Hi Aleksandra,
Im still having issues with my setup. The servers I have connected have VLAN tagging enabled
Previously I had my esxi server connected via two nics with ports configured on my Layer 3 switch prcswitch01 as follows
Port 1 Trunk VLAN 13-15
Port 2 Trunk VLAN 13,20
My NAS was configured on a single port on VLAN20
The ESXI server can only have a single gateway which is used by both interfaces
~ # esxcli network ip route ipv4 list
Network Netmask Gateway Interface Source
default 0.0.0.0 10.0.13.1 vmk0 MANUAL
10.0.13.0 255.255.255.0 0.0.0.0 vmk0 MANUAL
10.0.20.0 255.255.255.0 0.0.0.0 vmk1 MANUAL
Traffic was being passed from VLAN13 to VLAN20 to allow connectivity to the NAS on the ESXi server
This no longer seems to be happening on my Layer 2 switch.
I have configured the ports the same as previously setup on the Layer 3 switch.
When I have the esxi server connected I can reach the server on 10.0.13.11 but the server cannot ping the NAS on 10.0.20.196
Hope that makes sense, I’m confused about setting this new switch up. Should I configure it as Layer 3 and setup interfaces for the various VLANS. I was under the impression this would be done by my first switch.
Thanks
Paul

Similar Messages

Cisco SG300 - IGMP and multiple switches

Hi all,
I have read through various Cisco documents and tried various configurations and i have been unsuccessful
Here is the network layout
Cisco SG300-10 in Layer 3 mode, managing all VLANS created and inter-vlan traffic is working fine
Ports 1-4 are in LAG 1 with LACP enabled, Ports 5-8 are in LAG 2 again with LACP enabled, port 9 is connected to the ASA 5505 (Trunk port, all VLANS) and port 10, again a trunk port I use for management
LAG 1 and 2 are connected to Cisco SG300-52 switches
again traffic between the switches is working ok, what we would like to do is the following
on VLAN 7, we have multiple devices streaming using UDP multicast, what we would like to do is allow PC's on VLAN 5 to be able to pick up these streams as and when they need to, the devices broadcast on their own unique UDP ranges
Could someone please explain to me what I need to configure on the Layer 3 switch and the other two Layer 2 switches in order for this to work?
If i put a port into VLAN 7 and can view the stream without a problem, also if there is any fine tuning to be done once this is working
Thanks
Andy

Jason,
The only advantage you would get from using SFPs (fiber tranceivers) in the GBIC slots would be if you needed to make a run of over 100m between the switches. Unless you have a very large property with switches at either end you are just as well to use the copper ports in the setup you described. There is also nothing wrong with chaining the SG100s together if necessary to free up a port on the RV320. The only other thing to consider is if you are using VLANs. Each unmanaged SG100 will only pass a single VLAN so if you need segregated distribution coming from the RV320 you would need to put each SG100 on its own port. Or, you could run a trunk from a port on the RV320 to your SG200 and then split off your untagged VLANs from there. Hope this answers your question and have a nice day.
Regards,
Mike.V

LAG configuration issue on Cisco SG300 52 Switch

Hi everybody,
I am having an issue with LAG configuration on a Cisco SG300 52 switch. I have connected four Ge ports on the switch to the four NICs of a Dell R710 Server on which I installed Windows Server 2008 R2. Without LAG configured, these ports would forward traffic to and from the Dell server fine. However, if I configure LAG on the ports with LACP enabled, then they would not forward any network traffic. Debugging shows that the ports are up but their forwarding status show N/A. Am I missing any configuration? Can I configure LAG on edgeports? Or is there any compatibility issue?
Any help from you guys will be greatly appreciated.
Thank you.
Vishal

Hi Dave,
Thank you for your quick response and sorry to have looked at it late. Well, I already resolved the issue and like you pointed out, it was the configuration of the Dell NICs. I had to configure NIC teaming and there was a bug with the Broadcom NIC management software. I had to download this piece of software again and I was then able to configure NIC teaming on it. I initially thought that it was already configured because we got the Dell server "pre-installed with pretty much everything".
Anyway thank you for your assistance. Oh I have a question though if you don't mind clearing my doubt. We have bought 7 of these SG300 Switches and I would like to use all of them
in a hierarchical design as core, distribution and access layer switches because I believe this switch has got all the qualities to be used at all the three layers. We have about 100 users in our company at the moment but expecting growth of about 10-20 employees per year. Would you think a hierarchical network design for a 100 users is a bit of an overkill? Would you think these SG300 switches can handle network traffic at the distribution and core layers? I worked out the average daily traffic is only about 4 Mbps.
Thank you for your valuable guidance.
Kind regards,
Vishal
Date: Mon, 12 Sep 2011 08:09:40 -0600
From: [email protected]
To: [email protected]
Subject: - Re: LAG configuration issue on Cisco SG300 52 Switch
Cisco Support Community
Re: LAG configuration issue on Cisco SG300 52 Switch created by David Hornstein in Small Business Switches - View the full discussion
Hi Chundunsing,
Thank you for the purchase of my switch.
Chundunsing, I love the way you worded your question ; "I am having an issue with LAG configuration on a Cisco SG300 52 switch." ,but seriously you are having a problem with interfacing the dell with my switch.
You have LAG working to the Dell R710 teamed NICs and god knows what NICs or drivers you are using to acheive this.
Now LAG is providing , load balancing between the LAG ports.
Now LAG is providing , link redundancy for connectibity to the Dell R710.
If there is a configuration issue , it sure seems the way you have it configured without LACP is still working. But you have the option when you create a LAP group to enable LACP. You can see this as a tick box in the LAG group.
But might i also install, recently firmware version 1.1.1.8, just came out.
Please be sure to;
Step 1. update the firmware on the switch and
Step 2. select it as the 'active image.'
Step 3 rebbot the switch to utilize this active image.
If you are having any trouble doing this the admin guide references how to achieve this. for your concenience I have atteched the guide to this posting.
regards Dave
Reply to this message by going to Cisco Support Community
Start a new discussion in Small Business Switches at Cisco Support Community

Need SNMP OID for MSTP status in Cisco SG300-28MP 28-port Gigabit Max-PoE Managed Switch

Hi,
I have configured redundant network using two Cisco SG300-28MP 28-port Gigabit Max-PoE Managed Switch through MSTP & it's working fine.
I need OID of MSTP status from which I can monitor which Switch is active and which one is in standby mode.
Please help.
Thanks,
Harsha

Hi Harsha,
check these OID's:
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=1.3.6.1.4.1.9.9.500.1.2.1.1.6&translate=Translate&submitValue=SUBMIT
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=cRFStatusUnitState&translate=Translate&submitValue=SUBMIT&submitClicked=true
Thanks-
Afroz
**Ratings Encourages Contributors ***

Need SNMP OID of MSTP status for Cisco SG300-28MP 28-port Gigabit Max-PoE Managed Switch

Hi,
I have configured redundant network using two Cisco SG300-28MP 28-port Gigabit Max-PoE Managed Switch through MSTP & it's working fine.
I need OID of MSTP status from which I can monitor which Switch is active and which one is in standby mode.
Please help.
Thanks,
Harsha

Hi Harsha,
check these OID's:
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=1.3.6.1.4.1.9.9.500.1.2.1.1.6&translate=Translate&submitValue=SUBMIT
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=cRFStatusUnitState&translate=Translate&submitValue=SUBMIT&submitClicked=true
Thanks-
Afroz
**Ratings Encourages Contributors ***

Error on a Switch Cisco SG300-52 PoE

Hi,
I get an error on a Switch Cisco SG300-52 PoE
error: %Box-F-INVALID-PARAM-SETTING: Function BOXG_poe_i2c_read_mem_byte: invalid param recv_byte_PTR value = 0 ***** FATAL ERROR ***** Reporting Task: HCPT. Sof tware Version: 1.3.7.18 (date 12-Jan-2014 time 18:02:59) 0x16adc8 0x166f34 0x6df974 0x48fd60 0x490670 0x490890 0x9af988 0x9be7d8 0x98a710 0x98ab8c 0x98ad60 0x98e6f4 0x990128 0x982ddc 0x994cf0 0x962c24 0x965604 0x94a960 0x94b688 0x1223fc ***** END OF FATAL ERROR *****
What does this error mean?
Thanks for help!
Martin

Hi,
I get an error on a Switch Cisco SG300-52 PoE
error: %Box-F-INVALID-PARAM-SETTING: Function BOXG_poe_i2c_read_mem_byte: invalid param recv_byte_PTR value = 0 ***** FATAL ERROR ***** Reporting Task: HCPT. Sof tware Version: 1.3.7.18 (date 12-Jan-2014 time 18:02:59) 0x16adc8 0x166f34 0x6df974 0x48fd60 0x490670 0x490890 0x9af988 0x9be7d8 0x98a710 0x98ab8c 0x98ad60 0x98e6f4 0x990128 0x982ddc 0x994cf0 0x962c24 0x965604 0x94a960 0x94b688 0x1223fc ***** END OF FATAL ERROR *****
What does this error mean?
Thanks for help!
Martin

Cisco tool for building router/switch configurations

Is there a tool on Cisco website that lets you build your own configurations of Cisco routers etc prior to you purchasing them? i.e. Giving you a complete list of part IDs ?

Hi
Your question is not clear , if you asked about a tool which can help you to do a configuration for your purchase order for routers , switches , any solution for Cisco . You can configure your chassis , cards , SFPs, Power , and so on. Please use the below link:-
https://cisco-apps.cisco.com/cisco/psn/commerce
Thank you
please rate all useful infomration

Cisco 4506 network switch

i need details of cisco 4506 network switch with supervisor module

Hi,
You can visit
http://cisco.com/en/US/products/hw/switches/ps4324/prod_brochure_list.html
a Good link on 4500 supervisor engines.
Regards
Dinesh
http://Knowurtech.com
(Good technical articles. Submit your articles and get featured on our website. Send email to [email protected] To know the benefits http://www.knowurtech.com/be_an_expert.html)
Hi,
You can visit
http://cisco.com/en/US/products/hw/switches/ps4324/prod_brochure_list.html
a Good link on 4500 supervisor engines.
Regards
Dinesh
http://Knowurtech.com
(Good technical articles. Submit your articles and get featured on our website. Send email to [email protected] To know the benefits http://www.knowurtech.com/be_an_expert.html)

Cisco SGE2010P 48-port Gigabit Switch - Setup & Configure via Web UI?

Hello,
I'm looking to purchase a Cisco SGE2010P 48-port Gigabit Switch (POE) for a 100% Macintosh environment. Because of this, none of the machines will be able to access the switch (including initial, out of the box setup) via the console port. So, I'm wondering if anyone can confirm if this switch is configurable, out of the box, via the Web UI (which would allow a Macintosh system to set it up no problem via a web browser)? I have asked all my suppliers and talked to a Cisco Product Specialist via web chat and also tried via phone, and no one can confirm if this is possible for sure.
The reason I ask is that I was also looking at a Nortel switch and even thought it had a Web UI for management, out of the box it had to be initially set up (ie. configuring the devices IP) via the console port first, and once that was done, only then could you access the Web UI.
I'm hoping this isn't the case with the Cisco switch and that it in fact is out of the box with a default IP so it can be accessed via the Web UI (without the need to go in via the console port).
Could anyone answer this question for me!?
If it helps, this is the website for the switch I'm considering...
http://www.cisco.com/en/US/products/ps9985/index.html
Regards,
Kristin.

SGE2000 and SGE2000P must have a DHCP server to get an IP-address. You “just” have to figure out the address they have been given.SGE2010 and SGE2010P has a default IP (192.168.1.254 – 255.255.255.0)All 4 devises has a web interface. I don’t see why it shut not work with a Mac browser. The primarily reason for buying SGE switches is their ability to stack. But 24 ports (SGE2000/P) and 48 ports (SGE2010/P) switches are not able to stack with each other. They have had several years to fix the problem so it is not likely it will ever bee fixit. If you stick to eater 24 ports ore 48 ports it will work.

GVRP not working on Cisco SG300-28

I have three Cisco SG300-28 switches. I setup a test lab environment with a core (server) switch in Layer 3 mode and the rest are (clients) in Layer 2 mode. As I understand, these switches doesn't support VTP, only GVRP. And GVRP works the same with VTP. Whenever you create VLANs on the core or main switch, other switches will learn from the core switch and no VLAN creation for the client switches will be made. (Hope I got it right. I guess GVRP is more complicated than VTP).
GOAL: Obviously, I want to use GVRP to create VLANs on the main switch so that I won't be doing it all over on the other switches.
The following is my (so far) configuration through CLI only:
I haven't use the web GUI. My SW version is 1.1.2.0.
1. I already enabled the GVRP globally.
2. I configured GE 12 & GE 24 as TRUNK ports for the core switch that connects both switches, I also configured GE 12 ports for both the client switches. All other ports are in ACCESS mode. (I am connected to GE 2 port)
3. I enabled GVRP on the TRUNK ports only for all switches.
4. I allowed all vlans on the TRUNK ports. (#switchport trunk allowed vlan add all)
5. All TRUNK ports registration mode is NORMAL and dynamic vlan creation is enabled on all trunk and access ports.
6. I created 3 VLANs without configuring its IP Addresses:
     vlan 2 = MGT
     vlan 3 = IT
     vlan 4 = MKTG
I don't know if I missed something on the configuration or the connection. I was expecting the vlans I created will be learned from other switches. Hope somebody can help me out. Thanks a lot.
QUESTIONS:
1. Is it necessary to enable all switches to layer 3 mode? Or depends on the network setup? Does this affect the GVRP?
2. Does switching ports to TRUNK mode means they are already 802.1q ports by default? Because I can't configure TRUNK ports to 802.1q (#switchport encapsulation dot1q) config like other switches.
SAMPLE CONFIGURATION:
*** START CONFIG***
vlan database
vlan 2-4
exit
interface range gi12,gi24
gvrp enable
exit
gvrp enable
interface vlan 1
ip address 172.10.10.10 255.255.255.0
exit
interface vlan 1
no ip address dhcp
exit
no bonjour enable
bonjour interface range vlan 1
hostname SW1
line telnet
exec-timeout 0
exit
line telnet
password 1e3855b6b22c5775cd12207ced02a082b073e4a8 encrypted
exit
line console
password 1e3855b6b22c5775cd12207ced02a082b073e4a8 encrypted
exit
enable password level 15 encrypted 1e3855b6b22c5775cd12207ced02a082b073e4a8
no snmp-server server
clock source sntp
no ip domain lookup
ip telnet server
banner login ^C
SWITCH 1: PLEASE DO NOT LOG IN
^C
interface gigabitethernet1
switchport mode access
exit
interface gigabitethernet2
switchport mode access
exit
interface gigabitethernet11
switchport mode access
exit
interface gigabitethernet12
switchport trunk allowed vlan add 2-4
exit
interface gigabitethernet13
switchport mode access
exit
interface gigabitethernet14
switchport mode access
exit
interface vlan 2
name MGT
exit
interface vlan 3
name IT
exit
interface vlan 4
name MKTG
exit
*** END CONFIG ***

trust me i am also heaving the same issue with my 3 Cisco SF300-24 ports ad i need the same what you was looking forward for...
can you please check my question and comment what i am missing :(
Aside to this i will try creating Vlans on my client switch without assigning the ip address as it's already assign and created on core switch.
Thanks,
Sandy

Cisco SG300 VLAN rate-limit

I have a Cisco SG300 small business switch and 541 APs. There are 2 VLANs in our network. One must be limited by bandwidth. Does anyone have an idea for configure vlan rate-limiting on SG300? And please describe CIR & CBS for me. Thanks.

http://www.cisco.com/en/US/partner/products/ps10898/prod_command_reference_list.html
Cisco Small Business 300 Series Managed Switches Command Line Interface Guide Release 1.3
Select CIR and CBS according to your design. You can use a larger CBS when performance is not ideal.
49.23 rate-limit (VLAN)
Use the Layer 2 rate-limit (VLAN) Global Configuration mode command to limit the
incoming traffic rate for a VLAN. Use the no form of this command to disable the
rate limit.
Syntax
rate-limit vlan-id committed-rate committed-burst
no rate-limit vlan
Parameters
• vlan-id—Specifies the VLAN ID.
• committed-rate—Specifies the average traffic rate (CIR) in kbits per second
(kbps). (Range: 3-57982058)
• committed-burst—Specifies the maximum burst size (CBS) in bytes.
(Range: 3000-19173960)
Default Configuration
Rate limiting is disabled.
Committed-burst-bytes is 128K.
Command Mode
Global Configuration mode
User Guidelines
Traffic policing in a policy map takes precedence over VLAN rate limiting. If a
packet is subject to traffic policing in a policy map and is associated with a VLAN
that is rate limited, the packet is counted only in the traffic policing of the policy
map.
This command does not work in Layer 3 mode. It does not work in conjunction with
IP Source Guard.
Example
The following example limits the rate on VLAN 11 to 150000 kbps or the normal
burst size to 9600 bytes.
switchxxxxxx(config)# rate-limit 11 150000 9600

Connectivity issues between Cisco 2901 and Cisco SG300-52

Hello,
I am having some serious connectivity issues between the hosts in my LAN.
My LAN is based on a Cisco 2901 router and a Cisco SG300-52 port switch.
The issue that has been happening is that connections between hosts on the LAN (remote desktop, extended ping, etc) is very unstable, at some point I can see a 35% lost packets on an extended ping. This happens at any time of the day and from any host.
All hosts are on the same Vlan(default Vlan) and on the same subnet. Some hosts have fixed IP addresses (servers and network equipment) and others obtain their IP address trough a DHCP reservation established on the router (reserved with the MAC address of every host).
I can provide further details if needed, because this issue is very serious and I would really appreciate any insight or support.
Many thanks in advanced.
Sair Amer
EDIT: After doing every test we could think of, we finally found the reason behind this problem.
It turns out that the switch has problems handling communications between clients at different speeds, because most of the hosts connected were working at 100 Mbps but the servers were working at 1000 Mbps (and the communication between host and servers wasn't stable).
After manually setting the speed on all ports to 100 Mbps the problems have stopped.
Many thanks for you help on this issue.

Building configuration...
Current configuration : 4123 bytes
! Last configuration change at 12:06:16 PCTime Sat Jul 19 2014 by ccp
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Foninsa
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 $1$BDbJ$HN3VP8nmywrGB55RCxPd30
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
clock timezone PCTime -4 0
clock summer-time PCTime date Apr 6 2003 2:00 Oct 12 2003 12:00
no ip cef
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.151 192.168.1.255
ip dhcp pool FONINSA
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4
ip dhcp pool Laptop-Sporta-Wifi
host 192.168.1.10 255.255.255.0
ip name-server 8.8.8.8
ip name-server 8.8.4.4
no ipv6 cef
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-213585710
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-213585710
revocation-check none
rsakeypair TP-self-signed-213585710
crypto pki certificate chain TP-self-signed-213585710
certificate self-signed 01
30820229 30820192
quit
license udi pid CISCO2901/K9 sn
license boot module c2900 technology-package securityk9
username ccp privilege 15 password
redundancy
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
ip address 190.196.21.98 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static tcp 192.168.1.3 21 190.196.21.98 21 extendable
ip nat inside source static tcp 192.168.1.3 80 190.196.21.98 80 extendable
ip nat inside source static udp 192.168.1.8 1194 190.196.21.98 1194 extendable
ip nat inside source static tcp 192.168.1.4 3389 190.196.21.98 3389 extendable
ip nat inside source static tcp 192.168.1.9 3389 190.196.21.98 10000 extendable
ip nat inside source static tcp 192.168.1.3 3389 190.196.21.98 20000 extendable
ip route 0.0.0.0 0.0.0.0 190.196.21.97
access-list 1 permit 192.168.1.0 0.0.0.255
control-plane
line con 0
password $
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 5
access-class 23 in
privilege level 15
password #
transport input telnet ssh
no scheduler allocate
end

Communication problem between Cisco 3560 and Cisco SG300.

Dear Support,
I have a Cisco SG300 and Cisco 3560 switches.
3560 is my Core Switch and SG300 is access switch.
From 3560 VLAN information is not passed to SG300.
3560 Configuration:
interface GigabitEthernet0/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,10,11
switchport mode trunk
SG300 Configuration:
interface gigabitethernet49
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 2,10-11 tagged
macro description switch
Please suggest how this issue is resolve.
Regards,
JItesh Mahajan.

Dear Aleksandra,
Below Configuration is right or wrong for 3560 and SG300.
3560 Configuration:
interface GigabitEthernet0/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan remove VLAN 1
switchport native vlan 1
switchport trunk allowed vlan 1,2,10,11
switchport mode trunk
SG300 Configuration:
interface gigabitethernet49
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 2,10-11 tagged
macro description switch
Regards,
JItesh Mahajan.

Cisco ASA 8.6 configuration issues

Hello all ,
                                             internet router-----------outside------------- ASA -------inside-------------cisco 3750 (----A----)
                                                                                                        |
                                                                                                        |
                                                                                                     DMZ
                                                                                                         |
                                                                                                         |
                                                                                                         Cisco 3750 (-----B---)
1- switch A -- wireless User + Cisco Wireless Ip phones
2- Switch B -- CUCM
Problem discriptiom :
--- from switch A i can not ping SwitchB (DMZ) so ip phones can not reached to CUCM
--- on switchA 4 VLANS are configured with Different SSIDs and internet is working fine .
--- on Switch A   i want 2 VLANs (vlan60 and vlan 80) to communicate with DMZ also (Not working )
## some relevent Config is as under :
SWITCH A CONFIG
===============
vlan internal allocation policy ascending
          interface FastEthernet0
           no ip address
           no ip route-cache cef
           no ip route-cache
           shutdown
          interface GigabitEthernet1/0/1
           switchport access vlan 60
           switchport mode access
           spanning-tree portfast
|
|
|
|
|
|
          interface GigabitEthernet1/0/23
           description **connected to ASA-Inside**
           switchport access vlan 100
           switchport mode access
interface Vlan10
           ip address X.X.100.5 255.255.255.0
          interface Vlan50
           ip address X.X.6.12 255.255.255.0
          interface Vlan60
           ip address X.X.8.251 255.255.255.0
          interface Vlan80
           ip address X.X.10.251 255.255.255.0
          interface Vlan100
           ip address X.X.20.1 255.255.255.0
          ip classless
          ip route 0.0.0.0 0.0.0.0 X.X.20.2
=========================================
ASA CONFIG
interface GigabitEthernet0/0
nameif inside
security-level 100
ip address X.X.20.2 255.255.255.0
|
|
interface GigabitEthernet0/2
nameif DMZ
security-level 50
ip address X.X.21.2 255.255.255.0
|
|
interface GigabitEthernet0/5
nameif outside
security-level 0
ip address 192.168.2.5 255.255.255.0
|
|
object network IN-OUT
subnet 0.0.0.0 0.0.0.0
object network W-PHONE
subnet X.X.10.0 255.255.255.0
object network BECA-WIRELESS-USER
subnet X.X.8.0 255.255.255.0
pager lines 24
|
|
nat (inside,outside) source dynamic IN-OUT interface
nat (inside,DMZ) source dynamic W-PHONE interface
nat (inside,DMZ) source dynamic BECA-WIRELESS-USER interface
route outside 0.0.0.0 0.0.0.0 192.168.2.1 1
route inside X.X.6.0 255.255.255.0 X.X.20.1 1
route inside X.X.7.0 255.255.255.0 X.X.20.1 1
route inside X.X.8.0 255.255.255.0 X.X.20.1 1
route inside X.X.10.0 255.255.255.0 X.X.20.1 1
timeout xlate 3:00:00
============================================
switch B
interface GigabitEthernet1/0/17
         switchport access vlan 50
         switchport mode access
         switchport voice vlan 20
         spanning-tree portfast
        interface GigabitEthernet1/0/18
         switchport access vlan 50
         switchport mode access
interface Vlan10
         ip address X.X.100.1 255.255.255.0
        interface Vlan20
         ip address X.X.7.1 255.255.255.0
         ip helper-address X.X.6.6
        interface Vlan50
         ip address X.X.6.30 255.255.255.0
         ip helper-address X.X.6.6
        interface Vlan60
         ip address X.X.8.252 255.255.255.0
        interface Vlan101
         ip address X.X.21.1 255.255.255.0
        ip forward-protocol nd
        ip http server
        ip http secure-server
        ip route 0.0.0.0 0.0.0.0 X.X.6.4
        ip route X.X.6.0 255.255.255.0 X.X.21.2
        ip route X.X.7.0 255.255.255.0 X.X.21.2

We would also need to see the ACL configuration of the ASA as this is what actually controls the flow of traffic, that is if routing is correct which it seems to be from your configuration.
What you can do is run a packet-tracer on the ASA to see if the packet is allowed through the ASA:
packet-tracer input inside tcp 12345 detail
This should give you an indication where or if there is a misconfiguration on the ASA.
Please post the output here if you require further assistance. Also a full ASA configuration (remove public IPs and passwords) would help to identify the issue.
Please remember to rate and select a correct answer

Ask The Expert: Understanding, Implementing, and Troubleshooting Cisco Prime Network

Ask questions and learn about Cisco Prime Network with Cisco experts Vignesh Rajendran Praveen and Jaminder Singh Bali.
Cisco Prime Network is and Cisco Prime Network provides cost-effective device operation, administration and network fault management for today’s complex and evolved programmable networks (EPNs). It is a single solution to support both the traditional physical network components, as well as compute infrastructure, and the virtual elements found in data centers. Automated configuration and change management combined with advanced troubleshooting and diagnostics greatly help service providers enable proactive service assurance. Additionally, the flexible and extensible architecture is designed to support the multivendor environment, helping to lower operational costs.
This event runs January 5 through January 16, 2015.
Vignesh Rajendran Praveen is a High Touch Engineer with the Focused Technical Services team supporting Cisco's major Service Provider customers in Routing, Switching, Multiprotocol Label Switching (MPLS) technologies and Cisco Prime Network related issues. Previously at Cisco he has worked as a Network Consulting Engineer for Enterprise Customers and as a Customer Support Engineer for Service Provider customers. He has been in the networking industry for ten years and holds CCIE certification (#34503) in the Routing and Switching as well as Service Provider tracks.
Jaminder Singh Bali is a Customer Support Engineer working in SP-NMS TAC team, supporting Cisco's major service provider customers in Cisco Prime Network, Performance and Prime Central related issues. His areas of expertise include Oracle, Linux and NMS applications. He has been in the industry for past six years.
Remember to use the rating system to let the experts know if you have received an adequate response.
The Experts might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation in Network Infrastructure community, sub-community, LAN, Switching and Routing discussion forum shortly after the event. This event lasts through January 16, 2015. Visit this forum often to view responses to your questions and the questions of other community members.

Hello Jerome,
A variety of Cisco devices are supported by the the Cisco Prime Network. I would encourage you to go through the below links on the user guide depending the version of Cisco Prime Network being used.
"Cisco Prime Network Supported Cisco Virtual Network Elements (VNEs)"
"Cisco Prime Network Supported Cisco VNEs - Addendum"
Below is the link for the user guide.
http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-network/products-user-guide-list.html
Hope this would help in providing you more clarity.
***********Plz do rate this post if you found it helpful*************************
Thanks & Regards,
Vignesh R P

Cisco SG300 Network Expansion (Configure 2 Switches)

Similar Messages

Maybe you are looking for