Cisco WAN :: 3750 / WCCP Error IOS Version 12.2(46)SE?
Jul 19, 2011
When the following was issued:
ip wccp 0 redirect-list wccp_acl group-list 10 password 0 ourpassword
Received this error:
MDT: %COMMON_FIB-3-FIBIDBINCONS2: An internal software error occurred. WCCP:0 linked to wrong idb Loopback0 (xyz node name)
When the following was issued 10 minutes later:
ip wccp 70 redirect-list wccp_acl group-list 10 password 0 ourpassword
No error msg (but now wccp was active)WCCP appears to be working but we are ** having problems connecting ** with our websense (7.6) box via GRE.Websense is connected to the 6509 which is connected this 3750 switch.
I have a web cache server, and I redirect all the HTTP request to it using WCCP.
Everything works without a problem, however I have a monitoring system that every minute tests the access to some customer sites that are hosted inside our infra-strutcture.
As soon as I configured the WCCP the monitoring system complains of timeouts accessing those sites, about 20% of the requests start to fail (timeout).
I don't think it is the fault of the cache because in the WCCP ACL I exclude all traffic that comes from my monitoring system. However as soon as I turn of WCCP the monitoring system never ever gives timeouts accessing those sites.
Is there anything I should do in WCCP to tweak it? I have WCCP configured in my core gateway that is a CISCO 3750.
I'm setting up a web cache using the wccp protocol on a Catalyst 3750 stack.
Probably missing something real simple here but when I from the global configuration mode are trying to enter the ip wccp command it just says "invalid input" from wccp. There is no such command.. should be supported on my device from IOS 12.2(37)
Today, my customer have 1 project that have to deploy Cisco 3750 to redirect wccpv2 to Websense Security Gateway.However, i can't excute "ip wccp redirect out" on Cisco Catalyst 3750.
I would like to apply a policy-based route on one of our L3 switches (Cisco 3750) to change the next-hop of a couple of servers only. The VLAN where those servers reside got WCCP enabled on it. When I want to apply the route-policy to that VLAN interface it doesn't let me. When I try to apply the same policy to a VLAN interface without WCCP it does work. Is there any Cisco IOS limitations that would prevent me from doing that?
%ASA-3-305005: No translation group found for tcp src inside:211.155.169.186/1433 dst outside:42.121.87.89/6000, I found this error ,but the IP 211.155.169.186 is public address. I check the configuration but didn't find any information about this address.I don't understand why src is inside? How can I solve this error?
I have 4 switches of 3750. I need toupgrade all the switches, but I can't to disconnect the stack cable.How I can to upgrade the version without to disconnect the stack cable?
Now I'm have IOS ver. 12.2(55)SE but from time to time I'm experiencing strange system freezing. It means that all systems connected to the stack are working very, very slow. It hapens ones, sometimes twice a month and takes 5 minutes. I didn't find anything strange in logs (neither on switch nor router). I would like to install other IOS version. Could you recomend me the most stable version for this stack (built from these different models) ?And the secound question: - Is it possible to copy SE1 manualy to every switch and reload one by one manualy. Will they join the stack and work fine after reload or maybe there will be a IOS mismatch ?
I'm able to upgrade the master of a 3750 stack, but the member fails to upgrade. [code] I couldn't do rmdir flash:update unless I reload chassis... but even after reloading still cannot make the 2nd member to load with the newer IOS.
a Customer ask me to configure a etherchannel between two Switches C3500 XL Version IOS 12.0 follow the first configuration what I done and the output error show me by switch:
I am confused about some things regarding the different IOS versions and their compatibility with certain switch hardware. I understand the differences between the IPBASE and IPSERVICES ios but am not quite clear as to how you can tell which ios images will work on which Cisco switch model platforms, other than the fact that some switches are designed only to run the IPBASE images and others have advanced hardware to run the advanced images. For instance, if I have a 3750-24TS-E with an IPBASE ios on it, can I load an IPSERVICES ios that came from say a 3750G-24TS-E1U? whether the ios on one platform can be transferred to another?
We have bought four identical 3750X switches with identical SW-images: 12.2(55)SE3 C3750E-UNIVERSALK9-M
We initially connected two switches, this resulted in forming a stack.With the other two switches we wanted to do the same thing. However, we received the following message:
%STACKMGR-5-MAJOR_VERSION_MISMATCH: Major Version Mismatch (Local 1 - Received 6) with neighbor-1
Both switches will not see each other and the output of show switch stack-ports shows only one switch and both stack ports as being Down.
I did some digging using the show platform stack-manager all command to find out that three of the 3750X's have the stack version number 1.45 and one has 6.45. This would obviously indicate the reason behind the mismatch, but the SW-versions on all new switches are identical!
Checking the CISCO site explains that mismatching of Major version is critical:
Major Version Number Incompatibility Among Switches
Switches with different major Cisco IOS software versions usually have different stack protocol versions. Switches with different major version numbers are incompatible and cannot exist in the same switch stack.
That's all I could find. Nothing about changing the major version number, so all I can suspect is that IOS version needs to be the same.
McAffee scan of acs 1113 appliance running the 4.2 build 124 patch 12 version reports that a medium vulnerability exists because the system has SSH version 1. Any way to specify only version 2 or turn off SSH?
I have cisco switch model WS-C3750G-12S-D. It is in transparent mode. I am getting below error message when tried to create new vlan.
Proposed configuration exceeds the limit of 1005 VLANs that can be supported on this platform. Reduce the number of VLANs proposed to be within this limit.
After deleting few unnecessary vlans, it allowed me to create.
3750#sh vtp statusVTP Version : running VTP1 (VTP2 capable)Configuration Revision : 0Maximum VLANs supported locally : 1005Number of existing VLANs : 959VTP Operating Mode : TransparentVTP Domain Name : VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xBC 0xA7 0xEC 0xDE 0x36 0x6C 0x61 0xB4 Configuration last modified by 97.193.17.172 at 0-0-00 00:00:00
I confused with terms 'maximum supported vlans' and 'maximum locally supported vlans'. If switch is supporting vlans 1-4094 means it should also allow to create locally. Otherwise how they will pass through the switch trunks without local creation.
I am really stuck in enabling ip routing though a simple task. I have configured 10 v LAN's in stacked 3750 switches have ip base image. I want to enable ip routing for inter V LAN communication but it is giving this error:
%COMMON_FIB-4-ISSUENCODEWRONGLEN: Message IPv6 global features, rev B for slots 2 (0x4) is wrong length (10, should be 7).
We are using Catalyst 3750 with 12.2(44)SE. We have two stack configured, one with IP routing enabled. When we try to run an Acquisition Action on IP routing enabled stack, from Admin> Collection Settings> User Tracking, the system replies with an error "Failed to start acquisition: Device unreachable. Please enter a valid device". Acquisition starts successfully when we try with the other stack. We are going to investigate!
I'm having some problems when upgrading the IOS of my Catalyst 3750 switch through a tftp server. I've been surfing the net and found that there seems to be a problem when the image file is larger than 16M but this is not my case.I erased the flash to be sure that there was enough memory space to upload the image but didnt work.I also tried with archive download-sw /overwrite command and using a ftp server but the problem is the always the same: [code]To make sure it was not a problem of my computer or tftp server, I tried with a different computer and with a different tftp server but the same happen. I also tried with a 3750V2 and still the same. Even when trying to backup the current IOS to my computer, I got "error writing".
Then, I have tried to do the same with a different model of switch, a WS-C3560-48PS and it works perfect.I still need to try using Xmodem but Xmodem takes ages to finalize the process.
Have a small stack of two 3750 routers. Get the following error message every few secounds:
%STACKMGR-4-STACK_LINK_CHANGE: Stack Port 1 Switch 1 has changed to state DOWN %STACKMGR-4-STACK_LINK_CHANGE: Stack Port 1 Switch 1 has changed to state UP
Now I replaced the stacking cables but no joy. It was ok for an hr or so but then the error messages popped up again. Also random links on this stack back to access layer user switches have been going up and down randomly. So I have decided to take the next step and upgrade the IOS.
Although when I try and copy a new IOS I get the following error:
%Error writing flash:/c3750-ipservicesk9-mz.122-55.SE6.bin (No space left on device)
Seems this image is 130MB while the image that is currently on it is 74MB and free space is 54MB. How do I get the image onto the router? If I delete the current image from flash will that cause the router to stop functioning?
Also I noticed there seems to be more than one flash directory. See below:
copy tftp: ? flash1: Copy to flash1: file system flash2: Copy to flash2: file system flash: Copy to flash: file system null: Copy to null: file system nvram: Copy to nvram: file system running-config Update (merge with) current system configuration startup-config Copy to startup configuration system: Copy to system: file system vb: Copy to vb: file system
The current router image seems to be in flash1 and flash 2 also. Could I delete the image from flash1. Upload it there and then boot the router from flash1?
We have a stack setup with 2 C3750x-12s and 5 C3750x-48p switches. We have two of these stacks. One is working and responding with snmp just fine. Our second one is showing the errors in the logThe only difference i see between the two stacks right now are the sw versions.
power supply problem...?Switch cisco WS-C3750-24P is showing "Unavail" from sh env all.Switch3750#sh env all FAN is OK,TEMPERATURE is OK,SW PID,Serial# Status Sys Pwr PoE Pwr Watts,Does it means that power supply 1 was removed? failed?,Do you know about another command to see more details?
We have a number of 3750 stacks used as access layer switches connecting Siemens VOIP phones and then a PC that connects to the phone.
For example if I plug PC A to the phone that connects to port 13 I pick up an IP addressand all works as predicted now if I plug in PC A to any other VOIP phone that connect to another port on the same switch it goes in error disable state ITs like the switch is holding my PC mac address and locks it down with the port which in my case is Gi2/0/13.
I am taking only undersize errors on catalyst 3750 trunk interface (attached some outputs)...the other end is a 4500 switch and the interface is clean..can this be related to any bug ? this is my root port and often leading to trouble sometimes STP BPDUs transportation are affected..
I recently upgraded my network to have two 3750x core, one interface on the Cisco is connecting to a Net gear switch via a fiber converter. I am keep getting the vlan flapping error message in my log as below.
003396: Sep 17 01:46:16.328: %SW_MATM-4-MACFLAP_NOTIF: Host 5c0e.8ba7.0a5c in vlan 2 is flapping between port Gi2/0/15 and port Gi2/0/13 003397: Sep 17 01:46:19.843: %SW_MATM-4-MACFLAP_NOTIF: Host 5c0e.8ba7.0a5c in vlan 2 is flapping between port Gi2/0/15 and port Gi2/0/13 003400: Sep 17 01:49:58.769: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/0/17, changed state to down [Code] .....
After my research i think this is a looping issue but I'm unsure how to address it.
We have ip arp inspection and dhcp snooping enable in couple of 3750 and 3560 switches. Everything works fine, excepted few case that DAI packet rate trigger and errdisable the port. Later on we found out that most of computer that trigger DAI is Windows 7 and especially when they are in sleep mode. Not sure if anyone experiencing it with Windows 7. Also we have it rate limit at 64.
So Im trying to learn a little bit more about WCCP so I thought I'd load up a centos VM and just install squid on it. With the base config running I can setup an explicit proxy by configuring my IE session to use the squid IP on port 3128. Proxy works fine and I see entries in the access log on the centos box. Now, since Im only running squid on the box Im going to change the listening port to 80 so I can transparent proxy with WCCP on my ASA. So I set the WCCP2 config on squid as shown.
