I am an intern and do not want to compromise the network. I was asked to prepare a step by step guide to connecting to a server from 2 different VLAN's. I am using a Trendnet TEG-2248WS B1.0R switch. that is all of the information that I was given.
I have built two servers,a cacti server and a syslog server.They are both in vlan 30.Both servers can ping each other and can ping the gateway.Now the problem is the cacti server can ping hosts in vlan 100 but the syslog server cant.I am using a subnet mask of 255.255.255.248.
I'm looking to implement a single proxy server for two different VLANs. Both VLAN have outgoing traffic configured through different ISP i.e. traffic for users on VLAN1 is routed through ISP1 and traffic for users on VLAN2 is routed through ISP2. Inter-VLAN communication is enabled. The proxy server should route internet traffic for users in VLAN1 through ISP1 and for users in VLAN2 traffic should be routed through ISP2.
due to goverment regs i need to secure the server vlan at work. i was using a acl applied to the vlan, but thought adding an ASA would provide better security. I had done some brief review of my design and options. I was thinking of using vrf and connect to exsisting ASA 5520. i would need to add the server subnet vrf to the global routing table. seems to get tricky. I am currently testing just adding the firewall to a vlan with a client. No vrf. This seems to working ok but the inbound and outbound rules have to be adjusted more than i realized. I was expecting traffic inaitiated outbound to flow unrestircted and filter on the inbound.
I'm trying to set up VLANs in my network.So the first device after the internet cloud is my ISP modem/router. I don't really use the router part. The second device is my Linksys WRT54G router with DD-WRT firmware on it.Between the two, there is a subnet just for them. After the DD-WRT router, there is a subnet for my LAN.The third device is my netgear GS108T switch (with vlan support) to which almost all my computers are hooked up. One of those computers is my server that is domain controller and has the roles as shown in the image. What I would like to do is to create several virtual machines in Hyper-V. The trick is that I want to isolate them from the rest of my network. They should be able to access (and be accessed) from the internet but not the rest of my network. So my whole network should be in the same VLAN but each VM should be individually in separate VLANs.
1) I've allready created the VLANs on my Netgear Switch. I know my DD-WRT also has VLAN support. Do I need to create the same VLANs on that also?
2) How to configure the VLAN part of the Hyper-V server? (by the way, my server OS is Windows Server 2008 R2 with the hyper-v role, it's not the bare-metal hyper-v)Should my Virtual Switch be in VLAN 10 and my VMs in the other VLANs?Should the port (on the netgear switch) in which my server is connected, be in VLAN 10 (so that my server is accessible from every other computer in the network)?
I have a sg300-52 in layer 3 mode. I have 2 Dell access switches that connect to the sg300 in 4 port LAGs each. Connectivity works as expected.Servers are on their own VLAN, and plugged directly into the sg300. When somebody starts a file copy from their client workstation off a file server, the server VLAN drops everything except for the file copy. Even drops packets on its own vlan, (server to server communication) until the file copy is complete. Seems like the VLAN is rate limited somehow.
I have a question regarding CSS loadbalancer. Let's say there are 2 vlans in CSS:
1. Vlan 10: 10.1.1.0/24 as external interface, interface where most of the clients are coming from.
2. Vlan 20: 10.1.2.0/24 for real server vlan.
Virtual IP 10.1.1.10 is created in CSS on behalf of two real servers (10.1.2.11 & .12) in Vlan 20. Client from Vlan 10 can http access to 10.1.1.10 successfully.
In Vlan 20 there's also few clients which need to access servers via virtual IP. Vlan 20 Client PC (10.1.2.101) can ping 10.1.1.10, but can't access 10.1.1.10 http service.
Is there any way for CSS to forward service request coming from Server vlan to be send back to the same segment?
I possess a RV220W (firmware 1.0.3.5) but I can't seem to work with the PPTP server on one VLAN only.
My default VLAN is in 192.168.1.1/24. I created a VLAN ID 10 in 192.168.50.1/24 inter-vlan routing : disabled and Device Management : disabled. (Menu Networking > LAN > VLAN Membership and Multiple VLAN Subnets).
Then I configured a PPTP server on the IP range 192.168.50.200 to 192.168.50.210.
To finish I created my user. (Menu VPN > IPSEC > VPN Users).
The PPTP tunnel is working, but on all my local network and not only the VLAN ID 10.
I have a Nexus 5548 installed (layer 2 device only) with several 10G ports supporting IBM P770 systems and a TSM (Tivoli Storage Manager) system on a single VLAN. All of the Nexus 5548 ports are configured for jumbo frames. I was ask to install a new server on the same VLAN as the others but as 1G port without jumbo frames to allow communications with the TSM server. I'm assuming that the 1G port for this new server without jumbo frames configured on the Nexus 5548 will not be unable to communicate with the TSM server that is on the same VLAN with it's Nexus 5548 10G port configure using jumbo frames.
I have a PIX-515E that I'm trying to configure for what I thought would be a simple task. I've been playing with VMWare ESXi on a Dell PowerEdge 1850 in a lab environment. The server's IPMI is bound to one of its two physical interfaces, which I've connected to Ethernet 1 on the firewall. The interface has the following configuration:
PIX Version 7.2(4)!interface Ethernet1 nameif FrontEnd security-level 40 no ip address!interface Ethernet1.2 vlan 2 nameif IPMI security-level 90 ip address 172.16.0.161 255.255.255.224
The server's baseboard manager has been configured to tag its traffic on VLAN 2, priority left at 0 (default), and its IP address appears in the firewall's ARP cache; however, here's what I get for a ping response: Sending 5, 100-byte ICMP Echos to 172.16.0.164, timeout is 2 seconds:?????Success rate is 0 percent (0/5)
I have a Cisco ASA 5505 with the base License. I want to split my network and add a new Internet Access, the first network in Orange works fine. My question is how can i access the file server from the second network (192.168.X.0 /24) ? The 3 switches are Cisco SF300-24P.
I am going to creat VLANs very 1st time therefore for test purpose I have following simple scnerio.I have created 2 VLANs , VLAN2 and VLAN3 on Cisco Catalyst 2960 series switch. Ports 1-12 is assigned to VLAN2 and Ports 13-24 are assiged to VLAN3. Now I have configured DHCP on Microsoft Server 2003 defining 2 scopes with following configurations.
Scope 1 for VLAN 2--- Range is 172.16.0.17 to 172.16.0.30 with subnet mask=255.255.255.240 . Server IP address 172.16.0.17 ( Note: Address 172.16.0.17 is excluded from dhcp server Scope 1 and give to the MS server itself) Scope 2 for VLAN 3----Range is 172.16.0.33 to 172.16.0.46 with subnet mask=255.255.255.240 .
Now in Cisco 2960 series switches, under Vlan 2 and Vlan 3, I have following configurations...
interface Vlan2 ip address 172.16.0.30 255.255.255.240 ip helper-address 172.16.0.17 interface Vlan3 ip address 172.16.0.46 255.255.255.240 ip helper-address 172.16.0.17
Now the problem is when i connect a client computer to any port from 1-12, It gets correct IP address from Scope 1 but when I connect a computer to any port from 13-24, it does not get the ip address.
Further I want to do inter VLAN comunication as well for that purpose i Have an ISR 2900 series router. What further configuration i will have to do on router for inter vlan communication.
I have install the administration toolpack on Windows 7 and enabled remote connections on my server 2008 box, When i try and connect with my Windows 7 server manager it does not work.I see stuff on google about enabling a trustedhost with winrm but can't find a way to do this.
I was searching a lot , but I couldn't find any good example, how to configure DHCP server for our wireless clients on Cisco Autonomous AP. I'm looking for example how to configure Dot 11 radios and BVI interfaces.
I have no problem to configure DHCP server on BVI 1 and VLAN 1 ( native VLAN ) interfaces, but there is a problem with other BVI's and VLANs. Maybe this feature isn't supported? Maybe DHCP server feature is supported to work just with default BVI and native VLAN?
We have configured following commands on switch to fallback to local Vlan if both radius server (policy persona's) is found dead. For test purpose we shutdown both servers (policy persona's) but fallback didn't work. We have 3750 switch running image 12.2(55)SE6 having following configuration.We do not know whether we configured switch in proper way or do we need to modify it. [code]
After getting New Workstations, I wanted to connect that to the SERVER but Windows 7 could not log into domain of our server with Windows Server 2003. Besides following the proper process/steps. I am able to use the printer and internet shared through SERVER though.
Few days ago I started to get the following error message while trying to connect to the internet using Chrome and IE:"Unable to connect to the proxy server..."I don't have a proxy server configured - nothing is checked in the LAN settings page.In Firefox I don't have that problem - it seems it gets the proxy configuration from elsewhere.
when i connect my sylvania netbook to my wireless internet it says connected, excellent signal but when i try to pull up a web page it says can not connect to server...
On interface FA0 goes the UTP from my ISP. Further more I have setup my Vlan1 but i can't connect to the Internet.
Building configuration... Current configuration : 3649 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption
i received access point types AIR-LAP1252AG-E-K9, which i want to connect to my wlan controller AIR-CT5508-K9. Update from IOS etc. is working fine. Also all access points are recognized by the controller.We got the AIR-LAP1252AG-E-K9 with two antenna versions.
I'm looking to build (cheaply) some l2tpv3 tunnels across a campus network. I have a pair of 881's and I was hoping to xconnect the VLAN 1 intfcs between the two of them. "xconnect" is not a CLI option on the interface configuration, although it is for the individual Fa0-3 interfaces. Just for grins, I xconnected the l2tpv3 tunnel between each Fa3 on each router, and the tunnel comes up successfully and I can see a session established. I am routing between the WAN interfaces (Fa4) on each. However, L2 traffic is not passing between the two Fa3 interfaces. I can do it backwards, i.e. route between the Vlan1 interfaces and xconnect the Fa4 interfaces (i.e. WAN), and I can see broadcast traffic from the destination network appearing on the local interface. However, I'd really rather have the four interfaces in VLAN1 tunnelled rather than the WAN interface. I am guessing this has to do with ISL vs. 802.1q, since I'm trying to encapsulate VLAN1 as Ethernet and not as dot1q.
Having an issue getting my DMZ vlan working. Running my ASA5505 and i have configured e0/2 for DMZ w/ VLAN ID 3. Connected to my 2716 on port2.Inside e0/1 w/ VLAN ID 1. Connected to my 2716 on port1.
I am trying to get my DMZ Vlan to ports3&4 (LAG1) but when i assign the LAG group to PVID 3 i lose connectivity on VLAN1. I want to send both VLANs to that host because the teamed adaptor is used for Hyper-v Network Switch.
I am unable to connect a Wifi Modem wiith 2960 Switch having VLAN 1,Attached is the network diagram,what configurations i have to modified it,I need to Connect A Wifi Modem on VLAN 1 ,Connectivity is working fine between VLAN 10 and VLAN 1.What should be the next step to Connect Wifi Modem to VLAN 1 so that Users on VLAN 10 should connect to Internet.
I have one cisco wlc 2112 with ios 7.0.230.0 with license to support 12 access points. My access points are nine (9) lap1231ag and one (1) lap1310.I just have one wlan (ssid). My scenario of deployment is in layer 3. I have one interface management and ap manager in the WLC. All my Access Points have differents ip address that WLC. I need to configure a unique ssid to associate my six (6) dynamics interfaces (each dymanic interface with different vlan subnet).Each wlan profile (ssid) should have the same security in phase 2 (wpa2/psk). My cisco access points don't support hreap. My wlc support only (4) interface into an interface group, and i need six (6) dynamics interfaces.
We are trying to config vlan 10 for data and vlan 20 for voice on the same port - port 1 of swtich SF300-24P to run both data and voice on different vlans.Do I have to add vlan 10 as an untagged vlan to port 1 and add vlan 20 as an tagged vlan to port 1?If I do not want to assign the native vlan 1 to port 1, how can I remove it ? The GUI page - assign VLAN to port does not allow to remove it.Aslo, what mode shall I set up on port 1? General, trunk or access ?
How do I submit an RFE (Request For Enhancement) to the Cisco SBR team to encourage them to implement the missing support for VLAN to VLAN firewall rules that was available in the RVS4000 (See [URL]) and that was supposedly added to a beta release of the RV220W firmware (See [URL])?
Between our hosting and a customer we have an extended vlan, traveling on a fiber, between two cisco 3560 switches.The thing is, that we want to create one or more vlans inside that extended vlan, in some way if possible?
I have two networks at two sites with a dot1q trunk between the two L3 switches at both sites (no routers involved)
SITE A - Cisco 3750 L3 - VLAN ID 50 10.10.50.0/24
SITE B - Cisco 3750 L3 - VLAN ID 50 10.20.50.0/24
I would like to extend the SITE A VLAN to SITE B so that I can move hosts from SITE A to SITE B without needing to change their IP address but the vlan ID is already in use. Obviously the easy solution is to change the VLAN ID for one or other of the sites but both sites contain hosts that run 24/7. Is there a way to join two VLANs with different IDs together.So for example I create a new VLAN 60 at SITE B and associate it with VLAN 50 at SITE A.
We have 6509 VSS with FWSM Module and we have created two context on it, one is INTERNALL CONTEXT othe is EXTERNALL Context? We have spanned various VLANS in switches and FWSM context level. All VLAN Gateways are configured in context level.
Activity description : We had planned migration of these devices into a new Datacenter, it was a planned activity. During migration of devices from one Dc to a new DC we broke the VSS and kept the primary running and removed the secondary switch and migrated this secondary to new DC and powered this device ON in the new DC and checked all the config was very much fine but this device was OFF network as secondary was brought to new DC just to limit the downtime during the primary switch movement.
During the activity ( Primary switch movement )We powered off the Primary switch and mean time before shifting into new Data center We had brought up secondary switch which was already existing in the DC was put live in the network and it was working fine without any issues.
Later we had moved Primary into new data center and tried to put into VSS with the secondary , during this period the secondary device into went into RECOVERY MODE and primary device was not responding and devices went off network and immediatly we removed the VSL link and brought up primary into production network without secondary online in the network ( Without VSS just stand alone switch ) network started working, but bringing up the primary we found that some of the VLANS in the FWSM was deleted and some VLAN had misconfiguration ( example : say original VLAN ip 10.200.112.1 has become 10.300.13.1 ) also some of the access list as well as SVI was deleted making configuration mismatch.
Wanted to know while syncronization b/n primary and secondary switch in VSS if we pull out VSL link would create this type of issues.
I have set up 2 DHCP pools and 2 VLANs (1 *the native* for data / 1 VLAN for voice). When I use the command "switchport voice vlan 20" the port disapear from the show vlan brief list. When I use the "switchport access vlan 20" it shows up in the show vlan brief in the correct VLAN and gives the phone an IP. I assume that using the access instead of the voice is wrong and the phones would not configure correctly. But when I use the access the phone goes to the next step and tells me the TFTP files are not found. Why does the port disapear from the VLAN list?
I have a Netgear GSM7248R switch with 5 different Vlans including th management Vlan. Each of the vlans are connected to my layer 3 switch for routing. I want to access the management vlan form any of my Vlans so my layer two switch can be detected by my snmp manager.
but on interface gi 1/0/1 i want to have data from vlan 10 tagged as VLAN 20. At this time i have solved this issue very primitively
I have set up gi 1/0/2 as int mode acces, acces vlan 20 and i have connected gi 1/0/2 with gi 1/0/3 with eth cable. int gi 1/0/3 is switchpor mode acces, switchport acces vlan 10