Do Cisco router 2811 and Catalyst 3750 support SNMPv3?

Hi,
Do Cisco router 2811, IOS 12.4(20)Ti, and Catalyst 3750, IOS 12.2.(53)SE, support SNMPv3?
Attached file contains my SNMPv3 configurations and "show snmp" results.  Would you please give me your advice?  Thanks.
Hugh

Hugh
Certainly both the 2811 and the 3750 do support SNMPv3. So support for the feature is not an issue in your situation.
I have looked at the config that you attached and believe that it looks reasonable. You have not told us about the SNMP server that will communicate with these devices. So we have no way to know if the details of the configuration are correct.
Have you attempted to discover these devices with an SNMP server that is configured to use SNMPv3 and has this user and passwords configured? If it does not work my first suggestion would be to check to verify that the passwords configured are exactly the same on the clients and on the server (and perhaps re-configure the passwords just to be sure). If the passwords are not a problem my second suggestion would be to check and verify that the authentication and encryption parameters match between the server and the clients.
HTH
Rick

Similar Messages

  • Revised Visio stencils for CRS and Catalyst 3750

    We just submitted the CRS and Catalyst 3750 revisions to the Cisco web team for posting.  They should be available within a day or so.
    Regards,
    Brett Newman
    Cisco Visio Development
    Visimation Inc.

    Hi Kevin,
    We updated the 3750 on 2/23/12 and the CRS on 2/20/12.  Please check the download page.
    Regards,
    Brett Newman
    Cisco Visio Development
    Visimation Inc.

  • Router 2811 and C2960 Switch Trunking Problem

    Hi all
    I got an problem with a trunking problem between Router 2811 and C2960 switch
    In router 2811 - I created f0/0.1 10.65.20.1 (VLAN 1) and f0/0.48 10.65.23.1 (VLAN 48)
    In C2960 - Vlan 1 10.65.20.30 , VLAN 48 10.65.23.30
    Finally I can only ping VLAN 1 IP but fail to ping VLAN 48 IP, can help me how to troubleshoot it?
    Hugo
    Router 2811 Configuration:
    interface FastEthernet0/0.1
     encapsulation dot1Q 1 native
     ip address 10.65.20.1 255.255.255.0
    interface FastEthernet0/0.48
     encapsulation dot1Q 48
     ip address 10.65.23.1 255.255.255.0
    C2960 Configuration:
    interface FastEthernet0/24
     switchport mode trunk

    2811#sh vlans
    Virtual LAN ID:  1 (IEEE 802.1Q Encapsulation)
       vLAN Trunk Interface:   FastEthernet0/0.1
     This is configured as native Vlan for the following interface(s) :
    FastEthernet0/0
       Protocols Configured:   Address:              Received:        Transmitted:
               IP              10.65.20.1              388873              262275
            Other                                           0                1723
       390760 packets, 71854310 bytes input
       263998 packets, 53723195 bytes output
    Virtual LAN ID:  48 (IEEE 802.1Q Encapsulation)
       vLAN Trunk Interface:   FastEthernet0/0.48
       Protocols Configured:   Address:              Received:        Transmitted:
               IP              10.65.23.1                   0                   0
            Other                                           0                  20
       0 packets, 0 bytes input
       20 packets, 1883 bytes output
    2960_24#sh int trunk
    Port        Mode             Encapsulation  Status        Native vlan
    Fa0/24      on               802.1q         trunking      1
    Gi0/1       on               802.1q         trunking      1
    Port        Vlans allowed on trunk
    Fa0/24      1-4094
    Gi0/1       1-4094
    Port        Vlans allowed and active in management domain
    Fa0/24      1,48
    Gi0/1       1,48
    Port        Vlans in spanning tree forwarding state and not pruned
    Fa0/24      1,48
    Gi0/1       1,48

  • Cisco router 2811 doesnot respond to ciscoPingAvgRtt oid

    Hi,
    I was  trying to get snmpwalk output for cisco 2811 router for     OID  "1.3.6.1.4.1.9.9.16.1.1.1.12" but   I got NO Output
    If I tried till  1.3.6.1.4.1.9.9.16 this shown the output  but not for given OID.
    That OID output is necessary as withiout this I can not get Round Trip time in HP OVPI tool.
    Please help me  to know what is wrong??
    with regards,
    Neena

    Cisco doesn't make these.
    If you buy a remote controlled power socket that works for switches, it will work for routers, and anything else.

  • Trunking between Huawei S3900 and Cisco catalyst 3750

    One of my edge Huawei S3700  switches  is dead, I am going to replace it with a Cisco switch Catalyst 3750 series PoE-48 via a trunk link  with GE fiber port on both ends, please see the diagram below.
                                      trunk                     trunk
       Core switchrouter<----------S3700<--------------->Cisco Catlyst 3750
    I haven’t touch Cisco switch for many years, I would like to ask the following questions:
    1.)      Do I need to take any precaution before connecting this Cisco switch into my Huawei network? Only one link between S3700 and C3750, so I don't need worry anout STP? Do I need to worry about Default vlan regarding trunking port?
    2.)      I need to use different trucking protocol e.g. 802.1Q etc to interconnect these two switches (S3700-28TP-SI-AC and Catalyst 3750), please see the following configuration:
    For C3750:
    switchport trunk encapsulation dot1q
    switchport trunk native vlan (What you want)
    switchport trunk allowed vlan (VLANs required)
    switchport mode trunk
    spanning-tree portfast trunk
    For S3700:
     port link-type trunk
     port trunk permit vlan all
    Do you think the configurations above are right?
    Do I need to manually enter Duplex and speed options ?       
    3.)If the configurations are not right, then what are the commands for trucking port/link should I use on the Cisco switch (it uses IOS software) and Huawei switch?  Procedures of the commands would be really helpful !
    Any information and help would be much appreciated.
    Thanks
    Regards

    Hello
     3750 - basic config
     ================
    See as you are using this switch as an host switch you need to make sure ip routing isn't enabled ( it isn't by default)
    Also it looks like the s3700 Huawei switch is permitting all vlans and I assuming the default native vlan is 1 ( as is cisco) so no need to specify the native either.
    If you are requiring the access ports on this new cisco 3750 to be in multiple vlans then usually cisco to cisco interconnect would ultise VTP for vlan propagation however this wont occur between the Huawei switch, so you will need to manually add the vlans on the switch also.
    so to summarize below is a basic host switch config for 3750.
    conf t
    no ip routing
    hostname XXXXXX
    username xxxx privilege 15 secret xxxxxxx
    service password-encryption
    enable secret xxxxx
    security passwords min-length xx
    security authentication failure rate xx log
    aaa new-model aaa authentication login default local
    logging buffered 4096
    no service udp-small-servers
    no service tcp-small-servers
    service timestamps debug datetime msec localtime
    service timestamps log datetime msec localtime
    no ip domain-lookup
    spanning-tree mode rapid-pvst
    spanning-tree portfast bpduguard default
    int vlan x ( this may or not be vlan 1 - its whatever the L3 vlan interface is on the core switch for management connectivity)
    ip address x.x.x.x y.y.y.y.
    exit
    ip default-gateway x.x.x.x ( ip address of CORE SVI management interface)
    vlan x,x,x,x ( add the L2 vlans to the switch as vtp would not be used between the Huawei switch)
    exit
    int gigx/x
    Description Link to Huawei switch
    switchport trunk encapsulation dot1q
    switchport mode trunk
    switchport nonegotiate
    no shut
    ( no need for spanning-tree portfast trunk- this is usually only for ESX host ports)
    int rang fa0/1 -48
    Description - Access-ports
    switchport host
    switchport access vlan x (wihout this defaults to vlan 1)
    no shut
    clock timezone gmt 0
    ntp peer
    ntp server x.x.x. prefer
    res
    Paul

  • Help with Remote access VPN on Cisco router 3925 via Dialer Interface

    Hi Everybody,
    I need help for my work now, I appreciate if someone can fix my problem.I have a Cisco router 3925 and access Internet via PPPoE link.  I want config VPN Remote Access and using software Cisco VPN client. But it doesn't  work.. Here my config router :
    HUNRE#show running-config
    Building configuration...
    Current configuration : 5515 bytes
    ! No configuration change since last restart
    version 15.3
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    hostname HUNRE
    boot-start-marker
    boot-end-marker
    enable secret 5 $1$vEFw$rLfvLglzUgddCVwXDx03K.
    enable password cisco
    aaa new-model
    aaa session-id common
    crypto pki trustpoint TP-self-signed-1050416327
     enrollment selfsigned
     subject-name cn=IOS-Self-Signed-Certificate-1050416327
     revocation-check none
     rsakeypair TP-self-signed-1050416327
    crypto pki certificate chain TP-self-signed-1050416327
     certificate self-signed 01
      3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
      31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
      69666963 6174652D 31303530 34313633 3237301E 170D3134 30393235 31313534
      31395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
      4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30353034
      31363332 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
      8100CC79 74FCFABE 81183B70 5A9F4A53 EB609754 7D5F8587 9150B76E 3207A86E
      5B65F9E9 6CDAC21A 6D69221D 1FF61632 14763308 43B2A1CC 8EE5ABAC EF07530E
      3F0D35FE F08C955B 60B52B92 F8F54D53 DD6DD623 01F83493 02F9C49A F0C3483D
      3B48A008 8D96700E 88924BFE DE00201B DE5965DE 32898CAD 9012AB55 76B6F39B
      2D470203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
      551D2304 18301680 14C3418C BC35F3D9 B26B2475 2BB5F826 060525AB B3301D06
      03551D0E 04160414 C3418CBC 35F3D9B2 6B24752B B5F82606 0525ABB3 300D0609
      2A864886 F70D0101 05050003 81810070 AC7C26C6 4606A551 1A3FD6C5 2A5AEAE8
      35DAC86E F8885E26 51F6EEAE 7565D3AA D532C8F3 55F6656F D103F38C 8FBDE7F1
      83E77143 76469040 7FEA41E8 14963DB3 F7F28EA0 C5F2F42C B186B75C AAB04900
      15F9CB38 A16964F5 4E7B4378 35041AA8 AE8EC181 D58D6A62 676E286A 7B9D80E6
      35A0B9FB FB76E976 3D2A19D7 006078
            quit
    ip name-server 210.245.1.253
    ip name-server 210.245.1.254
    ip cef    
    no ipv6 cef
    multilink bundle-name authenticated
    vpdn enable
    vpdn-group 1
    vpdn-group 2
    license udi pid C3900-SPE100/K9 sn FOC1823839B
    license boot module c3900 technology-package securityk9
    username cisco privilege 15 secret 5 $1$aAjB$D3iLyPFTE7O1bHPnKSJcH0
    username kdhong privilege 15 secret 5 $1$nfyX$FO1BPTabCUaE6uKQwpLT.1
    redundancy
    track 1 ip sla 1 reachability
    track 2 ip sla 2 reachability
    crypto isakmp policy 1
     encr 3des
     authentication pre-share
     group 2
    crypto isakmp client configuration group VPN-HUNRE
     key hunre
     dns 8.8.8.8
     domain hunre
     pool IP-VPN
     acl 199
     max-users 100
    crypto ipsec transform-set encrypt-method-1 esp-3des esp-sha-hmac
     mode tunnel
    crypto dynamic-map DYNMAP 1
     set transform-set encrypt-method-1
    crypto map VPN client configuration address respond
    crypto map VPN 65535 ipsec-isakmp dynamic DYNMAP
    interface Embedded-Service-Engine0/0
     no ip address
     shutdown
    interface GigabitEthernet0/0
     ip address 192.168.1.1 255.255.255.0
     ip mtu 1492
     ip nat inside
     ip virtual-reassembly in
     ip tcp adjust-mss 1412
     duplex auto
     speed auto
    interface GigabitEthernet0/1
     description FPT
     no ip address
     ip tcp adjust-mss 1412
     duplex auto
     speed auto
     pppoe enable group global
     pppoe-client dial-pool-number 1
    interface GigabitEthernet0/2
     description Connect to CMC
     no ip address
     ip mtu 1442
     ip nat outside
     ip virtual-reassembly in
     ip tcp adjust-mss 1412
     duplex auto
     speed auto
     pppoe enable group global
     pppoe-client dial-pool-number 2
     no cdp enable
    interface Dialer1
     ip address negotiated
     ip mtu 1452
     ip nat outside
     ip virtual-reassembly in
     encapsulation ppp
     dialer pool 1
     dialer-group 1
     ppp authentication chap pap callin
     ppp chap hostname [USERNAME]
     ppp chap password 0 [PASSWORD]
     ppp pap sent-username [USERNAME] password 0 [PASSWORD]
     ppp ipcp dns request
     crypto map VPN
    interface Dialer2
     description Logical ADSL Interface 2
     ip address negotiated
     ip mtu 1442
     ip nat outside
     ip virtual-reassembly in
     encapsulation ppp
     ip tcp adjust-mss 1344
     dialer pool 2
     dialer-group 2
     ppp authentication chap pap callin
     ppp chap hostname [USERNAME]
     ppp chap password 0 [PASSWORD]
     ppp pap sent-username [USERNAME] password 0 [PASSWORD]
     ppp ipcp address accept
     no cdp enable
    ip local pool IP-VPN 10.252.252.2 10.252.252.245
    ip forward-protocol nd
    ip http server
    ip http authentication local
    ip http secure-server
    ip nat inside source list 10 interface Dialer1 overload
    ip nat inside source list 11 interface Dialer2 overload
    ip nat inside source static 10.159.217.10 interface Dialer1
    ip nat inside source list 199 interface Dialer1 overload
    ip nat inside source static tcp 10.159.217.10 80 210.245.54.49 80 extendable
    ip nat inside source static tcp 10.159.217.10 3389 210.245.54.49 3389 extendable
    ip route 0.0.0.0 0.0.0.0 Dialer1
    ip route 10.159.217.0 255.255.255.0 192.168.1.8
    ip sla auto discovery
    ip sla responder
    dialer-list 1 protocol ip permit
    dialer-list 2 protocol ip permit
    access-list 10 permit any
    access-list 11 permit any
    access-list 101 permit icmp any any
    access-list 199 permit ip any any
    control-plane
    line con 0
    line aux 0
    line 2
     no activation-character
     no exec
     transport preferred none
     transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
     stopbits 1
    line vty 0 4
     password cisco
     transport input all
    line vty 5 15
     password cisco
     transport input all
    scheduler allocate 20000 1000
    ntp master
    end
    However, I cannot ping interfac Dialer 1. I using Cisco vpn client software ver 5.0.07.0290.
    Hopeful for your answers !
    Thanks

    Hi David Castro,
    Thanks for your answer,
    I configed following your guide, but it have not worked yet. I saw that I cannot ping IP gateway Internet . I using ADSL Internet and config PPPoE  and my router receive IP from ISP. Here show ip int brief :
    GigabitEthernet0/0         192.168.1.1     YES NVRAM  up                    up      
    GigabitEthernet0/1         unassigned      YES NVRAM  up                    up      
    GigabitEthernet0/2         unassigned      YES NVRAM  up                    up      
    Dialer1                    210.245.54.49   YES IPCP   up                    up      
    Dialer2                    101.99.7.73     YES IPCP   up                    up      
    NVI0                       192.168.1.1     YES unset  up                    up      
    Virtual-Access1            unassigned      YES unset  up                    up      
    Virtual-Access2            unassigned      YES unset  up                    up      
    Virtual-Access3            unassigned      YES unset  up                    up 
    But I cannot ping Interface Dialer 1, so may be VPN is does not worked. Do you have some ideal ?
    Thanks very much !

  • Cisco router 8803G telnet commands

    Hello all
    i have a Cisco Router 8803G and i would like some help with following commands to be runned by telnet:
    1) erase an admin user
    2) change the passwork of an admin user
    thx in advance                  

    you can see a list of users with the following command:
    sh run | include username
    Go to config mode and do a
    no username USER_YOU_WANT_TO_DELETE
    The password can be changed with the same command
    username USER_YOU_WANT_TO_CHANGE secret NEWPASSWORD
    or in case you don't use hashed passwords:
    username USER_YOU_WANT_TO_CHANGE password NEWPASSWORD
    Don't stop after you've improved your network! Improve the world by lending money to the working poor:
    http://www.kiva.org/invitedby/karsteni

  • Cisco router with freeradius

    I have cisco Router 7206VXR and freeradius server , what I need is to change the user sevice in cisco router when changing it on freeradius.so if a user has1Mbps speed on freeradius the following commands will be applied to the user virtual interface on cisco router:
    rate-limit output 1048000 196608 393216 conform-action transmit exceed-action drop
    what I need is to change this command Automatically when changing the user service on freeradius so that the command become :
    rate-limit output 2096000 393216 786432 conform-action transmit exceed-action drop (for 2Mbps)
    I tried the following configuration but it didnt work:
    aaa authorization network <name> group <radius>
    aaa server radius dynamic-author
    client <freeradius ip address> server-key xxxxx
    any suggessions?
    Thanks in advance

    Framed-IP-Netmask has influence only on NAS side and
    it'll insert the correct route into the routing table
    (see the enclosed part), but it'll have NO effect
    on the client side - meaning that the end-user should
    do all addressing by himself.
    Routing table for PPP user with one /28 subnet:
    U 192.168.1.128/28 [1/0] via 192.168.100.129
    C 192.168.1.129/32 is directly connected, Virtual-Access35
    /Igor

  • Debian Linux Bonding and Cisco Catalyst 3750 - best practise?

    Hello everybody,
    I would like to know what's best practice to do this:
    The two NICs of a Debian Linux server wants to be connected with two Switchports of a Cisco Catalyst 3750 switch(stack). My goal is to have load-balancing and failover.
    My /etc/network/interfaces looks like this:
    iface bond0 inet static
           address 192.168.0.30
           netmask 255.255.255.0
           network 192.168.0.0
           broadcast 192.168.0.255
           gateway 192.168.0.1
           dns-nameservers 192.168.0.10 192.168.0.20
           dns-search xyz.mycompany.com
           slaves eth0 eth1
           bond_mode ???
           bond_miimon 100
           bond_downdelay 200
           bond-updelay 200
    First question: What bond mode should I use?
    The switchports looks like this:
    interface GigabitEthernet3/0/4
     switchport access vlan 20
     switchport mode access
     spanning-tree portfast
    What changes are necessery here? Something like this?
    interface GigabitEthernet3/0/4
     switchport trunk encapsulation dot1q
     switchport mode trunk
     spanning-tree portfast
    Thanks a lot for suggestions, hints, etc.! :-)
    Greets
    Stephan

    Hi Michael,
    thanks a lot for your answer - and sorry for my late reply!
    I like to show you my solution - I hope that it is a solution. ;-)
    My config on the switch(stack):
    switch#show etherchannel summary
    Group  Port-channel  Protocol    Ports
    ------+-------------+-----------+-----------------------------------------------
    2      Po2(SU)         LACP      Gi3/0/3(P)  Gi4/0/3(P)
    switch#show running-config interface GigabitEthernet 3/0/3
    Building configuration...
    Current configuration : 172 bytes
    interface GigabitEthernet3/0/3
     description myserver, eth0
     switchport access vlan 20
     switchport mode access
     channel-group 2 mode active
     spanning-tree portfast
    end
    lansw01#show running-config interface GigabitEthernet 4/0/3
    Building configuration...
    Current configuration : 172 bytes
    interface GigabitEthernet4/0/3
     description myserver, eth1
     switchport access vlan 20
     switchport mode access
     channel-group 2 mode active
     spanning-tree portfast
    end
    switch#show running-config interface port-channel 2
    Building configuration...
    Current configuration : 82 bytes
    interface Port-channel2
     switchport access vlan 20
     switchport mode access
    end
    The /etc/network/interfaces of my Debian machine looks like this:
    auto lo
    iface lo inet loopback
    auto bond0
            iface bond0 inet static
            address 192.168.1.xxx
            netmask 255.255.255.0
            gateway 192.168.1.xxx
            dns-nameservers 192.168.1.xxx
            dns-search xxx.xxx.xxx
            bond-mode 4
            bond-miimon 100
            bond-downdelay 200
            bond-updelay 200
            bond-lacp-rate 1
            slaves eth0 eth1
    This setup seems to work well. But I'm wondering that there is nothing with "trunking" in my setup. Would you like to give me your opinion about this?
    Thanks a lot and many greets
    Stephan

  • Can cisco router support OSPF-TE and ISIS-TE same time for CSPF to compute a TE LSP? I may need to run both IGP in parreral.

    Can cisco router support OSPF-TE and ISIS-TE same time for CSPF to compute a TE LSP? I may need to run both IGP in parreral.

    hello - I have just moved your post to the Topic forums - you had posted your question in an obscure non-visible promotional community  Hopefully our community users will see your question now.

  • Can cisco router support OSPF-TE and ISIS-TE same time for CSPF to compute a TE LSP? I may need to run both IGP in parallel

    Can cisco router support OSPF-TE and ISIS-TE same time for CSPF to compute a TE LSP? I may need to run both IGP in parallel.

    Hi Johnny,
    Per my understanding you can. It is equivalent to running 2 IGP and installing the entry in RIB table based on administrative distance. 
    -Nagendra

  • VLAN trunking from Cisco Catalyst 3750 to Cisco SF300-48P issue and related

    Hello expert,
    I'm having difficulties to configure VLAN trunking between Cisco Catalyst 3750 switch with Cisco SF300-48P switch and my workstation unable to get any DHCP IP from our DHCP server via Cisco SF300-48P switch. Below is the snippet of configuration on both switches:
    [Cisco Catalyst 3750 Switch]
    interface GigabitEthernet1/0/45
     description NCC-CC-1stFlr
     no switchport trunk encapsulation dot1q
     no switchport trunk allowed vlan 101-103
     spanning-tree portfast
    [Cisco SF300-48P Switch]
    interface fastethernet48
     spanning-tree link-type point-to-point
     switchport trunk allowed vlan add 101-103
     macro description switch
     !next command is internal.
     macro auto smartport dynamic_type switch
    interface fastethernet29
     switchport mode general
     switchport general allowed vlan add 103 tagged
     switchport general pvid 103
    Are these are correct? Kindly advice!
    Thank you very much!
    Regards,
    Alex

    Hi Alex,
    for the trunk port on Catalyst on port GE 1/0/45, we need to enable the trunk and for on encapsulation dot1q because this catalyst model is ISL capable also and the SF300 working only with Dot1q Encapsultion
    The configuration on catalyst should :
    #config terminal
    #interface Gi 1/0/45
    # switchport encapsulation 
    #switchport trunk encapsulation dot1q
    #switchport mode trunk 
    #switchport trunk allowed vlan 101-103
    #spanning-tree portfast
    For SF300 the port trunk it looks fine but for the port where the PC should receive an IP address
    #interface fastethernet29
     #switchport mode access
     #switchport ccess vlan 103
    Please let me know after this configuration
    Thanks
    Mehdi
    Please rate or mark as answered to help other Cisco Customers

  • The difference of the IEEE802.1x Auth between Cisco Routers and Catalyst switches

    Hello
    I am investigating the difference of the IEEE802.1x Auth between Routers and Switches.
    Basically dot1x auth is availlable on Catalyst Switches. however if I want to check to
    PortBased Multi-Auth , MAC address Auth and any certification Auth with this feature,
    Is it possible to integrate into Cisco Router such as Cisco 891F ?
    In my opinion Cisco891F is also available to use basic IEEE802.1x but if it compares with Catalyst switches such as Cat3560X
    I think there might be any unsupported feature on Cisco 891F.
    I appreciate any information. thank you very much in advance.
    Best Regards,
    Masanobu Hiyoshi

    Many time in interviews asked comaprison between cisco  routers and switches that i was answerless bcoz i dont have much knowledge about that.Can anyone provide me the compariosin sheet of the same.how are the cisco devices differ with each other how much Bandwidth each routres support and Etc...
    Ummmm ... The most common question I get is "what is the difference between a router and a switch".
    However, if you get a question like this, then my impression to this line of questioning are:
    1.  The candidate they are looking for has in-depth knowledge of routers and switches.  And I mean IN-DEPTH!;
    2.  They are not looking for a candidate.  They just want to stroke their ego.  There is not alot of people who can give you the "names and numbers" of routers and switches at a snap of a finger.  And if you do happen to know the answer, then and there, then expect a tougher follow-up question. 

  • Catalyst 3560 vs. Catalyst 3750 - 24 and 48p. 10/100/1000

    I need some help in positioning the Catalyst 3560 against the Catalyst 3750 - (only 24 and 48p. 10/100/1000) Switches.
    Under which circumstances should our customer buy 3560 and what are the arguments for the 3750 solution ?
    What are the major differences ?
    Thank you very much for your help !
    Regards,
    Cope

    CAT3750 series support stackwise technology while 3560s do not. This is the main difference between 3560s and 3750s. The switching architecture between the two is very similar. Stackwise comes with lot of advantages. You can find more on CCO at
    http://www.cisco.com/en/US/products/hw/switches/ps5023/products_white_paper09186a00801b096a.shtml

  • Catalyst 3750 , ACS and Downloadable IP ACL

    Hi,
    We installed a ACS v4.1 , we were trying to limit the access to authenticated users by using Downloadable IP ACL in a Catalyst 3750 with IOS version ipbasek9-mz.122-25.SEE4. The authentication part works fine with a external database (Wins AD) , but we want to limit the access to the network of some groups.
    This can be done using Downloadable IP ACL ?
    Thanks for any help

    Yes, DACL's can be user here. To use a downloadable IP ACL on a particular AAA client, the AAA client must:
    .Use RADIUS for authentication.
    .Support downloadable IP ACLs.
    Examples of Cisco devices that support downloadable IP ACLs are:
    .PIX Firewalls
    .VPN 3000-series concentrators, ASA and PIX devices
    .Cisco devices running IOS version 12.3(8)T or greater
    http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs
    40/user/c.htm#wp696809
    Please note that downloadable ACLs are not supported on cat based switches.
    If downloadable ACL's through shared profile doesn't work, define a cisco av-pair to create the downloadable acls.
    Give this a try and see if it works. The format for the av-pair ACL is:
    ex
    ip:inacl#1=permit ip 1.1.1.0 0.0.0.255 9.9.9.0 0.0.0.255
    Regards,
    ~JG
    Do rate helpful posts.

Maybe you are looking for

  • Instructions For Moving To An External Hard Drive - Mac

    I have a Macbook where I use Lightroom. However, my internal drive is filling up and I would like to get instructions on how have the library reside on my new 250gb external drive. Thanks!!

  • How to redraw this jcombobox !!! Urgent

    Hi guys, here this is a dare ! I need to do this work : i should redraw o jcombobox with this requisites: 1) When there's one or less than one object inside the combobox, this should not show (renderer) the triangle button and this should not show op

  • Specific log file

    I want to see specific information in log file for outline change or any rejection of data load. For Example : What log file logs when outline structure modified.

  • Java App from SAP Portal - SSO2Ticket call - java.lang.UnsatisfiedLinkError

    Hi I am facing a problem in trying to call a java application from SAP portal. *Cause:* This java application is built on Unix (AIX) server. Previously it was running fine. Then there is a Tech Upgrade on SAP side in our company. After that I have be

  • Overflow exception

    Everytime a transaction try to commit occurs the overflow exception: java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:      java.rmi.RemoteException: Erro na grava____o do planejamento; nested exception is: