(S)NTP synchronization on SG300 access switches?

Similar Messages

• SG300 Access Switch to TFTP for upgrading bootcode

  Hi all
  I want to upgrade the boodcode on two sg300 switches. They are in vlan 1002 10.195.52.0/24. I\’ve connected a machine in the same vlan on a sg300. I can connect to this machine, all seems ok. If I\’m now on ssh console on this switch I can\’t ping it. I haven\’t any connection. I can only ping the own ip of this switch, no other switches. What must I do, that I could upgrade those boodcodes?
  Thx
  Stefan

  Hi,
  No, there will not be any interruption to my internal clients when they do autodiscover if you set to split DNS.
  A split-brain DNS infrastructure enables different IP addresses to be returned for a given namespace based on where the client resides – if the client is within the internal network, the IP address of the internal load balancer is returned; if the client
  is external, the IP address of the external gateway/firewall is returned.
  This approach simplifies the end-user experience – users only have to know a single namespace (e.g., mail.contoso.com) to access their data, regardless of where they are connecting. A split-brain DNS infrastructure, also simplifies the configuration of Client
  Access server virtual directories, as the InternalURL and ExternalURL values within the environment can be the same value.
  I recommend that you refer to the following article to understand DNS planning in exchange 2013:
  Namespace Planning in Exchange 2013
  Hope this helps!
  Thanks.
  Niko Cheng
  TechNet Community Support

• Re:Can't able to access shared folders from different VLANs in SG300 series switches

  Hi All,
  I supplied 3 numbers of SG300 series switches for the sole reason to have inter-vlan routing. I created 4 VLANs in the switches and made one switch as Layer 3 switch and other 2 as Layer 2 switch. Inter-Vlan routing is working fine. I am able to ping PCs from different VLANs. But I am not to access shared folders. Customer has installed Window 2003 server installed and it is in VLAN 1. There are some folders created in this server and it is very important for users to have access to the folders.Also, I am not able to access shared folders in other VLANs. I have created a case with Cisco small business and I got a reply saying that the switches will not support shared folder feature, which I think is not real. I am getting a very time to implement this solution in the network. I have a Sonicwall firewall after Core switch which is connected to ISP.
  ISP<----->Sonicwall FW<----->Core Switch<------>Layer 2 switch<------>Layer 2 switch
  Kindly help me out to resolve this issue.
  Regards,
  Prashant K

  Hi Prashant,
  I think you're running into a Windows firewall issue. SMB file sharing, by default I believe, is only allowed on your local subnet. Please try disabling windows firewall on the computer hosting the shared folder, then see if you can access the shared file.
  Best,
  David
  PS: It looks like this post got published twice. You can delete the other one using the task bar on the right.
  Please remember to rate helpful resonses and identify correct answers.

• Unable to ping IP address from SG300 -10p switch

   i have two core switches, we have configured the vlan 70 in both core switch
  sh run int vlan 70 --ip address: 182.94.177.34/28
  configured the HSRP in both routers.
  we have configured port in vlan 77 in access switch 4507R-E , we are able to ping the ip address.
  again we have installed on Cisco SG300 10p switch case cading to Cisco 4507R-E access switch.
  we have give below commands
  switch manangement IP :
  switch38cbaf(config)int vlan1
  switch38cbaf(config-if)#ip address 124.4.67.47 255.255.255.0
  switch38cbaf(config)#vlan database
  switch38cbaf(config-if)vlan 70
  switch38cbaf(config)#int gigabitethernet1
  switch38cbaf(config-if)#switchport mode access
  switch38cbaf(config-if)#switch access vlan 77
  Trunk Configuration
  switch38cbaf(config)#int gigabitEthernet9
  switch38cbaf(config-if)#description << Trunk | connected to access switch 4507R-E | Fa4/1 >>
  switch38cbaf(config-if)#swtichport mode trunk
  switch38cbaf(config-if)#switchport trunk allowed vlan 77
  problem:
  i am assigned the ip address 182.94.177.44 to  our desktop and connected to port Gi1
  I am able to ping 182.94.177.33, 34 and 35 Ip Address but unable to ping 182.94.177.44

  Some things to check/verify -
  a) is there a typo in your configuration above ie. you have created vlan 70 according to your configuration but the actual vlan you are using is vlan 77
  b) does the trunk link between the access 4500 and the core switch allow vlan 77
  c) try pinging from the client and not to it as there may be a firewall on the PC.
  Jon

• SG300-10P switching problem

  Hello
  I have a Synology disk on port 4 on my SG300-10P switch and my computer on port 6 both on the VLAN 1, the only VLAN on my switch. Accessing this disk with the IP address is slow and data transfer to the disk is slow as well. So I traced the route (Administration > Traceroute)
  to the disk and found that it is looping outside to the router and back to the switch. How can I get the switch to access the disk directly?
  Thanks in advance
  Leo

  Hi Leo, there shouldn't be a reason the packets are being sent to the default gateway if you're on the same subnet and the same vlan.
  Are you using the loca IP address of the Synology disk or are you trying to hairpin (using the WAN ip address instead of local IP address)?
  -Tom
  Please mark answered for helpful posts

• LAG configuration issue on Cisco SG300 52 Switch

  Hi everybody,
  I am having an issue with LAG configuration on a Cisco SG300 52 switch. I have connected four Ge ports on the switch to the four NICs of a Dell R710 Server on which I installed Windows Server 2008 R2. Without LAG configured, these ports would forward traffic to and from the Dell server fine. However, if I configure LAG on the ports with LACP enabled, then they would not forward any network traffic. Debugging shows that the ports are up but their forwarding status show N/A. Am I missing any configuration? Can I configure LAG on edgeports? Or is there any compatibility issue?
  Any help  from you guys will be greatly appreciated.
  Thank you.
  Vishal

  Hi Dave,
  Thank you for your quick response and sorry to have looked at it late. Well, I already resolved the issue and like you pointed out, it was the configuration of the Dell NICs. I had to configure NIC teaming and there was a bug with the Broadcom NIC management software. I had to download this piece of software again and I was then able to configure NIC teaming on it. I initially thought that it was already configured because we got the Dell server "pre-installed with pretty much everything".
  Anyway thank you for your assistance. Oh I have a question though if you don't mind clearing my doubt. We have bought 7 of these SG300 Switches and I would like to use all of them
  in a hierarchical design as core, distribution and access layer switches because I believe this switch has got all the qualities to be used at all the three layers. We have about 100 users in our company at the moment but expecting growth of about 10-20 employees per year. Would you think a hierarchical network design for a 100 users is a bit of an overkill? Would you think these SG300 switches can handle network traffic at the distribution and core layers? I worked out the average daily traffic is only about 4 Mbps.
  Thank you for your valuable guidance.
  Kind regards,
  Vishal
  Date: Mon, 12 Sep 2011 08:09:40 -0600
  From: [email protected]
  To: [email protected]
  Subject: - Re: LAG configuration issue on Cisco SG300 52 Switch
  Cisco Support Community
  Re: LAG configuration issue on Cisco SG300 52 Switch created by David Hornstein in Small Business Switches - View the full discussion
  Hi Chundunsing,
  Thank you for the purchase of my switch.
  Chundunsing, I love the way you worded your question ; "I am having an issue with LAG configuration on a Cisco SG300 52 switch." ,but seriously you are having a problem with interfacing the dell with my switch.
  You have LAG working to the Dell R710 teamed NICs and god knows what NICs or drivers you are using to acheive this.
  Now LAG is providing , load balancing between the LAG ports.
  Now LAG is providing , link redundancy for connectibity to the Dell R710.
  If there is a configuration issue , it sure seems the way you have it configured without LACP is still working. But you have the option when you create a LAP group to enable LACP. You can see this as a tick box in the LAG group.
  But might i also install, recently firmware version 1.1.1.8, just came out.
  Please be sure to;
  Step 1. update the firmware on the switch and
  Step 2. select it as the 'active image.'
  Step 3 rebbot the switch to utilize this active image.
  If you are having any trouble doing this the admin guide references how to achieve this. for your concenience I have atteched the guide to this posting.
  regards Dave
  Reply to this message by going to Cisco Support Community
  Start a new discussion in Small Business Switches at Cisco Support Community

• What are the major differences between a Access Switch and Aggregation Switch w.r.t Carrier Ethernet domain?

  In a Carrier Ethernet domain,Could someone please help me understand what's the basic difference between Access Switch and Aggregation Switch both in terms of s/w and h/w functionalities. MEF deals OAM,CFM, EVC provisioning only at the access edge switches. Do we need to repeat all these at the aggregation level? or  is it just used for routing purpose? Do we have a separate Fault Management at the aggregation level?

  Duplicate posts.  :P
  Go here:  https://supportforums.cisco.com/discussion/12137156/what-are-major-differences-between-access-switch-and-aggregation-switch-wrt

• Timed Access Switching Off??

  My settings in Timed Access seem to hold for maybe a few days at a time, but then all of a sudden when I check it, the Timed Access tab reads Not Enabled.
  No one else can be turning it off as I am the only one that knows the password.
  Has anyone else experienced Timed Access switching itself off?...It is a useless feature if I can't rely on it to stop various devices from accessing my network at various times.

  I can't find the links now that I'm specifically looking for them, but recall reading posts from several users who have posted over in the Lion forum with the same issue.
  One user reported that after he reset the AirPort Extreme to factory default settings and then manually set it up again, that things worked fine.
  it's a hassle to have to enter in all the Timed Access data again, but might be worth a shot. If you decide to try this, be sure to change the default rule in Timed Access (which allows all devices access).
  It's best to set the default rule to "No Access" then enter in the specific MAC Addresses or AirPort IDs for devices. You've probably already done this in the past, but some users forget to change the "default" rule and then wonder why things don't work as expected.
  No guarantees that this will work, of course. Up to you if you want to try.

• Stop broadcasts on edge access switches to a port

  I have a telco person wanting to put the management port of their phone switch on to the network in one of our remote offices. They say that it will not handle broadcast very well and it will cause it to reset.
  So is there a way to limit the broadcast traffic to the port the phoneswitch is connected to. Or is there another way to accomplish this.
  using switches like edge access switches 3500XL, 2900XL, 3550 etc and or small routers like 1700 series.
  Thanks.

  http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_command_reference_chapter09186a008010f968.html
  See the storm-control command reference. A 2.0 threashold will allow 2% of total bandwidth as broadcasts.

• Spanning vlans across access switches in distribution block.... please help

  Hi All
  Can someone please explain why Cisco states that in a Campus Hierarchical modle if Vlans are spanned across Access switches in a distribution block, then the Distrubution to distribution link should be Layer 2. Is this really necesary or just a recommendation, and if so why? Can't this link be a L3 link when spanning vlans across Access switches in distribution block, as I understand the benefit of having a L3 distribution to distribution link so that SPT is avoided.
  Please help

  Hello,
  The cisco recommended design is L3 links, but these is only possible if you have no vlans you need to span over the hole network.
  It depends on your topology or what you want achieve.
  If you need for one or more vlan's spanned the LAN, you need to use a layer 2 connection between all switches and between distribution too.
  In my company we have for example a few vlans for restricted areas, like device management or else, so we can't use L3 Links in the distribution area because these vlan's are terminated at the firewall. I think these is good thing.
  I would recommend you if you don't have to span one or more vlan's across the network to use L3 Links, specially in the case of redundancy way's. So you need no spanning-tree, but need to use other protocols like GLBP or else. The works faster and are not so confusing (for some people) as STP.
  best regards,
  Sebastian

• What is an example of an external switch in the accessibility- switch control feature on an iPhone 5s

  what is an example of an external switch in the accessibility- switch control feature on an iPhone 5s

  Perhaps this will help:
  http://bdmtech.blogspot.com/2013/09/new-in-ios-7-detailed-look-at-switch.html

• [solved] DHCP snooping in environment with core and access switches

  Hello,
  I'd like to know what steps are needed to configure DHCP snooping in my environment:
  1) two core switches Catalyst 6500 (VSS): VLAN defined here, DHCP server connected here
  2) access switches Catalyst 3750: clients connected here
  Access switches are connected to core ones via trunk ports (fiber optics).
  How many snooping databases are required?  One for core and next for each stack?

  Hi Marian,
  If your network is properly designed and connected so that clients, including DHCP clients, are attached to the access layer switches, then the DHCP Snooping should be run only on access switches. Running DHCP Snooping on core switches is not going to increase the security because the DHCP communication has already been sanitized on the access layer.
  If you intend to save the DHCP Snooping database then each switch performing the DHCP Snooping needs to have its own database if you intend to use a persistent storage for it. However, you can always have the switch to save the database to its own FLASH, alleviating the need for a centralized networked storage.
  I am not sure if this answers your question so please feel welcome to ask further.
  Best regards,
  Peter

• Campus LAN Access Switch recommendation

  Hi all,
  I am looking at the specs of 2960X switches and 3750v2 switches as possible replacements for some old 3750 switches which are approaching End OF Support.
  Am I right in understanding that the performance (both packet switching & backplane bandwidth) is better on the 2960X's than the 3750v2's? Although it looks like the 3750v2's are a lot more feature rich and also have dCEF.
  The datacheets for the 2960X report 80gig Stacking bandwidth, and 216Gbps backplane bandwidth and at least 70mpps whereas the 3750v2's are only 32gig switching fabric bandwidth and a maximum forwarding rate of 13mpps! Is there something I am missing here??
  I have no idea of costs, but just looking at getting the best value for money out of our Access Switches.
  The 3650's and 3850's look good too but I imagine they are pretty costly compared to the 2960's and I do not think we need integrated WLCs in our access switches as the AP's we have in our building are minimal.
  Any advice appreciated!
  Thanks
  Mario

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  BTW, you realize, 3750v2s are end-of-sale?
  Correct, a 2960X might have higher fabric bandwidth and PPS ratings than a 3750v2, but that doesn't mean it's faster or better.  For fabric bandwidths and PPSs, you need to look at the needs of the ports on the device.
  A 3750v2 with 48 copper FE ports, and 4 SFP gig ports, has 8.8 Gbps of port bandwidth.  So a non-blocking fabric needs to support 17.6 Gbps.  As you note, the 3750v2 fabric is listed as 32 Gbps, so you're covered there.
  The same 8.8 Gbps of port bandwidth needs up to 13.0944 Mpps (1.488 Mpps per gig) for wire-rate for minimum size Ethernet.  Your noted 13 Mpps seems to cover that too.
  So, basically, a 3750v2 switch is wire-rate capable.
  When you get into stack bandwidth, even more that other switch parameters, there's lies, dam lies, and device performance specifications.  Trying to judge one stack architecture against the other, gets very complicated very quickly.
  On the 2960 series, I believe Cisco is "adding" each switch to switch ring link to an aggregate total.  In an ideal situation, if traffic only needed to go from switch 1 to switch 2, and from switch 2 to switch 3, then the aggregate summation does have a bandwidth advantage over StackWise "bus" like ring usage.  If traffic needs to go from between all 3 switches, traffic to from switch 1 to switch 3 will need to share the bandwidth also being used by traffic from switch 1 to switch 2.
  I.e. a 2960 80 Gbps doesn't mean you get 80 Gbps between just two switches, or the advantage of all 80 Gbps found within a maximum member 2960 stack.
  (As an aside, compare StackWise vs. StackWise Plus.  The latter has twice the physical bandwidth, but it also operates much "smarter".  Again, unwinding how stacks work, and their impact to your needs, is complicated.)
  There's also more to a switch's performance than raw bandwidths and PPS rates.  The switch's architecture, and other switch specifications, can make a big difference in real-world performance.  You'll find 3560/3750s with the fabric bandwidths and PPS rates same as some 49xx switches, but the latter often will deal with busy servers much, much better, due to different port buffering.
  All the above, also means, without some real analysis of both your needs and devices being considered, anyone's recommendations should be taken with a large grain of salt; including mine.  ;)
  That said, for simple L2 edge port usage, the less expensive 2960 series might be just fine for you.  If you want to reduce costs even more, you might also look at Cisco's SMB switches, some I think are also now stackable.

• High Latency and Patket drop towards Access Switches.

  Hi,
    My network Infrastructure consists of 2 core switches(cisco 3950, 24 port) and 3 access switches (cisco 2960G, 48port). No distribution layer.Both Core switches are connected to the BVI of a VPN router.PVST is running in all switches. The STP results are all good. We have 3 VLAN's in the LAN an IP routing is enables in the core switch. The network diagram is attached.
  The issue we are facing is that , we get intermittent packet drops while pinging towords the access switches, and there is always a higher latency towords these assess switches.These issues are present even with no other users using the LAN. But these issues are not present while pinging towards the GW.
    I guess, it is because of this, we have issues the accessing file server in the LAN. How do we go ahead with the troubleshooting. Will upgrading the IOS help resolve this.The present version details is..
  WS-C2960G-48TC-L   12.2(44)SE6           C2960-LANBASEK9-M
  Thanks in advance for the help.

  Hi,
  Do you still have this problem of is it solved?
  i have the same kind of issue, so any help or information is welcome!
  Tom

• ISE to dynamiclly push Private Vlans on Access switch deployments

                     Hi all,
  is there a way to push PVLAN configuration via ISE to Access switches.
  Currently I'm thinking about an authoration profile with an attribute setting PVLAN.
  Has anyone an idea how to push Private VLan configs dynamiclly to Access Ports on Switches.
  Thanks for your comments

  Try looking into using switch macros, you should be able to create a custom macro that changes the config of the port in question to make it part of a pvlan community/isolated port or whatever you need and then trigger this macro from ISE with your authorization result. It's used for the feature cisco call NEAT, try searching for that and you should find some examples.