Cisco Switching/Routing :: Configure Routing Between 2800 And 3550
Sep 18, 2012
The layer 2 switches are connected to layer 3 Switch via trunks, and routing between layer 2 switch ports with configured SVI's on 3550. All working fine. Now I'm trying to configure routing between 2800 and 3550, I tried connecting both Straight Throught and Crossover cables to the 2800 Fa0/0 and Fa0/1 ports as well as the switchports on 3550
No switchport commands are configured however, the lights do not go on for both straight through or crossover cables. I tried connecting 1750 routers but same result. My goal is to have all the VLANS routed to the internet with configuring NAT translation the router.
I have problem with IPV6 connectivity, i have two Cisco 3550 switch and they are connected over a trunk link. The ios is c3550- ipservicesk9-mz. 122- 44.SE6 , I have configured vlans on both switches and i numbered one vlan to vlan 91 ,they can ping each other when i configure ipv4 on both vlans so trunk link is functional, but when i m using IPV6 they can't ping each other!! they can only ping their own ip address not each other. [code]
Is there a way to configure a DHCP server for my internal subnet of 192.168.20.1 which is on a 3550 layer 3 switch from my 5505 ASA Firewall.My subnet of 10.1.1.0/30 is connecting my 5505 to 3550. All I'm trying to do is run a DHCP server down to my hosts. The only options on ASA 5505 is
dhcpd address 192.168.20.1 - 192.168.20.254 outside or inside, which conflicts with my subnet of 10.1.1.0 used to connect my internal subnet of 192.168.20.1 for the whole network.
When I used my router it did not need the (inside, outside) keywords and just an ip helper-address command. How do I configure my my firewall DHCP server to propagate the 192.168.20.0 network through my 10.1.1.0 connection.
I have a collapsed core design with routed ports between all components. Access layer switches, data center switches, core/aggregation. All routed (no spanning-tree at all).Now...I have to add an IBM BladeCenter with a BNT layer 3 switch to my topology. However, those nasties don't seem to support routed ports.How can I have a routed port on my cisco switch and a standard access port on the BNT and still establish an adjacency with an SVI? I am running OSPF, but I am labbing this in my home lab with 2 x 3550s and EIGRP.
On SW2: *Mar 1 00:57:00.711: EIGRP: Received HELLO on Vlan100 nbr 10.1.1.1 *Mar 1 00:57:00.711: AS 999, Flags 0x0, Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 *Mar 1 00:57:02.303: EIGRP: Sending UPDATE on Vlan100 nbr 10.1.1.1, retry 9, RTO 5000 tid 0 *Mar 1 00:57:02.303: AS 999, Flags 0x1, Seq 17/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1
Is L3 ip routing on by default in 3550s? If so is the "ip routing" command visible in the config file? If no - I assume that one would enable L3 routing with that config command.In general terms are there any IOS devices where ip routing is enabled and one would not see the "ip routing" command in config. I.E. if that command is not visible in the config could you assume there is no L3 capablity in that device?
I'm having some problems setting up vlans to talk to each other on a 3550-12T switch. Its quite a simple setup I have, but I need to split my network up.
Currently I have a network of 192.168.25.0 255.255.255.0 I want to create a new vlan network of 192.168.30.0 255.255.255.0 So I have configured my vlan1 (default vlan) to have an ip of 192.168.25.250 for getting to the management page
I have created a vlan2 of 192.168.30.1 255.255.255.0 ?I have a port 10 linked to one of my 3560G's?In port 9 which is on vlan2 I have my pc plugged in with a static ip of 192.168.30.50 from the router I can ping any device on 192.168.25.x.
I can not ping 192.168.30.1 (which is my vlan2) nor can i ping the PC.
I have enabled ip routing But I dont have a default route, this is becase we don't have a router on the network.
I've been working with these two Cisco devices in my home off and on for several months now but I just can't take it anymore, I'm about to throw them away and go back to Linksys router.
I have a Cisco 2600 Router with only one Ethernet card in it so I have to trunk from my 3550 Switch to that device. I'd like to have my ISP and all users plug into switch and all trunk back to the router's sub interfaces. Currently, I have started over...again, and am unable to simply get the router and switch to ping each other if I put sub-interfaces on the router. See my configs:
2600 ROUTER: Router#sho run Building configuration... Current configuration : 555 bytes [code]......
3550 SWITCH: Switch#sho run Building configuration... Current configuration : 2302 bytes ! version 12.2 [code]..........
Port F0/24 is in VLAN 1, as are all ports but Port F0/1 which is my desktop PC. I mocked it up in Packet Tracer and it works just fine. This is just a simple setup and I'm making sure I can ping between switch and router before I move to each next step.
I've problem with IP SLA probes between two different routers.2900 (c2900-universalk9_npe-mz.SPA.151-4.M4.bin) here is set "ip sla responder" only and 2800 (c2800nm-advipservicesk9-mz.124-24.T2.bin) here is set two type of tests "udp-jitter" and "icmp-jitter" - temporary, used to check for availability of 2900 router.As a result, I've what udp-jitter doesn't work at the same time icmp-jitter test is OK.Here are the settings of IP SLA tests
ip sla 281 icmp-jitter 172.25.28.1 source-ip 192.168.28.6 num-packets 100 tos 128 frequency 120 ip sla schedule 281 life forever start-time after 00:05:45
The situation include 2 cisco routers an 2 switch 3550
so we have Router A in Vlan x access ----->Sw1----Trunk----Sw2<------Vlan y Access Router B I 've to enable rip1 on guys A and B ONLY !!! Avoiding any kind of tunnel I though it was all around fallBAck bridging ... but after days of tries ...
We're looking at implementing a new phone system which will use voice over ip. Currently we have a mixture of Cisco 3750 and Cisco 3550 switches which don't support power over ethernet. Its been suggested we could continue using the current switches and power the new phones using power adapters.
Int terms of implementing qos (we don't have any at the moment) for the voice will a Cisco 3550 be OK and will having a mixture of different models using 3550 and 3750 pose any challenges with the qos policy for the voice. I believe there are differences in that the Cisco 3550 doesn't support srr-queues but having little experience with qos I'm not sure what impact this will have if any?
I am having issues working on my QOS between 4510 and 3550 switch connecting on layer 3 through a service provider. I have class maps and policy map setup on both sides and then policy map attached to interfaces however i dont see any traffic matching in policy map on 3550 switch, i do see some traffic matching on 4510 but the speed with which its increasing has my doubts about it. When i make voip calls ( VOIP switches are sitting behind 3550 and are mainly 3550 pwr 24 port switches with phone ports configured for auto qos voip cisco-phone and trusting cos) i rarely see the RTP matching in class under policy map.
im trying to install a ios 12.2v on my switch. when the screen prompt it does not show me the user move symbol " SW1> ". all i see is " SW:" and from there i can not enter the commands to download from tftp server !
Is there any official Cisco reference to describe what is considered to be the highest acceptable production CPU load on 2800 routers? I found the document "Integrated Services Routers G2 - Performance Overview" that states at page 5,Most service providers set their CPU alarms to 60 or 65 percent. Many enterprise customers are comfortable running production networks with CPU around 70 or 75 percent.
I have a problem to create a VLAN with a Cisco 2801.,I need to have base ports FastEthernet 0 / 0 and FastEthernet 0 / 1, in the same VLAN. Basically I'm trying to switch access redundacion, now I have redundant switches in which I have the servers, but if one of these switches fails, and,coincidentally is where I have connected the router, the server runs out of internet connection.,I idea is to connect the FastEthernet 0 / 0 to a switch, and FastEthernet 0 / 1, to the other switch,but I managed to have these two ports in the same vlan, in order to have a unique IP for both FastEthernet ports,As I can do this?. do is a lot of documents using the switchport command, but this command is not available in my router, I tried different IOS, and nothing.,currently I have the following IOS: c2801-adventerprisek9-mz.124-24.T6.bin
I have a 2800 router and tried so many ways to block the unwanted sites on my office network.Like access list ip based, null0 routing and policy map. Faced issues with below config
1. Creating Access-list. very difficulty to block the sites with https those sites will be opend, and we cant block all the IPs
2. Creating null0 routing. it also a bit deficult the block maximum sites because we can't fiend all IPs for those sites
3. Policy map.. with policy map we can only 1site we can block, but not more than one..
I heard that port based routing or port based access-list are the best ways to stop the websites in my local network..for this one i need to map the site to unsued ports then i need to null rouging or need to create the access-list.
I have a cisco 2800 router.. (flash:/c2800nm-advsecurityk9-mz.151-4.M4.bin, Version 12.4(13r)T11) configured DHCP, DNS, NATING and Bandwidth restriction...And to stop some social network [URL] i configured ip route 126.96.36.199 255.255.240.0 Null0 (rang of facebook address) But still i am able to open facebook.com in my network...
ADMIN-II_2811#sh run Building configuration... Current configuration : 1812 bytes ! ! Last configuration change at 17:26:33 UTC Sat Nov 24 2012 version 15.1 service timestamps debug datetime msec service timestamps log datetime msec
Needing to upgrade IOS on 2800 router from c2800nm-advipservicesk9-mz.123-14.T7.bin to c2800nm-advipservicesk9-mz.124-15.T13.bin. I noticed ther are several other files on the old code that may needed for booting up router but Im running low on memory. The other existing files are ;
I'm trying to turn off SSH version 1 & 2 to pass PCI compliance. Problem is, I cannot touch the VPN link between the two offices. I'm afraid the PKI certificate used for the VPN will be deleted if i zeroize the RSA key which seems to be the only way to stop the router responding on port 22.
Here is the stuff from the running config related to the crypto map: crypto isakmp policy 1 encr 3des authentication pre-share group 2 [ code].....
I'm only CCNA so I'm not even sure if the certificate or RSA key is being used for the VPN link, but I can't tell from the running config that zeroizing it would be a good idea and not break the VPN. I'm open to other ways of disabling SSH, as we are able to just connect using a console cable. But it looks like denying port 22 with an access-list doesn't even stop the router from responding to the port.
we have two core swiches 6506 and around 55 cat 3550 switches. currently we are on the process of replacing the cat 3550 switches to 3750 switches.We need 10/1000/1000 speed, ip base image with upgrade options. Our up links from cat 3550s(sfps) are single mode and dual mode fiber mode with 1 gbps ports on core switch.
At present we are not upgrading to 10 gb modules on core. Spread over 15 floors each floor needs 2 up links(single mode , and dual mode). since cat 3750 sfps are smaller in size existing gibics cannot be used. Looking for the best option of cat 3750 switches with 1 gb up links which can be upgraded to 10 gb later when we replace the modle on core. Requirements:
1- Cat 3750 switches 55 in no with sfps for 1 gb up link (dual mode fiber and single mode fiber)
2- stacking option
3- 10/100/1000 speed
4- ip base image upgradable to ip service image
5- ipv6 compatibaility. Network is spread over 15 floors so from each floor we need two sfp up links 1 gbps using dual mode and single mode
-6-Should be upgradable to 10 gb in future when we upgrade the core modules
Or is it better to go for 10 gb module in core as well as edge switches ? if so what should be the modules?
We have a metro Ethernet service, basically our WAN connection, that we use to connect 4 sites. This MOE service has a CIR of 200 Mbps, connected to a port on a 3550-12T running Version 12.1(22)EA5 at 1000 Mbps. We are exceeding our CIR at times during the day for short bursts which is causing the MOE switch to drop packets, which I suspect I am seeing manifest itself in some choppy VoIP conversations and dropped ICMP packets from our network monitoring software. I implemented policy maps to apply an outbound service policy to the interface connected to the MOE service, but I am not seeing any matches to the access lists or the service policy. I’m not sure if I am missing something or perhaps the IOS is not capable?
Below is the config for the service policy and some command output. Notice that there are hits on a statndard access list that is used for other purposes, but the extended access lists used for the class maps have no matches.
! class-map match-all REALTIME match access-group name REALTIME
confirm whether the Catalyst 3550 with IOS Rel. 12.2(44)SE is compliant with POE IEEE 802.3af? I see some conflicting informaiton on Cisco's web site. Before Release 12.1(22)EA2, Catalyst 3550 PoE-capable switches (without intelligent power management support) caused high-power powered devices that supported intelligent power management to operate in low-power mode. Devices in low-power mode are not fully functional.
IEEE 802.3af—The major features of this standard are powered-device discovery, power administration, disconnect detection, and optional powered-device power classification. For more information, see the standard.
1)Configured 3550 as layer 3 switch and create a default route to 192.168.2.254
2) Configured 2 static routes(for 2 vlan range traffic) and one default route to 192.168.3.254
3) ip pass through is not configured yet, still the public ip is configured at the isp router
1811 static route configs ------------------------------------ Ip route 0.0.0.0 0.0.0.0 192.168.3.254 Ip route 192.168.1.0 255.255.255.0 192.168.2.1 Ip route 10.0.1.0 255.255.255.0 192.168.2.1 3550 static route config -------------------------------------- Ip route 0.0.0.0 0.0.0.0 192.168.2.254
Testing results 1)All lan communications are working fine(inter vlan also), ping to all servers from router is getting and ping to outside public ips are getting from router,but not getting ping from switch 3550 to 192.168.3.254 and any of the public ips(internet).
I have an Cisco 3550 48 SMI running IOS (tm) C3550 Software (C3550-I9Q3L2-M), Version 12.1(13)EA1a. Software advisor says that I can only update to Version 12.1(22). The software download area tells me that the latest version is 12.2(44).
know if I could use the latest 12.2? Or has the hardware changed with the IOS versions?
I have a customer who has a Cisco 2821 router with software 2821/HSEC/K9 and they wish to upgrade to C2821-VSEC-SRST/K9.From my understanding they want to use the same router but install an IOS with the capabilites it has at the moment but with voice. [code]How do I go about pricing this up and what upgrade sku's will do this?I am not to worried about the memory.Is it just a simple ios upgrade as the srst licenses are on a trust basis?