have some high priority servers running on them. Servers are ESX hosts running Nexus 1000v's. Each host has multple connections in a VPC to both 5548s. We have been having intermittant ping loss and slowness of traffic to the VM's on these hosts. I was poking around trying to figure out what the issue could be and found that the peer-keepalive command was not set to send the heart beat across the mgmt0 interface. I would like to change this to point it accross the mgmt0 interface. Any tips or advice for me on making this change with production servers running on the switches? I do not want to cause any loss to any systems when I make this change. [Code] ..........
View 3 Replies View RelatedTrying to get the peer links to work and have them in interfaces E1/1-4 . When i do a show int status it looks like this and says sfp invalid. I see this on both sides. These same model gbics work fine attached to a FEX on these boxes.
Eth1/1 vpc peer link to T sfpInvali trunk full 10G Fabric Exte
Eth1/2 vpc peer link to T sfpInvali trunk full 10G Fabric Exte
Eth1/3 vpc peer link to T sfpInvali trunk full 10G Fabric Exte
Eth1/4 vpc peer link to T sfpInvali trunk full 10G Fabric Exte
Gbic in ports are this.
Ethernet1/1-4
transceiver is present
type is Fabric Extender Transceiver
name is CISCO-FINISAR
part number is FTLX8570D3BCL-C1
[code]....
how the Nexus 5500s work ?currently we have two 6513 Core switches 6513-1 and 6513-2 running HSRP and RSTP. 6513-1 is currently the Root Bridge, 6513-2 is setup as our secondary root. We also have two 5548UPs setup with a peerlink between them. Picture attached. "Current Setup.jpg"
There is a 20gig port channel between the 6513s and also a 20gig port channel(peer link) between the 5548s. 5548-1 has a 10g fiber running back to 6513-1 and 5548-2 has a 10g fiber running back to 6513-2. Currently now Spanning tree is blocking the link from 6513-2 going to 5548-2 which is what we expect. We were working on moving some things to different racks the other day and moved switch 5548-2 to another rack and brought it back online without the peerlink fiber connected. We started to have issues and tried to plug the peer link back up, but still continued to have issues. We started to troubleshoot and noticed that both 5548s were acting like the master of the VPC domain and was not letting traffic pass accross the Peer Link. We then rebooted the 5548-2 with the thought that it would come back up as the secondary in the VPC domain. When it finally finished booting back up it then caused a huge loop in our network accross both uplinks to the 6513s and the 5548s peer link which in turn took our network down. Spanning tree did not work like it was suppose to and block the port going from 6513-2 to 5548-2 in time.
My thought was this didn't seem like a good setup. I went to the drawing board and decided we needed to have an uplink from both 5548-1 and 5548-2 going to 6513-1 setup as a port channel/VPC and also a uplink from 5548-1 and 5548-2 going to 6513-2 setup as a port channel/VPC. Picture Attached. "NewSetup.jpg" We are also planning on buying a "2K-C2224TP-1GE" to hang off the 5548s to use for ethernet.
how the Nexus 5ks work and haven't done a lot of research on them. Would this not be a better setup since both switches will have an active link to the root bridge? The links from the 5548s going to 6513-2 should always be in a block state until we loose both uplinks to 6513-1 or the entire switch itself correct? Also how will the 5548s reactive if I was to loose the Peer link fiber? Will they continue to work as normal? When it looses this Peer Link does it suspend all the VPCs for the servers on the secondary switch in the Domain so the network doesn't get confused on which link to send traffic up since there isn't a peer link active or is this not the case? Also with the peer link down will the 6513-1 know which 5548 to send the traffic to if there is only 1 device (not setup in a VPC) on one of the 5548s? What are your recommendations/best practice on the setup for the 2k?
I have pair of 5596 switches in vPC. One host say "HOST A" is connected to the primary vPC peer and other "HOST B" on secondary vPC peer.Both are in same VLAN 10. Both hosts are vpc orphan ports as their NIC is configured in active/standby mode.I have configured span session on both vPC peers with span source as VLAN 10 in rx mode.Span destination is connected to secondary vPC peer. The issue here is that I am not able to capture the traffic originating from HOST A destined to HOST B which is traversing vPC peer-link.Same issue occurs for the traffic in reverse way and span destination on primary vPC peer. In a nutshell, any traffic which crosses vPC peer-link is not getting captured.
What could be the issue and is there any solution for it. Below mentioned is the span config and relevant interfaces. [code]
I have an environment where i have two nexus 7010 switches, along with 2 nexus 5510's. I need to run OSPF as a layer 3 routing protocol between the vpc peer links. I have 1 link being used as a keep alive link, and 3 other links being used as a VpC link.
1) Is it best to configure a separate Vpc VLAN i.e 1010
2) Is it best to configure a vrf context keep-alive
3) just have the management address as the peer ip's.
What is difference between Peer to Peer network and point to point network???
View 5 Replies View RelatedWhy does Cisco recommend a configuration of originate-only on the ASA with multiple peers configured and the answer-only to the other end? Shouldn't it work as Bi-Directional ?
[URL]
The only scenario I see which could break is if both peers try to establish a VPN at the same time to the ASA. Is there any other reason ?
I believe that the Cisco Unified Communications Manager Express matches the outbound VoIP dial peer digit-by-digit, because:
1. when using the debug command it shows how it works digit-by-digit till it match a pattern
2. It says in the study guide ( If a match is found, the router immediately processes the call - chapter 6) so I understand its not en bloc
We are having an issue with BGP flapping peer. We have a ASR1002 as Route Reflector and it work fine with all peers except with 2 peers.
View 3 Replies View RelatedI have a few site-to-site VPNs connecting to my ASA 5520, but one of the remote VPNs is changing it's public IP, how can I change this IP on the ASA without starting again? On the ADSM it is greyed out so I can't edit it, but can I just change it in the CLI?
View 2 Replies View Relatedam in the progess of replacing a Zyxel USG 300 to a Cisoa ASA 5510.In the Zyxel I have some Site to Site, where the peer is a dyndns.org adresse, becourse the peer is a dynamic ip-adress.
I have maybe 10 site to site´s where the peer is a dynamic with a dyndns.org adress, and the presharedkey is diffrent at each tunnel.How can i make this configuration at the ASA 5510?
I've connected my 3 pc's to share file printer and internet using peer to peer connection but on the clients pc the internet connection is soooo slow? my two computers are windows XP an d one Windows7.
View 1 Replies View RelatedI have another odd issue (I get those alot) I have an asterisk box that moves around between 2 IPs, thus the dial-peers are unpredictable as to their target IP. They work as the dial-peer will eventually (after 1 min) time out and go to the other dial peer, but waiting 1 min sucks, and it's a tiny network, 5-10 sec would be WAY more than enouph. Does anyone know off hand a way to get them to time out faster?
View 5 Replies View Related