Cisco :: Switch Port General Allowed Vlan 2 For Admin And 10 For LAN?
Sep 22, 2012
Me and my friend is currently setting up a Xen test environment. As you can se from the picture below we are running a Cisco ASA 5505 to reach the network from the outside.But the problem is that we want to reach the virtual pfSense's subnet's through the Cisco AnyConnect VPN. And currently the pfSense's are only configured with a public ip and a virtual interface to the VM's.could solve this problem by buying another PCI NIC, so that we have a physical link from the "pfSense box" to a tagged VLAN on the switch.But we are having problems configuring the switch to general vlan's. Cause Xen can't have it's management interface on a tagged VLAN directly from the XenServer,but the switch can tag the packet when it reaches the switchport. I would like to have "switch port general allowed vlan 2" for admin and 10 for "LAN"And then trunk the port to the Cisco ASA. But again, Xen stops me from doing this.
View 2 Replies
ADVERTISEMENT
Sep 28, 2012
I'm Confused from the fact that Vlan tagging is done at access port and trunk port always gets tagged packets (untill its case of native vlan).But I still believe in other fact which says tagging happen only when a frame hit the trunk port which means trunk port gets untagged frame and tagging is not possible at access port.
Would like to know where actually this tagging happens ?
and also which command we can use to encapsulate 802.1q protocol to access port ? The way we do at trunk port is #switchport trunk encapsulation dot1q Is the above command applicable for access mode also?
View 6 Replies
View Related
Aug 24, 2012
Im trying to simulate a switch in Gns3 and i use 16ESW module in a cisco 3700 router. why im getting this record after i try to filter which vlans pass through my trunk port:Router(config-if)#switchport trunk allowed vlan 2,3,4 Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.
View 6 Replies
View Related
Sep 13, 2012
I am tryıng to confıgure port base Vlan on 3com S7900E switch. There are already 9 of them confıgured but one is missing and I need to add 1 more. I have done this on cisco routers but cant get my head around 3com commands.
View 1 Replies
View Related
Feb 16, 2013
There are 5 VLAN's and all can communicate through all the different subnets, but VLAN5 can not communicate to the RVS 4000.
VLAN Smart Port set to switch and router - this is not working What Smart Port configuration should be set up to talk to the LAN port on a RVS4000?
VPN is set up and connected, but when trying to connect to the client can not connect to remote networks.
View 1 Replies
View Related
Dec 12, 2012
We have a 24 port and 48 port 3560 E switches with identical IOS the 48 port switch supports private vlan while 24 port switch doesnt
configure private vlans on 24 ports 3560e and is it best practise to configure private vlan on this platform(3560)?
IOS version : C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(55)SE3, RELEASE SOFTWARE (fc1)
flash:/c3560e-universalk9-mz.122-55.SE3/c3560e-universalk9-mz.122-55.SE3.bin
View 3 Replies
View Related
Feb 21, 2012
cant assign cisco switch 3560G port g0/1to access vlan 10
main-switch(config-if)#switchport access vlan 10 Command rejected: Gi0/1 not a switching port.
View 5 Replies
View Related
May 17, 2013
I was reviewing my ASA config and noticed that port 1025 was being allowed in and statically NAT'd to connect to my email server:
access-list outside_in extended permit tcp any host X.X.X.X eq 1025
static (inside,outside) tcp interface 1025 Y.Y.Y.Y 1025 netmask 255.255.255.255.
View 2 Replies
View Related
Nov 14, 2012
What the different between using hsrp on vlan interface and on physical port (routed port) on Cisco 3750 Switch? Wha the benefits?
View 3 Replies
View Related
Nov 12, 2011
Why I cannot ping vlan when no port connect to switch.
View 3 Replies
View Related
May 6, 2012
I would like to setup an cisco ASA 5505 to only allow certain IP's on port 3389, but i can't get it to work. Maybe some of you experts know why?
Here is my config:
ASA Version 8.4(3)!hostname cisco-asaenable password ** encryptedpasswd ** encryptednames!interface Ethernet0/0switchport access vlan 2!interface Ethernet0/1!interface Ethernet0/2!interface Ethernet0/3!interface Ethernet0/4!interface Ethernet0/5!interface Ethernet0/6!interface Ethernet0/7!interface Vlan1nameif insidesecurity-level 100ip address 192.168.1.253 255.255.255.0!interface Vlan2nameif outsidesecurity-level 0ip address 95.*.*.* 255.255.255.248!ftp mode passiveobject network obj_anysubnet 0.0.0.0 0.0.0.0object network rdpuser-1host 46.*.*.*object network rdpuser-2host 48.*.*.*object network rdp-host-pchost 192.168.1.20object
[code].....
The allowed IP's are setup on user level (rdpuser-1 and rdpuser-2) .Still do, I can't connect to the server from any of these IP's...
View 6 Replies
View Related
Nov 1, 2011
I have a remote site that is using port 4500 for within the isakmp phase of creating a IPSEC tunnel, but for some reason it is also using random port numbers constantly (in bold): [code] These are all blocked by the firewall when trying to communicate with our central router in the trusted network. The central router does not display the same symptoms, it only uses port 4500.Is there a way of preventing the remote router from using random port numbers and only allowed to use 4500??
View 9 Replies
View Related
Apr 5, 2011
I have this Cisco Switch: SRW2048-K9-NA. When I log into the Web GUI, I am provided the two options mentioned above for VLAN Management. I have fiddled with the two options and they seem identical to me. Is there really a difference, maybe better flexibility?
View 2 Replies
View Related
Jan 10, 2013
I have two networks at two sites with a dot1q trunk between the two L3 switches at both sites (no routers involved)
SITE A - Cisco 3750 L3 - VLAN ID 50
10.10.50.0/24
SITE B - Cisco 3750 L3 - VLAN ID 50
10.20.50.0/24
I would like to extend the SITE A VLAN to SITE B so that I can move hosts from SITE A to SITE B without needing to change their IP address but the vlan ID is already in use. Obviously the easy solution is to change the VLAN ID for one or other of the sites but both sites contain hosts that run 24/7. Is there a way to join two VLANs with different IDs together.So for example I create a new VLAN 60 at SITE B and associate it with VLAN 50 at SITE A.
View 4 Replies
View Related
May 12, 2011
We are trying to config vlan 10 for data and vlan 20 for voice on the same port - port 1 of swtich SF300-24P to run both data and voice on different vlans.Do I have to add vlan 10 as an untagged vlan to port 1 and add vlan 20 as an tagged vlan to port 1?If I do not want to assign the native vlan 1 to port 1, how can I remove it ? The GUI page - assign VLAN to port does not allow to remove it.Aslo, what mode shall I set up on port 1? General, trunk or access ?
View 18 Replies
View Related
Feb 2, 2011
I have set up 2 DHCP pools and 2 VLANs (1 *the native* for data / 1 VLAN for voice). When I use the command "switchport voice vlan 20" the port disapear from the show vlan brief list. When I use the "switchport access vlan 20" it shows up in the show vlan brief in the correct VLAN and gives the phone an IP. I assume that using the access instead of the voice is wrong and the phones would not configure correctly. But when I use the access the phone goes to the next step and tells me the TFTP files are not found. Why does the port disapear from the VLAN list?
View 8 Replies
View Related
Oct 30, 2012
I have 2 ME3600Xs and utilize Broadcast and Multicast storm control on client facing interfaces. One of my ME3600s is reporting a Multicast storm and that a packet filter action has been applied. The strange thing is that it is showing up on an Admin Down interface that has nothing connected to it. [code]
View 2 Replies
View Related
Dec 27, 2011
I know some business routers need to be registered to have certain functions work. I have gone through the knowledge base and there seem to be a few with my issues. Sadly I have been doing IT since 86 and playing with larger Cisco boxes for over a decade. So that's a little of my back ground, I also have a MCSE (W2K), A plus, Net Plus etc... so I know its got to be something stupid that I missed or something wrong with router. It was purchased new just before the holidays and I tried calling the posted Cisco number and the auto phone wanted a PO agreement before it would connect me. OK so alI need to do is Port forward two ports (3389, and 82) same ports internal and wan side. The internal is being sent to two different IP address, one per port config. So I did set up the UPNP, set up the service as enabled, and really looked in the knowledge base to see if I was missing something. So I left the site although just before I left I set up the remote admin login from the wan side. This does not even pick up, There is no other firewall between the device and the internet except for the T1 dmark.
This is a RV 08 new router so need a phone number for small business cisco for new products. I miss those good ole days where everything you needed to open and forward a port was located in one area in a router firmware setup.
View 2 Replies
View Related
May 7, 2013
Is it possible to use 1 or 2 of the 4 gigabit ethernet ports from one ACE straight into the other ACE for redundancy? So ACE_01 gig0/4 to ACE_02 gig0/4.If so, is it a case of just having the layer 3 config instead of trunking etc..Also - is it possible to create a context within the same vlan as the Admin context?
View 4 Replies
View Related
Oct 16, 2011
I'm using my 655 as a WAP, so nothing is connected to the WAN port. Since I run a SBS2008 in my home, I also have the 655's DHCP disabled.If I enable Network Filtering, everything inbound/outbound on the LAN ports works except accessing the Admin page. Even if I put the connecting PC's LAN MAC in the tablet.
View 9 Replies
View Related
May 8, 2012
On the supervisor card of a cisco 6500 series, according to the following link, [URL] it only has 2 uplink ports on the card. Would I be correct in assuming that I only have those to ports that I can configure IP addresses on?
The cisco that is being devlivere is coming with a 48 port switch and 24 port fibre switch. Could I change any of those ports into a router port and configure IP addresses on those?
The supervisor card is a ws-sup-720-3b the 48 port switch is a ws-x6748-ge-tx the 24 port fibre switch is ws-x6724-sfp
View 3 Replies
View Related
Jun 5, 2013
I'm fairly new to Cisco products am in the process of developing my network knowledge on a deeper level. I have a 3825 with a HWIC-4ESW and I'm struggling to fully understand how the two "see" each other. I've setup a V LAN with a layer 3 address on the HWIC and added the switch ports to it. This seemed to allow devices connected to the switch ports to talk to the built-in router ports. I thought this was all making sense until i applied an access-list to the router port. It's a simple ACL i'm just using for testing and the only thing it does is blocks telnet from anywhere. I know the ACL is setup properly because if I connect a device directly to the router port i cannot telnet to the port. However, if i connect a device to one of the switch ports, i am able to telnet to the router port successfully.
It seems that I'm missing something with how traffic flows from the switch port to the router ports and how the two "see" each other.
View 2 Replies
View Related
Dec 28, 2008
what is the use of no switch port command in L3 switch?
View 7 Replies
View Related
Feb 26, 2012
I was looking for a way to connect an AUX port from a 1700 router to a 6500 switch module console port, to see the output of the Switch's on the 1700 router, in case there is a network downtime, I could see what's going on in the switch, what cable should I use ? Also, is there is any kind of documentation for this type of config what have I seen is very few info.
View 2 Replies
View Related
Jan 16, 2011
is it possible to assign a loopback address to a typical switch port on a 2950 switch? I want to be able to have some devices connected to a switch to test access lists and VLANs.
View 3 Replies
View Related
Jul 14, 2011
I have a situation, where I dont need email and where is no SMTP server in this network, but I need CCO-access for EoX/PSIRT from LMS. Because both settings are in the same menu and LMS4.0.1 does real TCP:25 checking for given SMTP-server before can apply, I cant save my CCO-credentials. What can I do?
View 1 Replies
View Related
May 18, 2011
My internet connect works fine for hours at a time, then suddenly will get 7 or 8 General Failures while pinging (long enough to boot me off the net) then will be back to working fine immediately afterwards.Pinging 127.0.0.1 works fine. I've checked the firewall (Norton) and it has the default settings
View 3 Replies
View Related
Jan 18, 2012
When ping ipv4 is succeeded.
C:Documents and SettingsLW>ping 10.1.1.1Pinging 10.1.1.1 with 32 bytes of data:Reply from 10.1.1.1: bytes=32 time=2ms TTL=64
Reply from 10.1.1.1: bytes=32 time=1ms TTL=64
Reply from 10.1.1.1: bytes=32 time=1ms TTL=64
Reply from 10.1.1.1: bytes=32 time=1ms TTL=64Ping statistics for 10.1.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
[code].....
View 3 Replies
View Related
Sep 30, 2012
how do i get a general wifi password for my ipod
View 1 Replies
View Related
Aug 11, 2011
I can access the internet just fine, but when I try to connect using a VPN It times out.When I ping the desktop in question, I get a timeout, and when I ping anything from the desktop I get "general failure".I've tried allowing echo responses through the firewall, and disabling the firewall, to no avail.
View 6 Replies
View Related
Oct 11, 2012
how to hide Wireless SSID via Wireless controllers (one I am using is 5505)
Currently anyone can attmept to login to it as i cant find any options to hide it! Screen shot below)
what measures I should take to secure the APS and from access, currently considering port security and static mac addresses on ports; traffic is already got ACLS on its vlan. I have little to no experience on Wireless devices.
View 10 Replies
View Related
Jul 1, 2011
I am an accomplished developer in Microsoft technologies, however networking has always been my weak point. I have always managed to be in jobs where my lack of knowledge in networks has not affected me, so I have never bothered to learn anything.Are there any good books out that would teach me the basics of things like tcp/dhcp/vpn/dial up networks/routers and other netwokring terms.
View 3 Replies
View Related
Jan 7, 2013
How to find the IP from Yahoo Messenger. Real e-mails show the IP, but not Yahoo Messenger.I'm sure the IP is there somewhere, but how do I find it?
View 4 Replies
View Related
