Cisco Switching/Routing :: Low Bandwidth On 3750 From Vlan To Vlan?

Nov 20, 2012

We have a low bandwith (15-20 Mbit/s) to the ASA from our Client vlan. If i connect the Client to the same vlan as the ASA is, the bandwith (90 Mbit/s) is good.
 
Here are the Layer 3 Design:
 
Client     ->     vlan 2 - Switch - vlan 7     ->     vlan 1 - ASA 5505     ->     ISP
 
The Layer 2 Design:
 
Client     ->     Gig2/0/13 - Switch - Gig4/0/43     ->     Eth0/1 ASA5505     ->     ISP
 
IP Address:
Client: 172.16.2.10Vlan2: 172.16.2.1Vlan7: 172.16.7.1ASA: 172.16.7.2
  
I assuming the switch has a problem with routing ?It is a stacked Switch with following members:

switch 1 provision ws-c3750g-12sswitch 2 provision ws-c3750g-24tsswitch 3 provision ws-c3750g-24tsswitch 4 provision ws-c3750x-48
 
And we have following error message in the log from the switch:

%PLATFORM_UCAST-4-PREFIX: 

One or more specific prefixes could not be programmed into TCAM and are being covered by a less specific prefix, and the packets may be software forwarded I first get the idea that the switch is overloaded with router traffic. Thats why i assuming i have to check the sdm templates, but i'm not sure if this resolves the issue. 
 
Here are the relevant config:
 
ASA Interface on the Switch:

interface GigabitEthernet4/0/43description ASA-inside LANswitchport access vlan 7switchport mode accessspanning-tree portfast
 
Client Interface on the Switch:

interface GigabitEthernet3/0/1switchport access vlan 2switchport mode accessswitchport port-securityswitchport port-security aging time 2switchport port-security violation restrictswitchport port-security aging type inactivitymacro description cisco-desktopspanning-tree portfastspanning-tree bpduguard enable

[code]...

View 2 Replies


ADVERTISEMENT

Cisco Switching/Routing :: 3750 - Extending VLAN To Remote Switch That Already Has VLAN ID In Use

Jan 10, 2013

I have two networks at two sites with a dot1q trunk between the two L3 switches at both sites (no routers involved)
 
SITE A - Cisco 3750 L3 - VLAN ID 50
10.10.50.0/24
 
SITE B - Cisco 3750 L3 - VLAN ID 50
10.20.50.0/24
 
I would like to extend the SITE A VLAN to SITE B so that I can move hosts from SITE A to SITE B without needing to change their IP address but the vlan ID is already in use. Obviously the easy solution is to change the VLAN ID for one or other of the sites but both sites contain hosts that run 24/7. Is there a way to join two VLANs with different IDs together.So for example I create a new VLAN 60 at SITE B and associate it with VLAN 50 at SITE A.

View 4 Replies View Related

Cisco Switching/Routing :: Sf300 - Vlan Bandwidth Management?

Oct 20, 2012

i have a small network with Polycom phones connected to the sf300 switch and have the pc's daisy chained via the second switch port on each phone. i have the pc traffic running on the default vlan 1 and the voice traffic running on the voice vlan 100. can i do bandwidth management on a vlan/port basis or is that not necessary. i want to ensure that the voice traffic is never impacted by the pc traffic on the same cable.

View 2 Replies View Related

Cisco Switching/Routing :: 2900 - Restricting Bandwidth From A Particular Vlan

Jan 17, 2012

I have a 2900 router at branch office. This router has a 4 port switch card and two gigabyte ports. The gigabyte port is use for wan connection and the 4 port switch card is use for lan connection. I have two separate networks on my lan side. (network 1 and network 2)
 
I have assigned port 0,1 of the switch card to vlan1 for network 1 Ports 2,3 of the switch card is assigned vlan 20 for network 2
 
My problem is I would like to applied a bandwidth restriction for all data coming out from vlan20 capping same to 384 kb.
 
Note I do not want use QOS because this will only kickin when saturation occurs,

View 8 Replies View Related

Cisco Switching/Routing :: ASA 5520 / Can Reserve Some More Bandwidth For One Vlan Than Other Vlans

Jan 23, 2012

Currently, we have a Cisco router (28xx), ASA 5520, and a core switch 4500. We have different vlans. We also have Auto QoS running for our Cisco IP Phones.My manager just asked me to see if I can either reserve some certain bandwidth for one vlan, or give that vlan higher priority on internet traffic than the others.

1.) Anyway we can reserve some more bandwidth for one vlan than other vlans?

2.) If #1 cannot be done, how can we provide higher priority on the internet traffic to one vlan than the others?

3.) Is #1 or #2 the same config? If not, which one would be easier (without changing our current QoS settings)?

4.) If 1 or 2 can be done, which device I should config the settings on?

5.) This question may be duplicate, but do we need to reset our current QoS to achieve the goal?

View 6 Replies View Related

Cisco Switching/Routing :: 3750 - Only Allow Specific Traffic To VLAN

Oct 10, 2012

Have a quick question regarding inter-vlan routing on a 3750.  Overview of network is ISP --> ASA --> 3750 (acting as my core and default gw).  I have 5 vlan interfaces on my 3750, all w/ 192.192.x.x subnets, a 6th w/ 192.168.100.x, and a 7th w/ 192.168.200.x.  I have enabled "ip routing" on the switch and can successfully ping from subnet A to subnet B as long as both devices are using the correct DG for their vlan, which is the switch.  I have a few ports that are trunked as well that go to ESX hosts which break out the vlans according to the subnet the vm should be attached to.  The ASA is set to nat internal traffic for all the vlans.
 
Now my question:  short of applying an ACL to each vlan interface to block traffic from other 192.192.x.x subnets is there a better way to accomplish this?  I want my 192.168.10.x subnet to be able to reach all the subnets, but don't want 192.192.10.x to be able to talk to 192.192.20.x for example.  I was thinking to create an acl like this:
 
access-list 120 permit ip 192.192.10.0 0.0.0.255 access-list 120 deny ip 192.192.0.0 0.0.255.255 192.192.10.0 0.0.0.255access-list 120 permit ip any 192.168.100.0 0.0.0.255 192.192.10.0 0.0.0.255
 
and then applying this to the interface for the appropriate vlan. 

View 4 Replies View Related

Cisco Switching/Routing :: 3750 MAC Table Missing For One VLAN

Jan 18, 2012

I have one VLAN on a 3750 where I do not see any MAC addresses even though it is in use.  This is an unrouted VLAN between a WLC on a port- channel /LAG and an access port to an ASA for guest traffic.  When I do a show MAC add I get nothing for VLAN 60 (guest DMZ) but all other VLANs seem to be OK. Spanning tree is not showing TC counters incrementing either. 
 
I also was told when put a port on this VLAN the laptop did not get a DHCP address form the ASA, but the wireless guest clients are working fine.  I can see the DHCP leases and ARP entries in the ASA and the ASA ARP in the WLC so some traffic is passing fine.  I'm not onsite right now so troubleshooting is all remote which limits some options.

View 4 Replies View Related

Cisco Switching/Routing :: VLAN On 3com 2952 And 3750?

Jul 1, 2012

I have setup both Vlans on 3com and cisco. but it seems they cant talk to each other.ive setup both on trunking mode?

View 6 Replies View Related

Cisco Switching/Routing :: 3750 No Spanning Tree Vlan

Feb 29, 2012

I have a 3750 switch which has the command 'spanning-tree vlan **'.  I am struggling to remove this command, as this particular VLAN is one I want to distribute across our network.I have so far, set the switch to VTP Transparent mode and removed the VLAN from the database, this removes the command.  If I then put the switch back to VTP client mode (or manually add the VLAN, while in in VTP transparent mode) then the command comes back.  Submitting the command 'spanning-tree vlan **' command has no affect.

View 1 Replies View Related

Cisco Switching/Routing :: VLAN Bridge With Catalyst 3750

Nov 8, 2012

I have 3 VLANs here that need to be on the same network segment.  They are going to be used by our Wi-Fi network (with Aironet APs), bound to 3 different SSIDs (as Aironet APs doesnt allow multiple SSID per VLAN), each one with a different authentication method and server.Is there a way to bridge those VLANs together with a Catalyst 3750 switch?  I tryed configuring an IP address on one of the VLAN interfaces, then configuring a bridge with the vlan-bridge protocol (Catalyst 3750 doesnt have the "ieee" bridge protocol type) and put all 3 VLAN interfaces on the same bridge-group, but it didnt work (even with "bridge x route ip").I also tryed configuring IRB bridging, with the 3 VLAN interfaces on the same bridge-group and an IP address on the BVI interface (the way I used to do with old 2600 routers).  Same result.(actually, I didint test to see if the interfaces are actually being "bridged", but I see neither of them can reach the router)

View 1 Replies View Related

Cisco Switching/Routing :: 3750 / VLAN Is Locally Shut

Apr 24, 2011

One of my VLANS on my 3750 gives a status of act/lshut. I've tried no shut commands on the interface to no avail. From my reading it seems like this means the VLAN is active but shut down locally.

View 8 Replies View Related

Cisco Switching/Routing :: 3560 Possible To Create Vlan Inside Transport Vlan?

Jan 10, 2012

Between our hosting and a customer we have an extended vlan, traveling on a fiber, between two cisco 3560 switches.The thing is, that we want to create one or more vlans inside that extended vlan, in some way if possible?

View 3 Replies View Related

Cisco Switching/Routing :: Route Data From Vlan 10 To Vlan 20 On 2960s?

Mar 31, 2013

i need to solves this little problem on 2960S lan BASE but i dont know if it is possible.
 
Uplink port config for gi 1/0/28 is:
 
switchport mode trunk
switchport trunk alloved vlan 10,11
  
but on interface gi 1/0/1 i want to have data from vlan 10 tagged as VLAN 20.
At this time i have solved this issue very primitively
 
I have set up gi 1/0/2 as int mode acces, acces vlan 20 and i have connected gi 1/0/2 with gi 1/0/3 with eth cable. int gi 1/0/3 is switchpor mode acces, switchport acces vlan 10

View 4 Replies View Related

Cisco Switching/Routing :: 3750G / VLAN 1 Is The Only VLAN And Its Disabled

Sep 16, 2012

I have a 3750G switch in my production network that only has VLAN 1 on it. All ports are in a default state and VLAN 1 is disabled. The switch is passing traffic but shouldn't having the default VLAN shut down cause the ports not to pass traffic? If I start to create VLANs will that cause the switch to stop passing traffic?

View 4 Replies View Related

Cisco Switching/Routing :: L2tpv3 Vlan-to-vlan Tunnel On 890

Jun 13, 2011

I am trying to setup a L2tpv3 VLAN-to-VLAN tunnel.My setup has two Cisco 890 router with Cisco IOS Software version 15.0(1) M4. These routers are connected directly on FastEthernet port 8.
 
One linux machine is connected on FastEthernet port 0 on each router. The two linux machines are on same vlan. I am trying to establish a vlan-to-vlan tunnel between the routers and send traffic between the linux machines.
 
I followed the case study 11.4 from [URL] and configured the l2tp-class and pseudowire-class. However, the vlan interface configuration is different on 890 router.
 
I configured a vlan interface as follows.

(config)#vlan 200
 (config)# interface FastEthernet 0
#shutdown
#switchport access vlan 200
(config)# interface vlan 200
 
I don't see the 'xconnect' command in this context. What's wrong with my configuration? 

View 3 Replies View Related

Cisco Switching/Routing :: Cannot Set Route-map On Interface Vlan In Non Default Vrf On 3750

Dec 12, 2012

Cannot set route map on interface vlan. which in non default vrf on Cisco 3750.IOS c3750-ipservicesk9-mz.122-55.SE.bin sdm prefer route in enable ip vrf users rd 200:0 route-target export 200:0 route-target import 200:0 interface Vlan201 description Users 1 ip vrf forwarding users ip address 10.31.76.1 255.255.252.0 ip helper-address 10.31.4.57 route-map fromuser permit 10 match ip address fromuser set ip next-hop 10.31.128.155 When I enter "ip policy route-map fromuser" to interface Vlan 201 I heve the message:
 
% Remove VRF configuration from interface Vlan201 first

View 5 Replies View Related

Cisco Switching/Routing :: Catalyst 3750-X Not Showing VLAN As Active

Apr 14, 2013

I have installed a Catalyst 2960-S and a 3750-X-12S and I am trying to setup a VLAN 51 for some VoIP phones. I have added the VLAN as an interface on both switches, but the 3750 is not showing VLAN 51 as active when i do a show vlan. Also, it omitts showing Gi1/0/1 & Gi1/0/3 which are uplinks to 2960-S switches plugged in and working on VLAN1.
 
Catalyst3750SFP#show vlan
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi1/0/2, Gi1/0/4, Gi1/0/5

[Code].....

View 2 Replies View Related

Cisco Switching/Routing :: Configure Inter Vlan On 3750 Series?

Jun 25, 2012

I have 3750 series with GIBICs ports I want to create 10 vlans with its sub-net and enable all vlans to access internet.

View 4 Replies View Related

Cisco Switching/Routing :: 3750 STP Vlan 21 And 22 Root Bridge On 2 Switches

Feb 16, 2013

I config vlans 21-23 on 3750 A and B switches.I config B  switch to be Root Bridge for all vlansspanning-tree vlan 1,21-23, priority 4096 sh span tree on B  switch 3750B#  sh spanning-tree.

View 18 Replies View Related

Cisco Switching/Routing :: 2911 / 3750 - Allow Email To Two Servers On Different Vlan?

Mar 24, 2012

I have a network with the following structure
 
internet ---- cisco2911 ----cisco3750 --- internal lan
 
I have two email servers on different vlan
 
192.168.0.1    ----- 1.1.1.2 (public ip)
10.1.1.65  ---- 1.1.1.3 (public ip)
 
Before these servers were directly connected to the internet with two nics (Nightmare, I know). The Public IP on internet facing NIC and private ip on LAN facing nic. I'm in the process of changing this.I'm able to access internet from my vlans and also able to send emails but cannot receive emails on these servers.
 
My router congif is as follows:

Building configuration... 
Current configuration : 6234 bytes
!
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone

[code]....

View 1 Replies View Related

Cisco Switching/Routing :: 6513 To 3750 Vlan Trunk Connectivity

Nov 8, 2011

Currently we have a 6513 core (running IOS and doing limited routing) with VLAN Trunking to about a dozen 3560 edge switches, with various VLANs going to each of the edge switches.  All works well.  We are downsizing and replacing the 6513 core with a 3750G stack.  We have the stack up and running in the lab, and want to slowly (as we move floors) migrate all of the edge switching to the 3750 stack. 
 
The plan is to connect the 3750 stack to the 6513, then slowly migrate the edge switches to the stack (from the 6513).  I would like to put in place 4 x 1GB trunk links between the 6513 and the 3750 stack before I start moving edge switches to ensure adequate bandwidth.  Once all of the edge switches are on the new 3750 stack, I will start to decommission the 6513.
 
What is the best way to configure the links between the cores (old 6513 and new 3750 stack)?  I can easily get the edge switches configured to the 3750, but am worried about the core links.  I really want to avoid having to perform an all-at-once cutover of the cores.  Another question is when do I try and migrate the VTP server role from the 6513 to the 3750 stack?  I could simply make everything transparent, and ditch server-based VTP, as we rarely change or creat VLANs.

View 3 Replies View Related

Cisco Switching/Routing :: Ping From Vlan Interfaces On 3750 Switch

May 27, 2013

 I'm having some trouble getting my head round the following but I think it's routing related?
 
I have a Cisco 3750 switch with the following configured:

interface Vlan1
ip address 192.168.0.223 255.255.254.0
no ip route-cache

[Code].....
 
The 3750 is connected to a firewall which handles the routing.  From the 3750 I can only ping remote networks from the vlan1 interface not from vlan6,8 or 10 i.e ping 10.34.37.101 (remote network) source 192.168.0.223 (vlan1) works but ping 10.34.37.101 source 10.74.10.1 (vlan10) does not?  I can ping 10.34.37.101 from computers on the various vlans but not from the 3750 it self.
 
I looked at setting a default gateway for the various vlan interfaces

View 3 Replies View Related

Cisco Switching/Routing :: Configure Inter-vlan On Catalyst 3750

Dec 20, 2012

My architecture is the same as show on the link with some difference.I use the router 1841 for inetrnet connexion instead of 7200VXR, this router 1841 is connected on the catalyst 3750 port G1/0/1.I use catalyst 2960 instead of catalyst 2950 or 2948.I use ASA 5510 for conexion on remote branche(I have 5 remote site), This ASA is connected on the catalyst 3750 port G1/0/37
 
Result of the test:

-I can ping devices in the same Vlans
-I can ping devices in different VLANs
-I can ping all device from the catalyst 3750
 
I cannot ping the router 1841 or ASA 5510 from the any devices (computer)The gateway of each computer is the correpondant VLAN IP address configured on the catalyst 3750.Why I cannot ping the router 1841 or ASA 5510 from the any devices (computer)

View 19 Replies View Related

Cisco Switching/Routing :: 3750 - VLAN Flapping Error Message

Sep 15, 2012

I recently upgraded my network to have two 3750x core, one interface on the Cisco is connecting to a Net gear switch via a fiber converter. I am keep getting the vlan flapping error message in my log as below.
 
003396: Sep 17 01:46:16.328: %SW_MATM-4-MACFLAP_NOTIF: Host 5c0e.8ba7.0a5c in vlan 2 is flapping between port Gi2/0/15 and port Gi2/0/13
003397: Sep 17 01:46:19.843: %SW_MATM-4-MACFLAP_NOTIF: Host 5c0e.8ba7.0a5c in vlan 2 is flapping between port Gi2/0/15 and port Gi2/0/13
003400: Sep 17 01:49:58.769: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/0/17, changed state to down
[Code] .....
 
After my research i think this is a looping issue but I'm unsure how to address it.

View 2 Replies View Related

Cisco Switching/Routing :: 3750 - Cannot Enable PBR On A VLAN WCCP Enabled

Jan 3, 2012

I would like to apply a policy-based route on one of our L3 switches (Cisco 3750) to change the next-hop of a couple of servers only. The VLAN where those servers reside got WCCP enabled on it. When I want to apply the route-policy to that VLAN interface it doesn't let me. When I try to apply the same policy to a VLAN interface without WCCP it does work. Is there any Cisco IOS limitations that would prevent me from doing that?
 
Configuration:
route policy config: 
access-list 70 permit ip host x.x.x.x (server IP)
route-map PBR1 permit 10

[Code].....

View 1 Replies View Related

Cisco Switching/Routing :: 3750 - Make Switchport 10.1.1.13 And Then Create IP VLan?

Feb 7, 2013

Currently have two routers inside our network.

One is the default GW 10.1.1.13
One is Jump Router for ATT 10.1.1.12
Both connected to HP Procurve L2 switch

The ATT Router is 10.1.1.2Want to replace GW and Jump with one 3750 L3 switch.icomplish this with only one port g0/1 connected to HP Procurve?Can I make the switchport 10.1.1.13 and then create a ip vlan999 10.1.1.12?route all to 10.1.1.2Or do I just connect two ports, and hardcode them with an ip?

View 1 Replies View Related

Cisco Switching/Routing :: 3750 - Restrict VLan 103 With VACL Method

Feb 7, 2012

I´m facing to one issue with VACL. i have a network lan with 10.40.X.X/16 . in this network i have a Production v LAN 10 with 10.40.10.X/24 and i have created one vlan103 for Guest´ user as 10.40.103.X/24
 
My goals is to restrict the v LAN 103 to reach or access the v LAN 10, better to restrict Guest user access to the production v LAN. So i  try to put this script with VACL method, but does n´t work.
  
Extended IP access list Restriction-Guest
10 permit ip 10.40.103.0 0.0.0.255 any
 vlan access-map Guest 10
action drop match ip address Restriction-Guest
vlan filter Guest vlan-list 10
 
After that i still able to ping or access to the v LAN 10 form v LAN 103.

View 4 Replies View Related

Cisco Switching/Routing :: PBR - 3750 VLan Does Not Accept IP Policy Route-map

Nov 1, 2012

I am trying to configure policy based routing however when i try to apply to an interface vlan.  The configuration does not show in the interface.
  
route-map OTHER_ROUTE permit 10
match ip address OTHER_ROUTE
set ip next-hop x.x.x.x

[Code]....

View 4 Replies View Related

Cisco Switching/Routing :: Catalyst 3750 - VACL And ACL To Secure VLan?

Feb 20, 2012

i have a catalyst 3750, in this switch i have 3 vlan, i need to secure trafic between vlans but im confused ,should i use ACL or VACL to secure ?which is the best ?if i use ACL to secure and limit ports between vlan, which is the best practice to apply the acl ( on th inside or outside of interface)

View 2 Replies View Related

Cisco Switching/Routing :: Multiple VLAN Routing Tables For 3750 Catalyst

Oct 24, 2012

I have a network with a Catalyst 3750 as the main switch and then some Catalyst 2960 switches that are plugged in to that. I have a server running windows server 2008 with a couple of virtual machines running in Hyper-V. I created 4 VLANS listed below and gave the 3750 the following IP Address.I would like the 3750 to only be configurable from VLAN 40 but currently every VLAN can connect to it, I noticed in the standard web page settings there was a setting for "Management VLAN" but it was set to 1 and would not let me change it, I kinda assumed that was for the management port in the back.-Now the tricky part, I was trying to set up routing between the VLANs and so far I have only been able to get a sort of "all or nothing" routing to work. I can turn IP routing on and add two or more VLANs to the routing and it works fine. But what I was hoping to do is create a couple of "junction vlans" that would only route to one or two other vlans. For instance, I wanted to create a VLAN 100 that routed to VLAN 20 and 30 but nothing else. I also want to route VLAN 1 just to VLAN 30, and so on. I am able to do each one of the cases but only one, it seems like the switch only supports one "routing table" am I missing something or is this just a limitation of the switch?

View 2 Replies View Related

Cisco Switching/Routing :: Catalyst 3750 Multi-cast VLAN Routing

Oct 28, 2012

I have a network with several catalyst 2960 switches and one catalyst 3750. I have created two VLAN and set up the proper routing and everything is working fine there. I have a client/server application that used multicast in the initial start up for the client to determine available servers, the issue is one of my clients is on a different VLAN then the server. I am able to route the multicast using MVR as long as both the server and the client are plugged into the 3750 by creating a static route, making the server a source port and the client a receive port. Unfortunately I need the client and the server plugged in to different 2960s. My question is how do I establish multicast routing between the two and perferably do it dynamically (always route multicast traffic from one VLAN to another).

View 2 Replies View Related

Cisco Switching/Routing :: Inter-VLan Routing On Catalyst 3750 Switch

Dec 17, 2011

I have been looking into this for a while and I can't seem to figure out why my 2nd vlan is not able to connect properly to the net.
 
My switch has 12 ports where my devices connects directly, they are all on Vlan 1 and they all work perfectly. on Port 12 I have a dlink router that is connected to a cable modem. the dlink router has an Ip address of 192.168.0.20
 
I created a second vlan (vlan2) and enabled dhcp relay on it. then I assigned port 9 on the switch to  (vlan2)my laptop which is connected to port 9 seems to get an ip address fine and able to ping only some devices on my network (vlan1) and is not able to go out to the internet.  I think it has to do with the routes. [code]

View 4 Replies View Related

Cisco Switching/Routing :: 3750 Inter Vlan Routing Configuration

Mar 24, 2013

In 3750 switch,I have configured intervlan routing.I have three vlans Vlan 10,vlan 20,Vlan 30 and I have assigned IP address for that Vlan.In vlan 10,I have connected one systen gigabitethernet 0/1 interface.From my system I am able to ping vlan 10 ip address but I can't able to ping other vlan ip address (vlan 20,vlan 30).Is it possible to up the protocol for all that time.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved