i have a 6509 connected via layer 2 (VLAN1) to a 3750 (e.g. VLAN1 10.1.1.1)then to the HQ via Metroethernet(L3). Is it possible to connect the 6509 to an ASA that already has VPN connectivity to the HQ using HSRP? Also need to mention, the VPN connection is supposed to be the redundant connection if Metroethernet link fails.
View 3 RepliesI am facing a problem in implementing HSRP. My scenario is like this, I have two 3750 switches and I have a server with two NICs. I want to run HSRP in these two switches. By the way the server is connected directly with the switches. I mean each NIC to each switch.we have teamed the two NIC (Active / Standby).what configuration need to done in switches to work HSRP.
View 4 Replies View RelatedHow to configure HSRP with Statefull NAT using the application redundancy of the IOS XE? I want to have static NAT using the HSRP groups for clients and SNAT. (I want to achieve this as in normal IOS -[URL] High Availability NAT with HSRP)The configuration that I have on the 1st ASR. The configuration is similar on the second ASR
redundancy
mode none
application redundancy
group 1
name NAT-HSRPIN
[code]...
IP nat inside source static 10.10.10.20 "real ip address" redundancy 1 mapping-id 1 extendable.
My actual Scenario
1 x 4500 and 1 x 3560?They are gateways of 8 Vlans?They are doing HSRP in each of those Vlans?The 4500 is the Active?There is a DHCP Pool for each of those Vlans on both gateways using "ip dhcp excluded-address" I ensured that the range of provided ips by each DHCP server will not be overlapped Obs.: Reducing the lease time, I ended with the calls bringing related problems.
OK, every thing is blue, every thing is fine.But the network diagram is realy complex(41 switchs, 89 uplinks), and depending of how is the network flow, one or other server answer first or latter.
For many reasons I would like that the secondary DHCP server would answer only if the primary DHCP server goes down.To me, the bigger reason is that DHCP database would be only in one DHCP server.But there is other reasons.
I passed by many frustrated solutions:Try to force a delay on the answer on one of the servers. - Impossible.Try to disable DHCP server, and, using EEM, enable it only if router became active in HSRP. - I couldn't do It.
What I'm thinking now is use the HSRP resource to resolve it.On both routers I would put a "ip helper-address" pointing to an Virtual_HSRP_IP.And depending on which router is the active, him will answer the request.
My first doubt is:Would it work?The second doubt is:Could I use the same Virtual_HSRP_IP that exists on that Vlan(see example 1),or I would need to point it to a Virtual_HSRP_IP in a different Vlan(see example 2)?
Example 1
-----------------------------------
| 4500 |
-----------------------------------
interface Vlan1
ip address 10.10.0.2 255.255.0.0
ip helper-address 10.10.0.1
standby 1 ip 10.10.0.1
[code]....
One of our customer , where there 2 6509 switch , one is Core_sw1 and other is Core_sw2 , catering about 32 Vlan , and HSRP in running for all Vlans , till here no problem , now there internet Router which having one Internet link , which connected and configured on Core_sw1 in a way that one interface of Core_sw1 is given Public IP and there is vlan 85 which internet vlan and vlan 85 ip are natted with that public IP with one simple static route given toward internet router , this is how internet is working ok.
Now i have configured vlan 85 in hsrp as all other are , how can give redundancy to vlan 85 user , that if Core_sw1 get down , internet traffic can get out through Core_sw2.using same internet router with single internet link .i am not talking of ISP redundancy , but Vlan 85 in Core_sw1 goes down , other Core_sw2 will server internet.
If I setup 4948E's in HSRP configuration. And I connect devices to the Standby Unit that do not require redundancy. Will there be any issues passing traffic? I don't believe that standby unit blocks the traffic but wanted to confirm.
View 5 Replies View RelatedThe Issue we have two 3750 switches and configured hsrp on that . Now instead of connecting these two swiches to an Intermediate common switch we have a cisco asa5520 which has 3 L3 ports of which is it possble to convert 2 ports as L2 ports and use those ports to connect to 3750 switches instead of a L2 switch.
View 4 Replies View Relatedwhich option do you think is better? The idea is to use them as the core of the network,to route between several VLANs.
Options:
1 - Two 3560 with HSRP
2 - Two 3750 stacked with cross-stack etherchannel to the access switches
I will be installing a new ASA 5510 firewall on our SIP vlan to separate our voice traffic from the rest of the traffic. I'm trying to decide whether or not I should go with an active/active setup or an active/standby. Any insight on the best way to set this up? This install is going in from scratch, and I am going to be connecting to a 3750 switch stack. Should I pair up a link from each switch to each 5510 using etherchannels? Should I use 8.3 or 8.4? Most of the docs I've been able to find say it depends on this, that, or the other.
View 2 Replies View RelatedI'd like to establish a more robust border router/switch redundancy plan and would like to know if this seems like it would be reliable.I'm looking at using a couple of 3945 routers and 3750 switches in the configuration shown below.
The article found at [URL] outlines the config between a single switch and router but I am looking at doing this with dual routers and switches.
I'm trying to configure load balancing on a network that is using 4 3750 L3 switches. The network is comprised of two sites with two switches at each site running HSRP and the virtaul IP is the gateway for a server between the two switches. The sites are connected by two independant 200meg ethernet connections (technically they are GigE limited to 200meg) p2p circuits. The switches at site A are connected together via a GigE port and the server I have connects to each switch at its respective site using a GigE port and the same for site B.
The problem I'm running into is that I've noticed that one of the 200meg circuits is always idol unless the primary goes down, so I'd like to be able to load balance the traffic from site A to site B using both p2p circuits. I think the problem that I'm running into has to do with the fact that HSRP is putting one of the links from the server to switch in standby unless the WAN link goes down and therefore traffic is not taking the "longer route" to the 2nd 200meg circuit.The only traffic going across this network is only the two servers sending traffic to one another. how I can get load balancing to work or if it is a possiblity with this network topology?
I have a 3750 stack and want to confirm if I can run HSRP on the stack to two different ASR routers for redundancy purposes ?
It looks like the below :-
--------------------------------
| SW1 SW2 |
| 3750 Stack |
|------------------------------- |
| |
| |
----------- ------------
| P | | S |
| ASR1 | | ASR2 |
| ______| |_______|
I plan to build improved redundancy in to my LAN by stacking two 3750s and teaming pairs of NICs on my Dell PowerEdge servers, with each cable of the pair going to a different switch.In my mind this provides redundancy for the NICs and the switches. Does this configuration will work, and also what type of teaming is supported, as I was planning to have one NIC active and one standby, but can I run this configuration with both NICs in the team as active with load balancing?
View 1 Replies View RelatedMy network consist of that network device. cisco catalyst 3750 with stackwise, 2xnexsus 5000 series and servers.servers connected to nexsus switch. nexsus connect to 3750.
Each server have two link, one of them connect nexsus1 and other connect to nexsus2 switch.(same traffic) each nexsus have one link to 3750. At 3750 the nexsus link configurate etherchannel. but the flapping occur at 3750.
i understand that at 2 nexsus link have the same server source mac address so the flapping occur at 3750. how i solve this problem?
I got the error in object when I try to add a new HSRP group in new vlan.All the HSRP group has the same HSRP group the 2.another way to provide clients's default gateway redundancy for each Vlan intead to use the HSRP?
View 4 Replies View RelatedHow to configure hsrp in my client location.They have 1 no of router and 2 no of 3750 switch.they need to configure Hsrp in switch.
View 5 Replies View RelatedWhat should the duplex mode to be set on a routed port gi0/21 that are running HSRP ? I try setting the gi0/21 to full, but it caused the port to be down. The only way for the port to be up is setting it to half duplex.
Cisco 3750 Switch
==============
interface GigabitEthernet0/21
no switchport
ip address 10.200.104.34 255.255.255.248
[Code].....
I understand on older IOS codes If the same hsrp group number is assigned to multiple standby groups, it creates a non-unique MAC address. Is this true on newer codes like 12.2(52)SE for 3750 & 3560?
View 4 Replies View RelatedWhat the different between using hsrp on vlan interface and on physical port (routed port) on Cisco 3750 Switch? Wha the benefits?
View 3 Replies View RelatedI have some question about HSRP in 3750 switch. I have two Cisco 3750 switch which configured HSRP. Let say, we have interface vlan 100 that join in HSRP group member 1. The configuration on both switch is like as follows :
SWI-3750-A (Active)
==========
interface Vlan100
description *** gateway User NPL ***
[Code]....
We have our WAN setup as explained in the attachment herewith. As of now, We have a IP 1 configured as HSRP IP in the LAN switch end at Site A and Site B. As per the HSRP priority, Site A's WAN router will preempt to be the Active WAN router. 1*1Gig link at both DCs connect to the respectve WAN router.
But with this setup, we experience a WAN outage whenever there is a link disconect at Site A - as HSRP fails over from Active to Standby(Site B) and again when the link at Site gets restored. To avoid this :
Is it possible to have the HSRP configured over a port channel at Site A and B (or atleast at Site A) ? In that case, will there be a need for the ISP to change their configuration except to configure a port channel ? The ISP has Cisco 7000 series router which connects to 3750 stack at DC lan.
We have 2 access switches (3750s) that are both attached to a pair of Nexus 5548UPs with L3 cards over VPCs. Access switch (AC1) terminates our 4402 WLC. The WLC services 4 WLANs and connects to the access switch with a single trunked port. Access switch 2 (AC2) terminates an 1131AG lightweight AP. The WLAN is 10.1.1.0/24 on VLAN 300. Router 1 (R1) VLAN 300 IP is 10.1.1.2. Router 2 (R2) VLAN 300 IP is 10.1.1.3. R1 is the active router for VLAN 300. The standby IP for VLAN 300 is 10.1.1.1. The VPCs between both access switches and the router pair are functioning correctly and trunks are wide open (no pruning).
Wireless clients get a DHCP address from a server on another VLAN. Those addresses get handed out just fine.
Wireless clients can ping 10.1.1.3 (R2). They cannot ping 10.1.1.1 (standby address) or 10.1.1.2 (R1).
I took captures from the WLC and I see the ARP requests and replies from wireless clients to their gateway (10.1.1.1). I took another capture directly from the wireless clients themselves. From there, we see the ARP requests, but never the replies. If I create a static ARP entry on the client, it can ping the gateway just fine.
I have a customer who is looking to add some redundancy to their internet connections. Currently we have an ASA 5510 for their firewall. I know that the Sonicwalls are capable of terminating multiple internet connections simultaneously for load balancing, redundancy, and for pushing different types of traffic out different connections. Traditionally the ASAs have not had that capability. But does anyone know if the newer revs (8.3 and I think 8.4 may be out?) will do that or anything similar? Not looking for a full BGP-style solution where the same address space is available via multiple links, but more just a solution where the internet for basic web browsing could fail over and load balance between two internet connections, each assigned to a different outside interface on the ASA.
View 7 Replies View RelatedI'm shortly going to move our stuff to a new data centre, where we have two network feeds - so there'll be two lengths of CAT 5 coming into the rack, for "first hop redundancy".I have something similar at our existing DC, but I'm simplifying the equation somewhat at the new DC, and using a simpler configuration that just uses two switches, rather than two switches and two routers. All of the servers will have public IP addresses.Now - the network guy at the new DC has confirmed that a simpler two switch configuration will work.
View 17 Replies View RelatedWe have cisco 1841 router with two ISP . But we facing the problem whenever our secondary ISP Link goes down the Primary has also went down.We have only one default route for primary Link
View 1 Replies View RelatedI have a question with regards to 6500 Redundancy. We currently have only one in our DC, it has 2 SUP 720s, two FWSMS, and multiple switchport blades. My question is is this fully redundant? and if not what is it that can fail, so I can look into adding that extra layer of redundancy.
View 3 Replies View Relatedfollowing is the capture of my configuration of HSRP on two switch layer 3 (LAB)
View 19 Replies View RelatedI have a ADSL and ESHDSL service being delivered to a client site and then using HSRP to ensure that ADSL is provided first and ESHDSL will take over after. The ESHDSL is dedicated for DVTIs to branch offices and that works fine, however I want to provide redundancy for incoming services such as SMTP/RDP etc. but when I forward these ports or a direct IP NAT traffic can only flow if directed to the ADSL service because HSRP is masking the route back and since it came in on the ESHDSL router the ADSL router does not know what to do with the traffic and hence drops it.
How to make it so both routers can port forward with HSRP?
I have a 4510R+E switch that won't change to the SSO redundancy mode. After entering the 'mode SSO' command, the switch reboots the peer supervisor (as it says it will), but after it comes back up it remains in RPR mode. I've tried rebooting the peer supervisor manually, rebooting the entire chassis, manually power cycling the entire chassis, and reseating the sups, but the switch remains in RPR mode. The issue started when I swapped the switch's supervisor with the supervisor of another 4500. The same issue was observed on the other 4500 as well, but after several reboots, I got it to change to SSO mode. Prior to the swap, both switches were running in SSO mode just fine.Since we're running IOS version 15.0 with the 'spare sup' license, I suspect the issue arose because of licensing complications (with relation to the chassis serial number and the like) when I swapped the sups....although this doesn't explain why the other switch changed to SSO after some troubleshooting.
View 1 Replies View RelatedI have problems with the RV042 router. Currently I have two Internet service is the first DSL service and the other is through cable. The problem is because the router is not doing the redundancy process. For example if DSL service fails, the cable internet service does not come automatically. You have to disconnect and connect manually to maintain the connection to the Internet. Should not the router do this automatically without intervention?
View 1 Replies View RelatedWe currently have the following configuration:
STB_6509#sho mod
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 10 WiSM WLAN Service Module WS-SVC-WISM-1-K9
2 24 CEF720 24 port 1000mb SFP WS-X6724-SFP
5 2 Supervisor Engine 720 (Active) WS-SUP720-3B
[code]....
I would like to add a redundant supervisor blade to the 6509 that is in production. Can this be done plug and play and require no reload. Are all WS-SUP720-3B the same as far as memory etc... or can I buy any used WS-SUP720-3B and it will work properly.
Can the above be used to provide redundancy. However there is only one ISP side connected? Of course we can set up both with exact same rules and use a Manual power on/off if?
View 2 Replies View RelatedFirst and foremost, what I have are 2 x 7204VXR (Gateways), 1 x 4507R-E (Coreswitch), and our ISP have 7609.Got some issues with redundancy with our ISP.
7609
I I
I I
7204-A 7204-B
| |
| vrrp |
| |
-4507R-E-
|
|
internal network
Both outside interfaces of 7204 gateways are connecting to 7609 with different public ip block. I used VRRP for my internal nework and failover have been tested working.
Even tried to remove link of 7204-A and 7609, the failover works perfect. If I shutdown/ remove the link between my 4507R-E and 7204-A (primary gw_higher vrrp priority), vrrp redundancy/failover still works, but pings from internal network to internet is only 50% success....alternate 4 ping reply and 4 time out.