EtherChannel between cisco devices need help

Similar Messages

• Routing issue between Cisco device and Virtual machine

  Hi Guys,
  We have two local subnets in a virtualized environment, subnet 1 has a VM operating as a firewall, we would like all traffic for subnet 2 to go via VM on subnet 1, this will police traffic on subnet 2 and then reroute.  
  The infrastructure involved comprises,
  Internet Edge Switch -> ASA -> Core Switch -> IBM Flex chassis
  The Internet edge switch is directly connected between the ISP routers and the Cisco ASA firewall pair (A/S). The ASA is then connected to the Core switch. Connected from the core switch is an IBM Flex chassis, via a port channel (all vlans allowed)
  The local subnets in question are as follows:
  Vlan 101 (10.1.1.0/24)
  Vlan 102 (10.2.1.0/24)
  The VM in question has two NIC cards having IP address of both subnets.
  NIC 1:  10.1.1.1
  NIC 2: 10.2.1.1
  We would like packets destined for 10.2.1.1 to land on 10.1.1.1 IP address. At the moment traffic for each vlan routes from the outside to their respective local subnets successfully, what we are having difficulty with is directing traffic for subnet 2 via subnet 1 VM firewall.
  At the moment we have tried adding a static route on the core switch but it didn’t work
  ip route 10.2.0.0 255.255.255.0 10.1.1.1
  I will appreciate if you could share your knowledge and guide me how to achieve this goal.
  Thanks in advance :-)

  Hi,
  I think for this to work you need a transit vlan between the VMs and the core switch. So, if you have 2 vlans on the VM (101 and 102) you use the VM switch to route between the vlans and in order to go outside the local vlans you would use the core switch.  In this scenario you would not have an SVI (layer-3) interface on the core.  The only thing that core will have is the layer-2 vlans (101 and102).  You would than need a static route on the core switch to point to the transit vlan on the VM side.
  so, for example, if the transit vlan is vlan 110 and the ip is 192.168.1.0/24
  on the core you have static routes:
  ip route 10.1.1.0/24 192.168.1.2 (VM side)
  ip route 10.1.2.0/24 192.168.1.2 (VM side)
  You also need an SVI for vlan 110 with ip address 192.168.1.1/24 on the core.
  on the VM you need a default route to point to the core (192.168.1.1).
  Is this what you are trying to do?
  HTH

• Conecting etherchannel between cisco catalyst 6509 and hp procourve 9308

  Impossible to connet 2 ports 1000base sx agrouped via etherchannel / lacp or pagp between a catalyst 6509 and a hp procourve 9308. Please do you know he best configuration? thanks in advance

  Hola Luis,
  the link would have to be LACP (since PAgP is Cisco proprietary). So, on the Cisco side, the config should look like this:
  interface GigabitEthernet0/1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  channel-group 1 mode on
  interface GigabitEthernet0/2
  switchport trunk encapsulation dot1q
  switchport mode trunk
  channel-group 1 mode on
  interface Port-channel1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  On the HP side, check how the trunk group is configured there. I assume you have used the ´trunk deploy´ command after configuring the HP trunk group ? Also, which spanning-tree mode do you have running on the Cisco and the HP ?
  Saludos,
  GP

• Cisco 2811 - need help

  Hello,
  I am new to routers. I have one at work that I need to manage but with no knowledge. I have a Cisco 2811 router and it has been logging that one of its fans is not rotatin. Cisco suggest me to reboot the router to see if it fix the problem - so my first question is: how do you reboot the 2811.
  Cisco said if rebooting the router doesn't fix the problem, they will send my a replacement chassis. So, I need step-by-step instruction on what to do if I really have to remove all the cards and put it in the new chassis. How do I save the config file? How do I shutdown the router? How do I reload the config file without having to setup the router from scratch? I need step-by-step help.
  Thanks
  Kit

  Hi Kit,
  To reload the router :
  1.First do a " write mem " in your router after entering the privilege level
  2.You can do a soft reload by giving " reload " from the router# prompt or just by powering and power off the router.
  If reboot is not solving the problem , cisco would do a RMA and they would give you a chassis
  To do that
  1.Copy the configuration file to the flash disk in the router
  2.Have a copy of the same in the notepad also just for verification
  3.Shut down the router by removing the power
  4.Insert the cards that were present in the router in the same slots in the new chassis
  5.Insert the flash card to the new chassis that has the IOS and config file
  6.Reload the router
  7.Copy the configuration file from the flash to the running config
  8.Do a write mem
  9.Verify the config with your old config
  use it for ref:
  http://www.cisco.com/en/US/products/ps5854/prod_configuration_guide09186a00802c35d3.html#wp41215
  Pls let me know if you require any other details
  regards
  vanesh k

• Boxes appear between letters? need help...

  I am writting a program and want to print the contents of a buffer to a text file, but boxes appear between all letters and spaces in the text file. Any ideas?

  If you are reading from a stream (e.g. a file), then you can specify what character encoding it should use.
  BufferedReader in = new BufferedReader(new InputStreamReader(new FileInputStream("test.txt"), "ISO8859_1"));
  In this case I tell it to use the ISO 8859-1 (1 byte is equals to one character).
  If your buffer is a byte array, you can change it to a string using a specific character encoding as well instead of the platforms default.
  new String(byteArray, "ISO8859_1");
  May or may not be the problem you have.

• Adobe Prelude Will Not Transfer Subclips Between Computers. Need Help!

  I have been using Adobe Prelude for a short time but have logged about 20 hours into a project. I have been creating sub-clips of videos and then creating rough cuts from those clips. I am working with multiple editors in multiple locations. Each of them has the raw footage on a hard drive. I have found a problem when I try to send the project to another computer. All of my bins and organization transfer but none of the sub-clips carry over. This seems to be because the sub-clip metadata attaches to the clip itself and does not stay in the program files. This is a problem as I have around 4TBs of footage and cannot be transferring that footage back and forth each time I change the metadata. Is there a solution to this problem? Is there some way I can save the metadata into the program file itself so it transfers over to the other computers? I feel like I may be wasting my time with this application if there is no way of doing this. Please help!

  ok i actually got a id set up and allegedly home sharing is on but the thing is the ipod when syncing keeps saying it can only use one itunes library do i want to erase my songs? i do not want to erase my songs. my itunes library i originally used is on my other computer which has no more disk space to add music to and this computer the xp also has not enough disk space to put both libraries on .. PLEASE PLEASE help!

• Connecting a 20mb fiber / ethernet point to point CISCO 1841 Need help

  Here is the remote router config

  Okay perhaps I am over thinking the situation but for some reason its not clicking, and maybe I am overlooking something. So my rule is if I spend more than 30 min on something and I cant get anywhere I start pulling resources ;-) So here goes.Currently we have 2 1841 routers configured between out two locations, these are connected through two T1 serial connections (Multilinked). QOS (as rudimentry as it is) is configured on the Multilink. See below.We recently went with a fiber connection (terminated via ethernet), the plan is to use the free FastEthernet (0/1) for the connection between the routers, and then disable/eliminate the T1 connections.Here is the current configuration for both routers. I Have added the new config for the ethernet connection and assigned them an IP address, and it seems that we can ping between the...
  This topic first appeared in the Spiceworks Community

• Cisco RV180 needs help..buyers beware.

  So for a while now, we have used the Linksys (Cisco) RVS4000 Small BUsiness routers at our business and have had great success.  We opened a new location, and went to buy more, only to find out, they no longer make them, and have been replaced by the Cisco RV180 routers.  Figuring these will work as seemess as the others, we bought some. 
  Wow, was I wrong.  Using mainly the default settings, we are having major connection issues, mainly by our programs that are somehow timing out and having read/write delays.  I know it's the RV180 because I found an old backup RVS4000 Router, put it in place, and it works perfect.  Seeing that the last firmware update on this router is June of 2012, and reading the number of posts and problems with this Router, Cisco obviously doesn't give a rip that they have a piece of SH** out there they are selling, with no plan to make fixes and update firmware.  We have gone through these settings with a fine-toothed comb and turned off about every firewall and IPS setting there is, but no matter what we do, it still persists.
  ***EVERYONE, STAY AWAY FROM THIS ROUTER****
  Until Cisco decides to get seious about their small business line, I will be buying D-link and Netgear routers, as they actually work.

  Hello Tim,
  If you have already reported this issue to Cisco SBSC, can you please share the service request number for this issue? We would like to track the issue and see if it is something to do with the configuration or system. If you have not reported this issue to the Cisco SBSC, could you please contact them and open a service request? We would like to investigate the root cause for the performance issue you are facing and find a resolution for the same.
  Cisco SBSC contact information:
  http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
  Thanks,
  Nagaraja

• GRE IPSec between Cisco 2811 and FortiGate 110C

  Hello,
  Does anybody know if it is possible to configure GRE IPSec tunnel between Cisco 2811 router and FortiGate 110C firewall? I know that FortiGate supports IPSec and GRE tunnels, but maybe somebody succeeded in establishing an IPSec GRE between those routers? Could you also give a link to the appropriate documentation if it is possible?

  Hi,
  You can configure the GRE tunnel on the 2811.
  I'm aware that you can configure sort of a GRE tunnel on the Fortinet as well, but I have not seen a GRE tunnel between a Cisco and other vendor.
  I've only seen GRE tunnels between Cisco devices (however I have not tried it to assure you that it will not work :-()
  Federico.

• RVS4000: Need help with out-of-the-box device

  The router is performing very badly.
  1. Router's "INTERNET" is connected to ADSL cable modem, providing automatically an IP address.
  2. The device is getting "freezed"/"stoned" very often. The longest time record for up-time was just over 1 hour. The shortest up-time was somewhere over 2 minutes.
  3. When "freezed" the router:
      a. Still can perform as a switch
      b. No access to WAN
      c. No ping to the router
      d. Green indication lamps.
      e. No access to the web-interface
  4. Same behavior with 1.3.0.5, 1.3.1.0 and 1.3.2.0 firmwares
  5. Sometimes after "Restore to factory defaults" DIAG-RED led is lit, and does not go off.
  6. To get device back helps to power-off it for an hour or two.
  Is it possible to get any information from the router, when it is "freezed"

  Pavel Kopylov,
  It look like we got out of sync. I see you just sent another reply about opening the box Friday.
  With it only being Friday, I would take it back to the store I bought it from and get another. The same or better.
  ======================================================================
  If you want to use this as a learning experiance and figure out this problem yourself, then the following maybe for you:
  In all of your communications. I hear you saying your RVS-4000 freezes and will not communicate. No in or out of data. Is that correct?
  You are also saying, these freezes occur at various times. Correct?
  Which I hope this means is that it is working until it stops working...
  If that is correct. Then you need to figure out if the problem is coming in over your WAN connection or it's the hardware of the Router itself.
  If you think it's the hardware of the Router. Then do things like measure the temperatures of the Router. (Carefully) Try to heat it or cool it to see if this makes it fail, quicker... Check the Voltage to this Router and make sure it's correct and you are not getting Black outs or brownouts, etc... Also check for lose data connectors. (Watch the lights on the front panel)
  However, If you think this is from a TCP/UDP attack on your Router. Then you can place a HUB between your Router and the Cable/DSL Modem and the Router. Next plug in a PC into the same HUB and run Network Software Monitoring on this PC in Continues Record mode. Until a failure. Then go thru the Data and see what you find.
  There are a few free Network Software Monitoring Tools you can find and download. Even Microsoft has a nice one for free. Microsoft Network Monitor 3.x
  You can also buy another Router. The same or better and if you have the same kind of problems. Then it just might be coming in over your connection. And the new Router can then be returned as its still new.
  You can call Cisco and or your local ISP and work with them on this problem.
  These are just a few Ideas... I'm sure others will have even more.
  Bruce

• Need help with troubleshooting VPN betwen Cisco 2911 and Dell Sonicwall 4060

  Hello all,
  I am trying to set up a VPN Tunnel between the devices mentioned above.  The tunnel appears to be established, but I've encountered some issues along the way.  I can ping from the Cisco 2911 to a server behind the Sonicwall, but I cannot ping from that server to the Cisco router unless the router is pinging the server at the same time.  What should I do to fix this problem?
  UPDATE:  The tunnel is no longer working between the two devices.  The end result I am looking for is to have a VPN tunnel between these two devices which does NAT and allows me to ping across without having to constantly ping to keep the session open.  Before the tunnel went down, I was able to ping that server behind the sonicwall using a port on the inside of the firewall as a source port for the ping, and at one point I was able to ping back to the router from the server, but was unable to ping beyond that interface.  I think the problem that I am running into has to do with the zone-based firewall configurations that are already on the router.  I don't want to mess with those configurations already in place, but I am not sure how to get this tunnel working.  I'm fairly certain I need to start from the beginning in regards to this tunnel, but I cannot figure out how to configure this the right way. 
  Thanks in advance for any help
  Michael
  Message was edited by: Michael Sotalin

  Finally the testing is successful on Sonicwall NSA 240 as well with Cisco ASA. Actually somehow Sonicwall firewall was discovering my VPN Box's Public leg (Private IP (10.10.50.10)) as well, which was behind a Live Peer IP (203.124.x.x). As per security policies it shouldnt have been discovered on the remote end. i will bring this in Cisco TAC notice.
  Logs of Sonicwall were showing ASA local ike id as "203.124.x.x" & ASA Remote ike id "10.10.50.10".
  Sonicwall sets these two parameters with PSK (local ike id & remote ike id). This is other than setting the Peer IP. i asked my client to add my ASA actual and NAT IP in these two parameters and the VPN got UP.

• Need help with setting up VPN on a Cisco EPC3925 Modem

  Hi everyone,
  I need help setting VPN on Cisco EPC3925 modem (I tried using Help and I have read the entire section in the manual but the manual is not the same as the window I get in my settings. For example in the manual they say I can choose "all" under Remote Secure Gateway but there is no option like that).
  When I go to the VPN section this is what I get:
  1. Does this mean that I can connect to my modem via VPN from some other location? I would like to be able to connect to this modem when I am not at home from some remote location from my computer in order to be able to use NAS-Storage.
  2. If the answer on the first question is yes, what settings I need to enter for the:
  Local Secure Group
  Remote Secure Group
  Remote Secure Gateway
  My ISP is using dynamic IP but I have DDNS.
  My router local IP is 192.168.0.1
  Subnet: 255.255.255.0
  Starting IP Address: 192.168.0.10
  Here is how the advanced settings looks like:
  Thanks in advance for your help!

  My problem similar too this. I create a tunnel between two epc3925 but impossible to send data between them.
  The status is connected.  What can I do? UPC tell me this router has only vpn client so i will doesn't work.

• I have an Ipad and an Ipod Touch 5th gen both on the latest firmwares but they won't connect via bluetooth whenever I try even though both shows that the devices are discoverable. I need help!

  I have an Ipad and an Ipod Touch 5th gen both on the latest firmwares but they won't connect via Bluetooth whenever I try even though both shows that the devices are discoverable. I also tried connecting them with my Bluetooth enabled laptop but it also didn't worked. Because of the Bluetooth not working I also can't enable airdrop.

  What model iPad?
  What model computer and OS version>
  AirDrop requires:
  What you need
  To share content with AirDrop, both people need one of these devices using iOS 7 or later, or a Mac with OS X Yosemite:
  iPhone 5 or later
  iPad (4th generation or later)
  iPad mini
  iPod touch (5th generation)
  You also need to turn on Wi-Fi and Bluetooth. If you want to share with your contacts, sign in to your iCloud account.
  Learn more about using AirDrop to share with people using a Mac with Yosemite.
  Use AirDrop to wirelessly share content - Apple Support
  System Requirements
  To see if your Mac works with AirDrop, make sure you’re in the Finder by clicking the desktop (the background area of your screen), or by clicking the Finder icon in the Dock. Then, check to see if AirDrop is listed as an option in the Go menu. If you don't see AirDrop listed, your Mac doesn't support this feature.
  In order to transfer files between a Mac and and an iPhone, iPad or iPod touch
  your iOS device needs to include a lightning connector
  your iOS device needs iOS 7 or later installed
  your Mac needs to be a 2012 or later model with OS X Yosemite installed
  Your Mac and iOS device both need bluetooth and Wi-Fi turned on. You do not have to be connected to a specific Wi-Fi network.
  To transfer files between two Mac computers, you need the Mac models listed below with Wi-Fi turned on and OS X Lion or later installed.
  MacBook Pro (Late 2008 or newer)*
  MacBook Air (Late 2010 or newer)
  MacBook (Late 2008 or newer)*
  iMac (Early 2009 or newer)
  Mac Mini (Mid 2010 or newer)
  Mac Pro (Early 2009 with AirPort Extreme card, or Mid 2010)
  *The MacBook Pro (17-Inch Late 2008) and the white MacBook (Late 2008) do not support AirDrop.
  For help identifying your Mac, choose About This Mac from the Apple menu. You can refer to the Apple Support website to find out if your iPhone, iPad or iPod Touch includes a lightning connector.
  Mac Basics: AirDrop lets you send files from your Mac to nearby Macs and iOS devices - Apple Support
  Otherwise you need an app to pair via BT one iOS device to another iOS device. There may be apps that allow pairing with a Mac computer. The iOS devioces do not have the BT profiles necessary natively to pair with a computer or another iOS device except for AirDrop

• Need Help on Configuring the Site to Site VPN from Cisco 2811 to Websense Cloud for web Traffic redirect

  Hi All,
  I need help on Configuring the Site to Site VPN from Cisco 2811 to Websense Cloud for web Traffic redirect
  2811 having C2800NM-ADVIPSERVICESK9-M
  2811 router connects to the Internet SW then connects to the Internet router.
  Note- For Authentication am using the Device ID & Pre share key. I am worried as all user traffic goes with PAT and not firing up my tunnel for port 80 traffic. Can you please suggest what can be the issue ?
  Below is router config for VPN & NAT
  crypto keyring ISR_Keyring
    pre-shared-key hostname vpn.websense.net key 2c22524d554556442d222d565f545246
  crypto isakmp policy 1
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp keepalive 10
  crypto isakmp profile isa-profile
     keyring ISR_Keyring
     self-identity user-fqdn [email protected]
     match identity user vpn-proxy.websense.net
  crypto ipsec transform-set ESP-NULL-SHA esp-null esp-sha-hmac
  crypto map GUEST_WEB_FILTER 10 ipsec-isakmp
  set peer vpn.websense.net dynamic
  set transform-set ESP-NULL-SHA
  set isakmp-profile isa-profile
  match address 101
  interface FastEthernet0/1
  description connected to Internet
  ip address 216.222.208.101 255.255.255.128
  ip access-group HVAC_Public in
  ip nat outside
  ip virtual-reassembly
  duplex full
  speed 100
  no cdp enable
  crypto map GUEST_WEB_FILTER
  access-list 101 permit tcp 192.168.8.0 0.0.3.255 any eq www
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.187 log
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.181 log
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.182 log
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 86.111.216.0 0.0.1.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 116.50.56.0 0.0.7.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 86.111.220.0 0.0.3.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 103.1.196.0 0.0.3.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 177.39.96.0 0.0.3.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 196.216.238.0 0.0.1.255
  access-list 103 permit ip 192.168.8.0 0.0.3.255 any
  ip nat pool mypool 216.222.208.101 216.222.208.101 netmask 255.255.255.128
  ip nat inside source list 103 interface FastEthernet0/1 overload
  ip nat inside source route-map nonat pool mypool overload

  How does Websense expect your source IPs in the tunnel? 192.168.8.0 0.0.3.255 or PAT'ed 216.222.208.101 ?
  Check
  show crypto isakmp sa
  show crypto ipsec sa
  show crypto session
  You'd better remove the preshared key from your post.

• EtherChannel between 6006 (catos) and Catalyst 2960 HELP

  Hi All,
  I want to create an etherchannel between 6006 (catos) and Catalyst 2960 to have failover and load balace.
  My ports on 6006 (catos) 6/37,6/47 and on 2960 giga 0/1 and giga 0/2.
  I have checked on 6006 it supports channel.
  Please help to configure this.
  Thanks,
  AS

  AS
  Use this doc as a guide and if you have further questions please come back -
  http://www.cisco.com/en/US/tech/tk389/tk213/technologies_configuration_example09186a0080094953.shtml#specialconsid
  Jon