NAT IN CATALYST 6509-HOW TO DO IT?

Similar Messages

• Catalyst 6509 switch

  I have a problem with one of our catalyst 6509 switches. We had power problem and when I tried to power the switch on after the power was restored it take me to the rommon.
  rommon>
  I urgently need answers to three questions and would therefore appreciate it if anyone can help me out.
  1. What is the cause of the switch not booting from flash but going to rommon?
  2.How do I get into the switch and
  3.How do I reset the switch to boot from flash and not going to the rommon
  Hope a savior comes to my aid

  Probably went into rommon due to incorrect or missing boot statement . You must already be in the switch if you know it is in rommon . If this is a native IOS box then just issue the "boot bootflash: " command and this should boot the box . Once booted up make sure the boot statement is correct . "boot system flash sup-bootflash: .

• VSS Reconfiguration on Catalyst 6509

  Hello Team,
  I would like to know about the reconfiguration of VSS on Catalyst 6509. VSS is already running but we need to reconfigure it on other ports.
  Currently Its is running on the VS-S720-10G Supervisor 2x10-G ports but we need to reconfigure it on other 10G ports.
  We want to Configure VSS on 1 Port of 10Gbase-LX4 and 1 Port of 10Gbase-SR Transceiver.
  We thing I want to clarify with Experts:
  1: How to break the Current VSS on both Catalyst 6509
  2: I know we can run the VSS on 2 Different ports but what about if both Transceiver are different
  3: In my case I want to run the VSS on 1 port 10Gbase-SR  and 1 Port 10Gbase-LX4 transceiver
  Here is Detail about the Line Cards where I want to Run VSS
  VS-S720-10G      (10Gbase-SR Transceiver)
  WS-X6704-10GE (10Gbase-LX4 Transceiver)
  Thanks,
  JH

  That is ok.  The physical ports are part of the Porchannel.
  So, lets say ports te1/5/4 and 1/5/5 on switch 1 and ports te2/5/4 and 2/5/5 are part of portchannel 10
  and now you want to remove 1/5/5 and 2/5/5 from the portchannel.
  go under each physical interface and do this command:
  no channel-group 10 mode on
  this will remove ports 1/5/5 and 2/5/5 from po10 while 1/5/4 and 2/5/4 are not effected.
  now you can add whatever new interface from the blade you want to po10 to replace the once you removed.
  lets say you want to add interface te1/2/1 and 2/2/1
  under the interface add this command
  channel-group 10 mode on
  HTH

• Catalyst 6509 VSS IOS upgrade

  Hi,
  We have a Catalyst 6509 VSS system, each chassis have 2 supervisor engines. The IOS version is 12.2(33)SXI4a. We should upgrade to 12.2(33)SXI12.
  The following document mention 2 upgrade method : FSU & eFSU
  http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/vss.html#wp1170391
  We can not use eFSU due to the images with release dates more than 18 months apart, so we can use FSU only. And there is some note for FSU :
  Note VSS mode supports only one supervisor engine in each chassis. If another supervisor engine resides in the chassis it will act as the DFC
  It make me some confuse.... What is the correct procedule to upgrade the Caytalyst 6509 VSS IOS ( each chassis with 2 supervisor engine )?
  Best Regards,

  Hello Jackson,
  Please take a on the next post which may answered your questions:
  https://supportforums.cisco.com/thread/2188244
  Intrachassis Availability
  The initial release of the Cisco Virtual Switching System supports only a single supervisor per chassis. If a second, or redundant, supervisor is installed in an individual chassis then the redundant supervisor will not fully boot. The redundant supervisor will stop the boot process at the ROMMON stage.
  In this configuration any device connected to the chassis in a single-homed, or single-attach, manner must rely on the availability of the single supervisor. Therefore the recommendation for connecting to the VSS is to always dual-attach devices.
  As a result of the single supervisor per chassis support the recovery period for replacing a failed supervisor module is undeterministic in that the recover process requires manual intervention in order to install and initialize a new supervisor in the chassis.
  Beginning in the 12.2(33)SXI4 software release, Quad-Sup Uplink Forwarding is supported which allows for a redundant supervisor to fully boot Cisco IOS Software, thereby providing a deterministic recovery option for redundant supervisors in a VSS chassis.
  Refer:
  http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/white_paper_c11_429338.pdf 
  The link that you mentioned describe how to configure a VSS from release 12.2(33)SXH1.
  Below is a step by step explanation of the upgrade process and the downtimes associated with each step:
  http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-729039.html
  ISSU restrictions and guidelines.
  http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configu
  ration/guide/vss.html
  Video:
  https://supportforums.cisco.com/videos/2650
  Best regards,
  Haihua

• Conecting etherchannel between cisco catalyst 6509 and hp procourve 9308

  Impossible to connet 2 ports 1000base sx agrouped via etherchannel / lacp or pagp between a catalyst 6509 and a hp procourve 9308. Please do you know he best configuration? thanks in advance

  Hola Luis,
  the link would have to be LACP (since PAgP is Cisco proprietary). So, on the Cisco side, the config should look like this:
  interface GigabitEthernet0/1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  channel-group 1 mode on
  interface GigabitEthernet0/2
  switchport trunk encapsulation dot1q
  switchport mode trunk
  channel-group 1 mode on
  interface Port-channel1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  On the HP side, check how the trunk group is configured there. I assume you have used the ´trunk deploy´ command after configuring the HP trunk group ? Also, which spanning-tree mode do you have running on the Cisco and the HP ?
  Saludos,
  GP

• MSFC2 Error on Catalyst 6509

  I have a Catalyst 6509 with the WS-X6K-SUP2-2GE and the WS-F6K-MSFC2. When I do a show mod, the Multilayer Switch Feature display "no Other". If I do a show port on 15 it displays the port in state "errdisable". I try to enable or even disable the port but it states it is not a feature on the module. When I session the the daughter card, there are no interfaces listed. Is there a fix to get this port out of this state?

  HI Marmour,
  There can be couple of reasons why MSFC show you in other state.
  1) A corrupted Cisco IOS Software image
  2) A misseated bootflash
  3) The drop of the MSFC or MSFC2 to ROM monitor (ROMMON)
  4) MSFC not properly seated on supervisor
  Check this link out
  http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008015bfa9.shtml
  This link will guide you how to recover MSFC from any of the above mentioned problem.
  If you are not able to recover msfc with the above link I am afraid your msfc might have gone bad and you have to get your sup + msfc RMAed.
  Hope for the best and best of luck!!
  Regards,
  Ankur

• I have created a Muse site for a client that wishes to host with Business Catalyst. How do I publish the site with their account rather than using one of my free sites?

  I have created a Muse site for a client that wishes to host with Business Catalyst. How do I publish the site with their account rather than using one of my free sites? This is so I can keep my free ones for personal projects but also so they can pay for their own hosting. I am happy to set it all up for them but not sure what to do.

  Hi
  You can use their BC login details and use them , which on publish the site will be under their account.
  Please change the BC login from Edit > Preferences > Publish > Switch Accounts , for Mac it would Adobe Muse > Preferences
  Thanks,
  Sanjit

• I want to cancel a paid subscription webBasics + on Adobe Business Catalyst. How do I do this?

  I want to cancel a paid subscription webBasics + on Adobe Business Catalyst. How do I do this?

  how do I cancel zoosk

• Trying to interconnect Catalyst 4506 (IOS) & Catalyst 6509 (CatOS) using FS

  Hey all,
  I'm currently having a problem interconnecting a Catalyst 4506 using IOS and a Catalyst 6509 using CatOS via FSO. The FSO is all setup and they show that they are talking but when we plug the fiber optic cables into the switches, we get a notconnect status on the switches. The link lights on both switches don't light up either. I have configured both sides as follows
  6509 (the Gigabit Port is 2/6):
  set port negotiation 2/6 disable
  set trunk 2/6 nonegotiate dot1q 1-1005,1025-4094
  4506 (the Gigabit Port is 1/1):
  interface GigabitEthernet 1/1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  switchport nonegotiate
  speed nonegotiate
  We were told by the FSO company that both ends must turn off negotiation in order for it to work. On the end with the Catalyst 6509, I have tried plugging another known working fiber optic line into the 2/6 port and the link light lights up so we know that the port isn't broken. Any ideas? I am lost.
  Background:
  We currently have a T1 line that serves as a point to point between the two buildings. We were trying to get rid of it and go with Free Space Optics (FSO) to increase bandwidth between the two buildings. We have 5 VLANs on each side (on the 4506 side, Vlans 110, 120, 132, 140, & 104 and on the 6509 side, Vlan 10, 20, 32, 40, 4) and the point to point is on the 200 network to interconnect the switches.

  Hie David,
  Just to start with are we sure that Rx of one switch terminates on Tx of other and vice versa. The fiber cable which is plugged in the trnasmitter of one switch must go to the receiver of another switch. You can just try swapping the TX and RX points at one switch.
  I doubt this because as you have said even the link light is not coming up.

• Missinf FWSM in Catalyst 6509 switch

  I have a problem with a Catalyst 6509 switch.The problem initially I had was loggin into the switch.I was always sent to the rommon> anytime I tried logging into the switch until I was told to enter "boot bootflash:". I was able to enter the switch but could not find the FWSM module.The module was there until we tried upgrading the IOS of the MSFC.
  When I enter "show module" it does not show the FWSM module.
  Is there something anybody can please show me to do other to access the Firewall module.

  Thanks for your post.
  Below is the result of a sh version and sho module of the switch as well as a report that comes up upon bootup using the "boot bootflash:"
  core02>en
  Password:
  core02#sh ver
  Cisco Internetwork Operating System Software
  IOS (tm) c6sup2_rp Software (c6sup2_rp-PSV-M), Version 12.1(12c)E4, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
  TAC Support: http://www.cisco.com/tac
  Copyright (c) 1986-2002 by cisco Systems, Inc.
  Compiled Mon 14-Oct-02 12:37 by hqluong
  Image text-base: 0x40008980, data-base: 0x41598000
  ROM: System Bootstrap, Version 12.1(11r)E1, RELEASE SOFTWARE (fc1)
  BOOTLDR: c6sup2_rp Software (c6sup2_rp-PSV-M), Version 12.1(12c)E4, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
  core02 uptime is 4 minutes
  System returned to ROM by power-on (SP by power-on)
  System image file is "sup-bootflash:c6sup22-psv-mz.121-12c.E4.bin"
  cisco Catalyst 6000 (R7000) processor with 227328K/34816K bytes of memory.
  Processor board ID SAL08144260
  R7000 CPU at 300Mhz, Implementation 39, Rev 3.3, 256KB L2, 1024KB L3 Cache
  Last reset from power-on
  X.25 software, Version 3.0.0.
  Bridging software.
  8 Ethernet/IEEE 802.3 interface(s)
  --More-- 6 Virtual Ethernet/IEEE 802.3 interface(s)
  26 Gigabit Ethernet/IEEE 802.3 interface(s)
  381K bytes of non-volatile configuration memory.
  32768K bytes of Flash internal SIMM (Sector size 512K).
  Configuration register is 0x2102
  core02#sh module
  Mod Ports Card Type Model Serial No.
  1 2 Catalyst 6000 supervisor 2 (Active) WS-X6K-SUP2-2GE SAL08154S4S
  2 8 unknown FRU type (major = 0x6003, mino WS-XSVC-K+BB-2 SAD081203ZV
  3 16 16 port GE RJ45 WS-X6316-GE-TX SAD08140999
  4 8 8 port 1000mb GBIC Enhanced QoS WS-X6408A-GBIC SAL081555Q1
  Mod MAC addresses Hw Fw Sw Status
  1 000f.8f9d.3510 to 000f.8f9d.3511 5.0 6.1(3) 7.2(0.90) Ok
  2 000f.8f5b.bd62 to 000f.8f5b.bd69 2.0 Unknown Unknown PwrDowo 0003.feae.f137 1.3 5.4(2) 7.2(0.90) Ok
  4 000f.f716.8dd0 to 000f.f716.8dd7 3.1 5.4(2) 7.2(0.90) Ok
  Copyright (c) 1986-2002 by cisco Systems, Inc.
  Compiled Mon 14-Oct-02 13:00 by hqluong
  00:00:54: %SNMP-5-COLDSTART: SNMP agent on host core02 is undergoing a cold star
  t
  00:00:56: %C6KPWR-SP-4-UNSUPPORTED: unsupported module in slot 2, power not allo
  wed: Unknown Card Type.
  00:00:56: %C6KPWR-SP-4-ENABLED: power to module in slot 3 set on
  00:00:57: %C6KPWR-SP-4-ENABLED: power to module in slot 4 set on
  00:00:56: %C6KPWR-SP-4-UNSUPPORTED: unsupported module in slot 2, power not allo
  wed: Unknown Card Type.
  00:00:56: %C6KPWR-SP-4-ENABLED: power to module in slot 3 set on
  00:00:57: %C6KPWR-SP-4-ENABLED: power to module in slot 4 set on
  00:01:10: %DIAG-SP-6-RUN_MINIMUM: Module 1: Running Minimum Online Diagnostics..
  00:01:14: %DIAG-SP-6-DIAG_OK: Module 1: Passed Online Diagnostics
  00:01:14: %OIR-SP-6-INSCARD: Card inserted in slot 1, interfaces are now online
  00:01:25: %DIAG-SP-6-RUN_MINIMUM: Module 3: Running Minimum Online Diagnostics..
  00:01:28: %DIAG-SP-6-DIAG_OK: Module 3: Passed Online Diagnostics
  00:01:28: %OIR-SP-6-INSCARD: Card inserted in slot 3, interfaces are now online
  00:01:56: %DIAG-SP-6-RUN_MINIMUM: Module 4: Running Minimum Online Diagnostics..
  00:01:57: %DIAG-SP-6-DIAG_OK: Module 4: Passed Online Diagnostics
  00:01:57: %OIR-SP-6-INSCARD: Card inserted in slot 4, interfaces are now online
  Mod Sub-Module Model Serial

• Catalyst 6509 Standby Supervisor IOS upgrade

  You can delete and squeeze bootflash on the standby supervisor. Is there a way to download IOS to Standby Supervisor bootflash ( 2/bootflash: ) on a Catalyst 6509 ?

  Yes it is possible
  "copy tftp {flash | file-id | config}"
  file-id
  Format used to specify the file on the Flash device, where the format is m/device:filename.
  m/ = Option that gives access to different modules, such as the standby supervisor engine or an Ethernet module.
  device: = Device where the Flash resides.
  filename = Name of the configuration file.
  http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/cmd_ref/d_cmd.htm#39929

• Bootloader and IOS image into a Catalyst 6509 running hybrid mode

  Hi all,
  I have a Catalyst 6509 running CatOS and IOS (hybrid mode)
  The chassis is based on a SUP1A and a MSFC2
  The MSFC is using images:
  boot system bootflash:c6msfc2-is-mz.121-2.E
  boot bootldr bootflash:c6msfc2-boot-mz.121-2.E
  I would like to know if is possible to add the next command to the MSFC configuration in order to load the new image before erase the old one, even while the chassis boot using the old bootloader image:
  boot system tftp c6msfc2-pk2o3sv-mz.121-26.E2.bin 10.10.5.15
  Thanks.

  Thanks Amit, thanks Ankur,
  Yeah! I know about the limits of the bootflash space as the PCMCIA option.
  It is a bit complicated to explaint the situation here but I will try.
  Neither the actual CatOS or IOS will recognize the new PCMCIA we bought to this upgrade. :P
  First, I will upgrade CatOS using rommon and xmodem command in order to execute a new catos release that can view the PCMCIA, then I will format it and I will copy the new catos image and the new ios image there.
  Then I will change the catos boot config and I will do a reset.
  I must do that because the new release don't enter into the bootflash and the actual CatOS don't support boot from the network :P. It is CatOS 5.5.1 :PPP
  After that, I need also to upgrade the MSFC because as I read that the actual IOS won't see the PCMCIA filesystem. In order to do that I would like to prepare the MSFC to boot from a TFTP server and then modify the configuration to boot from sup-slot0: forever :)
  Let me know what do you think about this steps.

• Installing X6148A-GE-45F in catalyst 6509

  i've got ios 12.2-18.sxd7 in a catalyst 6509 with 720, and when i put a 6148A(for POE) he said that 'unsupported card).

  Hi,
  Per release notes the WS-X6148A-GE-TX need at least 12.2(18)SXF, you have SXD. You need to upgrade the IOS in able to suport the line card.
  http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/ol_4164.htm
  Please rate all posts.

• Catalyst 6509 and 3560G

  Hi,
  I want to extend the number of ports available in my network and have just purchased a Cisco 3560G. We have a Cisco 6509 running in Hybrid mode. The VTP mode on the 6509 is Transparent as we have created the VLANs and port assignments manually.
  I want to add the new switch and have it hanging of port 6/8 on the Catalyst 6509.
  Am I right if I set 6/8 to trunk with Gi0/1? I was ging to do the following in order to communicate between the two switches.
  Set port 6/8 to trunking mode dot1q.
  Create VLAN 150 and 151 on the 3560G. Add ports to each of the VLANS.
  My confusion is this... if the trunk port is on one of the VLANs then the other VLAN will not be able to communicate over it. i.e. if I add the trunk into VLAN 151 then ports in VLAN 150 will not be able to send traffic over it.
  What is the ideal way to set this up?
  Thanks
  Gavin

  Set the native vlan to be the same on both ends. Mismatched native VLANs can create problems even if trunk connects.
  802.1q doesn't tag native vlan frames. As such, anytime an untagged frame arrives the switch assumes that it belongs to that vlan. Let's say if the native vlan is set to 150 on one switch and the 2nd switch that receives an untagged ARP frame will assume the traffic came in on vlan 1 (default) and if the switch doesn't know the MAC then it would forward it to vlan 1 and trunk ports. As you can see it can create problems if there's mismatched native vlans.
  Hope this helps!

• ACE10-6500-K9 module in catalyst 6509 gives this error

  Hello
  I have a module ACE10-6500-K9  inserted en module 8 of a catalyst 6509 that gave me this error yesterday.
  The workaround is to manually reset the slot ¿ok? I try to reload and the problem persists ¿is neccesary  hardware reset to solve this probem?
  Is due to a bug o hardware problem?
  %C6KPWR-SP-4-DISABLED: power to module in slot 8 set off (Module not responding to Keep Alive polling)
  Thanks you very much

  Hi, a.serrano
  The meaning of the message is as it says. Sup, to be specific,  Switch Processor of Sup sent continual keepalives through EOBC path and
  did  not hear back for keepalives from ACE in slot 8. So the Sup reset the  ACE blade in slot 8.
  I can only say that it could be h/w related or s/w related or due to  slack inserted blade with the message.
  If it is h/w related, whichever chassis slot, chassis eobc  path, ACE blade,  the first thing you need to check out is that
  failures  in generic on-line diagnostic (GOLD) from Sup side.
  Let's  see what diagnostic is running on ACE blade.
  Router#show  diagnostic content module 1
  Module 1: Application Control Engine Module
    Diagnostics test suite attributes:
       M/C/* - Minimal bootup level test / Complete bootup level test / NA
         B/* - Basic ondemand test / NA
       P/V/* - Per port test / Per device test / NA
       D/N/* - Disruptive test / Non-disruptive test / NA
         S/* - Only applicable to standby unit / NA
         X/* - Not a health monitoring test / NA
         F/* - Fixed monitoring interval test / NA
         E/* - Always enabled monitoring test / NA
         A/I - Monitoring is active / Monitoring is inactive
         R/* - Power-down line cards and need reload supervisor / NA
         K/* - Require resetting the line card after the test has completed  / NA
         T/* - Shut down all ports and need reload supervisor / NA
                                                            Test  Interval   Thre-
     ID   Test Name                          Attributes      day  hh:mm:ss.ms shold
     ==== ================================== ============     =============== =====
       1) TestEobcStressPing --------------> ***D*X**I***    not  configured  n/a
       2) TestFirmwareDiagStatus ----------> M**N****I***    000  00:00:15.00 10
       3) TestAsicSync --------------------> ***N****A***    000  00:00:15.00 10
  With ACE blade, "3) TestAsicSync" has "A" flag which means  "Monitoring is active".
  SP of Sup is sending  polling packets at a certain interval to check health of an Asic on ACE  blade.
  Now let's see failure count of that.
  Router#show diagnostic result module 1 detail
      3) TestAsicSync --------------------> .
            Error code ------------------> 0 (DIAG_SUCCESS)
             Total run count -------------> 47297
             Last test execution time ----> Feb 17 2011 05:52:34
             First test failure time -----> n/a
             Last test failure time ------> n/a
             Last test pass time ---------> Feb 17 2011 05:52:34
             Total failure count ---------> 0
             Consecutive failure count ---> 0
  If you see failure counters incremented,  check the same thing with other blades inserted in the chassis to know
  if  it is specific to slot 8 or seen with multiple slots. (different type  of blade has different type of diagnostic contents)
  Also, check  dropped and retry counters SCP as below.
  Router#remote  command switch show scp status
  Rx 22492903,  Tx 11717042,  scp_my_addr 0x5
  Id Sap      Channel name    current/peak/retry/dropped/total   time(queue/process/ack)
  0  20   SCP Unsolicited:20      0/    0/    0/      0/    0      0/    0/   0
  1  0    SCP Unsolicited:0       0/    3/    0/      0/8179027      0/    0/10036
  2  2    SCP Unsolicited:2       0/    2/    0/      0/8205700      0/    0/   0
  3  21   SCP Unsolicited:21      0/    0/    0/      0/    0      0/    0/   0
  4  1    SCP Unsolicited:1       0/    2/    0/      0/109393      0/    0/ 252
  5  18   SCP Unsolicited:18      0/    0/    0/      0/    0      0/    0/   0
  6  17   SCP Unsolicited:17      0/    0/    0/      0/    0      0/    0/   0
  7  16   SCP Unsolicited:16      0/    0/    0/      0/    0      0/    0/   0
  8  33   SCP async: LCP#6        0/   37/    0/      0/1779208    172/  240/  28
  9  32   SCP async: LCP#4        0/   24/    0/      0/2234291    296/  604/ 236
  10 37   SCP async: LCP#5        0/   61/    0/      0/1381933   1040/  716/ 236
  11 36   SCP async: LCP#1        0/ 1008/    0/      0/455925    1192/1184/ 236
  12 39   SCP async: LCP#2        0/  150/    0/      0/252763    696/  456/ 224
  Router#
  LCP# means that  "Line Card Processor of slot  #".
  If you see counters mentioned above incremented  continualy with the ACE blade in slot 8,
  try removing /  re-inserting the blade. If it persists, consider moving the ACE blade to  other slot.
  Even it persists after that, now consider h/w  replace.
  If moving slot or h/w replace do not fix the reset due to keepalive failure, or those counters incrementing,
  it might be s/w related issue.
  I do not know what  s/w version you use, however we always recommend to take the latest
  version  to have bug fixes and enhancements.
  Actually we had control plane  issue with ACE that could cause not responding to keepalive
  some  times ago.
  Let's isolate possibility of bad chassis and slack  inserted blade, then try s/w upgrading.
  If all those effort fails, pls consider h/w replace.
  If s/w upgrade is not easy option for you, try replacing ACE blade instead of s/w upgrade
  and keep s/w upgrade as the last option based on your environment.
  Regards,
  Kim