Cisco switch 6500 configuration to support the DCM

Similar Messages

• The minimum hardware configuration to support the Diameter credit control

  Hello.
  I'd like to know what the minimum hardware configuration is required to support the Diameter credit control application?

  Hello Mr.. Tarasenko,
  According to the information found the diameter credit control application does not specify how many or which type units are bought/used and which items are charged. This is left to the company’s needs.
  Diego Rodriguez
  Cisco network engineer
  Thank you

• Can I identify a Cisco switch if I only have the serial number?

  I have a list of serial numbers for Cisco switches. I now have to try and identify the Cisco part number for each serial number? Will this be possible?

  Perhaps there is some aspect of your question that is not clear to me yet. But I would say that while it is likely to be labor intensive and tedious that it should be possible to identify the Cisco part number if you start with a list of serial numbers. The syntax of what you would need to do may differ depending on which platform you are using but on each Cisco switch there should be a command that will identify the serial number of that switch and the part number. On many switches you would find that information with show inventory and on some with show version, and on some the syntax may be something different. So you would need to login to each switch, execute the appropriate command and find the part number and the serial number.
  The other option would be to perform visual inspection of each switch. Each switch should have a tag on it with the serial number so you could physically go to each switch and get its serial number and part number.
  HTH
  Rick

• Cisco Access Point Configuration to support 802.11b & 802.11g protocol

  How do i Configure access point to support both 802.11b & 802.11g clients on a Cisco 1121G series access point(AIR-AP1121G-A-K9)
  Regards
  Hitesh

  Hi Hitesh,
  Check out this excerpt from the 1121g AP Installation guide section on enabling the 802.11b and 802.11g radios.
  In Cisco IOS Release 12.3(4)JA and later, the access point radios are disabled by default, and there is no default SSID. You must create an SSID and enable the radios before the access point will allow wireless associations from other devices. These changes to the default configuration improve the security of newly installed access points. Refer to the "Configuring Basic Security Settings" section for instructions on configuring the SSID.
  In Cisco IOS Release 12.3(2)JA or earlier, the access point radio is enabled by default, and the default SSID is tsunami.
  To enable the radio interfaces, follow these instructions:
  Step 1 Use your web-browser to access your access point.
  Step 2 When the Summary Status page displays, click Network Interfaces > Radio0-802.11B or Radio0-802.11G and the radio status page displays.
  Step 3 Click Settings and the radio settings page displays
  Step 4 Click Enable in the Enable Radio field.
  Step 5 Click Apply.
  Here is a link to the actual document:
  http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_installation_guide_chapter09186a00804d2b73.html
  Hope this helps!
  Rob
  Please remember to rate helpful posts....

• Cisco switch 300 configure vlan and ports

  Hi i need help
  i cant see the vlan on port vlan membership
  i did create the vlan and i did configure the port the access
  but when i try to port vlan membership to tell which port to wich vlan i cant see the vlan i have created in the list
  thanks to help

  Hi,
  This forum is focusing on the issues related Windows Server.
  To get better help, please post your question on the forum of cisco.
  Here is the address,
  https://supportforums.cisco.com/
  Best Regards.
  Steven Lee
  TechNet Community Support

• Cisco SGE2010P 48-port Gigabit Switch - Setup & Configure via Web UI?

  Hello,
  I'm looking to purchase a Cisco SGE2010P 48-port Gigabit Switch (POE) for a 100% Macintosh environment. Because of this, none of the machines will be able to access the switch (including initial, out of the box setup) via the console port. So, I'm wondering if anyone can confirm if this switch is configurable, out of the box, via the Web UI (which would allow a Macintosh system to set it up no problem via a web browser)? I have asked all my suppliers and talked to a Cisco Product Specialist via web chat and also tried via phone, and no one can confirm if this is possible for sure.
  The reason I ask is that I was also looking at a Nortel switch and even thought it had a Web UI for management, out of the box it had to be initially set up (ie. configuring the devices IP) via the console port first, and once that was done, only then could you access the Web UI.
  I'm hoping this isn't the case with the Cisco switch and that it in fact is out of the box with a default IP so it can be accessed via the Web UI (without the need to go in via the console port).
  Could anyone answer this question for me!?
  If it helps, this is the website for the switch I'm considering...
  http://www.cisco.com/en/US/products/ps9985/index.html
  Regards,
  Kristin.

  SGE2000 and SGE2000P must have a DHCP server to get an IP-address. You “just” have to figure out the address they have been given.SGE2010 and SGE2010P has a default IP (192.168.1.254 – 255.255.255.0)All 4 devises has a web interface. I don’t see why it shut not work with a Mac browser. The primarily reason for buying SGE switches is their ability to stack. But 24 ports (SGE2000/P) and 48 ports (SGE2010/P) switches are not able to stack with each other. They have had several years to fix the problem so it is not likely it will ever bee fixit. If you stick to eater 24 ports ore 48 ports it will work.

• NPS Discarding RADIUS request from Cisco switch (802.1x)

  Last few weeks I've been busy to get the following to work:
  - Cisco 2960 switch as the suppliant
  - Another Cisco 2960 as the authenticator switch
  - The supplicant is only able to send MS-EAP MS-ChapV2 requests
  - The NPS server is Windows 2008 R2 (and also tested on 2012 R2)
  This is called "NEAT" by Cisco; which does seem to work with Cisco ISE (http://www.cisco.com/c/en/us/support/docs/lan-switching/8021x/116681-config-neat-cise-00.html)
  but I'd like to get it to work with Windows NPS.
  Within NPS I've setup the following Connection Request policy:
  - NAS Port Type: Ethernet
  I'm using the following Network Policy:
  - User Group: DOMAIN\Switches (the useraccount used by the switch is part of this group)
  - NAS Port Type: Ethernet
  - Autehntcation Type: EAP
  Now the request sent by the switch is discarded. The actual error is the following (excluded irrelevant information):
  User:
  Account Name: Rotterdam-Switch-8-1
  Account Domain: DOMAIN
  Authentication Details:
  Connection Request Policy Name: Secure Wired Connections
  Network Policy Name: Switches Allowed
  Authentication Provider: Windows
  Authentication Server: SERVER.DOMAIN.local
  Authentication Type: EAP
  EAP Type: -
  Account Session Identifier: -
  Reason Code: 1
  Reason: An internal error occurred. Check the system event log for additional information.
  Wireshark on the NPS server shows:
  1. The RADIUS Access-Request (1) being received by the NPS Server
  2. The NPS Server sending out a RADIUS Access-Challenge (11) to the authenticator switch
  3. Another RADIUS Access-Request (1) is beging received by the NPS Server
  Packet 2 has an t=EAP-Message(79) with type MS-EAP-Authentication [Palekar](26) and MS-CHAPv2-ID set to 2 and OpCode 1 (Challange)
  Packet 3 has an t=EAP-Message(79) with type MS-EAP-Authentication [Palekar](26) and MS-CHAPv2-ID set to 2 and OpCode 2 (Response)
  I've also tried the following:
  - I've also tested with an invalid username/password. The request is correctly denied
  - I've also tested by added ALL EAP Types as condition to the Network Policy. The request isn't pickup by this policy anymore.
  Any help would be greatly appriciated ofcourse.
  Kind regards,
  Peter

  It only took like.. uhm.. forever.. but there's an answer which is "OK ish..".
  Cisco 2960 switches support EAP-MSCHAP; but it seems that NPS only supports EAP-MSCHAP for VPN Connections and not for Wired/Wirelss authentication. Something to do with inner and outer methods and NPS requireing PEAP as an outer method for Wired/Wirelss
  authentication.
  End result is that both the Cisco switches and NPS do support EAP-MD5. Though it's definitly not as secure (at all), it's definitly a step in the right direction and it's something that we'll be implementing.
  Now it seems that NPS doesn't support EAP-MD5 (which is supposidly depricated), it's possible to re-enable it. Using the following articles.
  http://support.microsoft.com/kb/922574/en-us
  Microsft mentioned me that "Though this article says it applies to Windows Vista only, it does apply to Server 2008R2 as well. Also I would suggest you the following link:
  http://support.microsoft.com/kb/981190"
  Please note that you'll have to enable 'Store password using reversible encryption’  on the accounts that will be used for NEAT authentication.
  All though I would have hoped EAP-MSCHAPv2 would work, I feel I do need to clarify that I understand Microsoft's point of view on this as well. They feel EAP methods without PEAP are simply not safe; which is understandable, espcially for EAP-MD5 which
  could be sniffer using a hub/repeater/etc.
  Kind regards,
  Peter

• Cisco Switches Training

  Hi there,
  I work for a small business as an I.T network engineer. We have recently started to supply to Cisco SG500 switches to our client's network, not to different from another switch supplier.
  What I was looking to know if there are any specific training courses for Cisco switches or even more specifically the SG500 model. I have looked through the Cisco networking academy which doesn't really look to be applicable for the day to day functionality of the switch. Even if someone could point me in the right direction of the place to start looking - could be something on the CCNA program that could help or a third party training provider.
  Many thanks,
  Jonathan - PBL 

  Hi Jonathan,
  The CCNA is a great resource for learning a broad set of entry-level knowledge for networking.  This includes switching topics such as STP and VTP.  If you would like even more knowledge of switching technologies, the CCNP Switch exam goes more in-depth with Layer 2 technologies and is a great resource for learning how to manage a switch in a business environment.
  For information regarding the specific device, you can look through the following link:
  http://www.cisco.com/c/en/us/support/switches/sf500-24-24-port-10-100-stackable-managed-switch/model.html
  Ryan

• Passing Voice VLAN through a non-Cisco switch

  Hi All,
  Will a non-Cisco switch (no 802.1q support) that is putted beetween Cisco IP Telephone and Cisco Catalyst switch (which is configured with auxilary Voice Vlan) pass voice vlan frames and CDP?

  Any switch should pass on either ISL(which is cisco properitary and hence not supported on non-Cisco) or IEEE 802.1Q frames or else it cannot support voice vlan support . And non-Cisco switches do not support CDP as it is once again Cisco proprietary protocol.

• Management port in Cisco Switches (are they really physical port)

  Hi all,
  I have been taught to console into my cisco switch for configurations through console cable + putty (serial terminal).
  Then I have been taught to configure a management ip and gateway on the cisco switch.
  Switch# conf t
  Switch(config)# interface vlan 1
  Switch(config-if)# ip address 192.168.1.11 255.255.255.0
  Switch(config-if)# no shut
  Switch(config-if)# exit
  Switch(config)# ip default-gateway 192.168.1.1
  All the while, i thought this is the way to remote in to the switch via putty/telnet through the network to configure the switch, until i saw the picture below (cisco catalyst 2960)
  =======================================
  There is a physical port call ethernet management port.  What is it ?   What is the difference between this port and the earlier example of setting a management ip in VLAN 1 ?
  If i set an IP on this particular interface and I ssh in, will i see the same screen/display/console from the earlier example in which i set a management ip in VLAN1 and I ssh in ?
  Regards,
  Noob

  Hi Leo,
  Sorry if you find it hard to explain to me.
  I have understood to think of the ethernet management port as a separate entity from the original switch.
  Maybe with the help of the diagram below, can you let me know if i have understood correctly ?
  *please assume connected port is a management port separated from the normal switch ports
  q1) does the ethernet management port need to be connected to another switch ?
  I have thought of it as a device on the network and it is mentioned by you previously that it will be connected to a switch
  "he traffic goes up the cable connected to the Management port and up a switch.  Now that switch holds all the information because it is a switch.  "
  q2) In the current setup then, terminal B will be able to access the management port - am i right ?
  q3) you mentioned that the management port is not able to set any gateway, (which is the router fe0/5 - 192.168.0.3 in my illustration), in that case do you mean that terminal A will not be able to access the management port remotely and it can only be accessible locally ?
  Please do correct me if my understanding is wrong.
  Thank you so much for your advices.
  Regards,
  Noob

• Cisco nexus 6001 not a supported device on cisco prime infrastructure 2.1?

  I have installed Cisco Prime Infrastructure 2.2 and Prime Infrastructure still doesn't seem to support the Nexus 6001 platform? Can someone tell me if Cisco Prime Infrastructure will ever support the Cisco Nexus 6001 platform or is there any plans to support it in any future device packs? 

  The Nexus 6001 isn't currently supported in PI 2.1. There's no workaround except to wait for a device or product update that adds support. Right now I know the 9000 series is on the 2.2 roadmap but I haven't seen any reference to the 6001 and PI.
  Interestingly, Prime LMS does support both the 6001 and 6004. Reference.

• Switch port configuration for 3500i AP

  Hi,
  We are due to install a brand new enterprise WLAN based on the WiSM2 platform, 3502i AP and WCS. The APs will be plugged into the 2960S-24TPS-L.
  I have scanned over all documentation and cannot for the life of me find a recommended switch port configuration for connecting the AP to the switch in terms of speed / duplex etc. For example, should I just configure the port to auto detect, or is forcing the speed / duplex the way to go. I could also do with knowing other best practice configurations for AP connectivity.
  Any help would be greatly appreciated.
  Chris.

  The AP comes online with just auto detect, but I want to know if there are any benefits to forcing this to 1Gbps / Full duplex, or even if this is the right way to go. I suspect auto detect is the best method.

• Ask the Expert: Configuration and Troubleshooting the Cisco Application Control Engine (ACE) load balancer

  With Ajay Kumar and Telmo Pereira 
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about configuration and troubleshooting the Cisco Application Control Engine (ACE) load balancer with Cisco expert Ajay Kumar and Telmo Pereira. The Cisco ACE Application Control Engine Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is a next-generation load-balancing and application-delivery solution. A member of the Cisco family of Data Center 3.0 solutions, the module: Helps ensure business continuity by increasing application availability Improves business productivity by accelerating application and server performance Reduces data center power, space, and cooling needs through a virtualized architecture Helps lower operational costs associated with application provisioning and scaling
  Ajay Kumar  is a customer support engineer in the Cisco Technical Assistance Center in Brussels, covering content delivery network technologies including Cisco Application Control Engine, Cisco Wide Area Application Services, Cisco Content Switching Module, Cisco Content Services Switches, and others. He has been with Cisco for more than four years, working with major customers to help resolve their issues related to content products. He holds DCASI and VCP certifications. 
  Telmo Pereira is a customer support engineer in the Cisco Technical Assistance Center in Brussels, where he covers all Cisco content delivery network technologies including Cisco Application Control Engine (ACE), Cisco Wide Area Application Services (WAAS), and Digital Media Suite. He has worked with multiple customers around the globe, helping them solve interesting and often highly complex issues. Pereira has worked in the networking field for more than 7 years. He holds a computer science degree as well as multiple certifications including CCNP, DCASI, DCUCI, and VCP
  Remember to use the rating system to let Ajay know if you have received an adequate response.
  Ajay and Telmo might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Data Center sub-community discussion forum Application Networking shortly after the event.
  This event lasts through July 26, 2013. Visit this forum often to view responses to your questions and the questions of other community members.

  Hello Krzysztof,
  Another set of good/interesting questions posted. Thanks! 
  I will try to clarify your doubts.
  In the output below both resources (proxy-connections and ssl-connections rate) are configured with a min percentage of resources (column Min), while 'Max' is set to equal to the min.
  ACE/Context# show resource usage
                                                       Allocation
          Resource         Current       Peak        Min        Max       Denied
  -- outputs omitted for brevity --
    proxy-connections             0      16358      16358      16358      17872
    ssl-connections rate          0        626        626        626      23204
  Most columns are self explanatory, 'Current' is current usage, 'Peak' is the maximum value reached, and the most important counter to monitor 'Denied' represents the amount of packets denied/dropped due to exceeding the configured limits.
  On the resources themselves, Proxy-connections is simply the amount of proxied connections, in other words all connections handled at layer 7 (SSL connections are proxied, as are any connections with layer 7 load balance policies, or inspection).
  So in this particular case for the proxy-connections we see that Peak is equal to the Max allocated, and as we have denies we can conclude that you have surpassed the limits for this resource. We see there were 17872 connections dropped due to that.
  ssl-connections rate should be read in the same manner, however all values for this resource are in bytes/s, except for Denied counter, that is simply the amount of packets that were dropped due to exceeding this resource. 
  For your particular tests you have allocated a min percentage and set max equal to min, this way you make sure that this context will not use any other additional resources.
  If you had set the max to unlimited during resource allocation, ACE would be allowed to use additional resources on top of those guaranteed, if those resources were available.
  This might sound a great idea, but resource planning on ACE should be done carefully to avoid any sort of oversubscription, specially if you have business critical contexts.
  We have a good reference for ACE resource planning that contains also description of all resources (this will help to understand the output better):
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/virtualization/guide/config.html#wp1008224
  1) When a resource is utilized to its maximum limit, the ACE denies additional requests made by any context for that resource. In other words, the action is to Drop. ACE  should in theory silently drop (No RST is sent back to the client). So unless we changed something on the code, this is what you should see.
  To give more context, seeing resets with SSL connections is not necessarily synonym of drops. As it is usual to see them during normal transactions.
  For instance Microsoft servers are usually ungracefully terminating SSL connections with RESET. Also when there is renegotiation during an SSL transaction you may see RESETS, but this will pass unnoticed for end users. 
  2)  ACE will simply drop/ignore new connections when we reach the maximum amount of proxied connections for that context. Exisiting connections will continue there.
  As ACE doesn't respond back, client would simply retransmit, and if he is lucky maybe in the next attempt he will be able to establish the connection.
  To overcome the denies, you will definitely have to increase the resource allocation. This of course, assuming you are not reaching any physical limit of the box.
  As mentioned setting max as unlimited might work for you, assuming there are a lot of unused resources on the box.
  3)  If a new connection comes in with a sticky value, that matches the sticky entry of a real server, which is already in MAXCONNS state, then both the ACE module/appliance should reject the connection and that sticky entry would be removed.
  The client would at that point reestablish a new connection and ACE would associate a new sticky entry with the flow for a new RSERVER after the loadbalancing decision.
  I hope this makes things clearer! Uff...
  Regards,
  Telmo

• Can MPLS aware Netflow ver. 9 be enabled on the catalyst switches 6500

  HI, I'm working for KOREA TELECOM, and currently providing MPLS VPN.
  We're planning to provide our customer with traffic report using NetFlow..
  I read some documents which reads Netflow ver.9 can be enabled on Cisco GSR 12000 Series, but no mention about catalyst switches. So, I ' m curious about that Netflow ver 9 can be activated on catalyst 6500 series.. because the point where switch is located already have mpls encapsulated packet ( mpls vpn packet).
  Thank you , in advance.

  NetFlow is now integral to Cisco 6500. A configuration we recommend is as below:
  mls netflow     // This enables NetFlow on the Supervisor.
  mls nde sender version 7
  mls aging long 64  // This breaks up long-lived flows into (roughly) one-minute segments.
  mls aging normal 32  // This ensures that flows that have finished are exported in a timely manner.
  mls flow ip interface-full
  mls nde interface
  The  next two commands will help to enable NetFlow data export for  bridged  traffic which is optional. You can specify the list of VLANs  here to  enable bridged traffic.
  ip flow ingress layer2-switched vlan
  ip flow export layer2-switched vlan
  Apart from this, NetFlow has to be enabled on the MSFC using the below commands.
  ip flow egress       // This command has to be executed on all the L3/VLAN interfaces.
  ip flow-export destination {hostname|ip_address} 9996  // The hostname or IP address of the flow server
  ip flow-export source {interface} // The interface through which NetFlow packets are exported. eg: Loopback0
  ip flow-export version 9
  ip flow-cache timeout active 1
  snmp-server ifindex persist
  The new Cisco Flexible NetFlow actually allows for export of MPLS specific information (I believe it is stack lables) in addition to information on IP Address, port, etc. But you will need a tool that can support these additional fields. Otherwise you can view IP, port, protocol, etc related information from MPLS links.
  Regards,
  Don Thomas Jacob
  ManageEngine NetFlow Analyzer

• Connection of LC/APC fiber patch cords to Cisco Catalyst 6500 $ Cisco Access 3750 Switches

  I have an LC/APC fiber patch cord infrastructure and I want to connect it to Cisco Catalyst 6500 & Cisco Access 3750 Switches. what type of transceiver should be used?
  I read a note on Cisco website stating the following for Cisco SFP+ transceivers:
  Note: "Only connections with patch cords with PC or UPC connectors are supported. Patch cords with APC connectors are not supported. All cables and cable assemblies used must be compliant with the standards specified in the standards section"

  Thank you,  but my question is that I have a single mode fiber patch cord with LC/APC connector while cisco stating a note that only use LC/PC or LC/UPC type of connectors with SFP+ transceiver.  
  So what type of transceiver should I use to connect LC/APC patch cord to cisco switches?  Is there another type or SFP+ still can be used?