Cisco Switching/Routing :: Same VLans 20 And 21 At WAN And LAN Interfaces
Dec 12, 2011I have VLans 20 and 21 set by ISP for Voice and Data respectively.What will happen if I already have VLans 20 and 21 in my Local network?
View 4 Replies
ADVERTISEMENT
Cisco LAN :: Management Interfaces On 7600 Switches And Its VLANs
Jul 19, 2012I am using a Catalyst 7600.
I set up a VLAN interface (VLAN 3) with an IP-address and I can connect to it using telnet and log in to the switch as admin.I call this my management interface.
How come I manage to log into the management interface when the native VLAN is default 1? I thought the native VLAN determines which VLAN I need to log into to access the switch?
Can I make management interfaces of all the 48 ports if I want?
Cisco Wireless :: 5508 WLC Designing - Interfaces And VLans
Oct 8, 2012just have few questions about designing WLC 5508
The scenario is that currently one of the client has a firewall Tie ring T1 internet facing and T2 internal which has multiple DMZ connected.
T2 firewall has a DMZ switch connected which has a router which connects to MPLS cloud to different site across the country. (around 10 sites) all static routing.
Now the client is thinking to deploy wireless at all 10 sites using H-REAP. The issue is that client has only one WLC and they are not willing to buy other as i was thinking to deploy two WLC one for corporate and one for guest users. (one in internal network and on in DMZ)
Now my question is as follow.
1- Keeping in mind that there is only one WLC where should i physically put it?
2- How guest users will work ? How the authentication will be done?
3-There are 8 SFP ports in WLC how physical topology will look like?
4-How many Vlans i have to make for wirless users will that be 10? (1 at each site) ?
my last question is that how these ports work on WLC are they just like switch e.g one port can be assigned to different vlan....just confuse about interfaces and vlans on WLC (interfaces concept)
Cisco Firewall :: ASA5520 / 3560 - VLANs And Sub Interfaces
Aug 20, 2012ASA's G0/2 interface is connected to G0/1 interface of a 3560G switch in DMZ, below is the config and diagram
Switch Config
int g0/1
switchport mode trunk
switchport trunk encapsulation dot1q
int vlan 1
ip add 192.168.0.100 255.255.255.0
We are running out of IPs in 192.168.0.X network and planning on creating sub interfaces on the ASA and trunk it to the switch so that we can have multiple V LANs in DMZ. Tried the below config in LAB but that didn't work, can you have a look at it and let me know if I miss anything. No change on the switch config since G0/1 is already a trunk port.
ASA Config
interface GigabitEthernet0/2
description Trunk to DMZ networks
no nameif dmz
[code]...
If I change the V LAN on the switch from 1 to a different V LAN, say V LAN 50 for example, and configure the ASA accordingly its working fine.
Cisco Wireless :: 5508 WLC Design / Interfaces And VLans
Oct 8, 2012just have few questions about designing WLC 5508. The scenario is that currently one of the client has a firewall Tie ring T1 internet facing and T2 internal which has multiple DMZ connected. T2 firewall has a DMZ switch connected which has a router which connects to MPLS cloud to different site across the country. (around 10 sites) all static routing. Now the client is thinking to deploy wireless at all 10 sites using H-REAP. The issue is that client has only one WLC and they are not willing to buy other as i was thinking to deploy two WLC one for corporate and one for guest users. (one in internal network and on in DMZ). Now my question is as follow.
1- Keeping in mind that there is only one WLC where should i physically put it?
2- How guest users will work ? How the authentication will be done?
3-There are 8 SFP ports in WLC how physical topology will look like?
4-How many V LANs i have to make for wireless users will that be 10? (1 at each site) ?
My last question is that how these ports work on WLC are they just like switch e.g one port can be assigned to different v lan....just confuse about interfaces and vlans on WLC (interfaces concept).
Cisco Firewall :: Configure ASA To Send All Traffic From (3) VLans To Interfaces That Connects To 2960?
Apr 18, 2013I have a an ASA 5520 connected to a Layer 3 (3750) switch (Inside) and a connection to a 2960 switch (Outside) to get to the internet. . I have created vlan interfaces on the 3750 switch and enabled ip routing on the switch to enable the vlans to communicate with each other.
Vlan Interfaces on the switch:
Vlan 100 172.17.1
Vlan 200 172.18.1
Vlan 300 192.168.3.1
I want the devices connected to the 3 vlans to be able to pass through the firewall and get out to the internet.I have connected the ASA to the 3750 by routed interfaces (10.10.10.1) --------- (10.10.10.2) and they are able to ping each other.I have also put a default route on the 3750 sending all traffic from the switch to the ASA inside interface (10.10.10.1)The issue that i am having is that the ASA also connects to a 2960 which has a connection to the Internet, and they are handing off an ethernet connection from the 2960 that sits in VLAN 55 (Vlan 55 is the Internet accessible vlan).How do I configure my ASA to send all traffic from my (3) vlans to the interfaces that connects to the 2960 switch?
Cisco Firewall :: (6500 Or 7600) Maximum Virtual Interfaces (VLANs) (FWSM)
Nov 23, 2012tell me for the FWSM (blade on 6500 or 7600) the maximum number of virtual interfaces (VLANs)
View 14 Replies View RelatedCisco Switching/Routing :: 1841 / Routing Through Sub-interfaces Fails?
May 31, 2013I have a problem accessing my wireless router through VLAN sub-interface on my Cisco 1841 router. My hardware:
Cisco Catalyst 2960 switch (192.168.100.4 /24)
Cisco Catalyst 3550 switch (192.168.100.6 /24)
Cisco 1841 router (192.168.100.7 /24)
Asus RT N66U wireless router (192.168.100.2 /24)
Here's my network topology:
I have two VLANs - 10 and 20. 2 DHCP pools are configured on 2 1841's interfaces - 192.168.1.0 /25 and 192.168.1.128/26 with default router sitting on 192.168.1.1 and 192.168.1.129 respectively. No issues with obtaining IP address from any of those pools.Laptop connects to L3 3550 switch (switchport access vlan 10), which, in turn, connects to 1841 router through trunk (with VLANs 10 and 20 allowed).3550 is connected to 2960 through trunk with VLANs 10 and 20 allowed.Wireless router is connected to 2960.I can successfully ping my wireless router and outside world from 1841 from fa0/1 interface, but not from fa0/1.10 or fa0/1.20 sub-interfaces - all packets got dropped. My laptop can obtain IP from both pools (depending on port I connect it to), but can't ping my wireless router and anything beyond it.
I attach my configs:Cisco Catalyst 3550:interface FastEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunk switchport port-security mac-address sticky speed 100!interface FastEthernet0/2 switchport trunk encapsulation dot1q switchport mode trunk!interface FastEthernet0/3 switchport access vlan 10 switchport mode access!interface FastEthernet0/4 switchport access vlan 20 switchport mode access!Cisco 1841:
ip dhcp pool Vlan10DHCP network 192.168.1.0 255.255.255.128 default-router 192.168.1.1 dns-server 208.67.220.220 domain-name home.local
!ip dhcp pool Vlan20DHCP network 192.168.1.128 255.255.255.192 default-router 192.168.1.129 dns-server 208.67.220.220 lease 0 12
interface FastEthernet0/1 ip address 192.168.100.7 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1.10 description VLAN10 Sub Interface encapsulation dot1Q 10 ip address 192.168.1.1 255.255.255.128!interface FastEthernet0/1.20 description VLAN20 Sub Interface encapsulation dot1Q 20 ip address 192.168.1.129 255.255.255.192!
Routing table on 1841:
[code]....
Cisco Switching/Routing :: 800 / Use ASA To Configure All The Vlans And Intervlan Routing And Access Lists?
Jul 4, 2012upgrading our small office network. We currently have about 75 employees with probably 125 devices on the network. I'd like to create about 10 vlans for the different departments and then configure intervlan routing as needed. Currently we have all unmanaged switches and it's just a huge broadcast storm on the network. We are upgrading our Cisco 800 router to an ASA5505 sec. Plus license. I need some recommendations on switches. Of course, this needs to be done as cheap as possible.... Is there a way to use the ASA to configure all the vlans and intervlan routing and access lists and use a cheaper switch to provide the access layer to hosts?
View 4 Replies View RelatedCisco Switching/Routing :: 1921 Routing Access From Mixed IP Ranges Between VLANS
Jan 23, 2013I have the following config using a Cisco 1921. I am trying to get devices on the the native VLAN to get internet access via the gateway x.x.x.73.Any thing being routed from the other Vlans 15/20/30 can get access, but nothing from an internal IP address. Is there something I am missing.
The Xs replace the same 3 octets for each interface.I am trying to route from VLANs 15/20/30 to see VLAN 5. I have tried a few things, in terms of adding extra ip routes, but can't get anything to work. Each of those Vlans have another router on the other side of them, which I have also tried adding ip routes too, but nothing. One of the routers (Vlan15 is a Draytek 2830). [code]
Cisco Switching/Routing :: Enable Ip Routing On C3550 And Vlans To Talk To Each Other
Mar 27, 2012I have purchased these two switches from ebay as a test lab, I plan to connect them up via a gigastack modulecable and enable ip routing on the c3550 and vlans to talk to each other.
I'm very much a procurve person and really need to get into the cisco switching.I will want to trunklacp between the switches - whats the process is setting that up on cisco switches?
Cisco Switching/Routing :: Catalyst 2960g Interfaces Going Up And Down?
Jun 14, 2012i have a cisco catalyst 2960g and for some reason out of the blue, some interfaces go down and then up. It started doing it after a power cycle.
View 1 Replies View RelatedCisco Switching/Routing :: 2911 - Allow Traffic Between Two LAN Interfaces?
Nov 15, 2011I have a 2911 router. One interface is configured external (WAN) and two interfaces are configured on separate internal private subnets. What is the configuration to allow all traffic in both directions between the two internal subnets?
View 21 Replies View RelatedCisco Switching/Routing :: 3500XL / VLAN Interfaces Will Not Come Up
Jan 9, 2013I am using an Old 3500XL and I simply created a
interface VLAN 100
Description ***********
ip address 10.0.1.100 255.255.255.248
no ip directed-broadcast
no ip route-cache
shutdown
no matter what I do i cannot get it to come up, the rest of the switch is default config, I know I am just forgetting something, But I don't know what?
Cisco Switching/Routing :: Output Errors On N5k 10G Interfaces?
Jan 9, 2012today I witnessed a cisco n5k that stopped playing fair. For a yet unkown reason several interfaces started to show output errors all begining within the same second. While i instantly thought this would be a wiring issue I began to ask myself what an output error actually means. Google usually brings up output drops, not regular output errors. So what is it and how can a 10G fiber interface even detect that there is a problem without receiving what it was sending?
View 2 Replies View RelatedCisco Switching/Routing :: 3560E / Routing Between 2 VLans On Same Device?
Feb 19, 2012I have a 3560E with 2 vlans that I want to route between. one device with 2 vlans and route between.Interfaces are configured as such:
int g0/11
switchport mode access
switchport access vlan 10
int g0/12
switchport mode access
switchport access vlan 11
[code]...
Laptops on each port with 10.10.10.2 and 10.10.11.2 configured on them. I can ping from 10.10.10.2 to 10.10.11.1, but not to 10.10.11.2.What do I have to configure to be able to get the 2 laptops to talk to each other?
Cisco Switching/Routing :: Sub Interfaces And Recommended Configuration Not Works On 861
Jun 11, 2012I am currently trying to setup a GRE tunnel on a cisco 861. As part of a configuration template provide by an outside source I am recommended to use a sub-interface on the router but the recommended configuration does not work.
View 1 Replies View RelatedCisco Switching/Routing :: 4503-E Cannot Bring SFP Fiber Interfaces Up
Sep 2, 2012I am trying to connect a 6509 switch to a 4503-E switch using single mode dark fiber over a distance of less than half a mile. Although a routine task, it does not work..We have a care 6509 switch where we concentrate all of our dark fiber connections for our remote sites. The 6509 switch already has 30 remote sites, most of them with 4503-E switches, connected in this way therefore it is a tested scenario. For the connections we use the GLC-LH-SM SFPs on both switches. Out of these 30 sites we had a similar problem with two of them, which we solved with the use of CWDM SFPs. With the CWDMs the fiber came up right away. However, I cannot keep using this solution because it is way too expensive! I had the losses of the fiber measured end-to-end and they are negligible (>0.5 dB).
In this latest case, like I said, we could not bring the connection up between the core 6509 switch and the 4503-E switch using the GLC-LH-SM SFPs. I then replaced the 4503-E switch with a 3560 and the link came up! Then I tried using a CWDM-SFP in the 4503-E, while keeping the GLC-LH-SM SFP in the 6509 and the link came alive again! Of course we already tried replacing the fiber patch cords with no luck. [code] I find it very weird for the link to work with the 3560 or with a CWDM in the 4503 but NOT with the SFP in the 4503!
Cisco Switching/Routing :: Nexus 5548UP / Two Management Interfaces For N5k
Jan 10, 2013I have a Nexus 5548UP that would be managed by two organizations. Is it possible to set IP addresses for mgmt0 and an SVI (or an L3 interface) without using the L3 daughter card? I don't want to route between VLANs, just to separate management traffic.
View 4 Replies View RelatedCisco Switching/Routing :: 4510 No Link On Access Interfaces
May 3, 2012I just upgraded all of our switches on campus to Version 15.0(2)SG4 after about a month of testing. On two switches so far, we are seeing that clients can not connect, and the switch isnt detecting a link. I dont see anything out of the ordinary in int status, port-security, or errors on the interface. Plugging in a different computer does nothing. Only thing that works, is a shut, no shut of the interface. After that, its connected.
View 7 Replies View RelatedCisco Switching/Routing :: 2610 Configured IP Addresses On Interfaces
Feb 10, 2013I'm working on my CCNA. I purchased an old router 2610 with two ethernet ports. I configured the IP addresses on the interfaces and added the default gateway. I configured NAT to go out my ATT DSL router to the internet. With the 2610, I'm able to ping the back end or internal DSL router, but I can't ping the front end, external router, or out to any internet site such as google.
View 10 Replies View RelatedCisco Switching/Routing :: N7K M1 Interfaces Stuck In Initializing State
Jul 12, 2012We did an upgrade from NX-OS 5.1.5 to 5.2.4 and found all M1 line card interfaces were stuck in initializing state for long time.'show module' status says ok. And we cannot execute shut/no shut command under the interface. N7K-M108X2-12L & N7K-M148GT-11 are the two M series cards. Only option was to downgrade back for the time being.
N7K01# sh int e1/1 | in down
Ethernet1/1 is down (initializing)
Cisco Switching/Routing :: Bonding Two Interfaces On Two 2940 Switches
Jun 6, 2013I have two switches (sanitized configs attached) and I am trying to bond int gi0/1 and gi0/2 between the two. Then I need int gi0/3 back to the main LAN switches. These are new Vlans created 982 and 983 for these switches. Question #1: do the configurations look correct? I haven't placed any laptops on the interfaces to test interconnectivity yet but I am wondering if it will work with no default routes.
The admin team needs these switches at location A for setup then they will be moved to Location B. The only thing that sucks for me is that the network admin before me created gateway interfaces for all the local Vlans on a main router as sub interfaces. For example, for these two subnets, I need to create subinterfaces below (at location A), which is why a gave the Vlan on the switches, ip addresses.
interface GigabitEthernet0/0.982
encapsulation dot1Q 982
ip address 10.98.2.1 255.255.255.0
ip flow ingress
no cdp enable
service-policy input mark-mplsqos-in
interface GigabitEthernet0/0.983
encapsulation dot1Q 983
ip address 10.98.3.1 255.255.255.0
ip flow ingress
no cdp enable
service-policy input mark-mplsqos-in
When I move the subnet to location B, I will also move the gateway. These two switches will be used mainly for a VMWare and HyperVisor environment so Vlan 982 is for VMA network and Vlan 983 is for management. The admin tells me the software needs to tag the packets, I am not sure if I care as the switches should handle that also.
Cisco Switching/Routing :: ASR1002 Onboard Interfaces / Fixed Gig Or Not?
May 23, 2013Is the onboard interfaces on an ASR router (4x on ASAR1002, 6x on ASR1002-X) are fixed gigabit or are they 10/100/1000 ?
I assume the interfaces on the 8port Gigabit SPA module are fixed gigabit speed ports (why otherwise sell a 10/100 8port SPA module also ?) no ?
Cisco Switching/Routing :: 2960 / Bridging On Router Sub-interfaces?
Aug 13, 2012I need to bridge 2 subinterfaces; F0/0.301 and F0/0.302 on a single router.The router interfaces with a Cisco 2960 (LAYER-2) switch.QUESTION is, does a Cisco router support bridging on subinterfaces on the same physical interface?Currently this is NOT operational Spaiing-tree on F0/0.301 and F0/0.302 is down, switch side is forwarding for both Vlans.show ip interface brief shows up/down status of F0/0.301, F0/0.301 and BVI6 is down/down?
:
SETUP:
bridge irb
!
!
Interface F0/0
no ip address
[code]....
Cisco Switching/Routing :: Routing Between Vlans On 3750x
Jan 24, 2013I am setting up a vm environment for a customer in my lab off site. I have two stacked 3750-x switches, a san, and threes UCS c220 M3S servers for hosts. I am trying to separate the lan traffic, san iscsi traffic, and san management traffic using vlans. The problem is i'm unable to communicate cross vlan with my current config, which I have attached to this post. The only noteworthy things in my conifg is that the ip route 0.0.0.0 0.0.0.0 192.168.83.6 is referring to a switch stack they have on site, that I will connect this stack to using the first two trunk ports on each switch, that I do not have here in the lab. I don't want to cause any confusion in why I have things set a certain way.
View 1 Replies View RelatedCisco Switching/Routing :: Nexus 7010 - How To Block SSH Access On SVI Interfaces
Jun 4, 2012I use Nexus 7010 as our layer 3 router.I have ssh feature turned on so I can manage it from the management interface. I just found out that users can use putty to ssh to the local SVI interface of the NEXUS. Although they still need username and password to login but we dont want them even able to bring up the welcome screen.Example, user's IP is : 172.16.25.100 , they can ssh to 172.16.25.1 which is the NX SVI interface.
View 1 Replies View RelatedCisco Switching/Routing :: 3750 To Connect Routed Interfaces And Vrf Design
Sep 26, 2012I would like to do the following architecture with the same C3750 : network X,Y,Z connected to 3750 in VRF D the 3750 uses a routed interface on subnet E for the default route in VRF D on this routed interface a BYPASS EQUIPMENT the other BYPASS EQUIPMENT interface is connected also to another routed interface on subnet E "also" this routed interface is in another VRF C with other network A and B.do you know if it will work because of 2 routed interfaces on the same IP subnet or is there a way to do that ? the only goal for me is to catch traffic from network X,Y,Z on SYN and ACK.
View 5 Replies View RelatedCisco Switching/Routing :: 2800 / Does ISR G2 Support Etherchannel Over Integrated Interfaces
Dec 20, 2011I remember I did that one time on 2800 router with Gi0/0 and Gi0/1 to connect another port channel in 3560G switch. I have no way to try it in ISR G2 router like 2900 or 3900 now. I know the the ethernet switch module must support it. I wonder if the integrated interfaces support it or not.
View 5 Replies View RelatedCisco Switching/Routing :: ASA 5520 - Can't Ping / Pass Traffic Through Interfaces
Apr 17, 2012I've just started a CCNA course and my lack of knowledge has me a bit stuck. My network is comprised of Cisco components and I'm semi familiar with them just from reading and looking through options. I currently am using a Cisco ASA 5520 on my network and I am trying to join another network via one of the interfaces. My network is 192.168.0.0 255.255.0.0 and my inside interface is 192.168.1.1 255.255.0.0. I enabled a second interface using a static ip of 10.0.0.1 with a subnet of 255.255.255.128. Connected to that interface, I have a Fortigate firewall at 10.0.0.2 255.255.255.128. I can ping just fine from the Fortigate network to the 10.0.0.1 interface on the Cisco ASA 5520 network, but I can not ping the 10.0.0.1 interface (or anything past it) on the ASA 5520 from any computer on the Cisco network. I've read that ACL's and NAT have to be done as well as enabling traffic between interfaces with the same security levels. (both interfaces have security levels of 100 and the option is checked to allow traffic).
Note: each network has it's own internet connection. The connection is to share information on servers on both networks with each other.
Cisco Switching/Routing :: Module To Add Gig Interfaces To 2800 Series Router
Aug 16, 2012I am trying to add WCCP to be configured for websense. My first option seems to be either purchase an IPServices license for the stack of 3750E switches, but i am thinking this will require us to license all three switches in the stack. The second option i am looking at is to do the WCCP configuration on the 2800 router we have on the edge. The problem is both Gig ports are in use, one going to the firewall and the second going to the ISP. My first question would be, which option is better in terms of manging as well as cost of implementing it.The second question is, if WCCP on the router is a better option, what is the add on module i should be looking to get to add the additional ports to hook up the Websense cache.
View 8 Replies View RelatedCisco Switching/Routing :: Check QoS Counters And Stats For Interfaces On Cat 6509?
Oct 28, 2012how I can check the qos counters and stats for interfaces on my cat 6509 ?
View 1 Replies View RelatedCisco Switching/Routing :: Policy Route-map Not Sticking To 3750 Interfaces?
Apr 23, 2013I have a client with a 3750x stack. We've upgraded it to IP Services. We have a simple PBR setup. One access-list to forward traffic from a specific LAN ip to another gateway on the network.
I go to vlan1 (default vlan) to apply the PBR and the command takes with no errors, but do a "show run" and it doesn't show up under the interface.
I go to vlan1 and apply a PBR that doesn't exist and the command takes with no errors, and is listed under the interface in the config
I can apply the PBR globally and appears to work, but we can't have it there based on other issues it creates.
config: (all tracks are up)
C3750_stack#show sdm prefer
The current template is "desktop routing" template.
[Code]....