Cisco 3560V2 : 2013

2013年12月11日星期三

Cisco 3560 switchport light stays orange when VLAN is applied.

I have a cisco WS-C3560V2-24TS-S as my core agragate switch in my network. Everything is running fine currently until I tried adding a second port on one of my DLSAMs to add funcionality to another network. I currently have another similar device running two seperate ethernet ports on two seperate VLANs that are managed in the software of the DSLAM to determine which network a particular DSL port talks on. This second one however is giving me pletny of problems.

i have configured the WS-C3560X-24P-L switch port to the VLAN I require, I am able to plug in a laptop and talk on the network correctly (pull DHCP and get on the internet on the correct network). But when I try plugging up my DSLAM the port stays orange. If I leave the VLAN set to the default (vlan1) it will turn green but as soon as I change the VLAN it turns orange again. The settings are the same on both DLSAMS as far as port and VLAN configuration goes. The port is linking up correctly at 100 Full on both sides.

I will add more information as I continue to troubleshoot this. But for now hopefully this should give a brief explanation of my problem in case I am just overlooking something very simple.

no cdp enable

spanning-tree bpdufilter enable

2013年11月25日星期一

Setup Port Channel on Cisco 3560

I have 2 Layer3 switches. (Cisco WS-C3560X-24P-L). I am setting:

interface FastEthernet0/1

channel-group 1 mode on

interface FastEthernet0/2

channel-group 1 mode on

interface FastEthernet0/3

channel-group 1 mode on

interface FastEthernet0/4

channel-group 1 mode on

interface Port-channel 1

no switchport

ip address 192.168.1.2 255.255.255.0

Other switch is same but using 192.168.1.1 255.255.255.0

I am getting connectivity. But Basically would like to have fail-over and load balancing.

So out of the 4 fast Ethernet ports. If one fails. There should still be connectivity.

Get rid of your IP addresses. Port bonding is a layer 2 game and you don't need them.

Here is an example of a working LACP etherchannel configuration on a WS-C3560G-24TS running IPservices 12.2(50)SE4. The config on the partner switch is identical.

port-channel load-balance src-dst-mac

interface Port-channel23

description ** LACP channel to SWITCH2, ports 23-24 **

switchport trunk encapsulation dot1q

switchport trunk native vlan 11

switchport trunk allowed vlan 2-499

switchport mode trunk

switchport nonegotiate

spanning-tree link-type point-to-point

interface GigabitEthernet0/23

description ** SWITCH2 etherchannel port 1 **

switchport trunk encapsulation dot1q

switchport trunk native vlan 11

switchport trunk allowed vlan 2-499

switchport mode trunk

switchport nonegotiate

logging event status

channel-group 23 mode active

interface GigabitEthernet0/24

description ** SWITCH2 WS-C3560V2-48PS-S etherchannel port 2 **

switchport trunk encapsulation dot1q

switchport trunk native vlan 11

switchport trunk allowed vlan 2-499

switchport mode trunk

switchport nonegotiate

logging event status

channel-group 23 mode active

2013年11月14日星期四

Cisco 3560 Switches Installing SFP Modules

Removing and installing an SFP module WS-C3560V2-48TS-S can shorten its useful life. Do not remove and insert SFP

modules more often than is absolutely necessary.

Step 1 Attach an ESD-preventive wrist strap to your wrist and to a bare metal surface on the chassis.

Step 2 Find the send (TX) and receive (RX) markings that identify the top side of the SFP module.

Note On some SFP modules, the send and receive (TX and RX) markings might be replaced by arrows

that show the direction of the connection, either send or receive (TX or RX).

Step 3 Align the SFP module in front of the slot opening.

Step 4 Insert the SFP module into the slot until you feel the connector on the module snap into place in the rear

of the slot.

Step 5 For fiber-optic SFP modules, remove the dust plugs from the optical ports, and store them for later use.

Caution Do not remove the dust plugs from the fiber-optic SFP module port or the rubber caps from the

fiber-optic cable until you are ready to connect the cable. The plugs and caps protect the SFP module

ports and cables from contamination and ambient light.

Step 6 Insert the cable connector into the SFP module:

• For fiber-optic SFP modules, insert the LC or MT-RJ cable connector into the SFP module.

• For copper SFP modules, insert the RJ-45 cable connector into the SFP module.

Note When connecting to 1000BASE-T SFP modules, be sure to use a twisted four-pair, Category 5 cable.

For more Cisco WS-C3560X-24P-L information please click here

2013年11月13日星期三

3560 Showing Garbage in Console

Cisco WS-C3560X-48PF-S series products have two main categories, Cisco 3560V2 and Cisco 3560X, 3560V2 is FE based switch while 3560X is GE based switch, the previous Cisco 3560, 3560G and 3560E are end of sales now and replaced by Cisco 3560V2 and Cisco 3560X. Cisco Catalyst 3560 v2 Series consumes less power than its predecessors. The 3560-X Series Switches is an enterprise-class lines of stackable and standalone switches.

I have few 8-port 3560's (WS-C3560-8PC) that I have been using to roll out a Metro Ethernet upgrade. I have one switch that originally configured just fine, but now it is displaying all kinds of gibberish in the console window. I can telnet into the switch ok. The configuration register on it is set to 0xF. But I have tried using a serial connection from multiple computers, and they all show the same garbage. I have 4 of these switches next to each other. They all have the same IOS: 15.0(2)SE image. They all have the same configuration register. I can console into all of them except for this one switch.

I have verified my terminal settings, and they are as suggested:

Speed: 9600 bps

Databits: 8

Parity bits: 0

Stop bit: 1

No flow control

This time, I have tried changing to all of the following baud rates, and they all produce gibberish:

1200 bps

2400 bps

4800 bps

9600 bps

19200 bps

38400 bps

57600 bps

115200 bps

3Anetwork.com keeps regular stock of 3560V2 and 3560X switches. Among all Cisco Catalyst 3560 switches, WS-C3560V2-24TS-S, WS-C3560V2-24PS-S WS-C3560X-24T-L, WS-C3560X-24T-S and WS-C3560X-24P-S are best selling models. 3Anetwork.com offers best Cisco 3560 Price, Cisco 3560V2 Price, Cisco 3560X Price, ship to worldwide.

For more Cisco WS-C3560X-48PF-L information please click here

2013年11月6日星期三

Cisco Catalyst WS-C3750V2-48PS-S Switch

An ideal fit for midsized organizations and enterprise branch offices, the Cisco WS-C3750V2-48PS-S eases deployment of converged applications and adapts to changing business needs by providing configuration flexibility and support for converged network patterns.

The Cisco Catalyst 3750V2-48PS switch not only consumes far less power than most other Cisco switches, but it also helps increase the overall productivity of your network for data, voice and video. Supporting Cisco's EnergyWise technology, this switch from Cisco's Catalyst 3750 series gives you the opportunity to manage your power consumption, reduce your overall energy costs and decrease the size of your carbon footprint.

48 x 10/100/1000 ports

Optional four Gigabit Ethernet (GbE) SFP or two 10GbE SFP+ uplink network modules

Dual redundant, modular power supplies and fans

Media Access Control Security (MACsec) hardware-based encryption

IPv4 and IPv6 routing, Multicast routing, advanced quality of service (QoS), and security features in hardware

Enhanced limited lifetime warranty (LLW) with next business day (NBD) advance hardware replacement and 90 day access to Cisco Technical Assistance Center (TAC) support

Enhanced Cisco EnergyWise for operational cost optimization by measuring actual power consumption of the device, reporting, and reducing energy consumption across the network

Cisco StackPower technology: An innovative feature and industry first for sharing power among stack members

Cisco StackWise Plus technology for ease of use and resiliency with 64 Gbps of throughput

For more Cisco WS-C3560X-24T-L information please click here

2013年10月29日星期二

How to configure Gigabit Ethernet Interfaces on Cisco 2911 Router?

Cisco 2900 Series Integrated Services Routers (ISR) have modular design that allows for reuse of a broad array of existing modules that meet business requirements while maximizing investment protection. Among all Cisco 2900 routers, Cisco2911-SEC, C2951-VSEC and C2921-VSEC are best selling models.

Router(config)# interface gigabitethernet 0/1

Router(config-if)#

Enters the configuration mode for a Gigabit Ethernet interface on the router.

ip address ip-address mask

Router(config-if)# ip address 192.168.12.2 255.255.255.0

Router(config-if)#

Sets the IP address and subnet mask for the specified GE interface.

no shutdown

Example:

Router(config-if)# no shutdown

Router(config-if)#

Enables the GE interface, changing its state from administratively down to administratively up.

exit

Router(config-if)# exit

Router(config)#

Exits configuration mode for the GE interface and returns to global configuration mode.

For more C2911-VSEC information please click here

2013年10月28日星期一

How to configure Settings for All RADIUS Servers on Cisco 3750x Switch?

The 3750-X Series Switches are enterprise-class lines of stackable and standalone switches with StackWise Plus technology, they are the replacement of Cisco 3750G and 3750E switches. 3Anetworkcom keeps many stocks for 3750V2 and 3750X switches. Among all Cisco Catalyst 3750 switches, WS-C3750X-12S-S and WS-C3750V2-48PS-S are best selling models.

configure terminal

Enter global configuration mode.

radius-server key string

Specify the shared secret text string used between the switch and all RADIUS servers.

Note The key is a text string that must match the encryption key used on the RADIUS server. Leading spaces are ignored, but spaces within and at the end of the key are used. If you use spaces in your key, do not enclose the key in quotation marks unless the quotation marks are part of the key.

radius-server retransmit retries

Specify the number of times the switch sends each RADIUS request to the server before giving up. The default is 3; the range 1 to 1000.

radius-server timeout seconds

Specify the number of seconds a switch waits for a reply to a RADIUS request before resending the request. The default is 5 seconds; the range is 1 to 1000.

radius-server deadtime minutes

Specify the number of minutes a RADIUS server, which is not responding to authentication requests, to be skipped, thus avoiding the wait for the request to timeout before trying the next configured server. The default is 0; the range is 1 to 1440 minutes.

end

Return to privileged EXEC mode.

show running-config

Verify your settings.

copy running-config startup-config

(Optional) Save your entries in the configuration file.

For more Cisco information please click here:

http://www.3anetwork.com/cisco-ws-c3750v2-24ps-s-price_p109.html

How to configure Cisco IOS Software on Cisco WS-C3560V2-24PS-S switch?

How to configure Cisco IOS Software on Cisco WS-C3560V2-24PS-S switch?

3560V2 24 10/100 PoE + 2 SFP + IPB (Standard) Image

The Cisco Catalyst 3560 v2 Series is the next-generation energy-efficient Layer 3 fast Ethernet switches. This new series of switches supports Cisco EnergyWise technology, which enables companies to measure and manage power consumption of network infrastructure and network-attached devices, thereby reducing their energy costs and their carbon footprint. The Cisco Catalyst 3560 v2 Series consumes less power than its predecessors and is the ideal access layer switch for enterprise, retail, and branch-office environments, as it maximizes productivity and investment protection by enabling a unified network for data, voice, and video.

The Cisco Catalyst 3560 v2 Series can be preconfigured with a specific Cisco IOS Software release at the time of ordering. This option eliminates the need to reload a specific Cisco IOS Software release during deployment, thereby reducing deployment time and cost. The Cisco IOS Software release to be preloaded can be selected from a list of supported Cisco IOS Software releases, including the crypto version.

For more Cisco information please visit:

http://www.3anetwork.com/cisco-ws-c3560v2-48ps-s-price_p55.html

2013年10月24日星期四

Cisco WS-C3560V2-24TS-S $879 Price Reduction

WS-C3560V2-24TS-S,Catalyst 3560V2 24 10/100 + 2 SFP + IPB (Standard) Image The Cisco list price for WS-C3560V2-24TS-S is 2995 USD, there are many suppliers for this, according to our research on WS-C3560V2-24TS-S Price, best price is from, http://www.3anetwork.com/cisco-ws-c3560v2-24ts-s-price_p48.html, 879 USD, but they are based in Hong Kong, so may take 3 days to reach your country

2013年8月30日星期五

TFTP Service

Question:

i am trying Cisco 3945 router to find a way to verify that the TFTP service is not running on the router. i issued the no tftp-server flash: <ios> and it accepted it even though it does not show up in the show running config. any docs would be helpful.

Answer:

If the command isn't in the running config, it's disabled. The tftp server isn't turned on by default. There are version differences that seem to either support the control-plane command and those that don't. I have a 3845 that has it, but I have a 3825 that doesn't. Here's a 3745 that does that would show you the results should you decide to maybe update your router:

R1#sh control-plane host open-ports
Active internet connections (servers and established)
Prot Local Address Foreign Address Service State
tcp *:23 *:0 Telnet LISTEN
udp *:69 *:0 TFTP-Server LISTEN

R1# Cisco 3945 price

For more info, http://site4807539.edit.build.angelfire.lycos.com/index/

2013年8月29日星期四

Issue redistributing between EIGRP and BGP using (match internal)

Question:

We currently WS-C3750X-48T-L have two routing protocols that we use in our DCs. Internally we use EIGRP, and externally we use BGP. Each of DC's has an internet link and an MPLS link.

To redistribute between the EIGRP instance and the BGP instance in the DC, we use a route map that matches internal routes.

I have an ASA firewall that is connected to the core switch, this firewall is the Internet firewall, and is part of the EIGRP AS. There are site to site tunnels, the default route, and client vpn subnets that the firewall advertises to EIGRP.

Those routes are not getting redistributed into BGP, which is a huge issue. The routes coming from the firewall are all showing as external, so BGP is not advertising them.

Here's the configuration of the edge MPLS router (the one that needs to redistribute between the two):

router eigrp 50
network x.x.x.x 0.0.63.255
redistribute bgp 50 route-map BGP-TO-EIGRP
!
router bgp 50
bgp log-neighbor-changes
network y.y.y.y mask 255.255.255.255
aggregate-address y.y.y.y 255.255.192.0 summary-only
timers bgp 30 90 90
redistribute eigrp 50 route-map EIGRP-TO-BGP
neighbor z.z.z.z remote-as 50
<output ommitted>
!
route-map EIGRP-TO-BGP permit 10
match route-type internal
!
route-map BGP-TO-EIGRP permit 10
set metric 10000 100 255 1 1500
!

Here's a sample route from one of the networks that the firewall is advertising:

xxx-3925-01#sh ip route 150.175.49.3
Routing entry for 150.175.49.3/32
Known via "eigrp 50", distance 170, metric 3328, type external
Redistributing via eigrp 50, bgp 50
Last update from 10.34.0.73 on GigabitEthernet0/0, 00:45:12 ago
Routing Descriptor Blocks:
* 10.34.0.73, from 10.34.0.73, 00:45:12 ago, via GigabitEthernet0/0
Route metric is 3328, traffic share count is 1
Total delay is 30 microseconds, minimum bandwidth is 1000000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 2

xxx-3925-01#sh ip bgp neighbors x.x.x.x advertised-routes <--- ISP MPLS Peer
BGP table version is 121306, local router ID is x.x.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> x.x.0.0/18 0.0.0.0 32768 i

Total number of prefixes 1

Looking at that output from the show route it seems it's being redistributed, but I'm not seeing it anywhere else and it doesn't show as being advertised out.

Answer:

Yes, the redistribution causes the route to be external. Matching on internal routes won't work in this case and you'll either need to have them also match on external routes, or they should be able to tie it down to just that routing protocol (if you have more than bgp/eigrp on this router).

route-map EIGRP permit 10
match route-type internal
route-map EIGRP permit 20
match route-type external
match source-protocol eigrp <AS>

You can't do much with the ASA in regards to tagging routes (at least in the older versions). Otherwise, I would say tag your statics during redistribution and then match on the tag. WS-C3560X-48PF-S

Original comes from http://cisco3560.weebly.com/

2013年8月28日星期三

NATproblem

Question:

I've a small problem with NAT.WS-C3750X-48T-L I have a Cisco1861 and that's connected to my ISP's modem via FE0/0. I can ping my intern network without any problem but the NAT isn't working so I can't connect to the internet.

Can somebody check what I've did wrong? Hereby the config:

Many thanks for the help!

ip dhcp excluded-address 192.168.2.1
ip dhcp excluded-address 192.168.3.1
ip dhcp excluded-address 192.168.2.255
ip dhcp excluded-address 192.168.3.255
ip dhcp excluded-address 192.168.2.10
!
ip dhcp pool INTERN
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1 255.255.255.0
dns-server 8.8.8.8
!
ip dhcp pool GUEST
network 192.168.3.0 255.255.255.0
default-router 192.168.3.1 255.255.255.0
dns-server 8.8.8.8
!
!
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
license udi pid C1861W-SRST-C-F/K9 sn FGL153422S3
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
ip nat enable
ip virtual-reassembly
duplex auto
speed auto
!
interface Integrated-Service-Engine0/0
no ip address
shutdown
!
interface FastEthernet0/1/0
!
interface FastEthernet0/1/1
switchport mode trunk
!
interface FastEthernet0/1/2
!
interface FastEthernet0/1/3
switchport access vlan 2
spanning-tree portfast
!
interface FastEthernet0/1/4
!
interface FastEthernet0/1/5
!
interface FastEthernet0/1/6
!
interface FastEthernet0/1/7
!
interface FastEthernet0/1/8
!
interface Dot11Radio0/5/0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly
!
interface Vlan3
ip address 192.168.3.1 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
access-list 1 permit 192.168.0.0 0.0.255.255
!

Answer:

you should take this off:
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
as your f0/0 interface gets an IP address by DHCP it should also get a default gateway, verify this after deleting the default static route you entered with sh ip route static WS-C3750X-48T-S Price command.

For more info, please refer to http://lilirouter.tblog.com/

2013年8月15日星期四

c3560 switch is not allowing telnet or SSH

Question:

I have configured new WS-C3750X-12S-S DS3 link as below.Also GRE tunnel build on it.EIGRP running between tunnel interfaces.
EIGRP is flapping every minute , i dont found any packet drop between 2 routers WAN interfaces, but ping stcuks for some time.
During this time EIGRP flaps.ISP dont found any issue in network.

int s4/0
ip add x.x.x.x
encapsulation ppp
dsu bandwidth 44210
scramble
crc 32
serial restart-delay 0

interface Tunnel155
bandwidth 25000
ip address A.B.C.D
no ip redirects
no ip proxy-arp
ip tcp adjust-mss 1432
load-interval 30
delay 100
qos pre-classify
keepalive 10 3
tunnel source Serial4/0
tunnel destination YY.Y.Y.

Answer:

Did you check the IP MTU on both sides of the tunnel? You might want to reduce the MTU size according to how much your physical link supports. WS-C3750X-24S-S Price For more info, http://www.pereza.info/es/blog/2811-router-needs-be-reloaded-every-week

2013年8月14日星期三

E1 Modules for Cisco1921

Question:

I was searching for C2951-VSEC an E1 card on Cisco1921, however I couldn't find out an exact replacment for HWIC-4T1/E1.

The modules which I came across are, VWIC2-1MFT-T1/E1 and VWIC2-1MFT-G703

Can anyone please let me know the differences between these two cards VWIC cards ?

Which one should I purchase?

Answer:

Actually, 1921 supports HWIC-4T1/E1.

http://www.cisco.com/en/US/prod/collateral/routers/ps10538/aag_c07_563807.pdf

The WIC G703 supports unframed E1, that is usually not necessary.

For futher information, please refer to http://www.3anetwork.com/cisco-c2921-vsec/k9-price_p251.html

Ripv1

Question:

Hi I have two router WS-C3560X-48PF-S R1 and R2. My R1 network address are

R1 R2

Fa0/0 Fa0/0

172.16.100.0/24 172.16.200.0/24

S0/0 S0/0

172.16.10.1/24 172.16.10.2/24

I'm using Ripv1 as my routing protocol. What will be in my R2's routing table. Please explain.

Answer:

if we answered your question then would you mind marking the thread as solved and give ratings to whom you considered WS-C3750X-24T-L Price gave you the informations you needed.

2013年8月11日星期日

BGP conditional advertisement + object tracking

Question:

Hope someone can help,WS-C3560X-48T-S we have multihomed environment advertising 4 prefixes to both ISPs and running an iBGP between two routers. Both ISPs send us default routes. Attached diagram to understand how we are connected.

Issue: traffic for prefix x.x.x.x/24 is taking a path from AS-2 which is what i dont want, reason being bandwidth is highly utilized. We have higher bandwidth for AS-1.

I have been trying to get a solution setup in much unconventional way to influence inbound path by not advertising 2 prefixes to AS-2. The issue we have is we are a private AS and cannot influence inbound traffic taken from dual-homed ISPs, part of the problem is AS-2 is now using AS-1 as a transit provider.

what i would like to do is for AS-2 link only advertise prefixes a.a.a.a/24 and b.b.b.b/24 whilst eBGP peer/interface is up for AS-1, if the link with AS-1 is down advertise a/b/x and y prefixes to AS2. This way i can control traffic destined to x/24 prefix will not take path through AS-1. I have been trying object tracking using ip sla's, prefix advertisements etc, is there a neater solution then what i have been trying.

Answer:

There is one useful link

http://openweb.or.kr/wp-content/uploads/2012/03/BGP-MHing-HOWTO-whitepaper.pdf

But if local communities not helping you should contact to your ISP.

If you can aggreagate these subnets x.x.x.x/24 and y.y.y.y/24 into subnet with mask 23. It's better to advertise a summary from secondary router and more specific from primary.WS-C3560V2-24TS-S Price

2013年8月8日星期四

. Error message:FW[Mod 05]: Error!!! Temperature sensor number 4

Question:

I can't find anything WS-C3750X-48P-L in the cisco.com about this error message:

01:22:58.286 FW[Mod 05]: Error!!! Temperature sensor number 4

01:22:58.286 FW[Mod 05]: Error!!! Temperature sensor number 5

Someone knows this error message?

Answer:

Sup 5 can't get data from its temperature sensors and complains of that. Open Service Request - Supervisor may need replacement.

For more info, please refer to http://www.3anetwork.com/cisco-ws-c3750x-48pf-l-price_p121.html

2013年8月7日星期三

How to advertise 2 vlans connected to a port of SM-D-ES3-48-P in 3945 for routing to the next 3945

Question:

I'v got 2 3945 WS-C3560X-48T-S routers with SM-D-ES3-48-P and sm-2ge-sfp-cu. They are connected by gi2/1 and gi1/0. OSPF is up.

A link (2 vlans) connected to one fe port of SM-D-ES3-48-P. What do i need to do to see them (vlans) from both sites(3945s).

Thank you in advance

Answer:

If they established adjacency just add these subnets under ospf process:

router ospf 1

network 192.168.0.0 0.0.0.255

network 192.168.1.0 0.0.0.255

And to verify

sh ip ospf neighbor

sh ip route

On routers

For more WS-C3560V2-24TS-S Price news about Price ans Specification, you can click here.http://www.3anetwork.com/cisco-ws-c3560v2-24ts-s-price_p48.html

2013年8月6日星期二

Clear the AUX line, reverse telnet session starts again

Question:

I have a rollover WS-C3750X-48P-L cable between two 3925 routers (AUX->Console) whilst I am remotely configuring a device.

I have setup reverse telnet to get access to the device needing configuration and when I try and reconnect through the Aux port again, I get an error:

Trying 192.168.1.1, 2001 ...

% Connection refused by remote host

The first time it connected without issues. If I check with who and sh line I find that the session is still idle.

I've tried to clear it with clear line aux 0, and clear line 1 which I confirm it clears it, but all that happens is the idle timer starts from 0 again.I've changed the exec-timeout to 1 minute, and after a minute the counter starts again.

Also I tried to remove the transport input telnet to break the session but its still not disconnecting.

Line User Host(s) Idle Location

1 aux 0 idle 00:00:11

*578 vty 0 jason idle 00:00:00 10.1.1.1

line aux 0

exec-timeout 1 0

transport output all

transport input telnet

stopbits 1

Currently running: c3900e-universalk9-mz.SPA.151-2.T4.bin

Anyone have any ideas?

Answer:

Can you actually configure your AUX 0 with no exec command? In this case, you do not want to run shell on this aux port whenever a newline comes from the attached device. WS-C3750X-48PF-L Price

For more Cisco WS-C3750X-48P-L Price news about Price ans Specification, you can click here http://www.3anetwork.com/cisco-ws-c3750x-48p-l-price_p118.html

2013年8月5日星期一

Port forwarding HTTP Error 504

Question:

I've a little problem WS-C3560X-48T-S with my 890SFP Router, which is configured behind a Virtual DMZ.

The 192.168.178.0/24 network is the DMZ and the 192.168.0.0/24 is my network with all my devices.

The router has NAT and the inside interface is 192.168.0.1, the outside interface ist 192.168.178.253 (the other Router in the DMZ has .254).

I added (with Cisco Configuration Professional) a static NAT Rule with Original address 192.168.0.201:80 (my Webserver which needs to be accessable from outside) and translated address 192.168.178.253:8080.

When I open a Websession from outside and call the address http://my.real.outside.ip:8080 I get the HTTP Error 504.

Where can be the problem?

Answer:

can you do this:

enable

config t

ip inspect log drop-pkt

logging con 6

ip access-list extended autosec_firewall_acl

5 permit tcp any host 192.168.178.253 eq 8080 WS-C3560V2-24TS-S Price

For more WS-C3560X-48T-S news about Price ans Specification, you can click here.

http://www.3anetwork.com/cisco-ws-c3560x-48t-s-price_p47.html

Show etherchannel summary equivalent for 10008?

Question:

Does anyone happen WS-C3750X-48P-L to know if theres an equivalent command of show etherchannel summary for a 10008 router running 12.2(33)SB9 ?

Answer:

You can try

Show lacp internal WS-C3750X-48PF-L Price

http://www.cisco.com/en/US/docs/ios/12_2sb/feature/guide/sbcelacp.html

For more Cisco Switch news about Price ans Specification, you can click here.

http://www.3anetwork.com/cisco-ws-c3750x-48pf-l-price_p121.html

2013年8月2日星期五

Interface Issues Netgear Smartswitch to Cisco 881 LAN port

Question:

Hi we have 100 Cisco WS-C3560X-48P-L 881 routers in our network and they all work fine to Linksys, 3Com, etc switches. The problem we have encountered is interfacing to Netgear switches. Netgear switches use autosensing on their ports and it does not seem to be compatible with MDIX autosensing on the Cisco 881 4 port LAN hub that is standard on the 881 router. Has anyone encountered this issue before? Would a cross over cable resolve the problem? Since both run autosensing MDIX they never synch - so likely a cross over would not do much. I see this with all types of Netgear smartswitches. If you put a small switch between the Netgear switch and the 881 Cisco router everything works fine except for getting port 9000 traffic through. Any ideas would be appreciated.

Answer:

There should be no problem using crossover cable.You could try disabling autoMDI/MDIX( no mdix auto) on the cisco device and keep a straight through cable but if it fails use a crossover cable. WS-C3560X-48P-S Price

2013年8月1日星期四

Any Cisco Devices to terminate bonded copper pairs?

Question:

I am trying to find out WS-C3560V2-24PS-S of Cisco has a device similar to the Actelis ML600 that can terminate bonded copper pairs and provide an Ethernet handoff. We could certainly use the Actelis but we like to keep the network as Cisco-centric as possible.

Answer:

Yes, the G.SHDSL EHWIC, do supports ethernet First Mile, bonding and all the desirable features.

Also the HWIC version that for practical purposes do the same things.

For more Cisco WS-C3560V2-48PS-S Price news about Price ans Specification, you can click here. http://www.3anetwork.com/cisco-ws-c3560v2-48ps-s-price_p55.html

2013年7月30日星期二

Nexus 7000 MPLS Feature-set - LDP missing

Question:

I installed Cisco 3560X Price mpls feature set in N7K.

I was able to enable feature l3vpn.

Then, I tried enabling feature ldp.

It gave me an error of:

# feature mpls ldp

TRANSPORT_SERVICES_PKG license not installed. ldp feature will be shut down after grace period of approximately 120 day(s).

I dont see any TRANSPORT_SERVICES_PKG in the NX-OS licensing guide.

Howerver, there is LAN_TRANSPORT_SERTICE_PKG. But I believe this is not for LDP.

what other licenses are needed here?

Answer:

That seems a cosmetic bug.

Look at this bug

CSCtr95031

Enabling MPLS gives warning regarding transport license

Symptom:

Getting the following message when enabling LDP:

TRANSPORT_SERVICES_PKG license not installed. ldp feature will be shut down after grace period of approximately x day(s).

Cosmetic issue. Only the MPLS license is required for LDP.

For more Cisco Switch news about Price ans Specification, you can click here.

IP SLA ping track with "negative trigger"?

Question:

As far as i understood Cisco 3560V2 Price the IP SLA can ping an interface of a specific router automatically. Then the track in a route-map, e.g. "set ip next-hop verify-availability 3.3.3.3 track 10" take care and if the IP SLA says "status up", then "next-hop" is executed.

If this is correct, me need a negativ version of that. E.g. if the IP SLA says "status down" then the track trigger the "next-hop". If "status up", then no "next-hop" should be triggered and the next match in the route-map should be processed.

Answer:

Yes it is possible using the boolean list feature of the track object.

http://www.ocsic.co.uk/enhanced-object-tracking-with-tracked-list-and-boolean-expression/

For more Cisco Switch news about Price ans Specification, you can click here.

2013年7月28日星期日

Address-family?

Question:

Here I am agian.Cisco 3560V2 Price Please look at the following commands:

address-family ipv4 vrf B

network 10.0.0.1 0.0.0.0

network 192.168.1.0 0.0.0.255

no auto-summary

autonomous-system 220

exit address-family

What exactly does address-family mean? Can anyone put it in context so I can understand it? And what is the autonomous-system 220 doing there? You may not believe how much seemingly trivia issues such as these can be great sources of impediments to a learner trying to muscle in on the act.

Answer:

in the configuration example that you have reported the address-family portion refers to running EIGRP for vrf A.

The autonomous system command makes the router to send EIGRP packets with EIGRP AS= 220 on the interfaces associated to vrf A, and to accept packets for EIGRP with AS=220 on the same interfaces of vrf A. In this way the router can talk with a CE router that is running EIGRP with AS=220.

The EIGRP AS number must match to form a valid EIGRP adjacency, the autonoumous system command allows to Cisco 3560 use a different AS to/from each VRF according to needs.

2013年7月24日星期三

Production VLAN on MST instance 0

Question:

What will be the Cisco 3560 Price implication of using a VLAN on MST instance 0.

I understand it’s a bad practise to use MST instance 0 for a production VLAN but I cannot rationalise and could not find an answer behind and the reasons behind this. Can someone shade some light on this topic please ??

Answer:

I wouldn't say that using instance 0 for production VLAN is generally a bad practice.

There are issues when you have different MST regions or boundaries to STP bridges which are under different administrative control, Instance 0 is always involved in such cases. In MSTP, BPDUs are only transmitted in instance 0, the relevant information of the other instances are contained in supplements called M-records.

An example:

You have a boundary to a RSTP bridge in VLAN 200 which is mapped to instance 2. A topology change comming form that brigde will be forwarded inside your region in instance 2 (M-record) and in instance 0 ("Main-BPDU"). Thus, you'll see CAM-table flushing in VLANs mapped to instance 2 (like expected) but also in VLANs mapped to instance 0 - and this is in most cases not desired.

There's a very recommandable blog in ine.com:

http://blog.ine.com/2010/02/22/understanding-mstp/ Cisco Catalyst 3560 http://www.discountswitch.com/wp-admin/edit.php

NAT'd Subnet and Public Subnet on Same vLAN

Question:

I hope this finds you WS-C3560V2-48PS-S well. A quick message to pick your brains if I may with a current issue I have on my Cisco 2921 router.

In short, we have two physical interfaces - one internal (0/2), one external (0/0). The internal interface has several sub-interfaces of which one has a Public Subnet applied to it (0/2.100), and another sub-interface has a NAT'd Subnet applied to it (0/2.101).

The traffic from the NAT'd subnet (0/2.101) appears online as the Public IP Address on the first physical inteface (0/0), as expected, when you lookup your Public IP Address online. We need to move this NAT'd Subnet to appear as one of the Public IP Addresses from within the other sub-interface (0/2.100).

My question is, how would I achieve this. This is the current configuration including the two physical interfaces, and the two sub-interfaces:

interface GigabitEthernet0/0

ip address 31.210.XX.XX 255.255.255.248

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

interface GigabitEthernet0/2

no ip address

duplex auto

speed auto

interface GigabitEthernet0/2.100

encapsulation dot1Q 100

ip address 31.210.XX.XXX 255.255.255.240

interface GigabitEthernet0/2.101

encapsulation dot1Q 101

ip address 192.168.1.254 255.255.255.0

ip nat inside

ip virtual-reassembly in

To summarise, we would like the NAT'd sub-interface (0/2.101) to use one of the IP Addresses in the other sub-interface (0/2.100) as it's Public address. I hope that makes sense, thanks in advance for your help and of course ask any further questions you may have!

All the best,

Matthew

Answer:

you will have to create a nat pool to get the desired result.

sample configuration. WS-C3560V2-48PS-S Price

ip nat pool Net31 31.210.x.x 31.210.x.x netmask 255.255.255.240

ip nat inside source list 1 pool Net31 overload

access-list 1 permit 192.168.1.0 0.0.0.255

2013年7月22日星期一

Production VLAN on MST instance 0

Question:

What will be the Cisco 2951 implication of using a VLAN on MST instance 0.

Answer:

I wouldn't say that using instance 0 for production VLAN is generally a bad practice.

An example:

There's a very recommandable blog Cisco 2951 router in ine.com:

http://blog.ine.com/2010/02/22/understanding-mstp/

2013年7月21日星期日

OSPF Network Mask?

Question:

I am configuring WS-C3560X-48T-S Price OSPF on our MPLS routers in order to advertise our internal networks out to BGP (via the redistribute command). I am a bit confused on the proper syntax of the OSPF network command for our situation. The normal setup is that the MPLS router has a link to the core router for that site via a /24 network. That network is part of a /21 range for the entire site, so the networks would look something like this:

MPLS link to core: 192.168.1.0/24

Core networks: 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24, etc.

Would the best option for OSPF network statements be:

MPLS router: network 192.168.1.0 0.0.0.255

Core router: network 192.168.1.0 0.0.7.255

MPLS router: network 192.168.1.0 0.0.7.255

Core router: network 192.168.1.0 0.0.7.255

MPLS router: network 192.168.1.0 0.0.0.255

Core router: network 192.168.1.0 0.0.0.255, network 192.168.2.0 0.0.0.255, network 192.168.3.0

Answer:

I would enable OSPF just in the interfaces that are going to speak this protocol, for example WS-C3560X-48T-S :

net 192.168.1.1 0.0.0.0 area 0

net 192.168.2.1 0.0.0.0 area 0

net 192.168.3.1 0.0.0.0 area 0

2013年7月18日星期四

Router 2911 with sm-es2-16p that does not do intervlan routing

Question:

i have problem with Cisco 2951 a router 2900 with a card switch 16 ports (sm-es2-16p) that does not doing the intervlan routing. i have attached 2 show tech one of the router and one of the card switch 16 ports (sm-es2-16p). I connected physically the switch card to a router interface and it seem to be working because i can do a ping from my pc ( in user vlan 26) to my gateway on the router (172.20.26.1) but i can not do ping to the others vlan like (172.10.26.1) or others. .. i want to know what is happening and if it there is a way to do the trunk conectivity between the switch card and the router internally without a phyisical connection.

Answer:

The (sm-es2-16p) has interface Gi0/1 connected through the backplane to the Router interface Gi1/0.

To get your routing working you should remove the physical cable and apply the below configuration to the router.

Hope it helps

conf t

default interface GigabitEthernet 1/0

default interface GigabitEthernet 0/2

interface GigabitEthernet 1/0

ip address 172.20.10.1 255.255.254.0

no shut

interface GigabitEthernet1/0.12

description IMPRESORAS

encapsulation dot1Q 12

ip address 172.20.12.1 255.255.254.0

interface GigabitEthernet1/0.14

description SERVIDORES

encapsulation dot1Q 14

ip address 172.20.14.1 255.255.254.0

interface GigabitEthernet1/0.16

description VOZ SOBRE IP

encapsulation dot1Q 16

ip address 172.20.16.1 255.255.254.0

interface GigabitEthernet1/0.18

description RADIOS IP

encapsulation dot1Q 18

ip address 172.20.18.1 255.255.254.0

interface GigabitEthernet1/0.20

description SEGURIDAD FISICA

encapsulation dot1Q 20

ip address 172.20.20.1 255.255.254.0

interface GigabitEthernet1/0.22

description WLAN DE VISITANTES

encapsulation dot1Q 22

ip address 172.20.22.1 255.255.254.0

interface GigabitEthernet1/0.24

description RESERVADA

encapsulation dot1Q 24

ip address 172.20.24.1 255.255.254.0

interface GigabitEthernet1/0.26

description Usuarios

encapsulation dot1Q 26

ip address 172.20.26.1 Cisco 2951 router 255.255.254.0

exit

end

2013年7月17日星期三

Question:

I have the following on Cisco Catalyst 3560 an 1841.

PPPoE on Fast0/0 works fine and picks up ISP address.

I have assigned on the /29 address to fast0/1.2 and and created a LAN on fast0/1.1 using the native VLAN.

I can ping the /29 address from the internet and also ping the internal address from the LAN.

I added a NAT statement (inside and outside to each sub interface).

I cannot connect from the 192.168.199.0/24 network out via NAT. Is this possible with subinterfaces?

vpdn enable

interface FastEthernet0/0

description PPPOE WAN

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

no ip mroute-cache

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 1

no cdp enable

interface FastEthernet0/1

no ip address

duplex auto

speed auto

interface FastEthernet0/1.1

encapsulation dot1Q 1 native

ip address 192.168.199.1 255.255.255.0

ip nat inside

ip virtual-reassembly

interface FastEthernet0/1.2

encapsulation dot1Q 2

ip address 81.143.105.77 255.255.255.248

ip nat outside

ip virtual-reassembly

interface Dialer1

ip address negotiated

no ip unreachables

ip mtu 1492

encapsulation ppp

ip tcp adjust-mss 1452

no ip mroute-cache

dialer pool 1

dialer-group 1

no cdp enable

ppp chap hostname ******

ppp chap password 0 *****

ip route 0.0.0.0 0.0.0.0 Dialer1 2

ip nat inside source list 10 interface FastEthernet0/1.2 overload

access-list 10 permit 192.168.199.0 0.0.0.255

dialer-list 1 protocol ip permit

Answer:

I have the following:

I think this is what you want to do? Anything from inside - Client_Inside will be translated to 2.2.2.1 when I try to ping R2 which has a loopback of 1.1.1.1.

So all packets that are generated from the inside will be translated with a source address of 2.2.2.1. I have added a route of 2.2.2.1 back to R1 where the loopback exists.

here are the configs:

CLIENT_INSDIE#show run

Building configuration...

Current configuration : 827 bytes

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname CLIENT_INSDIE

boot-start-marker

boot-end-marker

no aaa new-model

memory-size iomem 5

ip cef

no ip domain lookup

ip domain name lab.local

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

interface FastEthernet0/0

ip address dhcp

duplex auto

speed auto

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

ip forward-protocol nd

no ip http server

no ip http secure-server

control-plane

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

end

CLIENT_INSDIE#

CLIENT_INSDIE#show ip int brie

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 20.0.0.101 YES DHCP up up

FastEthernet0/1 unassigned YES unset administratively down down

=======================================================================

R1#show run

Building configuration...

*Mar 1 00:41:27.515: %SYS-5-CONFIG_I: Configured from console by console

Current configuration : 1323 bytes

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname R1

boot-start-marker

boot-end-marker

no aaa new-model

memory-size iomem 5

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 20.0.0.0 20.0.0.100

ip dhcp pool 1

network 20.0.0.0 255.255.255.0

default-router 20.0.0.1

no ip domain lookup

ip domain name lab.local

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

interface Loopback0

ip address 2.2.2.1 255.255.255.255

interface FastEthernet0/0

ip address 10.0.0.1 255.255.255.252

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

interface FastEthernet0/1

ip address 20.0.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 10.0.0.2

no ip http server

no ip http secure-server

ip nat pool test 2.2.2.1 2.2.2.1 netmask 255.255.255.252

ip nat inside source list 100 pool test overload

access-list 100 permit ip 20.0.0.0 0.0.0.255 any

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

end

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.2 to network 0.0.0.0

2.0.0.0/32 is subnetted, 1 subnets

C 2.2.2.1 is directly connected, Loopback0

20.0.0.0/24 is subnetted, 1 subnets

C 20.0.0.0 is directly connected, FastEthernet0/1

10.0.0.0/30 is subnetted, 1 subnets

C 10.0.0.0 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 [1/0] via 10.0.0.2

=======================================================================

R2#show run

Building configuration...

Current configuration : 934 bytes

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname R2

boot-start-marker

boot-end-marker

no aaa new-model

memory-size iomem 5

ip cef

no ip domain lookup

ip domain name lab.local

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

interface Loopback1

ip address 1.1.1.1 255.255.255.0

interface FastEthernet0/0

ip address 10.0.0.2 255.255.255.252

duplex auto

speed auto

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

ip forward-protocol nd

ip route 2.2.2.1 255.255.255.255 10.0.0.1

no ip http server

no ip http secure-server

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

end

Now I will ping 1.1.1.1 from client router:

CLIENT_INSDIE#ping 1.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 40/48/64 ms

=======================================================

R1#

*Mar 1 00:45:51.783: NAT*: s=20.0.0.101->2.2.2.1, d=1.1.1.1 [75]

*Mar 1 00:45:51.811: NAT*: s=1.1.1.1, d=2.2.2.1->20.0.0.101 [75]

*Mar 1 00:45:51.847: NAT*: s=20.0.0.101->2.2.2.1, d=1.1.1.1 [76]

*Mar 1 00:45:51.867: NAT*: s=1.1.1.1, d=2.2.2.1->20.0.0.101 [76]

*Mar 1 00:45:51.887: NAT*: s=20.0.0.101->2.2.2.1, d=1.1.1.1 [77]

*Mar 1 00:45:51.911: NAT*: s=1.1.1.1, d=2.2.2.1->20.0.0.101 [77]

*Mar 1 00:45:51.931: NAT*: s=20.0.0.101->2.2.2.1, d=1.1.1.1 [78]

*Mar 1 00:45:51.947: NAT*: s=1.1.1.1, d=2.2.2.1->20.0.0.101 [78]

*Mar 1 00:45:51.975: NAT*: s=20.0.0.101->2.2.2.1, d=1.1.1.1 [79]

*Mar 1 00:45:51.995: NAT*: s=1.1.1.1, d=2.2.2.1->20.0.0.101 [79]

R1#

*Mar 1 00:46:19.939: NAT: expiring 2.2.2.1 (20.0.0.101) icmp 14 (14)

R1#show ip nat translations

Pro Inside global Inside local Outside local Outside global

icmp 2.2.2.1:13 20.0.0.101:13 1.1.1.1:13 1.1.1.1:13

=======================================================

R2#

*Mar 1 00:45:24.731: IP: tableid=0, s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1 (Loopback1), routed via RIB

*Mar 1 00:45:24.735: IP: s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4

*Mar 1 00:45:24.735: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), routed via FIB

*Mar 1 00:45:24.735: IP: s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), len 100, sending

*Mar 1 00:45:24.799: IP: tableid=0, s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1 (Loopback1), routed via RIB

*Mar 1 00:45:24.799: IP: s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4

*Mar 1 00:45:24.799: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), routed via FIB

*Mar 1 00:45:24.799: IP: s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), len 100, sending

*Mar 1 00:45:24.855: IP: tableid=0, s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1 (Loopback1), routed via RIB

*Mar 1 00:45:24.855: IP: s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4

*Mar 1 00:45:24.855: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), routed via FIB

*Mar 1 00:45:24.855: IP: s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), len 100, sending

*Mar 1 00:45:24.895: IP: tableid=0, s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1 (Loopback1), routed via RIB

*Mar 1 00:45:24.895: IP: s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4

*Mar 1 00:45:24.895: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), routed via FIB

*Mar 1 00:45:24.895: IP: s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), len 100, sending

*Mar 1 00:45:24.939: IP: tableid=0, s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1 (Loopback1), routed via RIB

*Mar 1 00:45:24.939: IP: s=2.2.2.1 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4

*Mar 1 00:45:24.939: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), routed via FIB

*Mar 1 00:45:24.939: IP: s=1.1.1.1 (local), d=2.2.2.1 (FastEthernet0/0), len 100, sending

So we are NATing the source to 2.2.2.1 which is not on the physical interface. You can also do this for sub interface.

Is this what you was trying Cisco 3560 Switch to do?

订阅：博文 (Atom)