Cisco Switching/Routing :: Configure VLAN On 2960S Switch
Jan 20, 2013
I have hybrid network in which I want to configure VLAN on Cisco 2960 S switch. I have unmanged switch where my DHCP server and other servers are connected. Now I created two VLANs on cisco 2960S and they don't talk each other, but as soon as I connect unmanaged switch to 2960S switch, both VLANs start communicating which I don't want. I want to listen server traffic from unmanaged switch from both VLANs but simultaneously I don't want to communication between two VLANs.
After i have already configured my cisco switch 2960 , i configured my console as the below [code] after i reboot my switch , i found that the switch asked me for username . However i did not configure username , how can i solve this problem , without password reset . I have already configured 15 switch , 100% this problem will be in all switches.
but on interface gi 1/0/1 i want to have data from vlan 10 tagged as VLAN 20. At this time i have solved this issue very primitively
I have set up gi 1/0/2 as int mode acces, acces vlan 20 and i have connected gi 1/0/2 with gi 1/0/3 with eth cable. int gi 1/0/3 is switchpor mode acces, switchport acces vlan 10
I got a different scenario from one of my client.My client have two different branch offices and have 50Mbps point to point connectivity between them. All users in both braches using same series of IP pool ( 192.168.224.0/24) in both branches.Both branches he had only Cisco 2960S series switches only. And in both branches he is using IP cameras. He will monitor the assets by accessing IP cameras through the browser.His requirement is, he wants to prioritize the Video traffic( monitoring through the browser) over the normal data traffic.Note: He had a single VLAN only.
I need to set QOS in our new network. We have connected 2 cities together with 700Mbit leased line. On each side we have Catalyst 2960S switches and between them is TRUNK for VLAN 10 and Vlan 20.Vlan 10 is for IPTV (fixed 400 Mb/s for CATV)Vlan 20 is for Internet (rest).Sometimes is happening that Vlan 20 takes more than 400 Mb/s for a few seconds and in this situation we have problems with CATV.Is there any way to make a guaranteed bandwidth 410 Mb/s for CAT - VLAN 10 on this swithces?
We are trying to setup a new configuration with 2960S as access switchs and a 4507 as a core switch.I want to protect the management IP VLAN of the swich using vrf on the 4507 so we :
SHUT VLAN 1 on every switch (2960 + 4507) CREATE A NEW VLAN 289 (management vlan) -> IP network : 10.32.126.192/26 L3 VLAN on every switch VLAN 289 in the VRF XXX on the 4507 create tunk between the switch and the 4507 : switch mode trunk allowed vlan 200-230 sw trunk native vlan 289
so with this configuration on the 2960 the vlan 289 is UP/DOWN and UP/UP on the 4507 I can access to the 4507 using the IP in the VLAN 289 but i cannot access to the 2960 behind the 4507 CDP connectivity is ok?
Have multiple Catalyst 2960S switches, Cisco 2911 router and ASA 5510 firewall.
On the router have subinterfaces created for the VLAN's Int FA0.0/41 for wirless VLAN setup with IP 10.10.41.100 Int FA0.0/60 for new Voice VLAN setup with IP 10.10.60.100 Internal network is 10.10.10.0/24 and LAN IP of router is 10.10.10.100 Have default route setup to push traffic from the router to the firewall ip route 0.0.0.0 0.0.0.0 10.10.10.251
On the firewall have added the new VLAN 10 (10.10.60.0) to the network object-group Have configured route inside command route 10.10.60.0 255.255.255.0 10.10.10.100 1 Have also added the NAT command nat (inside) 1 10.10.60.0 255.255.255.0
On the 2960 I have my laptop connected to port 45 and I have it configured as follows switchport mode access switchport access vlan 10
I assign my computer a static IP address of 10.10.60.84/255.255.255.0/10.10.60.100 with 10.10.10.11 as DNS server. When I do this, I can ping anything on the 10.10.60.0 network, I can ping anythign on the LAN 10.10.10.0 network. I am able to connect MSN messenger, I am able to do NSLOOKUP and get outside IP addresses to resolve. I am unable to browse the Internet though. I am not sure where the problem is at though. It doesn't make sense to me, as it is setup the same way as VLAN 41 which is the wireless network, and when users connect to that, they get out to the Internet with no issues.
i have a Catalyst 2960S since 2 days. I am a new user, i like to configure the switch! my first problem is: i have 2 v LAN vlan1/24 and vlan200/24. I'd like to config port1 to be tagged on the 2 v LAN i know from hp port must be tagged. how can i config port 1 to be tagged on vlan1 and vlan200? and port 2 to be untagged in vlan1 and untagged in vlan200?
make a couple of SF300 switches to work properly with a C2960S-48TS-L that acts as core switch/basic router. I can't seem to figure out how to assign VLANs correctly in trunk and access mode on the SF300. The 2960S are a no brainer with IOS commands but the webgui in the SF300 is a pain.
I've configured the 2960S with 3 VLANs and I would like to have the SF300 switches connect to the C2960S-48TS-L through VLAN trunk and then configure the ports on the SF300 switches to belong to the assigned VLANs of my choosing. I would also like to have all the SF300 switches management interface in VLAN 50.
Has anything changed in the way of defaults for creating a trunk port and spanning-tree between a 3750x and the newer 2960s? I have one of each I just took out of the box and applied my standard switch configuration template but I cannot get my VLANs that are configured on my 3750X to appear on the 2960S. I find nothing that is blocking and everything seems to be forwarding and I am running out of things to check.
I am trying to configure etherchannel on 2 2960S connected by a flexstack with 2 ports g1/0/52 and g2/0/52 on each 2960.
these switch are connected to a CAT4500, I know that I can only use LACP because of cross-stack but when I force the switch to use LACP witch channel-group 2 Mode active the switch do this :
%With PAgP enabled, all ports in the Channel should belong to the same switchCommand rejected (Port-channel2, Gi1/0/52): Invalid etherchnl mode % Range command terminated because it failed on GigabitEthernet1/0/52
I don't know how to bundle the 2 ports on the 2960 stack. each time I use : channel-group 2 mode on there is no error
but the switch do this :
*Mar 1 00:45:32.290: %EC-5-CANNOT_BUNDLE2: Gi2/0/52 is not compatible with Po2 and will be suspended (trunk mode of Gi2/0/52 is dynamic, Po2 is trunk) *Mar 1 00:45:32.531: %EC-5-CANNOT_BUNDLE2: Gi2/0/52 is not compatible with Po2
I have a running setup having 2 Cisco 2960s 24 TS switch with Stack configuration. Now I want to add one more same Cisco switch. My questions are:-
1) How can I do this...(Should follow the same process as I did before.
2) Could I do this without impacting the service. i.e. without rebooting the switch.
3) What should be the connection archiecture as of now since there is two switch so it is connected 1 -1 and 2-2. but for 3 switch should we require to change the connectivity.
I use the Switch 2960S support PoE and 10 access points cisco.I have one more question:
-- If all 10 access points cisco use copper cable to connect to 2960S, 5 access points use power adapter and 5 access points use power from Switch. How Switch 2960S will provide power for 10 AP or switch 2960S will understand and only provide power for 5 APs?
We have a Cat2960-S Series PoE+ currently running 12.2(55) SE5 ios with SW image C2960S-UNIVERSALK9-M.We want to upgrade the ios to the lastest version but found there are 2 version: 12.2(53) SE2 and 15.0(1) SE.Which is the best & suitable for upgrade?
I have enabled syslog on my Cisco 2960S swtich as shown below -
-logging facility local6 -logging host 10.11.12.122 transport tcp port 514
I have sent the port to TCP since that is what is configured on the SYSLOG server which is a CENTOS 5.8, running rsyslogd.I have tested the rsyslogd locally and it work.However i want to send any and all log messages in the buffer to my syslog server and it is not working.there is no firewall on the CENTOS and the ASA firewall filter is enabled for outgoing traffic.
I have a problem with extending the LAN on a client site . They are looking to extend the LAN with a 2960S-series switch. Already in place is a 4510 switch which the 2960 is connected to via fibre. The 2 switches are both set up but there is no connectivity as I cant ping between them or anything. The management VLAN on the 2960 shows line up, protocol down, which I believe means the VLAN is enabled but there is a form of physical mismtach on the ports. I have attached the configs of both switches. I feel it might be a problem with GBIC module compatibility. The SFP installed on both ends of the switch are GLC-SX-MMD. On the 4510, the SFP sits in a twingig converter (CVR-X2-SFP) but there is no light on it at all when the cables are plugged in.
I have a stack of 2960S (c2960s-universalk9-mz.122-55.SE2.bin) and the master has failed (used to have a priority of 14). The second switch has become master (priority 1) as can be seen below: [code]
If I connect a new blank 2960S (same IOS) through the stack ports, will the master sync its config to the new one without causing problems?As I understand the new blank switch will also have a priority of 1 and will by default be numbered as 1. So if the config is correctly synced and I later on want to make switch 1 the master, I need to set the priority: [code]
I have two networks at two sites with a dot1q trunk between the two L3 switches at both sites (no routers involved)
SITE A - Cisco 3750 L3 - VLAN ID 50 10.10.50.0/24
SITE B - Cisco 3750 L3 - VLAN ID 50 10.20.50.0/24
I would like to extend the SITE A VLAN to SITE B so that I can move hosts from SITE A to SITE B without needing to change their IP address but the vlan ID is already in use. Obviously the easy solution is to change the VLAN ID for one or other of the sites but both sites contain hosts that run 24/7. Is there a way to join two VLANs with different IDs together.So for example I create a new VLAN 60 at SITE B and associate it with VLAN 50 at SITE A.
I have a live 28port Catalyst 2960S switch. By live I mean that there is an essential piece of equipment plugged into this switch that can suffer little to no downtime. Over the course of time the number of devices patched into this location has increased to exceed the 24 ports available and we have had to resort to adding unmanaged switches to fill the need. We have acquired an additional 2960 & stacking modules that I would like to stack together, keeping the existing switch as the master. It is my understanding that the stacking modules are hot-swappable and that this member switch can be added without bringing the master switch down, thus creating zero down time for the financial server that is connected.
The steps I believe that need to be followed are as such: write mem to existing switch and backup to our TFTP serverinstall the stack module in the existing (while powered up) and new (while powered down)place the 2 redundant FlexStack link cables on both switchesthen simply power the member switch on After boot the member switch will get it's OS and configuration from the master and I can begin moving CAT5 cables from the unmanaged switches to the stack.
I have a Cisco 2960S stack and I'd like to tune the timers so that packet loss is minimal if a switch fails.To simulate a failed switch I have reloaded it while running a continuous ping to a management address on the stack's SVI: [code] As I see the same results when a ping is directed through the single switch (switched), and through the firewall (routed), I'm inclined to think that this is due to the stack failover timers on the Catalyst 2960S.Is it possible to change the stack failover timers (i.e hold down, failover etc), to speed up the failover process?
I have a new Cisco 2960 S series switch with a basic configuration that needs to be uplinked or daisy chained to a Cisco 3750 switch. I am not getting any connectivity to the network with either a straight through or crossover cable. the port remains in amber but a 'show interface' indicates that the interface is up. I can manage the switch with a PC patched into any port on the switch with a static IP address. Must be something very simple that I am missing. Outlined below is the configuration.
i have an issue to connect a trunk between cisco switch and extreme switch i have many vlans that i want to cross via a link between cisco 3750 switch and a Extreme Alpine 3800 switch
I have a Cisco 6509 connected (gig3/17) to a Cisco 3560 G switch (Gig 0/28). The 3560 switch Gig 0/26)is connected to a distribution switch on another network. The ip address on my 6500 is 10.120.11.244 255.255.252.0 and the ip address on my 3560 is 10.120.11.211. The ip address given to me by the other network is 10.162.20.10 255.255.255.252. How do I configure the new vlan in this situation and the ip address given to me.
I have 2960 cisco switch. I want to configure private vlan. But it is not getting configured in cisco 2960. Is there any other way to configure that in switch.
We have Nexus 7k running as my core with a 6500 manageing my server farm and IP services servers (call manager, IPTV ...)My edge switch are 4500s. We currently have RIP2 running between and the switchs and each 4500 is managing its own VLANs.The IPTV uses IGMP snooping and multicasting to broadcast the video feed. The problem that came up is that the we cannot configure a gatewar for the setup boxs for the IPTV system. They will only work on a single VLAN and they are spread all over the network.Can we configure only this VLAN to be propagated over our RIP network???
My architecture is the same as show on the link with some difference.I use the router 1841 for inetrnet connexion instead of 7200VXR, this router 1841 is connected on the catalyst 3750 port G1/0/1.I use catalyst 2960 instead of catalyst 2950 or 2948.I use ASA 5510 for conexion on remote branche(I have 5 remote site), This ASA is connected on the catalyst 3750 port G1/0/37
Result of the test:
-I can ping devices in the same Vlans -I can ping devices in different VLANs -I can ping all device from the catalyst 3750
I cannot ping the router 1841 or ASA 5510 from the any devices (computer)The gateway of each computer is the correpondant VLAN IP address configured on the catalyst 3750.Why I cannot ping the router 1841 or ASA 5510 from the any devices (computer)
I have been looking into this for a while and I can't seem to figure out why my 2nd vlan is not able to connect properly to the net.
My switch has 12 ports where my devices connects directly, they are all on Vlan 1 and they all work perfectly. on Port 12 I have a dlink router that is connected to a cable modem. the dlink router has an Ip address of 192.168.0.20
I created a second vlan (vlan2) and enabled dhcp relay on it. then I assigned port 9 on the switch to (vlan2)my laptop which is connected to port 9 seems to get an ip address fine and able to ping only some devices on my network (vlan1) and is not able to go out to the internet. I think it has to do with the routes. [code]
I recently set up a small photography business and am trying to get a Cisco 877 and Cisco SG300-10 switch to talk to each other.
What I want is for the Cisco 877 to handle the internet and the SG300-10 to handle the local network,
I have set up 2 vlans in trunk mode on the switch and want vlan2 to manage local traffic and vlan3 to handle the internet.
I have got the 877 connecting to the internet what I dont have, traffic going to vlan2 on the switch from the 877
Look at the running configs for the switch and the router and tell me how to get the vlan on the router to pass traffic to the switch. In a nutshell I am inserting the internet into the switch but am not sure how to progress. I have the c870-advipservicesk9 image file on the router.
