creating an Access List on my Intervlan network.how I create my network.I've managed to get the Inter-vlan working and my problem now is to restrict some vlan from accessing one another.
- I've enabled IP Routing on 3560 switch.
- All vlans can PING each other.
- All vlans can access the internet (172.16.1.2)
Between our hosting and a customer we have an extended vlan, traveling on a fiber, between two cisco 3560 switches.The thing is, that we want to create one or more vlans inside that extended vlan, in some way if possible?
View 3 Replies View RelatedI am trying to get my workstation to talk to a workstation on a different sub-net through a Cisco 3560 switch. The switch is running the following IOS version: [code]
My primary network is 172.16.0.0 and I am trying to connect to a device on a 192.168.111.0 sub-net. [code]
What would be the best way to get the two workstations talking via the switch?
Looking for input/thoughts on the upgrade of our 3560's and 3750's while on production network.
While we could remotely send the IOS over the network to the device, I'm concerned about errors and the lack of physical control of the device. So, the thought is to just go to the comm closet, plug in with laptop to the console port, and upgrade the IOS over the console port. But this would require xmodem, correct? I know the fastest way would be to a. configure an empty fa0/0 port to no switchport, add an IP address, and use tftp. BUT, we would have to isolate the switch from the production network while connected to it with our laptop. Otherwise, our laptop would be seen on the network as an unknown device, and there would be repercussions...
So, we console into the device, and u/l the IOS that way. Is there a way to increase the baud rate on the switch to 115200, change putty to 115200, then do the x modem? I just say we should shut all the ports to isolate the switch from the network, then tftp the IOS to the switch. Unplug, reopen the ports, then reboot the switch.
How many secondary network config possible???
Switch - Cat3560
IOS Ver 12.2(50)se5
I have a CAT 3560 connected to a ISR 2911 The 3560 has 2 subnets ( 192.168.1.0 /24 and 10.10.10.0 /24) The 2911 has interface GigabitEthernet0/1 on the 192.168.1.0 /24 and another GigabitEthernet0/0 on a WAN connection 172.16.7.246 I need to NAT both the 192.168.1.0 /24 and the 10.10.10.0 /24 to the single address 172.16.7.246 I have to use route-maps . I have IPSec VPN's and ZBF on the 2911 My problem is the NAT does not work for the 10.10.10.0 /24 network!Why?is my only option to use trunking between the 3560 and 2911 and subinterfaces on the 2911? I want to avoid sub-interfacing.
=============================================================
On the Cat 3560=====================!vlan 40name the 192.168.1.0 /24 subnet!vlan 60name the 10.10.10.0 /24 subnet!interface FastEthernet0/7description Connection to Router Gig0/1switchport access vlan 40!interface FastEthernet0/16description Connection pc host on the 10.10.10.0 /24 subnetswitchport access vlan 60!interface Vlan1no ip address!interface Vlan40ip address 192.168.1.4 255.255.255.0!interface Vlan60ip address 10.10.10.10 255.255.255.0!ip classlessip route 0.0.0.0 0.0.0.0 192.168.1.1
=========================
The host on the 10.10.10.0 /24 network has the 10.10.10.10 address as it's default gateway The host can not access the WAN thru NAT....
I have 5 linux and 3 Microsoft 2008 Servers, each connected to 2 Cisco 3560 Switches. The 2 Cisco 3560 switches are connected to 2 different Cisco 515e Pix. Is it possible that if i enable Port SPAN in any of the switchport and send a copy of traffic to any of the windows 2008 server, will i be able to monitor the bandwidth of the servers (Here I am only looking for traffic going from servers to PIX and then to internet, also vice versa).
Also will wireshark be able to differentiate specify the bandwidth of each servers seperately ?
i have 300 user in network in 2 building and firist buiding 5 flors.i use subnet /22.i have core switch 3500xl fiber and 8 swith 3560 and my network have 2 router one for adsl and other for mpls so i want upgrade it to make voip network and wireless
so if i need replace switch what i model and how many?
Our network feels slow and trying to find the best way to investigate this properly. We have Cisco chassis 4500 with mix of 3560/2950 Edge switches 1GB backbones and WLC/WCS in place. The network is broken into multiple V LANS and IOS on our switches haven't been updated in 3-4 years.
On a wireless laptop (G) with get throughput of 1-2MB/s transfer speed with usually 10 clients per AP and LAN we get anywhere between 7-15 MB/s transfer. Using wire shark on a wireless laptop we see a lot broadcast traffic from other clients and the same for LAN. What is the best way to troubleshoot performance issues on the network and where do I start?
Cisco 3560 does not support "set ip next-hop verify-availabilty". I need this command in my config. "set ip next-hop" do not do the same job.
View 8 Replies View RelatedThe last few days I've been exploring options in getting rid of some old routers accross a wan connections. I have a cat 3560 to play with and I thought I would try and use the no switchport command test out routing with switch. I've got some type of route issue and I tried a few things which I thought would fix the issue but had no effect. I'll post the config and a few commands so you can see what the basic setup is.
Here we can see in the arp that it knows about both 10.7.1.2 (PC unable to ping 10.3.3.254) as well as 10.3.3.254 (ASA).I tried adding in a ip route of 10.7.0.0 255.255.0.0 10.3.3.110 as well as 10.3.3.254. Neither produced the results I wanted allowing 10.7.1.2 (PC) to ping the ASA (10.3.3.254). [code]
I have an environment of 3 X 3560G of which I have 1st switch-CORE(f0/10) connecting to the VPN router(CE) interface-f0/0. Remaining 2 Cisco 3560's(Access) are connected to Gi0/1 and Gi0/2 on the 1st switch-CORE via gi0/1 . On all three switches I have created multiple VLANs and assigned ports to these VLAN. The switch to switch connection is trunk allowing all VLANs created on all these 3 switches. Now the issue is how I am going to have all these VLANs routed through single interface on the routeri-e f0/0, as all these subnets will communicating to remote site over VPN. What should be default gateway on the 2 Access switches and the CORE switch, also what static route should be on router to reach all subnets(VLANs) created on these 3 switches.
I have read inter-VLAN routing i-e creating sub interfaces on router but dont want to proceed with that and looking for any other way to have my VLANs talk on all three switches and then are accessible to remote site ove VPN?
I have tried to make policy based routing on Cisco 3560. I use ipservices ios (SW version 12.2.(50)SE3 and SW-IMAGE C3560-IPSERVICESK9-M) For below configuration there is no problem and pbr is working.
“Access-list 100 permit ip host 1.1.1.1 host 2.2.2.2
Access-list 101 permit ip host 1.1.1.1 host 3.3.3.3
Route-map pbr1 permit 10
Match ip address 100
Set ip next-hop verify-availability 1.1.1.2 1 track 11
interface fasthethernet 0/1
ip policy route-map pbr1”
But when i add another sequence to the "pbr1" with another sequence number like that.
“Route-map pbr1 permit 11
Match ip address 101
Set ip next-hop verify-availability 1.1.1.3 1 track 12”
pbr is not working. Switch gives message "PLATFORM_PBR-3-UNSUPPORTTED_RMP:Route-map pbr1 not supported for Policy Based Routing”"ip policy route-map pbr1" command not shown in the running config. And "show ip policy" output is blank.Configuration guide says you have insert many sequence to the route-map with the same name. And also this command is not in the unsupported command list.
I implemented access list on cisco 3560 switch but it never works. I want to block access from network B to Network A and allow from Ato B
Network A. 10.0.12.0/24
Network B 10.0.24.0/24
The configuration is
interface Vlan1
description Data VLAN
[Code].....
We recently purchased Cisco 3560X Layer3 Switch. We need to perform simple Inter VLAN routing. We have configured VLAN1 (name-server_vlan) and VLAN2 (name- user_vlan). We have also assigned the Ports and IP address to both the VLANs. After assiging this if we plug Laptop A into VLAN1 then it doesnt communicates with Laptop B (btw, Laptop A is able to Ping VLAN2 Gateway ) in VLAN2 but on the other hand Laptop B is able to communicate with Laptop A and ping everything i.e. Gateway of VLAN1.
View 17 Replies View RelatedI need to know, can i create svi on the ASR 1002 ?
View 2 Replies View RelatedI want to confirm this is a licensing issue. On a 3750X with ipbase, I cannot create a vrf. So I would need the universal image, and that is a seperate license, correct?Is there a link that describes the difference bewteen ipbase and univeral images?
View 6 Replies View RelatedWe have two catalyst 3560 switches running c3560-ipbasek9-mz.122-58.SE2.bin They are connected using etherchannel using gi 0/21 - 24 interfaces.
on 3560-1 switch, there isn't any ip-default gateway or ip route configured. It only have 1 interface vlan configured.
on 3560-2 switch, there is ip default gateway configured along with 1 interface vlan.
What i dont understand here is that, i can reach out to other subnets from 3560-1 switch in which the routing is not enabled?
I have a 2504 WLC connected to a Catalyst 3560 which has multiple vlans and is connected to a 2800 series router. I know the catalyst is L3 but I am needing nat functions to get outside to the internet. From my 2800 series router I am able to ping out to the internet, also I am able to ping the vlan interfaces on the catalyst switch. Problem is from the catalyst switch I can ping the inside and outside address of the 2800 but I cannot get any further then that. I cannot ping the 2800 router gateway. Not sure what I am doing wrong as far as routing.
I've attached my 2800 and 3560 configs.
I am having an odd issue on a couple of new 3750X switches.I am trying to configure VRF-lite and it is not recoginizing the command.Does that make any sense? I have goggled the syntax ans it should be right.
View 12 Replies View RelatedI have very strange problem. I have two NK5-C5548UP-Fa where I need to implement the vpc features. I want my peer link go over an SVI. I have Port-Channel 100 configured as a trunk with 3 vlans in it (my VPC-Peer Vlan included in a seperate VRF, and two data vlans).
I have set up the vpc domain 1 and configured the peer-keepalive source, destination and vrf. All seemed fine.
So I had a connection between those Switches and could ping each way in my SVI.
In the moment i set the command vpc peer-link in the port-channel the vlans in the trunk went on err-disable and I lost connection.
SWITCH# sh int trunk
--------------------------------------------------------------------------------
Port Native Status Port
Vlan Channel
[Code].....
I just want create vlans on switch sge2010p
Scenario:
vlan10
ip address 192.168.10.254/24
vlan20
ipaddress 192.168.20.254/24
vlan10 needs internet.
I have a static ip internet which is 200.33.22.11 gateway: 200.33.22.10 I have a router configured working as gateway, It has ip 192.168.2.1.
I have configured two vlans. But when I try to check if vlan has internet, it doesn't work.
I am in the process of staging a couple of two new Cisco ASR 1004's which are located at two locations with a WAN link in between. I need to set up connectivity between servers plugged directly into each ASR router across the WAN link. The ASR has 16 gig interfaces (gi0/0/0 - gi0/0/7 and gi0/1/0 - gi 0/1/7), and a management interface (gi0). I have connected the WAN link to gi0/0/0 and put an ip address on it. The servers will be plugged into the remaining gig interfaces. I tried to create an SVI (vlan interface) in an attempt to create an L3 interface to support routing to these servers but these routers don't allow SVI's to be created. how to put these server connected ports on a vlan and to create an L3 interface to provide routing to them?
View 1 Replies View RelatedThis is a 2811 rotuer running Cisco IOS Software, 2800 Software (C2800NM-SPSERVICESK9-M), Version 12.4(24)T3, RELEASE SOFTWARE (fc2) Not sure why this isn't working. Can see it expects to parse the command. Can see this device is vtp server. Can see other vlans were defined here.
Router(config)#vlan ?
accounting VLAN accounting configuration
ifdescr VLAN subinterface ifDescr
Router(config)#vlan 35
^
% Invalid input detected at '^' marker.
[code]....
I have an in production x2 4500's which I would like to add a new vlan and IP address to.
Sample config...
interface Vlan65
ip address 10.100.6.2 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
standby 65 ip 10.100.6.1
standby 65 timers 1 3
standby 65 preempt delay minimum 120
I need to set up a VLAN. We just bought the SG500x switches and we need to create several VLANs.
So for example:
192.168.1.x --> Vlan 1
192.168.2.x --> Vlan 2
192.168.3.x --> Vlan 3
What I would like to know is how do I come about setting this up and do I have to do something with my DHCP server to allow this to happen?
The Nexus 5548 is running 5.1.3.N2.1a and has the L3 daughter card (N55-D160L3)I have the EIGRP feature enabled. By the way, when doing a 'sh feature' four EIGRP features show up like this: [code] To create the L3 SVI, I go into config mode and attempt to type 'interface vlan 10'. but this doesn't work. These are the only options under the keyword 'interface':
- ethernet
- loopback
- mgmt
- port-channel
I must be missing something simple but can't seem to see what that is. What do I need to do in order to create an L3 SVI on this 5548?
Is it possible to to build a Layer 3 ether channel from two separate physical switches (layer3) that are trunked together?I know you can easily do this on a single switch and on stacked switches which I've done but in this case the customer have purchased two 3560X's which are not stackable yet want redundancy. The purpose of the etherchannel is to connect both switches to a private circuit provided by the hosted partner then route to the same setup in the DR location to different subnets.
View 4 Replies View RelatedIs it possible to create a vlan on a standard 3925? We have no addon cards installed.
View 3 Replies View RelatedI have an 2960S all configured, with vlans, ports configurations and others.Now, I bought other 2960S and two stack modules to create a stack with these 2 switches.We call:
-Switch1 (I have configured and in production)
-Switch2 (New switch, no configured)
Can I connect these two switches in stack without lost the configuration of my Switch1 and no turn-off this switch? Does not stop the users access?
I would just like to confirm if it is possible to create a 2x10G etherchannel on a 4948.
View 4 Replies View RelatedI'm trying to create trunkports on our Catalyst 2960. I'm following this guide to configure interface fa0/1
View 4 Replies View RelatedIn cisco router 2911 how to creat a network object with port permission on ACL. herz what i have done but couldnt succeed in port 22 and 24 should be denied and rest all port services are allowed to outside interface. [code]
View 3 Replies View Related