Cisco Wireless :: 3750 - ARP Replies From HSRP Gateway Lost Over Wireless
Apr 5, 2012
We have 2 access switches (3750s) that are both attached to a pair of Nexus 5548UPs with L3 cards over VPCs. Access switch (AC1) terminates our 4402 WLC. The WLC services 4 WLANs and connects to the access switch with a single trunked port. Access switch 2 (AC2) terminates an 1131AG lightweight AP. The WLAN is 10.1.1.0/24 on VLAN 300. Router 1 (R1) VLAN 300 IP is 10.1.1.2. Router 2 (R2) VLAN 300 IP is 10.1.1.3. R1 is the active router for VLAN 300. The standby IP for VLAN 300 is 10.1.1.1. The VPCs between both access switches and the router pair are functioning correctly and trunks are wide open (no pruning).
Wireless clients get a DHCP address from a server on another VLAN. Those addresses get handed out just fine.
Wireless clients can ping 10.1.1.3 (R2). They cannot ping 10.1.1.1 (standby address) or 10.1.1.2 (R1).
I took captures from the WLC and I see the ARP requests and replies from wireless clients to their gateway (10.1.1.1). I took another capture directly from the wireless clients themselves. From there, we see the ARP requests, but never the replies. If I create a static ARP entry on the client, it can ping the gateway just fine.
View 5 Replies
ADVERTISEMENT
Feb 24, 2013
There are two Win7 SP1 PCs (A & B), plugged in to a 3750-x (v12.2-58-SE2), on ports 33 and 41.
The ports are configured for 802.1x, auth order of MAB then Dot1x. Priority is Dot1x, MAB. The config is the same on both ports (verified at show run all).
When either PC is plugged in to port 33, everything works as I expect. Client sends an EAPoL message, gets a response, and is authenticated. When PC A is plugged in to port 41, same correct result. When PC B is plugged into port 41, the client sends an EAPoL start, and the switch never replies.
If port 41 has the authentication order changed to dot1x then MAB, PC B works fine.
View 3 Replies
View Related
May 15, 2012
My Gateway NV53 laptop has suddenly lost the ability to connect wirelessly to any network. Ethernet connection works fine. Wireless light is turned on, but laptop does not "see" any wireless networks. It is as if the wireless adapter is no longer there. It does not show up in Device mgr.
View 3 Replies
View Related
Feb 12, 2012
Turned up a new colo service last week using some PIX 515E firewalls and two Cat 2950 series switches. I have attached a diagram of the layout which I have used elsewhere with good success. Basically I have two switches connected together via port channel (2 ports). The colo facility gives me two HSRP enabled links, of which I plug one into switch A and the other in switch B. The PIxes are a failover pair with the primary plugged into the same switch A as the primary HSRP link.The backup PIX is plugged into the backup switch where the backup HSRP link is. When I unplug the primary HSRP link the PIX can ping the HSRP gateway still, but nothing beyond that. Nothing gets it to work until I plug the link back in.
The only thing I could see that might cause an issue is the 'ip verify reverse-path' command on the PIXes. But even the switches cannot ping out beyond the HSRP gateway. Just seems like all inbound routing stops. I am not sure what the colo facility has going on their side but it seems like they are using just some Cisco 6509s and doing HSRP between them. Seems pretty simple but so far this is proving un-usable as is.
The PIX BTW just uses a default route to the HSRP gateway.
View 3 Replies
View Related
Apr 18, 2012
we are planing to run HSRP on our Nexus 5ks (with L3 card) and we use VPC to connect the downstream UCS - Fabric Interconnects to the 5ks. I was wondering if the peer-gateway command is required under the vpc domain config? When you use HSRP with VPC, both the active and standby HSRP peers can forward layer3 traffic, isn`t that the same that peer-gateway would achieve?
View 1 Replies
View Related
Apr 24, 2012
i have a 6509 connected via layer 2 (VLAN1) to a 3750 (e.g. VLAN1 10.1.1.1)then to the HQ via Metroethernet(L3). Is it possible to connect the 6509 to an ASA that already has VPN connectivity to the HQ using HSRP? Also need to mention, the VPN connection is supposed to be the redundant connection if Metroethernet link fails.
View 3 Replies
View Related
Apr 13, 2011
The Issue we have two 3750 switches and configured hsrp on that . Now instead of connecting these two swiches to an Intermediate common switch we have a cisco asa5520 which has 3 L3 ports of which is it possble to convert 2 ports as L2 ports and use those ports to connect to 3750 switches instead of a L2 switch.
View 4 Replies
View Related
Aug 14, 2012
I am facing a problem in implementing HSRP. My scenario is like this, I have two 3750 switches and I have a server with two NICs. I want to run HSRP in these two switches. By the way the server is connected directly with the switches. I mean each NIC to each switch.we have teamed the two NIC (Active / Standby).what configuration need to done in switches to work HSRP.
View 4 Replies
View Related
Dec 15, 2010
I'm trying to configure load balancing on a network that is using 4 3750 L3 switches. The network is comprised of two sites with two switches at each site running HSRP and the virtaul IP is the gateway for a server between the two switches. The sites are connected by two independant 200meg ethernet connections (technically they are GigE limited to 200meg) p2p circuits. The switches at site A are connected together via a GigE port and the server I have connects to each switch at its respective site using a GigE port and the same for site B.
The problem I'm running into is that I've noticed that one of the 200meg circuits is always idol unless the primary goes down, so I'd like to be able to load balance the traffic from site A to site B using both p2p circuits. I think the problem that I'm running into has to do with the fact that HSRP is putting one of the links from the server to switch in standby unless the WAN link goes down and therefore traffic is not taking the "longer route" to the 2nd 200meg circuit.The only traffic going across this network is only the two servers sending traffic to one another. how I can get load balancing to work or if it is a possiblity with this network topology?
View 7 Replies
View Related
Oct 9, 2012
I have a 3750 stack and want to confirm if I can run HSRP on the stack to two different ASR routers for redundancy purposes ?
It looks like the below :-
--------------------------------
| SW1 SW2 |
| 3750 Stack |
|------------------------------- |
| |
| |
----------- ------------
| P | | S |
| ASR1 | | ASR2 |
| ______| |_______|
View 2 Replies
View Related
May 6, 2012
I got the error in object when I try to add a new HSRP group in new vlan.All the HSRP group has the same HSRP group the 2.another way to provide clients's default gateway redundancy for each Vlan intead to use the HSRP?
View 4 Replies
View Related
Apr 9, 2013
How to configure hsrp in my client location.They have 1 no of router and 2 no of 3750 switch.they need to configure Hsrp in switch.
View 5 Replies
View Related
Nov 15, 2012
What should the duplex mode to be set on a routed port gi0/21 that are running HSRP ? I try setting the gi0/21 to full, but it caused the port to be down. The only way for the port to be up is setting it to half duplex.
Cisco 3750 Switch
==============
interface GigabitEthernet0/21
no switchport
ip address 10.200.104.34 255.255.255.248
[Code].....
View 2 Replies
View Related
Nov 24, 2010
I understand on older IOS codes If the same hsrp group number is assigned to multiple standby groups, it creates a non-unique MAC address. Is this true on newer codes like 12.2(52)SE for 3750 & 3560?
View 4 Replies
View Related
Nov 14, 2012
What the different between using hsrp on vlan interface and on physical port (routed port) on Cisco 3750 Switch? Wha the benefits?
View 3 Replies
View Related
Oct 23, 2012
I have some question about HSRP in 3750 switch. I have two Cisco 3750 switch which configured HSRP. Let say, we have interface vlan 100 that join in HSRP group member 1. The configuration on both switch is like as follows :
SWI-3750-A (Active)
==========
interface Vlan100
description *** gateway User NPL ***
[Code]....
View 8 Replies
View Related
Dec 27, 2012
We have our WAN setup as explained in the attachment herewith. As of now, We have a IP 1 configured as HSRP IP in the LAN switch end at Site A and Site B. As per the HSRP priority, Site A's WAN router will preempt to be the Active WAN router. 1*1Gig link at both DCs connect to the respectve WAN router.
But with this setup, we experience a WAN outage whenever there is a link disconect at Site A - as HSRP fails over from Active to Standby(Site B) and again when the link at Site gets restored. To avoid this :
Is it possible to have the HSRP configured over a port channel at Site A and B (or atleast at Site A) ? In that case, will there be a need for the ISP to change their configuration except to configure a port channel ? The ISP has Cisco 7000 series router which connects to 3750 stack at DC lan.
View 2 Replies
View Related
Nov 12, 2012
We have two Cisco 3560E layer 3 switches at the core of our network. The switches are configured as an HSRP pair and the clients on our network point to the HSRP address as their default gateway. So if CORE-A dies, then CORE-B will pick up the address and the default route for the clients will continue to be available.We also need to specify a few static routes on the core switch to allow us to get to specific networks. Is there a way to do this so that the routes failover in the same way that the default gateway does?
View 2 Replies
View Related
Mar 23, 2013
I have set up site-site VPN on 5505s on 2 sites. I can ping outside interfaces from both sites but cannot get replies when I ping clients behind the 5505 from the ASA itself. I have also tried to ping from 10.x.x.x to 217.41.x.x and to 192.168..x.x but do not get a response.
I was expecting the configuration to be enough but there might be something I am missing.
View 6 Replies
View Related
Jul 10, 2012
I lost the disc to my X2000 gateway. Is there a download site for the software?
View 1 Replies
View Related
Mar 8, 2013
In my 3750 stack switch there are more than 10 L3 vlans currently in use.In that only one vlan for example vlan 11 (we given up link directly to the nodes connected to that ports which is in vlan 11)losing connectivity for sometime and again connectivity restored.Except Vlan 11 all other vlans are working fine. When we troubleshooted the issue some of the ip's able to ping and some not able to ping. checked the interface status of that ports (no crc and input errors) and port is in up status only.we also checked cpu utlilisation ,device uptime, all are no issues found. am sharing my sw basic config and one interface status at the time of issue.But only one port learning more than 50 Mac-Addresses dynamically.and am learning mac address violation in another port which is port security and storm control enabled on that port..Its seems to be any attack or something else????
interface GigabitEthernet1/0/20
--More-- description
switchport access vlan 11
switchport mode access
spanning-tree portfast
logs:
Mar 8 05:58:25.848 IST: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0026.0a18.8218 on port GigabitEthernet1/0/16.
Mar 8 05:59:25.862 IST: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0026.0a18.8218 on port GigabitEthernet1/0/16.
AT the time of issue interface status:
sh int gi2/0/14
GigabitEthernet2/0/14 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 0026.ca46.5c8e (bia 0026.ca46.5c8e)
Description:
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,[code]......
View 4 Replies
View Related
May 14, 2012
I am new to this and have ran into some problems. I butilt up my router I was able from the rom> prompt to get my router to boot from SLOT0:xxxxx
Then I did the copy command copy slot0:xxxxxxx bootflash:xxxxxxxMy router starts up fine. I did all my configurations and did my copy run start when I was done. As this is what I do on my 3750s.
My router lost power and rebooted and I lost everything it did not boot up to my last configuration.How do I save my configurations when I am done ? How do I get it to boot from that configuration every time?
View 1 Replies
View Related
May 2, 2013
I have lost the "ENABLE" password on my 3750 switch.
View 5 Replies
View Related
May 3, 2012
This would probably sound like a stupid question but it took at least 2 hours of my time so far. I have a 3750 switch where a router and a server is connected. From the switch I can ping the router and server with no issue (directely connected). But from the server I am not able to ping the router. The router and the server are in the same subnet. The router is configured as the default router for the server. I am not able to ping the server from the router either. Here's the output of the ip route from the router. The server IP address is 10.1.200.21 and the router IP address is 10.10.200.1
10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
C 10.1.30.0/24 is directly connected, FastEthernet0/0.30
C 10.1.20.0/24 is directly connected, FastEthernet0/0.20
[Code].....
View 14 Replies
View Related
Apr 10, 2013
I have a bit of a mystery on my hands. I had a whole campus of Cisco 3750's cache a new default gateway. Example
Cisco3750#sh ip redirects Default gateway is 10.10.10.1
Host Gateway Last Use Total Uses Interface172.16.0.5 10.10.101.179 0:00 185749 Vlan1172.16.0.76 10.10.101.179 0:01 47254 Vlan1192.168.0.154 10.10.101.179 0:00 183090 Vlan1
My question is what generates a IP Redirect packet or how does the switch know what to change the gateway to? As in my case the changed gateway was a dead IP address. So I am at lose how this happened. I this case the Host IP's are network management servers conducting polling.
View 3 Replies
View Related
Jan 30, 2012
I'd like to establish a more robust border router/switch redundancy plan and would like to know if this seems like it would be reliable.I'm looking at using a couple of 3945 routers and 3750 switches in the configuration shown below.
The article found at [URL] outlines the config between a single switch and router but I am looking at doing this with dual routers and switches.
View 3 Replies
View Related
Sep 27, 2012
how my switches are configured, a cisco 3750 and a cisco 4506.[code] i can ping the gateway from the 3750 however cannot get anything past that or enything to it.
View 12 Replies
View Related
May 17, 2011
I need to move the client machines off of the 3750 (and their DHCP dependency on it) to the SGE2010 and absolutely route their internet traffic out through the outside interface on the 5505. They must also be able to communicate back into the internal environment in order to communicate with the production servers.
The clients currently use .254 addressing through a dumb dell switch to the 3750 but I am trying to migrate them over slowly to the .253. I know that the 2010 will not do DHCP, so I am putting a DHCP server on that switch right now. The 5505 won't let me add an additional nameif statement onto one of the other eth0/x interfaces and I'm not sure if that has anything to do with it's capabilities to act as a DHCP server (it's not an option in the ASDM) or it's ability to serve as the internet gateway for the 2010 clients. (Side notes: The 5505 has a base license and is currently also connecting 1 site to site VPN. As is the 5520, so all of it's interfaces are used as well).
I statically assigned a moved client with a .253 address and plugged it into the 2010. I have tried giving the 2010 both a .4 address and a .253 address but neither will allow me to ping any of the addresses on the 5505. The 2010 shows automatic routes to the two subnets and I set it's default route to 253.1. The link between the 2010 and the 3750 works - clients receive a .254 address from the 3750 and can get out to the internet via the 5505 and reach the production servers as well.
Why won't the 2010 see the 5505 as a gateway and allow clients to get to the internet and also traverse the 3750 when they need access to the production network?
The reason why I dont' just connect the two swtiches and call it a day is because I also need the production servers to ALWAYS go out/receive web requests via the 5520 outbound/outside interface. I'm having such a hard time wrapping my head around why i can't get my clients moved over to the new switch, I haven't even grasped how I'm going to do that yet.
View 1 Replies
View Related
Aug 25, 2012
I had setup a lan infrastructure with 5 3750 stack swithes. In these 3 of them are in one stack which is acting as access switch, 2 of them in another stack which is as core switch where all the SVI is configured. Now, when i tried to ping from our edge pc which is connected in access switch to default gaeway, which is configured in core switch, the ICMP is getting delayed . But when try to ping from the same edge pc to another user PC, it is getting less tahn 1 millisecond icmp replies.
why icmp is delaying to default gateway , but working with another edge to edge pcs without any delays?
View 1 Replies
View Related
Mar 5, 2013
We have a 6509 series of core switches and 3750 series of L2 switches, There is no default gateway or any static routes to any IP.VLAN 1 is made admin down and another vlan is used for all communication here in this environment
Attached is configuration for reference But still I am able to take telnet or SSH. I want to know how telnet or SSH or tacacs authentication happens without any static or default route.
View 4 Replies
View Related
Sep 10, 2012
i am facing a problem when the client vlan is commmunicating with the default gateway on the core 3750-x.
ios in 3750-x core is 3750e-universalk9-mz.150-2.SE.bin. But, client to client communication is happening without any dealy and icmp is less than 1 ms always.
When try to ping default gateway of client vlan, it is getting delayed (variable icmp delays). Is this an ios bug?
View 2 Replies
View Related
Mar 11, 2012
I'm running into what seems a basic ip routing config problem with a Catalyst 3750 (IP Base) switch. I have several VLANS configured on the switch with IP routing enabled, and the switch is connected to the inside interace of a new ASA 5520 as follows:
ASA5520 IP (Default gateway): 192.168.1.1Switchport Gi1/0/1 is configured as a routed port, IP address 192.168.1.3 255.255.255.0Example VLAN is VLAN 100, IP address 192.168.100.1 255.255.252.0 From the switch CLI, I can ping all VLAN addresses, as well as the ASA5520, and the client laptop I'm testing with from VLAN 100.
From the client laptop on VLAN 100, I can ping all switch interface and VLAN addresses (inter-VLAN routing is working), including 192.168.1.3, but I CANNOT ping the default gateway at 192.168.1.1.
Here is the relevant configuration information on the 3750:
!
no aaa new-model
switch 1 provision ws-c3750x-24
system mtu routing 1500
[Code]....
View 4 Replies
View Related
Dec 28, 2011
I just connected a WRT190N v2 Wireless Router to my XPS 400. When my wife tried to connect our other desktop to the wireless network, everything seemed fine. I noticed that, when she wasn't actively browsing or using the network, her computer would lose connectivity, but regain it when a browser was opened. When I tried to use the XPS, I found that it had no connection. I regained connectivity after using the Windows Network Diagnostic tool, but neither computer seems to keep connectivity when left alone, at least for very long.
View 1 Replies
View Related
