Cisco Switching/Routing :: Enable Netflow Fo 4506

May 8, 2013

I have 4506 with below sup, my requirement is to enable netfolw , but as i came to know that it is not supported in this sup, is there any additional option which can be explored to get the netflow working without replacing sup.

Card Type                                                     Model         
-------------------------------------------------------------+-----------------------
Sup 6-E 10GE (X2), 1000BaseX (SFP)     WS-X45-SUP6-E    

View 4 Replies


ADVERTISEMENT

Cisco Switching/Routing :: How To Enable NetFlow On 3750

Mar 17, 2013

I have a 370 with C3KX-NM-10G module & i want to enable NetFlow on it did the specified configs  
 
Step 1 Flexible NetFlow Flow Recordsflow record miketestmatch datalink source-vlan-idmatch datalink dot1q prioritymatch datalink mac source-addressmatch datalink mac destination-addressmatch ipv4 versionmatch ipv4 tosmatch ipv4 ttlmatch ipv4 protocolmatch ipv4 source addressmatch ipv4 destination addressmatch transport source-portmatch transport destination-portmatch interface input physical snmpcollect interface output snmpcollect counter flowscollect counter bytescollect counter packetscollect timestamp sys-uptime firstcollect timestamp sys-uptime last flow record miketestegressmatch datalink destination-vlan-id  match datalink dot1q priority  match datalink mac source-address  match datalink mac destination-address  match ipv4 version  match ipv4 tos  match ipv4 ttl  match ipv4 protocol  match ipv4 source address  match ipv4 destination address  match transport source-port  match transport destination-port  match interface output physical snmp  collect interface input snmp  collect counter flows  collect counter bytes  collect counter packets  collect timestamp sys-uptime first  collect timestamp sys-uptime last Step 2 Flexible NetFlow Flow ExporterFlow exporter export-to-samplicatorDestination 10.1.1.8source Vlan1Transport udp 2055option interface-table timeout 60 Step 3 Flexible NetFlow Flow Monitors# Tie the Flow Monitor to the Flow Recordflow monitor mikektestrecord miketestexporter export-to-samplicatorcache timeout active 60flow monitor mikektestegressrecord miketestegressexporter export-to-samplicatorcache timeout active 60 
 
& Applied it to g1/1/1 but without any luck , if netflow works on the

TenGigabitEthernet1/1/1 &
TenGigabitEthernet1/1/2
 
Only i have four switches stacked and nothing plugged to the

C3KX-NM-10G module

View 1 Replies View Related

Cisco Switching/Routing :: How To Enable Netflow Export On ASR1001

Nov 3, 2011

To enable netflow export on ASR1001, do i need the firewall feaure license or not ?Docs are not really clear, NBAR requires FW license, but i am unsure about Netflow?

View 1 Replies View Related

Cisco Switching/Routing :: Unable To Enable Netflow On Cat 4503-E (Sup7-E)

Dec 17, 2011

I am working with a Catalyst 4503-E with a Sup7-E. I'm trying to enable Netflow, and I have read the following guides: Catalyst 4500 Series Switch SW Configuration Guide, Release IOS ...
 
I have also enabled Netflow in IOS 12.1/12.2 and figured the process was similar (It seems to be). CEF is enabled, and I have all the pre-reqs according to the document above, however, the flow commands don't exist, they simply say "command unrecognized". I have included my sh version below.
 
sh version (edited):
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.01.01.SG RELEASE SOFTWARE (fc1)

[Code].....

View 2 Replies View Related

Cisco Switching/Routing :: 4948 - Difference Between Netflow / Netflow-Lite

Mar 13, 2012

Any major difrrence between Netflow v/s Netflow-Lite?
 
I am trying to understand if Cisco 4948E can do the same job as Cisco 4500E or not and difference between Netflow v/s Netflow-Lite will work for me to select correct product.

View 2 Replies View Related

Cisco WAN :: 6509 - How To Enable Netflow / Configuration

Jan 21, 2013

Below is the show ver of 6509 switch , how to enable netflow
 
sh ver
Cisco IOS Software, s72033_rp Software (s72033_rp-IPSERVICESK9_WAN-M), Version 12.2(33)SXI7, RELEASE SOFTWARE (fc1)
Technical Support: [URL]
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Mon 18-Jul-11 05:50 by prod_rel_team 

[code]....

View 2 Replies View Related

Cisco Security :: How To Enable Netflow On ASA 5540

Sep 3, 2008

How to enable Netflow on the ASA5540

View 10 Replies View Related

Cisco Switching/Routing :: Access Layer Switching With 2960 / 3560x / 3750x And 4506

Jan 17, 2013

My management has tasked me to give them a high level overview of the different switching we can choose for our new building.
 
This is what I know so far.4 Closets, each closet has 450 ports,One MDF room that is will contain one UCS Chassis and a Nimble iSCSI SAN.
 
I am working on the spreadsheet and it looks like this (Not totally filled):

2960s3560x3750x45064510Approx cost (Each, 48PORT, POE+, 10G uplink, Dual PS, IP BASE)
6K7K8K45K75KMax Capacity192432432192384Backplane speed206464520520ProLeast ExpensiveStackable to 9Stackable to 9ProDual PSDual PSDual PSDual PSDual PSProLayer 3 opt
Layer 3 optDual SupsDual SupsConExpensiveExpensiveConNo Dual PSConLayer 2 OnlyCannot stack more than 4 
For the MDF I would like to use 2 Nexus 5548's with FEX's, and the layer 3 daughter board.  For the IDF's I was thinking of two 4010's.

View 12 Replies View Related

Cisco Switching/Routing :: Catalyst 4506 / Routing For Internal And Guest Network

Dec 19, 2011

I am implementing a guest wireless network to work alongside my internal network. The guest network will use the existing switching network and will be separated by VLANs. I have the ASA set so that traffic can get to it and out to the Internet. I can set up a workstation on the same VLAN as my guest network and can route inside my network (strictly doing this for testing purposes). Where I am having problems is with the Catalyst 4506 switches and the ip routing. I had two separate "ip route" statements defined on my switches.
 
ip route 10.200.2.0 255.255.255.0 10.200.2.254
ip route 0.0.0.0 0.0.0.0 10.100.100.254
 
I have discovered that the traffic is always following the default route despite the fact that my IP address on my test workstation falls in the 10.200.2.x network.  I was looking at documentation and found that it is possible to set up policy-based routing on the core switches. Can you have two "ip route" statements defined like this to segreate traffic or do I have to use PBR for routing (or a combination) in this case? If I define PBR then how does that impact my existing routing? I need to make sure that I can still route the existing traffic while I'm configuring this change.

View 9 Replies View Related

Cisco Switching/Routing :: 4506 Resilient Routing Design With OSPF

Aug 27, 2012

We have 2 sites, each with 2 x 4506 switches which will be connected togther using an etherchannel. The switches will provide access ports for client devices and will be configured with HSRP to provide gateway redundancy. SW1 will be HSRP active.2 metro ethernet links will be installed in each site which will connect back to our HQ sites. OSPF will be used over the backbone to provide resiliency and to allow shortest path routing to each HQ and to prevent traffic over the HQ to HQ link.

The 4506 will be trunked togther with an SVI for providing OSFP adjacency.For the traffic flow from SW2 to HQ2, traffic will hit SW1 and then route back to SW2 and then to HQ2. Is this the best way to do this? Should a second link be connected between switches just for routing or should something like GLBP be used?

View 6 Replies View Related

Cisco Firewall :: Enable Netflow On ASA 5505 For Vlan And Interfaces

May 17, 2013

How can i enable Netflow for each Vlan Or interface indvidually  in Cisco ASA? currently i have setup Netflow and only 2 interfaces are shwoing traffic for Netflow which are not even as my physical or Vlan interfaces . (see screen shot )
 
EscapeASA# sh interface ip brief
Interface                  IP-Address      OK? Method Status                Protocol
Internal-Data0/0           unassigned      YES unset  up                    up

[Code].....

View 9 Replies View Related

Cisco Switching/Routing :: 4506 Connecting Switches Together With IP Routing

Aug 31, 2012

CiscoSwitch1(4506) has 3 VLANs(12,13,14) and Switch2(4948) has 3 different VLANs(22,23,24) and IP routing has been enabled in both switches with SVI interfaces for each vlan. intervlan routing is works fine.Now there is a requirement to connect these switches together. Vlan 12 on the Cisco switch 4506 has to be made available from vlan 22 from Switch2(4948).  basically Vlan 12 is having a multicast source (225.0.0.0 & 226.0.0.0) which should be accessabile from vlan 22 of  cisco switch 4948.I got 2 ideas

1)  Create a trunk between these switches and configure L2 vlan(12) in cisco 4948...i know theoritically it should work but what my concern is Ip routing enabled in both switches will it create any issues? is it a gud solution to this requirement?

2) Create a separate IP network on the ports connecting to both switches and set up routes to the networks.ex- console(config)#ip route 192.168.10.10 255.255.255.0 192.168.20.1.

View 8 Replies View Related

Cisco Switching/Routing :: 4506 / 6506 - Multicast Routing

Mar 8, 2013

I am configuring multicast in a environment where I have a 4506 at each site (4 total) and a 6506 as the core. Each 4506 is connected via layer 3 to the 6506. I have a mix of 3560s, 3548s, and 2960s connected to the 4506s and the 6506 via layer 2 trunk
 
I have multiple multicast sources and hosts communicating at a time (multiple cameras sending video / multiple computers receiving video).  So this is not a scenario where there is 1 sender and many receivers.  This would be many senders (~50) and some receivers (~10)
 
Sample Diagram:
 
->3560
|
6506 --> 4506 --> 3548
|   |
|    --> 2960
|
4506 --> 2960
|
-->3548
 
I configured ip multicast-routing on each of the 4506s and on the 6506. IGMP snooping is on by default on the 3560 and 2960 switches. CGMP is on by default on the 3548 switches.
 
I set up PIM sparse-dense mode and IGMP version 3 on each of the layer 3 interfaces for the 4506s and 6506 where they connect and on each VLAN that is sending or receiving multicast. Multicast is working throughout the network, however I am looking to verify the configuration as I scale this out to more clients on the network. 
 
#1 - Is it correct to us sparse-dense mode in this configuration?
 
#2 - Do I need to configure a rendezvous points using AUTO-RP? (ip pim send-rp-announce INTERFACE scope TTL). Not sure here if I need to designate this and what to choose.  Right now I do not have this and it is working, but documentation seems to infer that I need to designate this.
 
#3 - Is there any other configuration settings I should be considering?  I hard to find real world configurations of multicast as examples or people that know multicast routing well.

View 3 Replies View Related

Cisco Switching/Routing :: 4506 - Upgrading Sup V To A Sup 7 Engine

Jan 4, 2013

I am currently running a 4506 with a sup V engine.  I have purchased a sup 7 engine.  Is there a guide on how to perform this task.  I am sure I need to do an IOS update as well.

View 2 Replies View Related

Cisco Switching/Routing :: Replacing SUP 6L-E With 7L-E On 4506 Switch

Dec 6, 2012

We have sup engine 6L(WS-X45-SUP6L-E) on two 4506 switch. both switches connected in LAN (HSRP primary and Secondary).
 
We are going to replace it with Sup7LE. What is the best procedure to get this done with minimal outage?Any other important thing to be noted ? Note : We have Lincence for SUP 7LE

View 2 Replies View Related

Cisco Switching/Routing :: PXE Failing With DHCP On 4506?

Jun 11, 2012

We are attempting to PXE boot from clients obtaining their DHCP lease information from DHCP pools configured on our 4506.  The PXE server, and the client are configured in separate VLANs.  We have configured option 66 to point to the PXE server IP address, and the bootfile option to point to the PXE boot configuration filename.  On the client side SVI, we also have configured the ip helper-address command to point to the PXE server (which also acts as another DHCP server for redundancy).
 
The PXE boot continuously fails stating it is unable to find the configuration file.  If we remove the DHCP pool from the 4506, and allow the client to receive their DHCP lease info from the secondary server (Windows 2k8 - same server as PXE server), they PXE boot with no issues.
 
We have no problem obtaining DHCP info, just completion of the PXE process.

View 6 Replies View Related

Cisco Switching/Routing :: Catalyst 4506-E With SUP 7E Connection

Mar 19, 2013

Does SUP 7E is comatible with IOS? It came with IOS-XE preloaded and there are no IOS software listed under downloads.

View 3 Replies View Related

Cisco Switching/Routing :: 4506 Switch Is Not Booting With New IOS

Apr 7, 2012

Yesterday I've faced a Problem that is not letting me boot with the new IOS.
 
Actually I'm planning upgrade IOS which supports SSH. As part of plan I've downloaded the new IOS image and uploaded via TFTP server to the switch.
 
After uploading to the switch. I've verified image and MD5 hash also. Everthing is fine. Then after I set the boot variable for the newly uploaded Image.
 
 
When I'm rebooting the Device it is not taking the new IOS. It's booting with the OLD image. Even It's not showing any error message while rebooting (ACTIVITY FILE ATTACHED FOR YOUR REFERENCE) I can't take risk by deleting the old IOS.

View 1 Replies View Related

Cisco Switching/Routing :: No Inline Power On A 4506-E Port?

Oct 24, 2010

We have just purchased and installed a 4506-E chassis.  It contains a supervisor, two POE blades and 3 non-poe blades.  Version is 12.2(53)SG1.  Anyhoo, one of the ports isn't providing power to an IP phone.  We can plug the phone into any of the other POE ports and it works fine.  Is there a way to test an idividual port for POE problems?  What could the problem be?  The port works for normal data but will not provide power.

View 12 Replies View Related

Cisco Switching/Routing :: Unsupported Module Showing On 4506

Dec 4, 2011

We ordered the wrong part number for a Cisco 4506 non-E chassis, the part number is: WS-X4624-SFP-E and the device is showing "Unsupported module"; What would the part number be for the non-E? WS-X4448-GB-SFP,Catalyst 4500 48-Port 1000Base-X (SFPs Optional)  ?

View 1 Replies View Related

Cisco Switching/Routing :: LACP Over Dot1q Tunnel With 4506-E And IOS 15

Mar 14, 2013

i'm desperately trying to get LACP working over a dot1q Tunnel. The "Service Provider" Switches are two 4506-E Switches with SUP7-E connected via a 10G Link, running on cat4500e-universalk9.SPA.03.03.00.SG.151-1.SG
 
sample config:
 
dot1q tag vlan native
interface GigabitEthernet3/1
switchport access vlan 2001

[Code].....

View 4 Replies View Related

Cisco Switching/Routing :: Portchannel Between 6509 And 4506 Does Not Come Up After Reloads?

Jun 8, 2012

a 6509 and a 4506 with 2, 1gb interfaces in a portchannel.   Bring it up and everything is fine.  Save the config and reload either switch and the interfaces stay in Not Connected state.  Either doing a No Shut or a physical unplug the SFP and plug it back in will bring it up with no issues.  Interfaces do not go into Err Disabled state they stay in Not Connected like there is no fiber plugged into it.  No error mesages in the log.  The Just the Interface is now up.Both are running very new code,
 
6509 - s2t54-ipservicesk9-mz.SPA.150-1.SY1.bin (  15.0.(1)SY1  )
4506 - Version 03.02.00.XO

View 1 Replies View Related

Cisco Switching/Routing :: 4506 Install New Supervisor / IOS Will Automatically Set Everything Up

Aug 12, 2012

I have "inherited" a Catalyst 4506 with IOS version 12.2(20)EWA1 and Supervisor IV already installed.  We recently purchased a second Supervisor IV and I am looking to install this second supervisor for redundancy.  Is there anything special with installing a second supervisor or so I just physically install the new supervisor and the IOS will automatically set everything up?

View 3 Replies View Related

Cisco Switching/Routing :: Core 4506 HA And DHCP Redundancy?

Dec 18, 2012

I have a setup with two Cat 4506E working as a HA,I used a bundle 4Gb interfaces working as ether-channel,I'm facing a problem with DHCP pools on the both SW's,There is no problem if I use the pools on one sw,But when I but the pool on both sw's then I faced a lot of conflict IP in the DHCP pools,How can setup a real DHCP redundancy on both SW's,

View 6 Replies View Related

Cisco Switching/Routing :: Catalyst 4506 Choosing Appropriate SFPs

Mar 25, 2013

My inherited network has a Cisco Catalyst 4506 with a WS-X4124FX–MT fiber card that connects to twelve Cisco 2950 switches over 62.5 micron multimode fiber at 100 Mbps. I do not know my run lengths (or even where the conduits run), but the furthest switches are well over a thousand feet from the server room. Any appropriate test equipment to provide this information soon.

We are looking at upgrading the main switch to a Catalyst WS-C4507+E with two WS-X4712-SFP+E cards and the closets to Cisco 2960S-48TD-L switches. Assuming this is a reasonable move, my question is about choosing the appropriate SFP’s for our current and future needs.

I am aware that 62.5 micron multimode fiber is the least favorable for extended lengths, but I will not be in a position to replace it for at least a year. If I purchase 10 Gbps modules, like the SFP-10G-SR or SFP-10G-LRM, can they “throttle down”, either automatically or by setting a parameter, to communicate at slower speeds over distances that exceed their 10 Gbps maximum link lengths on multimode fiber?

View 1 Replies View Related

Cisco Switching/Routing :: Restricting Mac Addresses On 4506 Switch

May 14, 2013

We want to permit certain mac addresses on the cat 4506 switch wherein only those mac addresses will get access to network.
 
Configuration Planned: For testing purpose we have created mac access list on cat 4506 and deny laptop mac address in this access list. The mac access group is applied to the port where the laptop is connected to cat 4506.Even after applying the mac access group on the port, the laptop is able to ping the vlan ip of cat 4506 [code]
 
laptop with ip address 192.168.10.2/24 connected to port 2/1 is able to ping 192.168.10.1 even after applying the mac access-group
 
Note-we have tested same configuration on cat 3560 and its working fine. We apply the mac access-group command on interface and clear the arp-cache and we are not able to ping vlan interface ip. The moment we remove the mac access-group,ping starts again.

View 4 Replies View Related

Cisco Switching/Routing :: 4506 - Cannot Manage One Switch Via Network

Nov 30, 2011

I have three 4506 switches with vlan 4 set as the management vlan. Switch 1 is connected to switch 2 and switch 3.
 
I can access switch 1 and 2 using telnet from the management vlan and both switches reply to pings. But from switch 1 or 2 I cannot ping or telnet switch 3. If I plug into switch 3 and I can ping and telnet switch 3 but not switches 1 or 2.
 
It is as if the management vlan 4 is not being passed to/from switch 1 and 3. The configs for the uplinks from switch 1 to 2 and 3 are the same. And the configs for switches 2 and 3 look the same apart from the port settings.
 
I have over 40 vlans running all that work fine between all the switches.

View 28 Replies View Related

Cisco Switching/Routing :: 4506 - Interface Access-list

Nov 14, 2011

I have one computer connected to the 4506 that management does not want this PC to have access to anything on our network except our DHCP server and the one printer that resides on our network.  I created an extended access list as follows.  Our network is the 10.10.x.x and the external addresses the PC needs to access is 11.1.x.x.  Once this PC is rebooted, it is unable to access DHCP to get the needed IP address it bounces back to a 169.x.x.x address and stops working.
 
Extended IP access list 2000
permit tcp host 10.10.200.242 host 11.1.200.1                           (gateway)
permit tcp host 10.10.200.242 host 11.1.2.151 eq smtp              (access from the pc to external server for smtp)
permit tcp host 10.10.200.242 host 11.1.2.149 eq 5721              (access from the pc to external server for remote access)
[ code]...
 
Then I applied the access-group 2000  on the interface the PC is connected to. What am I missing for DHCP to work and for this PC to always get the ip address that is reserved?

View 3 Replies View Related

Cisco Switching/Routing :: 4506 HSRP Active To Standby And ARP Impact

Mar 4, 2013

I am running HSRP on three 4506 switches..S1(active) S2( standby) and S3(listen)..S1 is active for all the vlansRight now, I wanted to  make S3 active for two vlans: vlan 10 and 19What would be the impact to the end hosts?Also, can you tell me why the arp is not syncing for all the three devices? [code]

View 4 Replies View Related

Cisco Switching/Routing :: 4506 - Both Switches Booted / Ignored Start-up Config

Nov 30, 2011

I have two 4506 switches in my organization. Recently the office was relocated and when both the switches were booted they ignored the startup config.The config-reg was set to 0x2101. No boot system command was configured.So  I changed the config-reg of SW1 to 0x2102 and gave boot system command as stated below.When reloaded the switch booted to ROMMON and I had to manually boot the IOS.I want them to boot normally with IOS.Config of SW2 is not changed since relocation. I am specifying both configs bor your consideration. [code]

View 12 Replies View Related

Cisco Switching/Routing :: 4506 - Show Authentication Session On Interface

May 17, 2012

I'm dealing with a 4506 switch that whn I try to apply "sh auth sess int xx" I get "Invalid Input Detected" ... Is there any way that I can get the authenticated session over a port even if I can't apply "sh auth sess int"?

View 1 Replies View Related

Cisco Switching/Routing :: QoS Limit Specific VLAN Within Trunk 4506

Jan 25, 2012

Need to limit the amount of bandwidth a specific VLAN can use on a 802.1q trunk port. Situation is that we have a pair of Catalyst 4506 switches which have 802.1q trunk ports into a Checkpoint Firewall, this in turn is connected to a managed WAN router (to which I can't apply a QoS policy).If the 4506 was routing the traffic it would be easy to setup a class-map to match the IP traffic and then QoS the traffic, but the VLAN in question is trunked directly into the firewall (no L3/IP presence on the 4506 next hop for all clients on this VLAN is the firewall).What I need to do is restrict any traffic from this specific VLAN to 10Mbps on the uplink to the Checkpoint Firewall so it cannot impact the onward WAN.

View 1 Replies View Related

Cisco Switching/Routing :: Upgrading IOS Images For SSH Support On 4506 With Single Sup IV

Jan 18, 2012

I have been asked to upgrade the IOS images on three 4506 switches with a single Supervisor IV engine in each to allow for SSH2 access.The current image is cat4000-i5s-mz.122-25.EWA.bin..I have uploaded cat4000-i5k91s-mz.122-25.EWA14.bin to bootflash on each Supervisor engine.The ROM on each SUP IV is 12.1(20r).  I don't want to have to upgrade the ROM version.Will the cat4000-i5k91s-mz.122-25.EWA14.bin image retain all the current features of the current image and provide SSH2 support, without requiring a ROM upgrade?Each switch has 512 Mb of RAM.If this image will accomplish what I want, what are the commands used to select the new image from bootflash.  I'm familiar with image updates on fixed chassis switches using the boot system flash command.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved