Is there any problems expected in working with core switch of Juniper EX8208 with access switches of Nortel Baystack5520 / 380 / 425 and 325? Whether the VLAN, Multicasting, streaming, STP, SNMP, etc will work without any issues?
View 2 Replies
Assume that we have 2 Cisco 6500 series which redundant via GLP, now my question is how can we connect a Juniper SRX firewall to our core switches?
View 2 Replies View RelatedI have four 24-port BayStack switches connected to in a series, that have been freezing up over the past year (when I look at the front of the switches all connected ports are lit and and activity lights are not blinking but solid). I usually find the switches this way when someone at the church/school tell me that internet is down and the solution is to cycle the power on all switches. This has been happening more and more lately and I was wondering if anyone could, off the top of their head, possit a guess as to what is happening. Now these are configurable switches that I have not configured; I just bought them off of EBay and put them in line - they gave us years of trouble free service. My guess is that the switches are getting caught up in a loop and thus freezing them. My assumption is that the switches have STP running by default and maybe the STP stopped working. I have purchased 2 Cisco WS-C2948G-GE-TX to replace the BayStack switches, as our internet speed will be going over to Google Fibre in the next 2 months.
View 8 Replies View RelatedI've just started a new job after a couple of years not touching cisco gear and been pitched in... My new employer has a network that's Juniper based. We've inherited a load of Cisco switches as part of the deal for hosting matches during the Rugby world cup (plus a load of Aruba wireless gear that promises to be my very own special millstone, but that's bye the bye.)
My task is to hang these catalyst 2960's onto our existing infrastructure via fibre connections.
On the Juniper switch, there are four vlans being pushed to the port the cisco's hooked into: Code...
If I have two stackable switches one switch uplinks to one 6509 core switch and the other connection uplinks to another 6509 core switch, and also the other stackable switch does not connect to the core switches. Because I am using hsrp and also we are not using vss then one uplink to the core is not in used only ones is so then how does creating an etherchannel between does two uplinks to both core switches benefit me in anyway such as more bandwith and using both uplinks at the same time or I'm I wrong?
View 7 Replies View RelatedIf I have two stackable switches were only one stackable switch has two uplinks one uplink goes to one core 6509 switch and the other uplink goes to the other 6509 core switch can a Layer 3 etherchannel be used if each uplink go to a different core switch, by the way hsrp is running between both switches and also can you give an example how data will be routed from the stackable switch through the ethernetchannel to one of the core switch accross the WAN to another core switch?
View 1 Replies View RelatedIs this a good idea to connect access layer directly to core layer with fiber and omit the distribution layer?
View 2 Replies View RelatedI have configure multiple vlans on both the core swithces below is the example, my question is how will be my VTP server configuration on the 3560E since both the core switches will have identical vlans HSRP 2 configured on them. Do I have to configure both the cores with same DOMAIN NAME ?
The core has VTP 2 so I cannot use primary and secondary option.
CoreSwitch1
interface Vlan713
ip address 194.43.86.251 255.255.255.0
standby version 2
standby 86 ip 194.43.86.1(code)
we are using cisco 6509 series switches as core switches. and Cisco 4510,4507 series switches as edge switches. all the vlans are created at core switches and propogating to edge switches through VTP. we are using OSPF as routing protocol at core switch for internal routing. till now we are using 4510,4507 switches as layer 2 switches. Since, 4510 & 4507 switches are hign end swithces i want use them as layer 3 switches instead of layer 2.if i change these switches from layer 2 to layer 3 does it make any impact on our network or better to keep them as layer 2 switches.if i change these switches to layer 3 is there any advantage i will have.
View 3 Replies View RelatedWe are using CISCO Catalyst 6500 switches as collapsed core/distribution switches (2 layer architecture). I want to connect approximatly 10 application servers to the network. Can I connect the servers directly to the catalyst 6500 switches using WS-X6148E-GE-TX line cards? The other option is to use access switchs and then connect the servers to the catalyst 6500 through access switch(Catalyst 3750).
View 6 Replies View RelatedAt our site we have a 4510 core switch and 3750x switches in our IDFs. The 3750 switches are connected to the core via DOT1Q trunks in a server client setup. We are putting in an Informacast/Berbee server witch will send pages and text to the cisco phones. We also have 1 3750 switch connecting to the core via a layer 3 port channel. If we put the Informacast server on the phones vlan would I just need to enable ip pim sparse-dense mode on that vlan only and enable multicast routing, ip multicast routing?
View 5 Replies View RelatedIn the next couple weekends I'm planning to add 2 CISCO UCS 6248UP Interconnects to 6509 Core Switches via 10G links.
Is there any impact anticipated? It's a production environment and no loss of up-time is acceptable.
I currently have 3 core switches on my campus. They are 6509 catalyst switches. They currently are not interconnected to each other.I want to interconnect them to each other. The IP addresses of each core sit on a interface Loopback500. [code] How can I interconnect each core to each other and what IP scheme could I use. I want them to be straight L3 to each other.
View 8 Replies View Relatedwe have two 6513 core switches redundant to each other by using HSRP and MST. Currently we have a problem in a CPU as it's high in both cores as appeared in the following logging message:
1: 04/09/12 16:06:20 7/-1: MAJ, GOLD,
test_sp_rp_inband_ping[7]: diag_hit_sp_sys_limit. SP-RP Ping Test skipped. Reason(s): netint_thr_active[1].
[Code].....
I've been taught/under the impression that vlans and stp stay in the access layer to prevent bridging loops and broadcast storms from taking down the whole network. Well I was reading about backbonefast and how it "Enables fast convergence in the networkbackbone or core layer switches after a spanning-tree topology change occurs." Now I thought that from the distribution layer up we use a routing protocol.
View 9 Replies View RelatedI have FSWM active/standby installed in 6509-E core switches running following FWSM Firewall Version 3.1(3) Device Manager Version 5.0(2)F..I want to upgrade to latest FWSM version as well as ASDM, I downloaded asdm-622f.bin and c6svc-fwm-k9.4-1-5.bin from cisco portal. When i checked the show version of FWSM, it says..The Running Activation Key is not valid, using default settings: Running Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000
I have gone through threads on CSC about how to upgrade FWSM in failover mode, now my concern is, Do i have to take care about activation key or keep as it is ? I have maintenance contract with cisco for all devices.
connecting a 5548 pair to our core 6509s. Just want to be sure we don't introduce any issues into the network.The 6509's are connected and perform all the routing. Essentially, we're moving away from a 3750 stack in the data center and the 5548s are the replacement. We'd want to limit the vlans to the specific server network vlans. Our current setup is a port channel between the 3750 and each of the 2 6509s for redundancy. I'd like to use the same functionality when we connect the 5548's but I'm looking for what the config should look like to ensure no spanning tree loops are introduced and that it is configured optimally.
View 1 Replies View RelatedHow i can view the capacity throughput (backplane) of core switches (6509)? How i know much is in use?
View 2 Replies View RelatedWe have a Cisco 3750G Core switch which has physical connections, each configured as trunks to two HP Access switches. The client who uses these access switches would like to put a link between the two, but this would create a loop.
------- Core Switch -------
| |
| |
[Code]....
The company I work have finally decided to enter the 21st century and invest in a new telephone system (Interactive Intelligence) to replace the legacy system which has served us well for the past 10 years. The project has only just started and involves upgrading sections of CAT3 cabling to CAT6, replacing Cisco 3550 switches in one area of the building with Cisco 4507 switches and upgrading our Core switches with Cisco Nexus 7010's. The area that concerns me most is enabling the network for qos as I have very little experience with it. At the moment Im trying to read as much documentation as I can on QOS to bring myself up to speed.
The access layer switches will consist of a mixture of Cisco 3750 & 4507 switches connected to Cisco Nexus 7010 switches which will form a collapsed aggregation & core layer.
Basically, how I should approach this daunting task of making sure the network will support VOIP.
recommend a cisco core switch and access switches in IPTV network infrastructure?I was ask to implement a network for IPTV system but i don't have idea what will be the model i will use.
Core Switch = Cisco 4503
Access Switches = Cisco 3560X
I configure 3750 stack switch as core and 2960 stack switches as access layer switches.I connected my laptop to one of my core stack in VLAN 10 and I am pinging to one of my server in VLAN 1. What will be the minimum latency at the time of inter VALN routing
View 2 Replies View RelatedI've been fighting what seems to be an increased number of outqueue drops on our core stack and edge switches for the last 3 or 4 weeks.(The core consists of a stack of 5 3750s in 32-gig stack mode. The wkgrp switches are 3560s. all are at 12.2.52) The wkgrp switches are directly connected to users. We use Nortel IP phones with the phone inline with the user PC. auto-neg to 100/full. [code] However I have tried turning off QOS on a couple of workgroup switches (no mls qos, but left individual port configurations the same) but am still seeing drops.Since I have disabled qos on the switches in question (no mls qos) (not the core tho) I am presuming these commands have no affect on the switch operation and therefore cannot be related to the problem. With QOS turned off one would presume that it is general congestion - especially at the user edge where busy PC issues might contribute. So I wanted to see if I could see any instances of packets in the output queues building up.
I wrote some scripts and macros that essentially did a snapshot of 'show int' every 20 seconds or so, and looked for instances of 'Queue: x/' where x was greater than zero.What I found after several days of watching the core stack, and a few of the workgroup switches that are most often displaying the behavior, was that I NEVER saw ANY packets in output queues. I often saw packets in Input queues for VLAN1, once in a great while I would see packets on input queues for fa or Gi interfaces, but NEVER on output queues. [ code] Additionally, when I look (via snmp) at interface utilization on interfaces showing queue drops (both core and wkgroup), they are occurring at ridiculously low utilization levels (as low as 4 to 8%). I've tried to look for microbursts between the core and a wkgroup switch where the core interface was experiencing drops, but haven't seen any (using observer suite). [code] While the queue-drop counts aren't critically high at this point, they are happening more frequently than in the past and I would like to understand what is going on... In most cases, no error counters are incrementing for these interfaces. Is there some mechanism besides congestion that could cause output queue drops?
Two different WAN links get connected to the firewall via two routers.(Different ip subnets).I need to get this two wan streams seperatly to the core switches.Core switches sits.Active/Stanby senario. If the Active core goes down Stndby Core will have take over the traffic. My design is correct ,if not what do i need to change. ASA is 5520.
View 8 Replies View RelatedI decided to switch away from my DIR-655 wireless router due to multiple issues and go with an Untangle box. Everything appears to be set up great... except when it comes to my VPN connection to work via Juniper VPN Client v. 6.5.0.15507. For some reason, the VPN connection keeps dropping every 3-5 minutes and I have to wait for it to either reconnect, or sometimes the client completely stops and I have to restart it.
View 16 Replies View RelatedI have a ASA 5520 with a functional IPSEC VPN using the Cisco VPN client. This allows my remote users (Staff) using laptops to come in from anywhere on the Internet and tunnel in. Works great.Next, we need to stand up a VPN over a Juniper SSG5 so that when we have groups working outside of our network, they can tunnel back into our network. If they were going to be coming from a known, fixed IP, or even netblock, we'd probably use Route-based setup from a Juniper SSG5 into the ASA 5520. But they may very well be coming from any IP. I am thinking this leads us to Site-to-Site VPNs- it won't be Network Client access obviously, nor will it be Clientless (browser-based).
View 9 Replies View RelatedI'm trying to enable LAG between WLC and a Juniper switch EX-4200 but it is not working.
In the lab i managed to enable LACP between Cisco 2960 and juniper EX-4200 and works with the atached configs that i found on juniper forum. Also LACP between Cisco 2960 and WLC works with te same config, but never between the WLC and Juniper. I've tried with passive mode and slow mode, always seems that juniper is not seeing the WLC BPDUs. I tried with WLC 4402 and 5508 both with 7.0 firmware.
I have set up an ACS 5.4 box and have some test devices connected to it.Cisco and Juniper, both working fine using TACACS I can connect to both using SSH or Telnet but my problem is the J-Web Juniper GUI I can access the J-web no problem with the root account. i can not seem to get it to work, no matter what I try. Here is my shell from the ACS box And the following Juniper configuration. I have tried binding the local-user-name attribute to both the remote and remoteadmin with no luck.
version 9.6R1.13;
system {
host-name Juniper-Firewall;
authentication-order [ tacplus password ];
root-authentication {
encrypted-password "$1$1tRuy9o2$LwSPxNwe4XGNMOMIMo1pd1"; ## SECRET-DATA
[code].....
Local LAN is connected with cisco 2800 router and SRX 210 Firewall, currently all LAN segment will go to my Data Center via ISP A and all internet traffic from LAN segment will go to internet via SRX firewall, there is no relation/connection between cisco router and SRX firewall. I have separate AS no. s for both the ISP
I am having attached scenario. based on current one I would like to do following.
1. I need to use PBR at LAN Switch ( its L3 Switch) such that in normal scenario - local VLAN traffic is equally distributed on both ISP.
2. dedicated internet traffic will flow through ISP B only and if WAN link of ISP B goes down, the internet traffic will pass through ISP A.
( in normal scenario, ISP A will utilized 100 % for LAN traffic to reach it to DC but once ISP B link goes down, the b/w of ISP A will be divided to route 50% traffic for LAN segment to DC and rest 50% traffic of LAN segment to internet)
Any known issues connecting an ASA to a Juniper switch?
We have a remote site where we have an ASA 5505 installed set up running EzVPN. We do not have not have control/access to the internet connection or the internal infrastructure. We basically have an office within their building. Our ASA has one of their external IP addresses and is connected to thier Juniper switch. Our pc's/printers are patched to another Juniper switch which is uplinked to our ASA. The issue we are having is that the connection is intermittently dropping where we cannot ping the pc's/printers at the remote site through the VPN tunnel but we are still able to ping the external IP address of our remote ASA. The strange thing is that we cannot manage the ASA via SSH or ASDM using the outside interface but can ping it when this occurs. For the most part the VPN tunnel does not drop when we check the sessions at the headend although it occasionally will.
Is a CA/CS required to deploy 802.1x? Google searches is confusing me with multiple answers. Im currently trying to test without a CA/CS and im having no luck.
Lab
2008 R2 DC
2008 R2 NPS
Juniper EX4200
User Win 7 PC
This is for a wired connection
I work for a small company and we just brought in a Juniper EX4200 switch so that we are able to test our SFP's and XFP's. I went through the EZSetup process however when I try to re-connect afterwards it just tells me that my subnet for the switch is different then the PC. I have tried assigning a static IP but that is not working for me either
View 8 Replies View RelatedSeveral of my older netscreen devices only support radius authentication and I'm having trouble migrating them from ACS 4.2 to ACS 5.1. When I try to authenticate, the authentication passes in ACS but it doesn't log you into the Netscreen (you see a auth failure in the Netscreen logs). I believe that the custom attributes are not being passed from ACS to the Netscreen. The custom attribute we are trying to pass is "NS-Admin-Privilege" with type integer and a value of 2. The netscreen is setup so that the user privledges are obtained from the ACS server.
Any setup where they are using Cisco radius authentication to authenticate Netscreen devices?
