Cisco :: VLAN Implementation To Live And Running Network?
Mar 27, 2012
Just wanted to get a few answers in regards to VLAN implementation (thinking about doing this for a large network)...VLAN's always sound good on paper, but how hard/easy are they to implement to a live and running network?
1.) Have successfully implemented VLAN's into a production environment (e.g. placed servers, production, printers, etc. on separate VLAN's)?
2.) How much of a pain is it to do this? If you are on a 192.168.1.x subnet, do you have to re-IP all of your printers, switches, etc. This sounds like a lot of work – especially since re-IP’ing domain controllers is a royal pain.
3.) Have you seen much of a performance increase when implementing VLAN’s (i.e. chatty protocols and broadcasts?)
View 6 Replies
ADVERTISEMENT
Sep 17, 2011
I'm planning to separate voice and data traffic with two vlans. I have a COR switch catalyst 3750, a UC560 for VOIP with SIP trunk and SGE2000P as access switches. The thing is i had configured VLAN1 (data vlan) and VLAN8 (voice vlan), i've created the vlan 8 in the database on 3750 and let pass those vlans through a TRUNK port. In the SGE2000P configuration i've created the VLAN8 and the the ports as trunk for letting pass the two vlans for the PC and the IP phone. This works but some phones aren't registering, and for example i've unplugged a register phone and plug and doesn't registering anymore.
View 0 Replies
View Related
May 2, 2012
Can we put a module on a 4507R switch running on a live production? The module will come from a 4506 switch.
View 8 Replies
View Related
Jul 1, 2012
our company backbone is hp 5406, and desktop switches are hp 2510 currently we are working with ipv4.if we want to start use IPV6 for test environment, what’s things we need to enable in our backbone/regular switches.i mean for example if we want to set static IPV6 address for 2 servers and send ping between them, or even make new vlan with IVP6 subnet, and use it like regular vlan but with static ip's(until we got ipv6 dhcp).i have hp 5406 manual for IPV6 but i can't understand what i really need to do for start using IPV6.
View 5 Replies
View Related
Apr 26, 2011
Topologies in real time implementation compare and contrast each other?
View 3 Replies
View Related
Jun 22, 2012
I have on 3750X stack with a few vlan
--------------------------------------------------
vvlansw06# sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/6, Gi1/0/10, Gi2/0/5
Gi2/0/6, Gi2/0/37
10 LAN_10 active Gi1/0/16, Gi1/0/17, Gi1/0/19
[code]....
where are the others vlan?
View 3 Replies
View Related
Sep 29, 2011
I have a custom built media server with 2 dual digital tv tuners in.I can record TV and stream it to computers on the network fine, but is there anyway I can stream a Live TV stream to multiple PC's? I have heard of it being done, but can't remember where I read it.
View 1 Replies
View Related
Jan 14, 2013
I'm working at a company that has several 6509 switches running CatOS. They have two of the 6509's running in vtp server mode and the rest as clients. I set up a new vlan from one of the vtp servers and it propagated out. The problem comes when I try to assign a port on one of the vtp clients to this new vlan. It gives me an error that the switch must be in vtp server mode to add/delete vlans. I'm not trying to add/or delete a vlan just trying to add a port into an existing vlan. I'm hesitant to put the switch in vtp server mode. Is this a CatOS thing or is there a specific command to accomplish this?
View 5 Replies
View Related
Jan 17, 2011
I have internet connections and i use Firefox now instead of Internet Explorer but whenever i want to sign in the Windows Live Messenger or Yahoo, it won't let me because it says the network is not connected. I used to be able to, even when i have Firefox. I check to see if the network is connected and it always is.
View 7 Replies
View Related
Nov 29, 2007
I have a xbox 360 that I want to connect to xbox live with, using my home network. Every time I try to connect to xbox live the only part that fails is the connecting to xbox live part. This is how my network is set up. I have Cox Cable as my ISP, a Linksys WCG200 gateway(v2), and WRT54GS(v7). The cable wire is connected to the WCG200 gateway, then an Ethernet cable connects the gateway to the WRT54GS router, and finally an Ethernet cable connects the router to my xbox 360. I have contacted Cox, Linksys, and Microsoft about the situation and they all say the problem is the version of the router. Someone told me that I may just need to change the firmware, but I don't know how to do that.
View 9 Replies
View Related
Mar 9, 2011
I have a problem in understanding how LLQ is implemented in different platforms of Cisco.QoS should kick in only when there is a congestion in the link irrespective of queueing / scheduling (LLQ and CBWFQ).But in certain platforms like GSR and IOS-XR, LLQ is confiugred only with priority and police command not with "prioirity percent <value>" command. In priority and police command since policer is used, LLQ is always on even there is no period of congestion. Of course with police you can re-mark the exceed traffic to different marking but thats not the requirement in my case.
In platforms like 7206, LLQ is configured with "prioirty percent <value>" which works ideally only when there is a period of congestion. When there is no congestion, LLQ class can use scanvenge other classes as well.Would like to know is there any specific reason why there is a difference in the implentation of LLQ between different platforms of Cisco.
View 1 Replies
View Related
Dec 6, 2012
Just a few questions. We are looking to deploying Cisco ASA 5545 into a network. I have a couple of issues with designing the network correctly.
We need to be able to scale out to more hosts than a single VLAN, we would also be considering adding 4948E switch behind the ASA and potentially a stack in front.
The problems are:
1) If we have an outside stack of public 4948E (so we can connect some hosts outside the firewall, such as additional ASA's running in NAT mode) for VPN. Is this a reliable, recommended configuration? The reason being we need to have the ability to add other seperate ASA protected networks that we don't want going through the 5545 as it's going to quickly run it out of capacity. If I have the L3 switch stack in front I'm guessing we would have a small subnet to link upstream and then sub-subnetwork into two blocks, one on the inside interface and one on the L3 switch for the other hosts? Or would it be better to let the upstream provider do this, and then just get them to provide us with two smaller subnets rather than one big one? As below if we do L3 stack ourselves we would need to small subnets, one to communicate with upstream and one to link ASA subnets. This seems like a waste of IP's. I was wondering if I could use Internal IP space on the L3 > ASA link, but I thought that could be an issue for BOGONS list.
2) If I want to extend the inside network (Cisco ASA would not run NAT, just public IP's on the inside, routed to the outside interface of the ASA) there are two ways. Use the ASA to create subinterfaces/VLANs (but that would be routed via the ASA - may be a performance hit?) or use a L3 switch behind the ASA. How does one accomplish running L3 switch behind ASA properly?
View 5 Replies
View Related
Apr 4, 2011
I would like to have implementation of two ASA 5520 (in failover). Architecture Context
-The ASA are used as VPN concentrator only.In a first time ASA will be in charge to take in charge VPN IPSec Host-to-LAN connexion (with the IPSec VPN client) and I think VPN SSL anyconnect client will be setup in a near futur.
-We must define two categories of users (student and researcher), for each one we want define :
+ An IP address pool
+ ACL
+ Split Tunneling (only LAN traffic will go in the VPN tunnel)
-The ASA will perform authentification via RADIUS server (the radius server is linked with a LDAP server)
+ In the RADIUS server we want define the category of user (each one user is a student or a researcher)
-The VPN clients use the internal DNS to request LAN ressources.
-A timeout of the VPN if no traffic during 60 minutes
-The VPN user perform authentification with PSK (no certificate)
the RADIUS server software is IETF compatible (url...)The architecture is the following :
-One internet connexion
-A corporate firewall with 3 DMZ :
+ 1 DMZ Public ; which is connected the ASA "outside" interface (encrypted traffic)
+ 1 DMZ Private ; which is connected the ASA "inside" interface (uncrypted traffic)
+ 1 DMZ LAN ; there is some VLANs routed by 6500 routers.
-On the LAN there is the radius servers
-On the corporate firewall :
+The https and ipsec will be opened between the internet and the ASA
+The RADIUS traffic between ASA and the radius servers and the traffic between the pool VPN users and the LAN.
-What is the best solution to configure the ASA?
View 1 Replies
View Related
Dec 18, 2012
I need implementation of the AirCap 3602i wireless access points. Is there a way to manually configure a AirCap 3602i to function without a WAN controller?, I have an older 4402 WAN controller that will upgrade to 7.0.235 firmware, since the AIrCap 3602i requires 7.2.X firmware, is there a workaround for this.
View 23 Replies
View Related
Jun 2, 2011
How does the implementation of encryption wep wpa etc in hardware cisco wap4410N ?
View 1 Replies
View Related
Jun 5, 2011
I have a network with four 6509s in a ring with 10Gb links. Two adjacent switches are at the home office, the other two at the DR site. The switches at each location are physically similar to each other with respect to what blades are in them. We went through an upgrade from SUP-720's to VS-SUP-720's recently, only at the DR site - basically a practice, with the home office conversion hopefully taking place next weekend.
We initially just brought up the two chassis separately, in non-VSS formation (stand-alone). So far, so good - everything was connected, all traffic was passiing, all links were up, everything was reachable: EVERYTHING worked. Then we made the conversion: step-by-step from the cisco.com page; create a virtual domain, make one switch switch 1, the other switch 2, create differently numbered port-channels on each 6509, add the SUP 10Gb links to the port-channel, do the conversion.
Here's where the trouble started. First of all, the two 10Gb links back to home office created a spanning-tree loop and we had to shut down one of the links. (Is there something that needs to be configured on those links to turn spanning tree on? Does VSS conversion turn stp off?) Secondly, though it worked while in stand-alone mode, the copper blade in the standby 6509 stopped passing traffic - it would take config, the links would come up, but you could not ping across those links. Interestingly enough, there was an access switch with links to each of the copper blades, and having them both up also caused a spanning-tree loop. adding a new port-channel and putting both links in it did nothing to alleviate the loop. This leads me to believe that stp is not working properly. I reiterate, that even though the loop occurred, nothing else plugged into that blade was pingable.
View 3 Replies
View Related
Jun 11, 2013
I have 30 switched in my corporate network it’s all up and running all switches running by default configuration and connected to WS-C4506 core switch our dhcp server pooling 192.168.100.1/27 network. Now we need to configure new Vlan for finance department this department has more than 200 users. If my server distributes 192.168.200.0 range ip can vlan2 automatically assign ip 200.0 addresses to finance department.All switches running default config no ip address assigned.
View 9 Replies
View Related
May 7, 2013
I need to replace an existing ASA 5540 with a new ASA 5525X. I would like to pre-stage and configure the new box with the existing config, migrate license and export certificate files before swapping it with the old one during a change window. The new firewall will run 9.1 on deployment. Now the same 7.2(4) cannot just be copied over to 5525X running the minimum 8.6 version. There is a Web based tool available at [URL] according to Cisco documentation but the page does not load for me (Cisco intranet only tool ?). Is there another tool for automatic conversion ?
View 3 Replies
View Related
Apr 17, 2012
Unfortunately I didn't discover any configuration switches concerning an IPv6 firewall! So the important question is: Is there any firewall implemented at all? And if so, does it confirm to RFC6092.
View 14 Replies
View Related
Sep 16, 2012
Nowadays my Company works with autonomous APs (AP1142 most of them.We have a WLC 5008 and I am working on the implementation project... So far so good.BUT, I have just realized that the Company didnt buy a second WLC (this project started 1 year ago and I wasnt an employee here yet...).If I transform all autonomous APs we have (around 25, locally and some of them remotes)... And then If I have a HW problem with our single WLC... those APs will continue working ?
View 4 Replies
View Related
Nov 11, 2012
I'm looking to try and implement ipv6 HSRP on a series of IOS-XR Routers running 4.2.1 following on from successfully setting up IPv6 HSRP on a few cat6509s on VLAN Interfaces in other parts of the network. I have entered the "router hsrp" configuration menu and gone into the interface in question that I'm looking to setup with IPv6 HSRP. Unfortunately, there version 2 or address-family ipv6 commands are not available.
View 2 Replies
View Related
May 23, 2013
We are going to be expanding our Shoretel phone system in our HQ and I need to get QoS configured correctly. All of our offices are connected via MPLS and I need to make sure that we are sending QoS tagged traffic to our provider. The phones are tagged by the director, but there is other traffic for call control that needs to be tagged. I don't have access to our CPE router as it is managed by Sprint. The Sprint router is connected to our internal network. We have our data network running on (4) 3750x switches running 12.2(55) with IP feature set.
The problem is that many of these commands don't work on the 3750 (priority, bandwidth, match protocol, etc...) and the configuration assumes you are applying this to an outbound queue which is not supported on the 3750. I think I have to do this with policing, but I'm not sure what interfaces need to have this applied.
View 3 Replies
View Related
Jan 5, 2012
I am planning an implementation of VSS on our two 6509 switches, and would like some feedback on things to look out for, and any issues encountered by others that have done this already.
We have the 10Gig port installed on the Management blades, but not configured yet.
Main questions would be:
1: What kind of "down time" am I looking at for the migration? (Reboots, configuration reloads, etc.)
2: I will be saving the configurations on both devices before-hand, but how does the VSS migration "merge" the configurations of both devices?
3: L2 VLANS - we have some on one switch, others on the second switch. Will these be combined, or would this be a manual process?
Any other things of note that I should know about before planning this migration?
View 3 Replies
View Related
Dec 3, 2012
We are implementing a WLC infrastructure in our company following the below scenario:
- WLC 5508, OS 7.2
- APs AIR-LAP1142N-T-K9
- 3 Wlans (1Open w/ Web Auth, 1 WPA2 and 1 802.1x)
Issues:Everything seems to be fine, but some users loses connectivity (when connected to 802.1x network) at least 3 times by day.
- I cannot see anything at WLC logs concerning the association/deassociation of any of these users.
- Only strange line in the logs is "RADIUS server 172.21.44.50:1646 deactivated in global list" (authorization server config)
- Also I see some "Coverage hole pre alarm for client" but that doesn't look like a problem...
View 6 Replies
View Related
Sep 4, 2012
I'm in the process to install two 4948E switches. I will be configuring GLBP and wanted to get some guidelines on configuring GLBP and EIGRP:
- First question is like HSRP I'm configuring it on both swithches like this:
Switch 1:
interface vlan 5
ip address 10.1.5.249 255.255.255.0
glbp 5 ip 10.1.5.1
glbp 5 priority 110
glbp 5 preempt
glbp 5 authentication md5 key-string xxxxxx
[code]....
- Second question is about EIGRP, when I configure EIGRP on the main switch that is AVG with the following commands, will I also have to run the same commands on the second 4948 E too?
router eigrp 10
network 10.1.5.0 255.255.255.0
View 2 Replies
View Related
Apr 17, 2012
I need to implement LACP HP servers mostly DL 380 g7 with Intel based dual port with two types of Cisco equipment first scenario server connected to 3750x stack of 4 switch's .second scenario same server type connected to two Cisco Nexsus 5596 . My question regarding two type of connection.Is it possible to do active active ?Would it give fault tolerance ?With HP LACP implementation is there known issue or should i expect latency with such configuration?What is the maximal lag- channel group that is possible per type?
View 1 Replies
View Related
Jun 8, 2011
I m planning to implement VSS in core but want some inputs on IOS as i have FWSM as a service module Core :- Ii am running 12.2(33)SXH2a on my Core 6509 and i checkd cisco sites and Fwsm release notes but it states only I-Train of IOS while mine is H-Train so can I directly upgrade to I-Train or I was thinking of SXH8b IOS.
View 2 Replies
View Related
May 16, 2013
I currently have ipV4 as the setting on my DIR-825. Other posts seem to want ipV6 which is more secure but is not possible with a DIR-825 Rev A1. I have two routers, a primary router (DIR-825 Rev B1) capable of ipV6 and a secondary router (DIR-825 Rev A1). If I implement ipV6 on the Rev B1 router but keep ipV4 on the secondary router, will this improve the security, or will it just mess things up so nothing works?Certain devices (cell phones and most Tablets) don't deal with ipV6 very well at all. The ones I have tested flat don't connect to the wireless network if the router is set at ipV6. Is ipV4 adequate for a Home/Small Business Network when trying to implement Remote Access and VPN?
View 2 Replies
View Related
Mar 29, 2012
I'm using a wireless router which will not browse unless i disable LAN. How can I have the LAN connected and Wi-fi router connected at the same time?
View 3 Replies
View Related
Jun 11, 2012
One of my customer has raised a new requirement for implementation of short sequence number format support in PPP multilink header for Cisco MWR 2941 E1/T1 serial interface, whereas router is supporting long sequence number format.here is the output of "debug ppp negotiation" command:-Currently in the MWR debugging logs we can see that by default MWR is sending long sequence header format as below
*Mar 13 01:32:55.438: Se0/2:0 LCP: O CONFREQ [REQsent] id 238 len 25
*Mar 13 01:32:55.438: Se0/2:0 LCP: MagicNumber 0x26CDF693 (0x050626CDF693)
*Mar 13 01:32:55.438: Se0/2:0 LCP: MRRU 1500 (0x110405DC)
*Mar 13 01:32:55.438: Se0/2:0 LCP: EndpointDisc 2 16.16.16.11 (0x1307021010100B)
*Mar 13 01:32:55.438: Se0/2:0 LCP: MultilinkHdrFmt seq long classes 2 (0x1B040202)
While as per the requirement PPP multilink header should support short sequence.
MWR configuration:
controller E1 0/2
framing NO-CRC4
clock source line
channel-group 0 timeslots 1-31
[code]....
View 0 Replies
View Related
Oct 29, 2012
I administer a network with about 20 users on an average day.They've been experiencing slow network performance, and some occasional dropouts which cause applications that rely on the network connection to crash.
View 5 Replies
View Related
Sep 5, 2011
I have installed anti virus but it can't run. Is there any administrator rights.
View 1 Replies
View Related
Nov 18, 2012
I have windows 7.
View 2 Replies
View Related
