Cisco Switching/Routing :: Maximum Number Of Sessions For Port Mirroring On 4510
Apr 23, 2013Are you only able to have two sessions for port mirroring on a Cisco 4510?
View 1 Replies
ADVERTISEMENT
Cisco Switching/Routing :: Maximum Number Of Licenses For Connections To A 877?
Jan 11, 2012Is there a maximum number of licenses for connections to a 877?The reason I ask is that our routers are managed by a datacentre and when I asked for the login details I was told that I couldnt have them due to licensing reasons with no other explanation.
View 1 Replies View RelatedCisco Switching/Routing :: Maximum Number Of EtherChannels On 2960S
Apr 19, 2013what is the maximum number of etherchannels i can build on a Cisco 2960S stack. We hoping to connected 15 servers using 2 port channels between two stacked 2960 for redunancey. So what is the max number of channels can i build using the 2960S? Is the max 6 or is it more?
View 4 Replies View RelatedCisco Switching/Routing :: Port Mirroring On A Catalyst 3560-X?
Oct 21, 2012I've just installed 2 of these in my workplace on a PLC network.I'm now looking to set one of the ports up as my diagnostic port and would like to be able to mirror any of the other ports to this port.I believe it is called SPAN on Cisco switches.The only reference I can find to it is configuring via Telnet which I haven't got a clue about.On my old Wiedmuller switches it was just a few clicks away.
View 3 Replies View RelatedCisco Switching/Routing :: 3548XL Port Spanning / Mirroring With Snort IDS
Oct 30, 2012I am trying to configure a SNORT IDS system running on a physical machine using Linux as the base OS. I have a small lab network setup with 3 VLANs, a 3548 switch and a 2611 router acting as the router on a stick/inter-vlan router. My goal is to setup SNORT as a host-based IDS system. To do that I know I need to use the "port monitor" command on the switch and I have tested this and it works fine only when the snort system and the traffic I want to monitor reside on the same VLAN.My problem is I want to be able to monitor a trunk link betwee the switch and router to see traffic coming from my 3 VLANs which contain servers. My goal is to run attacks on the servers to test SNORT's effectiveness.
Relevant information from my configuration: interface fa 0/1 on switch is the trunk like carry 3 vlans to the router On the switch:
int fa 0/1
switchport mode trunk
int fa 0/5
port monitor fa 0/1
switchport mode access
The switch will not allow me to configure fa 0/5 as a trunk, only can be an access port.So right now, SNORT does not see any traffic other than traffic from my router to the switch. I assume because this is going over the native VLAN (1 in this case) and that is the same VLAN that SNORT box resides on on interface fa 0/5. So I know the span is working to an extent, but traffic from my other VLANs (server to server traffic) does not show on SNORT at all.I have done some research on Cisco.com and see the following seemingly contradicting information:
VLAN Filtering When you monitor a trunk port as a source port, all VLANs active on the trunk are monitored by default. You can use VLAN filtering in order to limit SPAN traffic monitoring on trunk source ports to specific VLANs Then I see, under the section for the 3500 series: A monitor port cannot be a dynamic-access port or a trunk port. However, a static-access port can monitor a VLAN on a trunk, a multi-VLAN, or a dynamic-access port. The VLAN that is monitored is the one that is associated with the static-access port.
My question is, does that mean the 3548 cannot support spanning a trunk link and having all VLANs on that trunk be monitored correctly to the monitoring port? I know the 3548 is old, but it is the only thing right now I have to work with. I could put the SNORT box inline on the network, but that is another mess in itself.
Cisco Switching/Routing :: Port Mirroring 2651 To Create Monitor Session From Source
May 20, 2013I have cisco 2651. It contains two FastEthernet interfaces: Fa0/0, Fa0/1.Fa0/1 has an ip address. Fa0/0 hasn't an ip address.I need to create monitor session from source Fa0/1 to destination Fa0/0. Then i want to connect my notebook to Fa0/0 to analyze some traffic from port Fa0/1
View 2 Replies View RelatedCisco Switching/Routing :: Connecting 4510 TenGig Port To 2960
Mar 10, 2013I am planning on deploying a 2960 switch and will need to uplink it to a 4510 switch. There are 2 TenGig Ports available and I was thinking of uplinking one of them to the 1Gb SFP port on the 2960. Would this work?
View 4 Replies View RelatedCisco Switching/Routing :: 4510 - Command To See If Port Was Ever Up And Passed Traffic
Apr 24, 2012I am looking to find a command or counter to tell me if a cisco switch port on a 4510 was ever up and passed traffic. I want to shutdown all unused switchports on our access switches. But before I do that I need to make sure device is just not off or the person is away on vacation. If I do sh int interface, is there a counter I can reference.
View 4 Replies View RelatedLinksys Wireless Router :: EA4500 Maximum Number Of Port Forwards
Apr 19, 2012Background: currently have a WRT320N, thinking of upgrading to an EA4500 assuming ONE feature has been improved: Port Forwarding.
Scenario: Currently I have a WRT320N router, and while it "does everything we need" it has one limitation that is now getting in the way: limitation on number of forwardable ports. In the port forwarding panel, it has 15 total rows: the first five rows can be enabled for specificaly named services (SMTP, FTP, etc). The last 10 rows are fully customizable in that we can set the name, ports and protocol.
The problem is that of the 13 total ports I currently need to forward, only ONE of them is listed in that fixed list. So, sadly, I can only use one of those first five rows. I've now filled the remaining ten custom rows, and still have need for two additional ports (for now, may need more down the road).
Trying to get creative, I figured maybe I could just spill over to the Port Range Forwarding page and add a row or two there. The only problem: it's buggy. I've found that if the Single Port Forwarding list is filled, then the Port Forwarding Range entries don't work properly. For example, if I wanted ports 12345 and 12346 forwarded to 192.168.1.5, they work fine with two single port forwarding entries. However, if I delete those, add two other port lines I need forwarded (the single list being full again), and add a port forwarding range 12345..12346, they don't work properly, ports just are closed. Only the singles work, the ranges don't.
Question: Has the EA4500 resolved this issue and allow for either more lines (i.e. 20 customizable entries instead of 10), or, better, does it just have an [Add Entry] button to allow for additional rows to be created? In today's day and age, where one single device (such as an Xbox) can take four rows, a 10-row limit is pretty sparse. Comparing it to some competitors, for example the D-Link DIR-825 (aging, but still great) allows you to add as many as you want.
I realize "expensive" firewalls like SonicWall's have virtually unlimited customization, but I don't need many of the additional features and don't want to spend $350 on a "high-end" firewall to solve the problem of needing two more ports open.
Cisco Switching/Routing :: MAC Without Port Number Cat6500
Oct 30, 2012We have IP device on the farm switch(cat6500, which is an access layer siwtch), with the gateway on the core switches (Nexus7000), on the core when I do show ip arp, I found the mac.But when I do sh mac add add of that mac there is no port attached to that mac.
Since that particular vlan only resides on the cat 6500 and two cores, so I logged in to the 6500, and when I show mac- in that vlan, I didn’t find that mac addresss. Instead, I found another mac address with last 8bit are the same of that mac.
Is it some kind VIP of the mac? How so, if no port, how can the switch forward the frame? [code]
Cisco Switching/Routing :: 1801 Not Showing Any Port Number?
May 12, 2012I have configured the following access-list on routers fa0 interface (i am using 1801)
access-list 111 permit ip any any log
and applied it in "in" direction on Fa0 interface.
Now when i am sending ssh packets to this interface its showing below
*May 14 05:09:00.104: %SEC-6-IPACCESSLOGP: list 111 permitted tcp 172.18.128.2(0) -> 172.18.128.146(0), 1 packet
why its not showing any port number ?
Cisco Switching/Routing :: Correct Number Of Port Asic In WS-X6704-LC
Jan 1, 2012Clarifying whats the correct # of port asic in WS-X6704-LC?According to the following link (Catalyst 6500 Architectural white paper): [URL]
"In the WS-X6704-10GE line card, there are two port ASICs each supporting 2 x 10 Gigabit Ethernet ports"
While in the document: Understanding Quality of Service on the Catalyst 6500 Switch: [URL]
Table 10.
WS-X6704
Number of 10 GE Ports 4
- QoS on 10-Gigabit Ethernet Line Cards (WS-X6704-10GE)
So whats correct? 4 port asic or 2 port asic?
# Port ASIC’s on the linecard 4
# Physical Ports per Port ASIC 1
Cisco VPN :: How To Limit Maximum SSL VPN Sessions Per Group-policy On ASA5510
Nov 25, 2012How to limit maximum SSL VPN sessions per group-policy on ASA5510?
There are 2 group-policy: in one maximum of 10 connections, in the second - 15 (In total licenses for SSL VPN 25 connections).
Cisco Switching/Routing :: Cannot Find Port Number From MAC Address Using SNMP With 3725
Dec 2, 2012I'm developing a project where I use the SNMP protocol to discover the network. By discovering the network I mean go through all the routers and switches and retrieve the IP routing table from routers and the forwarding table from switches. With the routers I have no problem. For the switches I need to know for each port the MAC addresses and the Vlans. Basically it's use SNMP to find a port number from a MAC address. To do that i followed this tutorial: [URL]
The problem is that I'm using a Cisco 3725 Router with IOS 12.4 (21) and a NM-16ESW module to work as a Switch and when I use the OID .1.3.6.1.2.1.17 corresponding to the BRIDGE-MIB as it follows:
snmpwalk -v2c -c myrouter 10.1.1.5 .1.3.6.1.2.1.17
it returns:
SNMPv2-SMI::mib-2.17.1.1.0 = Hex-STRING: 00 00 00 00 00 00
SNMPv2-SMI::mib-2.17.1.2.0 = INTEGER: 0
SNMPv2-SMI::mib-2.17.1.3.0 = INTEGER: 4
From this I guess there's no information on the router about Vlans or anything. Other thing is that when I use community string indexing it returns a timeout. My theory is that this version doesn't support indexing but I don't know.
how can I get the Port Number from a MAC address from this "switch" (it's a router working as a switch) using SNMP?
Cisco Switching/Routing :: Change Number Of Internal Port-channel On Nexus 5000
Jan 3, 2012I'm in the middle of a Nexus 5000 project and recognized today while configuring port-channels, that some of the interface numbers are reserved for internal use.
Is it possible to change or configure which port-channel interface numbers are allocated for internal use by NX-OS?
Unfortunatly I wasn't able to find a solution for this issue in the offical Nexus documentation, the search function of this forum or Google. If I did miss something or didn't look careful enough at the Nexus docs, I'm also happy with RTFM (... fine manual) responses and links to the info :-)
Additional info:
Nexus5k(config)# interface port-channel 128 ignored port-channel128: internally used, configuration not allowed
Port-Channels 111, 113, 115, 119, 121, 200, 211, 222 were created manually, but 127 - 129 were not.
Nexus5k# show port-channel usage
Total 11 port-channel numbers used
============================================
Used : 111 , 113 , 115 , 119 , 121 , 127 - 129 , 200 , 211 , 222
Unused: 1 - 110 , 112 , 114 , 116 - 118 , 120 , 122 - 126 , 130 - 199
201 - 210 , 212 - 221 , 223 - 4096
[Code]......
Cisco Wireless :: 1142n What Is A Realistic Number Of Sessions On AP
Dec 10, 2012I have a issue with 1142n.If I start from 15 sessions per AP then it becomes a very costly affair. Because there are almost 20.000 student.20,000 students * 60% concurrent use divided by 15 = 800 APs.what is a realistic number of sessions on this AP? What is max concurrent connections on this AP?
View 9 Replies View RelatedCisco Firewall :: The Number Of ASDM Sessions Has Exceeded 5 On ASA5520 Running
Feb 22, 2011I have an ASA 5520 running version 8.2(1) and I am having an issue with ASDM sessions.I can SSH into the ASA and have tried to clear the sessions but they do not clear as per below.
largoGW# sh asdm session0 dguselnx1 dguselnx2 dguselnx3 dguselnx4 dguselnxlargoGW# confi tlargoGW(config)# asdm disconnect 0largoGW(config)# asdm disconnect 1 largoGW(config)# asdm disconnect 2largoGW(config)# asdm disconnect 3largoGW(config)# asdm disconnect 4largoGW(config)# exitlargoGW# sh asdm session0 dguselnx1 dguselnx2 dguselnx3 dguselnx4 dguselnxlargoGW#
An interesting point: the host dguselnx is my linux based computer that I am using to SSH to the ASA. I do not connect via ASDM from this device so it is strange that the hostid for the asdm sessions is showing as my linux host and not my Windows laptop (that I am trying to connect via ASDM from).
Cisco Application :: Ace 20 Total Number Of Concurrent Sessions Sudden Drop
Jul 18, 2012I´m detecting on my ACE 20.
I´m monitoring the total number of concurrent sessions of my ACE 20 (using Cacti), and from time to time, with no discernable pattern, I see an instant drop of sessions to half...I don´t detect any disturbance with our traffic and service, I have no complaints, but it's a very accentuated drop.
I´m able to get 1 or 2 days withouth any suddent drop of connections, and then for no reason I pass from 500.000 to 200.000 sessions in a minute. Then they gradually go up again.
I´ve seen in ACE´s session table that she keeps a great number of half-open, or closed sessions, and those are counted as part of concurrent sessions. Is there any flush on ACE´s table when she reaches a certain number of closed TCP sessions or something like that?
Cisco Switches :: Reconfigure Port Mirroring From Port FE17 To FE3 / SF200 Web Interface Crash
Mar 14, 2013i was able to configure (via SF200 web interface) a port mirroring from port FE17 to FE7.i have supressed this port mirroring.when i try to reconfigure a port mirroring from port FE17 to FE3. The SF200 web interface crash. the SF200 seems to reboot.
i have updated the SF200 firmware from V1.1.2.0 to V1.1.2.9.44 when i was able to configure (via SF200 web interface) a port mirroring from port FE17 to FE7.But after having suppressed this port mirroring again, i was not able to reconfigure a new port mirroring from port FE1 to FE3 (the SF200 hangs).
i have also tried to return to default factory setting but this does not solve the issue.i am working on SF200-24P
Cisco WAN :: ASR 1006 Supported Span Port Or Port Mirroring?
Mar 2, 2011is ASR 1006 supported span port or port mirroring? Any config about that?
View 2 Replies View RelatedCisco Switching/Routing :: QOS Between 4510 And 3550?
Oct 31, 2011I am having issues working on my QOS between 4510 and 3550 switch connecting on layer 3 through a service provider. I have class maps and policy map setup on both sides and then policy map attached to interfaces however i dont see any traffic matching in policy map on 3550 switch, i do see some traffic matching on 4510 but the speed with which its increasing has my doubts about it. When i make voip calls ( VOIP switches are sitting behind 3550 and are mainly 3550 pwr 24 port switches with phone ports configured for auto qos voip cisco-phone and trusting cos) i rarely see the RTP matching in class under policy map.
View 5 Replies View RelatedCisco Switching/Routing :: IOS Upgrade On 4510
Apr 11, 2013I am currently running 12.2 (53) and am looking to move up to the 15+ train. Are there any pre-reqs prior to the upgrade that any one is aware of?Unfortunately I have no "lab environment" to test it in. I have production switches with minimal impact to the campus and if done late night I could have it restored back before open of business the following morning. My FW is up to the latest version and I have found nothing in the release notes specifically stating that there would require any stepped upgrades up to v15 and higher.
View 6 Replies View RelatedCisco Switching/Routing :: 4510 PoE Switches Keep Failing
Jun 11, 2013We have an issue where switches are failing weekly in a switch closet. In the past month we have gone through several 3750G switches and a couple 4510s. The power supplies have eventually made a popping noise and had to be replaced. on the 4510s we've tried two chassis and gone through several power supplies.The switches have been behind UPS systems so should be receiving conditioned power.Could load from the PoE devices really be causing this? I wouldn't think it's power since they are behind a UPS.
View 5 Replies View RelatedCisco Switching/Routing :: Ports In 4510 Not Working
Jul 10, 2012This has been happening repeatedly time to time! we just replace the part! But now it has come to trouble us again.It happening only in one module like 6 to 10 ports wont work.
we run IOS cat4500e-universalk9.SPA.03.02.00.SG.150-2.SG.bin will there be any bug in it?
Cisco Switching/Routing :: Policing Traffic On 4510?
Nov 21, 2012I have two servers on one subnet that each need to replicate to a single server on another subnet. They also need to replicate to each other. This replication is unidirectional so I will refer to the 2 server subnet as the source subnet and the single server subnet as the destination subnet. In order to keep this replication running without killing the MPLS links on either end, we are trying to use a policy-map that limits bandwidth from the source subnet.The Problem:We have created a policy that polices traffic during specific times of day and limits the bandwidth as prescribed, however, bandwidth is also being limited between the 2 servers on the source subnet which is not needed or desired.Class 512K set dscp ef police 1024000 bps 1024000 byte conform-action transmit exceed-action dropClass Map match-any 512K (id 4) Match access-group name DAGExtended IP access list DAG 10 permit ip host 10.20.0.3 host 10.20.0.10 time-range DAG-REP (active) (22793 matches) 20 permit ip host 10.20.0.4 host 10.20.0.10 time-range DAG-REP (active) (14156 matches)The service policy is applied on the input side of the 2 interfaces on which our devices are connected.As you can see, the access list identifies the interesting traffic as traffic from two specific hosts to one specific host. The problem we are having is that bandwidth is also being throttled between the two source hosts even though it is not defined to do so.What can I do to limit traffic from the two source devices to the single destination device without limiting bandwidth between the two source devices?
View 1 Replies View RelatedCisco Switching/Routing :: 4510 - Setup Ports Between 2 Switches?
Jul 23, 2012We have multiple switches(Cisco 4510, 4507R, 3560's) within our network. I've been looking over the port settings between them and noticed that not all ports that are connected directly from switch to switch are trunked the same. Some are desirable on one switch and forced truck on the other switch.
View 5 Replies View RelatedCisco Switching/Routing :: 10G License For 4510 Switch With SUP7E
Sep 4, 2011I am using Cisco 4510 Switch with Default LAN Base image. Now I have purchased 10G Upgrade license. The part number for Upgrade license is WS-C4500-10G-LIC. I have received a CD from Cisco (named as 'Includes License and Warranty'). Any License upgradation is required for this license? Or this is only a paper License.
I could not find out any .lic file on the CD. Also there is no paper with PAK.
Cisco Switching/Routing :: 4510 No Link On Access Interfaces
May 3, 2012I just upgraded all of our switches on campus to Version 15.0(2)SG4 after about a month of testing. On two switches so far, we are seeing that clients can not connect, and the switch isnt detecting a link. I dont see anything out of the ordinary in int status, port-security, or errors on the interface. Plugging in a different computer does nothing. Only thing that works, is a shut, no shut of the interface. After that, its connected.
View 7 Replies View RelatedCisco Switching/Routing :: 4510 - Upgrading Switch Already Running IOS 15
Apr 4, 2013I have a Catalyst 4510 that is running IOS version 15.X that has a bug and Cisco recommends upgrading the IOS. Are there additional steps required to perform an IOS upgrade due to licencing Cisco put in place?
View 5 Replies View RelatedCisco Switching/Routing :: 4510 Enable MAC Address Filtering
Oct 27, 2010I am planning to enable MAC address filtering (one port on 4510 & another 3560). I want to allow only that MAC address to communicate via that port with the rest of the network and internet.
4510 has PC connected and 3560 had polycom connected. [code]
Cisco Switching/Routing :: 2960 And 4510 IPv6 Support
Mar 2, 2013I have cisco 2960 and Catlyst 4510 switches now we are planning to implement IPV6.
i have the fallowing IOS on my switches.
C2960-lanbasek9-mz.122-50.se5
Cat4500e-entservicesk9-mz.122-54.sg1.bin
The above ios will support for IPV6 or I have to purchase new IOS, which version will support.
Cisco Switching/Routing :: Speed Up Connection Between 6509 And 4510
Feb 21, 2013I got a 6509 version 12.1(22)E2 that I am replacing with a 4510E version 3.40SG with Supervisor Engine 7-E. The 6509 is configured with 20 channel-group for dual fiver connection to ten 3550 switches with trunking enabled with isl encapsulation. The 6509 is the VTP server to each of the 3550 switch clients. There are 40 Microsoft Servers attached ot the Gig RJ45 port modules.
I have attached the 4510 to the 6509 with dual fiber connection configured as a channel group with trunking enabled. I am configuring the 4510 the same as the 6509 except I have to use trunking with dot1q encapsulation because isl is not supported on the 4510. I no longer want to use VTP with the 4510 and have set the it as transparent mode. Each of the 3550 switches are changed from isl trunking encapsulation to dot1q and VTP mode is changed to transparent when they are moved from the 6509 to the 4510.
I want to move the switches over a few at a time and not all at once. The first 4 switches attached with no problems and ran with no problems for the user access to the servers still on the 6509 for a week. Then I found out DHCP was not working for the devices attached to the switches on the 4510. I moved one of our domain controllers form the 6509 to the 4510 to fix the DHVP problem. I have now added 2 more switches with users that use an application on a server still on the 6509 and they are getting disconnect errors after logging into it and using it. Other applications on different server also on the 6509 are having no problems. I moved the switches back to the 6509 to get the users up during business hours. I now plan on moving the server for the application that was failing to the 4510 in hopes that it will fix the problem.
Is there something I can do to speed up the connection between the 6509 and the 4510 so I can continue this transition without having to move the servers to the 4510 as I move the users?
Cisco WAN :: 7206 - Maximum Number Of Multilinks?
Dec 5, 2010What is the maximum number of multilinks we can have on a 7206 router ?
View 4 Replies View Related