Cisco Switching/Routing :: Native VLan Between 2960S And 4507 With VRF-Lite?

Jan 4, 2012

We are trying to setup a new configuration with 2960S as access switchs and a 4507 as a core switch.I want to protect the management IP VLAN of the swich using vrf on the 4507 so we :
 
SHUT VLAN 1 on every switch (2960 + 4507)
CREATE A NEW VLAN 289 (management vlan) -> IP network : 10.32.126.192/26
L3 VLAN on every switch
VLAN 289 in the VRF XXX on the 4507
create tunk between the switch and the 4507 :
switch mode trunk allowed vlan 200-230
sw trunk native vlan 289 
 
so with this configuration on the 2960 the vlan 289 is UP/DOWN and UP/UP on the 4507 I can access to the 4507 using the IP in the VLAN 289 but i cannot access to the 2960 behind the 4507 CDP connectivity is ok?

View 14 Replies


ADVERTISEMENT

Cisco Switching/Routing :: 2960s - Unable To Access Lite Switch

Nov 9, 2012

Unable to access switch from outside the local network. Can get to all routers and PC's

View 2 Replies View Related

Cisco Switching/Routing :: 2960 LAN Lite / VLAN Number Max 64?

Jun 6, 2013

we have inserted into a network with VTP a Cisco Switch 2960-S, not knowing that had installed IOS LAN lite.Now I discovered that it can handle up to 64 vlan. In the network there are currently configured 62 VLAN: what happens when we exceeded the max number (64) of VLAN for that switch?

View 6 Replies View Related

Cisco Switching/Routing :: 2960 Have A Native VLAN

Feb 19, 2013

In our network environment, we have a 2960 switch sitting behind our router. Off of this we have a lot of external connections, like our external DNS, firewall, and VPN concentrators. I've configured a VLAN other than the default, moved everything into it and then shut VLAN 1. In this hardening guide it says that your native VLAN should be something other than the user VLAN, but if I am not using any trunk links, wouldn't I not really have a native VLAN? I attempted to make the link to our firewall a trunk link and then set the native VLAN to something else.

View 5 Replies View Related

Cisco Switching/Routing :: Route Data From Vlan 10 To Vlan 20 On 2960s?

Mar 31, 2013

i need to solves this little problem on 2960S lan BASE but i dont know if it is possible.
 
Uplink port config for gi 1/0/28 is:
 
switchport mode trunk
switchport trunk alloved vlan 10,11
  
but on interface gi 1/0/1 i want to have data from vlan 10 tagged as VLAN 20.
At this time i have solved this issue very primitively
 
I have set up gi 1/0/2 as int mode acces, acces vlan 20 and i have connected gi 1/0/2 with gi 1/0/3 with eth cable. int gi 1/0/3 is switchpor mode acces, switchport acces vlan 10

View 4 Replies View Related

Cisco Switching/Routing :: 6500 - Can Native VLan Or Duplex Mismatch

May 25, 2012

1 week ago, I got a call from a client that reported a network outage, the client told me that, 3 switch has crashed he try to console but it just hang. I ask him, did you change something? he said he didn't change anything, he just pluged a nortelswitch to the cisco switch number 9, but that switch doesn't crash like the others (3,4,8). I check the uptime, and yes the switch never been powered off..
 
   the topology look like this
 
              ____ 6500  ____
             /      /    |           
           1      2    3    4       5  ...... 9
 
 
the vlan is end to end vlan, so vlan span between all those switches. transparant. this is collapsed topology, core and distribution is the 6500 itself all of the 1-9 access switch are in the same rack, with no loopguard, and bpdu guard configured. and connected to the core using etherchannel. the problem is there is no log available to start the troubleshooting/investigation.

View 3 Replies View Related

Cisco Switching/Routing :: SG-300 52 Native VLAN Blocking Network Packets

Jun 15, 2013

SG-300 52 native VLAN blocking network packets

View 3 Replies View Related

Cisco Switching/Routing :: Changing Native Vlan On 3550 Switch

Dec 22, 2012

I am having trouble after creating a management vlan (99) on a 3550 switch.I have configured the vlan (99) and given it an IP (192.168.1.100) and a default gateway (my router address - 192.168.1.99).I can ping to the switch from a PC and vice versa. The management VLAN IP is fine but now I cannot ping to the router from either the PC or the switch.It seems that just by adding VLAN 99 with it's own IP address has now prevented pings from the switch/ PC to the router ?Due to the fact that I have created a new switch management VLAN with an IP, does this mean I have set up the router as a 'router on a stick' scenario ? [code]

View 4 Replies View Related

Cisco Switching/Routing :: 3750X-12S No Spanning Tree On Native VLAN

Oct 7, 2012

I am migrating an existing LAN from 3550 to 3750X-12S. In the existing configuation, I´ve got some trunks with native VLAN <> 1. The native VLAN is also used for user data transport. With IOS 15.0(1)SE3 on 3750X I recognized, that per default behavior PVST is not active for a VLAN defined as native, even if the corresponding trunk is up and trunking. My current workaround is to add a "switchport access vlan" command on the trunk even this one never should become an access port. With this statement only the switch is activating the PVST for the native VLAN. For all other vlans PVST works as exspected. [code]

View 6 Replies View Related

Cisco Switching/Routing :: 6509 - Can't Change Native Vlan On Trunk Port?

Jun 6, 2012

I have several closets with Cisco 3560 on the edge that I'd like to change the vlan that's used for the management vlan on each. In the core I have a Cisco 6509 with Sup720's.
 
I'd like to do this by changing the native vlan on the trunk port on the core 6509 interface that connects to the 3560. and leave the management vlan on the 3560 as vlan 1.
 
Seems trivial but what I tried didn't work and I didn't have the window to troubleshoot. I'll paste the simplified configs for  the interfaces  below
  
!
6509 configs:
!
interface Vlan50ip address 172.16.50.2 255.255.255.0!interface FastEthernet

[Code]....

View 5 Replies View Related

Cisco Switching/Routing :: Disable Administrative Native Vlan Tagging On 6509?

Dec 13, 2012

We have a problem with CDP packets on sent by our Cisco 6509's.  Unlike our other Cisco switches (4948G, 5020, etc.), the 6509 tags administrative traffic on the native vlan.  As a result the CDP packets are sent with an 802.1Q header with a tag of 1.  The other switches send the CDP packets untagged on the native vlan.  This causes problems because we have non-Cisco devices in our lab that also receive and send CDP, but they do not process the packets that are tagged by the 6509.  They see the packets from the 4948 and 5020 just fine.
 
How can I disable the administrative native vlan tagging on the 6509?  Here is the current setup:
 
nwkdev-6509-1#show vlan dot1q tag native
dot1q native vlan tagging is disabled globally
nwkdev-6509-1#show interfaces gigabitEthernet 1/9/1 switchport

[Code].....

View 13 Replies View Related

Cisco Switching/Routing :: WS-C3560G-24PS / Native Vlan Tagging And Vty Access To Autonomous APs?

Jan 14, 2013

I've been experimenting with the 'vlan dot1q tag native' command on a switch and it seems as though tagging the native vlan breaks vty access to my access point.With the 'vlan dot1q tag native' commnand applied, I lose management connectivity to the AP with 'no vlan dot1q tag native' applied, connectivity is restored. Why is this? Is it safe to say that one can access the AP via vty lines using ONLY untagged packets? 
 
SWITCH
Model: WS-C3560G-24PS
Code: c3560-advipservicesk9-mz.122-46.SE
--Abbreviated CONF
 vlan dot1q tag native

[code]....

View 14 Replies View Related

Cisco Switching/Routing :: How To Migrate From Fixed Router To Vlan Routing On 4507

Feb 16, 2012

Any "best practices" or recommendations on how to migrate from a fixed router (3745) to vlan routing on Catalyst 4507 switches in order to minimize the disruption to the network.

View 4 Replies View Related

Cisco Switching/Routing :: 4507 - Monitoring All Traffic From VLAN To Cloud

Jun 14, 2012

I have a requirement to monitor all traffic going from the internal LAN to the cloud.  The LAN is a layer 2 VLAN  which spans multiple Cisco 4507 switched and other smaller switches.
 
The VLAN has an IP address which the hosts use as the default gateway.
 
The exit port is on a Cisco 3600X switch connecrted to 4507 #1 via a 10G fiber link. 4507 #1 connects the rest of the LAN. Those switches interconnect via 10G fiber and 1G copper links.
 
Currently the monitor host is connected to a 1G copper port, configured as a monitor port,  on one of the backside 4507s The switch manager says he has the switches configured so that I can see all traffic on the VLAN.

View 1 Replies View Related

Cisco Switching/Routing :: 4507 - Show ARP Returns Info Only On VLAN?

Jan 19, 2012

We have a number of 4507s. Most are managed via VLAN 1 address. All have multiple VLANS for traffic control. When I do a show ARP or show IP ARP the command only shows VLAN 1 info. No entries for any of the other VLANS on the switch.

View 2 Replies View Related

Cisco Switching/Routing :: 4507 Connection Establish From Default Vlan

Jan 6, 2013

I am tring to configure ssh in cisco 4507.After doing so Ican see ssh connection establish from default vlan but getting failed from other vlan.rectify the ssh configuration so that connection estabnlish from any vlan.

View 1 Replies View Related

Cisco Switching/Routing :: 2960S / QoS At Layer For Single VLAN

Jun 27, 2012

I got a different scenario from one of my client.My client have two different branch offices and have 50Mbps point to point connectivity between them. All users in both braches using same series of IP pool ( 192.168.224.0/24) in both branches.Both branches he had only Cisco 2960S series switches only. And in both branches he is using IP cameras. He will monitor the assets by accessing IP cameras through the browser.His requirement is, he wants to prioritize the Video traffic( monitoring through the browser) over the normal data traffic.Note: He had a single VLAN only.

View 8 Replies View Related

Cisco Switching/Routing :: 2960S - IPTV VLAN In Trunk QOS

Sep 22, 2012

I need to set QOS in our new network. We have connected 2 cities together with 700Mbit leased line. On each side we have Catalyst 2960S switches and between them is TRUNK for VLAN 10 and Vlan 20.Vlan 10 is for IPTV (fixed 400 Mb/s for CATV)Vlan 20 is for Internet (rest).Sometimes is happening that Vlan 20 takes more than 400 Mb/s for a few seconds and in this situation we have problems with CATV.Is there any way to make a guaranteed bandwidth 410 Mb/s for CAT - VLAN 10  on this swithces?

View 2 Replies View Related

Cisco Switching/Routing :: Configure VLAN On 2960S Switch

Jan 20, 2013

I have hybrid network in which I want to configure VLAN on  Cisco 2960 S switch. I have unmanged switch where my DHCP server and other servers are connected. Now I created two VLANs on cisco 2960S and they don't talk each other, but as soon as I connect unmanaged switch to 2960S switch, both VLANs start communicating which I don't want. I want to listen server traffic from unmanaged switch from both VLANs but simultaneously I don't want to communication between two VLANs.

View 10 Replies View Related

Cisco Switching/Routing :: 2960S / 2911 / ASA 5510 - VLAN Can't Get To Internet

Sep 24, 2012

Have multiple Catalyst 2960S switches, Cisco 2911 router and ASA 5510 firewall.
 
On the router have subinterfaces created for the VLAN's Int FA0.0/41 for wirless VLAN setup with IP 10.10.41.100 Int FA0.0/60 for new Voice VLAN setup with IP 10.10.60.100 Internal network is 10.10.10.0/24 and LAN IP of router is 10.10.10.100 Have default route setup to push traffic from the router to the firewall ip route 0.0.0.0 0.0.0.0 10.10.10.251
 
On the firewall have added the new VLAN 10 (10.10.60.0) to the network object-group Have configured route inside command route 10.10.60.0 255.255.255.0 10.10.10.100 1 Have also added the NAT command nat (inside) 1 10.10.60.0 255.255.255.0
 
On the 2960 I have my laptop connected to port 45 and I have it configured as follows switchport mode access switchport access vlan 10
 
I assign my computer a static IP address of 10.10.60.84/255.255.255.0/10.10.60.100 with 10.10.10.11 as DNS server.  When I do this, I can ping anything on the 10.10.60.0 network, I can ping anythign on the LAN 10.10.10.0 network.  I am able to connect MSN messenger, I am able to do NSLOOKUP and get outside IP addresses to resolve. I am unable to browse the Internet though.  I am not sure where the problem is at though.  It doesn't make sense to me, as it is setup the same way as VLAN 41 which is the wireless network, and when users connect to that, they get out to the Internet with no issues. 

View 15 Replies View Related

Cisco Switching/Routing :: 2960s - Config Port1 To Be Tagged On 2 VLAN

Dec 7, 2011

i have a Catalyst 2960S since 2 days. I am a new user, i like to configure the switch! my first problem is: i have 2 v LAN vlan1/24 and vlan200/24. I'd like to config port1 to be tagged on the 2 v LAN i know from hp port must be tagged. how can i config port 1 to be tagged on vlan1 and vlan200? and port 2 to be untagged in vlan1 and untagged in vlan200?

View 12 Replies View Related

Cisco Switching/Routing :: Passing VLAN / Spanning-tree Between 2960S And 3750X

Oct 8, 2012

Has anything changed in the way of defaults for creating a trunk port and spanning-tree between a 3750x and the newer 2960s? I have one of each I just took out of the box and applied my standard switch configuration template but I cannot get my VLANs that are configured on my 3750X to appear on the 2960S. I find nothing that is blocking and everything seems to be forwarding and I am running out of things to check.

View 5 Replies View Related

Cisco :: What Is Vlan Native

Jan 5, 2013

what NATIVE VLAN is . What are the benifits of using this and when do we use this.

View 1 Replies View Related

Cisco Switching/Routing :: LAN Base Software For 2960 Lite Switches?

Feb 6, 2012

We ordered 4x cisco 2960 switch with LAN Lite software by mistake. Can we upgrade them to Lan Base?When I change boot image I get Error: hardware not supported by firmware.

View 3 Replies View Related

Cisco Switching/Routing :: 2960 With LAN Lite Software Be DHCP Server?

Feb 10, 2013

I need to  buy a cheap Cisco switch with DHCP server.Can you confirm that 2960-24-S, 2960-24TC-S and 2960-48TC-S be a DHCP server?

View 3 Replies View Related

Cisco Switching/Routing :: WS-C2960-24TC - LAN Base And Lite IOS Install

Jul 18, 2012

A quick one because I'm scratching my head trying to figure the difference between the 2960 LAN Base and LAN Lite IOS installs. I want to put a 2960 into a site which has as layer 2 link on dark fiber taking it elsewhere. This part I'm not concerned about - the WS-C2960--24TC will do what I need without issue - but I don't know if I can get away with LAN Lite, or if I need LAN Base.
 
I basically need V LAN's with associated SVI's, and a routed link on the up link port (I don't care if it's a switch port with an associated SVI or a no switch port and IP address), but it's got to be able to run OSPF. Can I do this with LAN base on this series switch? Or do I need to go for a higher series (3560?). I *could* get away with static routes, but my boss is walking death on them unless I can 100% prove they're necessary, so I'd rather not right that fight!

View 5 Replies View Related

Cisco Switching/Routing :: Any Special License On Catalyst 4900M In Order To Run VRF Lite?

Apr 4, 2013

Do I need to run any special license (like IP SERVICES) on the Cisco Catalyst 4900M in order to run VRF lite?

View 4 Replies View Related

Cisco Switching/Routing :: 2960 LAN Lite Image Does Not Support MLS QoS Trust Device

Jun 20, 2012

I have some 2960 switches with Lan Lite ios in my infrastructure.And I try to configure them to support "trust device cisco-phone" and "switchport priority extend cos 0" on ports with cisco phones.But LAN Lite image does not support "mls qos trust device cisco-phone".can I use any workaround to trust cos of cisco phone and to remark PC traffic with cos 0?

View 1 Replies View Related

Cisco :: Native VLAN Discrepancy Is Not Reported In LMS 4.0

Aug 1, 2011

I have the following problem in LMS 4.0. I see a lot of CDP syslog messages about Native Vlan Mismatch, but the LMS doesn't report it in the disrepancy report. Why?? The similar problem is with TRUNK VLAN Mismatch. The customer doesn't use VTP in his network. All switches are in the VTP transparent mode.

View 1 Replies View Related

Cisco Switching/Routing :: 6500 - Native IOS Image Synchronization?

Feb 15, 2012

I have a simple question: In 6500 CatOS, we had that feature of image synchronization, which added the ability to download the image from the active supervisor to the standby via internal TFTP of the CatOS. Can this be done on IOS? I was looking fot this over the Internet and couldn't find anything.

View 1 Replies View Related

Cisco Switching/Routing :: 3560 - Native Vlan1 Over Trunk

Jan 28, 2013

if i have this config:
switch port mode trunk
trunk aloved vlan 50
 
will travel over this trunk untagged packets? For eg the V LAN 1 is by default native V LAN without tag. If i have created a bog ring with catalyst 3560x switches with no spanning tree on V LAN 1 can be the case of this config a loop ???
I am using upper config on interfaces that are connected the switches  together in ring.
 
Other interfaces on switch have this config:  
int range 0/1-4
switchport mode acc
switchport acc vlan1
 
int range 0/5-24
switchport mode acc
switchport acc vlan50
 
I am using vlan1 just for local switching without connection to internet! I am asking just because i have this king of messages in logs:

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/0/27 (1), with SW3560x_BR8874 GigabitEthernet1/0/19 (50).
 
GI 1/0/27 and GI 1/0/19 have this config:
switchport mode trunk
trunk aloved vlan 50

View 5 Replies View Related

Cisco Switching/Routing :: Setting Up VRF-lite On Redundant 6509-E To Account For Chassis Failure?

May 15, 2013

setting up VRF-lite on redundant 6509-E chassis to account for chassis failure?   Let's say I have 2x 6509-Es configured with HSRP for 2 vlans, ServerA and ServerB.  So
 
6509-A#
!
interface Vlan10
description ServerA VLAN
ip address 10.10.10.2 255.255.255.0
ip flow ingress
standby 1 ip 10.10.10.1
standby 1 priority 105

[code].....
 
I now need to create an environment where the Server VLANs can be provided for two customers and they need to be wholly separate.   On 6509-A, I make VRF CustomerA  and VRF CustomerB  and I assign Vlan10 to VRF CustomerA and Vlan20 to CustomerB.   Do I create the SAME VRFs on 6509-B with the same logic?

View 1 Replies View Related

Cisco Switching/Routing :: 2960 SI Lan Lite ACLs - Configuring For Admin And Guest Access

Jan 26, 2013

I have a 2960 SI lan lite switch that I am configuring for admin and guest access.  I have wireless AP's plugged into trunked ports 2 and 3.  I am using two vlan's (in addition to the native VLAN).  Vlan 5 for Admin and Vlan 10 for guest access.  I have ACL configured on the router preventing guest users from accessing the Admin network.  I want to prevent those on the guest network from seeing other hosts in the vlan however the lan lite software does not support port ACL's. Any way to accomplish this with this switch. 

version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
[Code]...

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved