Cisco WAN :: 3560 / Multiple ISP Termination?
Nov 9, 2011
Our HQ Location dont support high bandwidth pipe served by ISP, so will go ahead with 3 different ISP at 2MB each.Goal is to provide Email / Application access to Remote office using site to site VPN.In Total will have 10 to 15 Branch offices each with around 25 to 35 users
Each ISP will give
/29 subnet of public IPCopper Interface for WANdefault Gateway and Two DNS server IP will be provide Existing hardware we got are Cisco 2821 Router with 2 FastEthernet ports ( not in use )24 port switch 2900 series ( not in use ) Can we use the above hardware to terminate all 3 ISP link and use the Router for site to site VPN.
Our Lan Core is Cisco 3560 which is uplink to 3X2950 user switch?how should we terminate the link and use each ISP for VPN.
View 3 Replies
ADVERTISEMENT
Jul 18, 2011
Is it possible to configure multiple ISPs in 3560? and These ISPs traffic should be forward different vlans & different ports. i need configure port wise DHCP also and using different ip addresses please, which device supports this application
View 2 Replies
View Related
Apr 21, 2012
I am a fairly basic configs that I just can’t figure out what I am doing wrong. I have what I would consider a fairly basic config that I just can’t seem to get to work and I am sure it is something I am just not doing or grasping. Basically I have two 3560 switches that I would like to connect together with four 1Gb ports and trunk four vlans across said port-channel, I created the port-channel and set it to switchport trunk encapsulation dot1q I then set all four ports to channel-group # mode on. With that setup I can’t ping from switch to switch on the nonnative vlan.
View 6 Replies
View Related
Sep 16, 2012
I have an ASA which is managing internet access from mutiple VLANs configured on a 3560 switch. I want to be able to limit the 100MB internet connection on the ASA on a per subnet (VLAN) basis for the multiple subnets configured on the switch..
so for example
VLAN10 - 10.0.10.0 - limit to 5MB
VLAN20 - 10.0.20.0 - limit to 10MB
VLAN30 - 10.0.30.0 - limit to 3MB
View 7 Replies
View Related
Sep 21, 2012
We have 7 3560's in 7 different locations connected to our providor for wan access. Our provider has given us a copper cable at each point and we have connected it directly to our 3560 switch at each location. Each port is configured the same way at each location. Each switch is running eigrp.All of the switch ports on each switch are configured as a trunk and vlan 299 had the ip address for the eigrp connection: [code] This setup is working as each switch see's all of the other switches as an eigrp neighbor. We have also made sure that the switch at our head office has spanning tree priority for vlan 299.
So the problem is, if there is a change in the topology at one of the locations it usually causes one or more of the other connections to go down for some reason. We just cannot pinpoint what is causing this change. There are no log's or anything other than an eigrp hold time expired message.?
View 9 Replies
View Related
Jul 9, 2012
For some special arrangement, I would like to connect 2 access ports from a 3550 switch to 3560 switch.1 port for vlan 200, another port for vlan 201.Will this introduce bad thing to the switches?
View 4 Replies
View Related
Aug 27, 2007
We have a customer that is relocating thier headquarters. They have a temporary requirement to bridge multiple vlans or a router T3 link to the new location as they cannot change the IP subnets. Setup is 3560 switch connecting to a 3845 then T3 to remote 3845 and 3560. I need to bridge multiple VLANs. I have seen a good example on how to do it over sonet but I don't see how to translate that to an HDLC or Frame Relay encapsulation for the T3 Link.
View 5 Replies
View Related
Oct 25, 2012
I'm new to networking and was looking for some assistance. First off im using packet tracer to diagram my senario as I will be receiving my equipment next week to deploy.
Hardware to be used:
1. 2 catalyst 3560 switches
2. all connect to a sonic wall router
I have two companies that work in the same office space. I need to keep these companies seperate on their own vlan. They will however need to share the phone system.(Packet tracer file uploaded to give those who have the time to see what I put together.) [code]
View 13 Replies
View Related
Apr 18, 2012
I have cisco router model 1921 , how can i terminate my existing pppoe connection to 1921, so that my other LAN users can use internet.
1- One cable (RJ45) which is comming from ONT has connected with Integrated WAN Port on router.
2- One cable (RJ45) which going to my LAN switch has connected with Integrated LAN Port on router.
Now i need to configure my router, so that i can give internet access to my LAN users. I red cisco's guides but not clear regarding configurations, because in guides they use modules to configure pppoe. But i am not using any module, i am simply connecting one cable for WAN and one for LAN.
View 1 Replies
View Related
Nov 13, 2012
we configued An ACE 4710 with SSL termination on Oracle Aplication Server 10g (10.1.2.0.2) ,so that SSL termination is done on the ACE and HTTP reaches the Oracle Aplication Server 10g (10.1.2.0.2) then we configure the ACE to enabled client authentication with Pkcs#11 smart card token certificate and this don succfully my problem need do this client certificate authentication for only the [URL] not for all SSL proxy service how can do that.
View 3 Replies
View Related
Jun 17, 2011
I read in the Cisco IOS ASA documentation (8.x) that some group-policy attribues are only available for soft-VPN clients while some are available for both soft-VPN clients and L2L VPN clients. Cisco didn't clearly specify which attributes were available for which clients.
To aid me in troubleshooting my L2L VPN setup could someone indicate if the order of events (listed below) is correct for ASA 5520 with IOS 8.x and if the attributes selected are available for L2L VPN clients?Also, are there "show" commands to reveal more details about tunnel-groups, group-policy, etc. when used with VPNs?
View 1 Replies
View Related
Feb 21, 2011
We are going to purchase a Device , thte sites and also VPN server for remote access ( EzVPN), Should we use ASA or should we use Cisco 1800 series router with security software. The main purpose of this device is to terminate all VPN connections ( Site-to-site) and remote access.
View 1 Replies
View Related
Sep 17, 2008
We are evaluating the one-arm design for the ACE 4700 and need some clarifications:
1. Are there any limitations in the one-arm design and the SSL offloading
2. Can the ACE be configured with an IN and an OUT vlan to the router
CLIENT -> Router -> ACE IN -> ACE OUT -> Router -> Server Vlan
so that the SSL and the clear text traffic is in a separate Vlan?
3. In some sample configuration i saw SNAT configuration on the ACE to modify the client IP. This i assume is for instructing the return traffic from the server to go through ACE? Using SNAT we eliminate the requirement for NAT or PBR on the router? Will i still be able to insert the client IP address after the SSL offload?
View 4 Replies
View Related
May 7, 2012
I am terminating GRE vrf-lite on my 7600 and using loopback as source for each client.I found one problem where 7600 seems to be not forwarding traffic until I delete create the tunnel interface.Worked fine for a week. Then stopped again. I had to delete,create again tunnel interface.
View 6 Replies
View Related
Apr 17, 2011
I am setting up a new ASA 5510 on our inside network so that we can terminate our VPN connections on this ASA. I can get the VPN to work fine however I noticed that once I turned on my VPN profiles now when I try to access the ASDM I'm getting the VPN logon page. So I decided that in order to resolve this I need a separate interface dedicated to management of my ASA.
I'm trying to come up with the best way to do this. I've got two ports on the ASA plugged into my core switch. One is on a separate VLAN from the rest of my network traffic. This is the port I want to use for management. The second will be used to route all of my VPN traffic.
So far I haven't been able to get this to work at all. My thought was that it had to do with routes, NAT and ACLs. I've been playing with them but can't get any combination to work.
View 2 Replies
View Related
Sep 10, 2012
Cisco SRP527W-U.
We would like to configure it in the following way, 1) we have an ethernet termination for the WAN 2) we have 2 different vlans going to 2 different switches.
Can we have the default gateway for 2 LAN subnets and a default route via a /30 for our WAN. Can we use the 4 switchports for this?
switchport 1 VLAN 2 (Switch 1 LAN)
switchport 2 VLAN 3 (Switch 2 LAN)
switchport 3 VLAN 4 (Link to Data centre switch with /30)
View 2 Replies
View Related
Nov 2, 2011
We have an ASA 5510 with ~100 vpn lan2lan. Now we need to migrate to a new ISP, so we have connected a new asa interface to the internet. Default gw is still on old connection. We are trying to migrate vpn lan2lan using static routes, pointing ip of remote vpn gateway to new isp gateway. VPNs going up, but when they try to send traffic, I can see Rx counter growing up, but Tx remains 0.. I've tried with different vpn (old and completely new), and problem remains.
View 1 Replies
View Related
Oct 23, 2012
Im trying to configure an ACE 4700 so that SSL termination is done on the ACE and HTTP reaches the weblogic server instance. I have a working setup of a Apache reverse proxy doing SSL offloading and using a weblogic module and that works fine Was reading [URL]. Any working config example for doing this with the ACE4700
View 2 Replies
View Related
Jan 2, 2012
I am doing an small project, I have to connect 4 cisco switches SF 302-08 (1 GBIC each one) to a core switch SGE 2000 (4 GBICs). Because of cable length I have go connect all 5 switches with fiber. The fiber termination is multimode LC duplex. My confusion is on the mini GBICs. There is compatibilities issues i been reading. [code]
View 3 Replies
View Related
Feb 11, 2007
The "Wireless Network Monitor" for my Linksys Dual-Band Wireless A+G Notebook Adapter Model No WPC55AG has been unable to run after I last updated my Windows XP machine using Windows Update. The problem presents itself immediately upon login (because the monitor is set to run on startup) with an error window that says "Abnormal program termination" and "WPC55AGV2.exe" in the title bar. I suspect the problem occurred because one of the new updates included an upgrade to the Microsoft .NET Framework Services 3.0.
View 6 Replies
View Related
Oct 21, 2012
how i can configure a second ssid for guest access in our environment. this is our network setup prior to this request: Internet----Firewall (not ASA)---ce520---C1131AG and CME router is also connecting to the ce520 switch. we only have two vlans: one for voice and two for data.
Presently, there is no vlan configured on the AP because it on broadcasting ont ssid and wireless users gets IP from a windows DHCP server on the LAN. the configuration on the ce520 switch port for the AP and other switches say access vlan is the DATA vlan which automatically becomes the native vlan for all trunk port connecting the AP and other Stiches to the network.
Now with this new requirement, i have made my research and i have configured the AP to broadcast both the production and the guest Vlans. The two vlans are 20-DATA and 60-Guest. I made the DATA vlan on the AP the native vlan since the poe switch is using the DATA vlan as native on the trunk ports. I configured the firewall to serve as DHCP server for the guest ssid and i have added the ip helper-address on the guest vlan interface on all switches while the windows server remains the dhcp server for the production DATA Vlan. I have confirmed that the AP, switches can ping the default gateway of the guest dhcp server which is another interface on the firewall. I can now see and connect to all broadcasted ssids but the problem is I am not getting IP addresses from both the production dhcp server and guest dhcp server when i connected to the ssid one at a time. My AP config is attached below.
Do i need to redesign the whole network to have a native vlan other nthan the data vlan? Does the access point need to be aware of the voice vlan? Do the native Vlan on the AP need to be in Bridge-group 1 or can i leave it in bridge-group 20?
View 1 Replies
View Related
Sep 18, 2012
My question is if I can configure 3 ssid, for 3 different VLAN and add the DHCP address from a WAP4410N AP, when you upgrade to the latest version of IOS I can have this functionality?
View 2 Replies
View Related
Mar 9, 2010
Is it possible to have multiple dhcp pools for multiple VLANs? The switch is a 6509 and/or 4506 catalyst. I don't want to use server-based products.
View 5 Replies
View Related
May 13, 2013
I am trying to build a new network from scratch, I have the WLC 5508 w/ Aironet 3600e APs connected to my Netgear Smart Switches and a Linksys RV082 router that I'm using as my DHCP server with several VLANs for several stuff on my Switches.
I have 2 questions:
1. Can I have 5 Interfaces configured on 5 different VLANs, each SSID on each a different Port:
Port 1: Controller management only=> 192.168.x.x /24
Port 2: SSID 1: WiFi Internal=> 172.16.x.x/12 (Radius Auth with no sharing)
Port 3: SSID 2: WiFi Internal w/ sharing=> 192.168.x.x/24 (Radius Auth with sharing)
Port 4 :SSID 3: WiFi Guest=> 10.0.x.x/8 (Web Auth)
Port 5: SSID 4: WiFi IT=> 192.168.x.x/24 ( Radius or certificate Auth with access to the controller management interface)
2. How can I use the Controller as the DHCP server for all the WiFi traffic, and how should that be configured to work with my other DHCP server?
View 3 Replies
View Related
May 28, 2013
i`m facing a problem configuring the mentioned access point to act as stand alone access point with multiple SSID assigned to differnet VLANs the problem is that
1) i`m not able to broadcast the both SSIDs in the same time from the Access point
2) i need to make the radius server to manage the SSID access for the wireless clients (trying to find a way in which the aceess point sends a log for the radius server containing the VLAN id /IP address of the the SSID) you may find the below info about the IOS ver. & the configuration?
i`m running IOS /c1100-k9w7-mx.123-8.JEE/c1100-k9w7-mx.123-8.JEE?
View 2 Replies
View Related
Aug 26, 2012
Is it possible to assign a single ssid to multiple interface groups by assigning the ssid to multiple AP groups?
I have buildings geographically dispersed that are configured with multiple vlans in interface groups so that I can maintain an addressing scheme of dhcp assigned addresses per building. Each building is also further grouped as AP groups. I'd like to know if by assigning the same wlan ssid to each of the AP groups, will I maintain addressing integrity for each building? I'm thinking it will work.
Do the buildings have to be outside AP range of each other to avoid problems?
5508 controller
7.2.110.0 code
6 buildings
6 interface groups
1 ssid
View 4 Replies
View Related
Jun 19, 2011
We have a 3560 on our head office acting as an aggregare switch as well as Hub terminating remote wan links(one trunk link from provider terminated on FE port with several SVIs for remote location) and routing via OSPF. We have 1800 series at remote locations.
Now, If I want to prioritize say SQL traffic outbound from our head office to each remote brach I cant seem to do it with 3560 as it says... cannot apply service policy out blah blah.
How can I achieve my goal with 3560, Is it a good design to use 3560 as a Hub? our port utilization isnt that much..Wouldnt it be better to use 1800 or 2800 series?
View 5 Replies
View Related
Jun 26, 2011
We have cisco 3560G switch I need to configure QOS in this switch. video & vice Is it possible to configure port wise policy ?
View 1 Replies
View Related
Jul 8, 2011
I have a cisco cat 3560 and the present IOS is 12.2(46)SE and i want to upgrade the IOS to 12.2(58)se1.As there is only 8mb of frees space i cant straightly copy the new IOS on the switch. Any convenient way to Upgrade IOS.
View 2 Replies
View Related
Jun 6, 2012
We have a problem with our WS-C3560V2-24TS running IOS c3560-ipservicesk9-mz.122-53.SE2.bin. The equipment keep dropping packets for no apperent reason.
This is what we are seeing:
LAN-port
Router0#sh interfaces fastEthernet 0/2 | include drops:
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 20595
WAN-port
[Code]....
We are shaping the gig uplink to 100Mbps, the equipment is dropping pakets randomly and not because the shaper kicks in and starts to drop pakets.
View 1 Replies
View Related
Jan 25, 2012
I am trying to see how can configure MQC in Etherchannel. I know that i need to do this in the memeber physical interfaces of the etherchannel.The etherchannel is a trunk port allowing few VLANs. SVIs are created in the switch for this VLANs as well. tell me where i need to apply the QOS ? Is it under the member physical interfaces ?.
What will happen if QOS applied under the SVIs?
View 5 Replies
View Related
Nov 6, 2011
I connected the AP [1140 - Version 12.4(21a)JA1, RELEASE SOFTWARE (fc1)] to the switch (3560) and the switch with the WLC (5500 series), but I get the below error:
*Nov 7 09:07:59.916: %DTLS-5-SEND_ALERT: Send WARNING : Close notify Alert to 192.168.10.22:5246
*Nov 7 09:07:59.954: %CAPWAP-5-CHANGED: CAPWAP changed state to
[Code]....
The access point cannot join the controller. Is this a misconfiguration at the WLC or something else?
View 3 Replies
View Related
Apr 1, 2012
my current network setup is like this.. a cisco 3560 is connected on an access port to an adjacent dlink stack. i want to enable trunking between the cisco and the dlink. what i know is that dlink doesnot support per vlan STP while dlink only run single instance of the STP.. how can i make the trunking possible without messing with the network.
the idea that i have is to run MSTP instance on the 3560 so that it appears as a single STP to the dlink switch and then all good. is there any other way to do that. if i just make both the adjacent ports on both the switches as trunk and connect them, will it cause any problem in terms of STP issues or convergence ?
View 1 Replies
View Related