SA540 Inter-VLAN ACL Support Options
We have several VLANs, basically a different VLAN for each department (i.e. Developers, Payroll, Accounting, etc.) with Inter VLAN Routing turned off. We have several printers with static IPs that are currently part of a near by VLAN. We would like to group/share most of our printers across all/most of our current VLANs though. How can this be achieved? We don't want to turn Inter VLAN Routing on
If we had to, it may be possible to move all the printers we want to share across the existing VLANs to a new VLAN (and turn Inter VLAN routing on for that VLAN). Would that allow all the existing VLANs access to the new *printer* VLAN? Would all the existing VLANs still be separate and secure from one another?
We were hoping for Inter VLAN Firewall ACL support in the latest firmware as we were told is was on the roadmap for the SA500 Series routers. However, we are currently beta testing the 2.2.0.3_1 firmware and Inter VLAN Firewall ACLs are still not possible to create. Is there anyway to get that into the next firmware release (2.2.0.x) that is coming out soon?
Good morning.
Hi Curtis Counsil my name is Johnnatan and I am part of the Small business Support community, unfortunately it is not possible to create ACL´s in your device, the solution is to enable inter vlan or placing a printer for each vlan's with the inconvenience that it could not communicate with each other, however that's what you do not want. I recommended to you get or buy a Cisco layer 3 device that supports ACL. Such a router or a Switch L3, you can contact our presales team and explain your newortk issue and they will help you with your case
http://www.cisco.com/web/siteassets/contacts/international.html?reloaded=true
Thank you and have a nice day!!!
I hope you find this answer useful, if it was satisfactory for you, please mark the question as Answered.
Best regards.
Johnn.
Cisco network support engineer.
Similar Messages
-
We are used Cisco 3750 Layer 3 Switch and linksys switch at Layer 2 level.
We are used total 10 VLAN, We want block all inter-vlan communication, So no body can access inter vlan .
All vlan can access server vlan
Thanks
Dinesh ChavanDinesh Chavan
Based on what you have told us one solution would be to configure an access list for each of the SVIs on your 3750 switch and apply it on the inbound direction for the interface. In the access list you would permit packets with source address in the vlan of that interface a destination of the server vlan. You would deny all other traffic. This would allow each vlan to communicate with the server vlan but not with any other vlan.
HTH
Rick -
Hi forumers'
My problem statement
a. how to let a single switchport to carry vlan voice and vlan data?
say i had create and configure the vlan voice (20) and vlan data (10)
first i do as this (attach voice vlan.png)
what should i do over
a1. VLAN Management-Port to VLAN
(set the interface as general, but then should i tick PVID, tag or untag? )
a2. VLAN Management-VLAN to Port
(is it let vlan 10 and vlan 20 to join the switchport?) (attach VLAN to Port.png)
b. can this switch doing "ip routing" for inter VLAN routing?
say i create the VLAN, assign IP for the virtual interface for it. What need to do to enable inter-VLAN routing?
I check the switch only switch IPv4 Static Route, is it need to manual create the static route to reach every VLAN's subnet?
c. can this switch be NTP server?
Thanks
NoelHi!
a. Create vlan 10 (data) and vlan 20 (voice). Set the switchport where you have an IP phone attached to the Trunk mode (Vlan Management -> Interface Settings). Administrative PVID of the port should be 10. Go to VLAN Management -> Port VLAN membership, select the switchport and click Join VLAN button. In the right column you should have "10UP" (VLAN 10 Untagged, PVID: 10). From the left column select 20, Tagging should be Tagged, click right arrow button to add VLAN 20 Tagged to the port and click Apply.
These settings will make switchport transferring traffic from VLAN10 (data) as untagged and voice traffic from VLAN20 as tagged to the phone. Respectively your phone, if it has a PC attached to it should be configured to tag voice traffic with VLAN20 tag and pass data traffic untagged to the PC. Voice VLAN settings keep like shown on the screenshot - it will let the switch assign the optimal QoS settings to the voice vlan traffic.
b. If you have the latest firmware installed the Inter VLAN routing is enabled by default. Just create SVI interfaces (assign an IP address to the VLAN interface) and if you have at least one host connected to the switchport member of the VLAN, the route to that subnet will appear in the switch routing table automatically. If you have several VLANs with IP addresses assigned and active hosts on these VLANs - all these networks will appear in the routing table as directly connected and hosts from all VLANs will be able to reach each other. If you need to restrict Inter VLAN communication - use IP ACLs.
c. No, the switch can be SNTP client only. -
RV130W Inter-VLAN Routing occurs even when disabled
On my RV130W I have two VLANs set up:
VLAN1:
VLAN100:
Inter-VLAN Routing is NOT enabled:
Why then am I able to ping hosts in a different VLAN?
Does this require a bug fix?I put my theory to the test and it worked as I thought
which is that vlan 101 could get to vlan 102 and vice versa
but vlan 1 could get to either and vice versa
I take it that this is probably due to how the router os is setup and hardware options on it
based on that there is probably only a couple of real interfaces
and that the vlan 1 is assigned to the one of them or to the switch interface
and the other vlans are just attached to it,
vlan 1 has to be able to cross communicate due to my guess that there aren't enough real interfaces
in that vlan is the end gateway and the other vlans are just virtual gateways if you will
This is what I did with the ports
In my lab I actually don't assign vlan 1 to any ports at all, nothing is on it except that actual router
but I left it on a port for you to see, as it might be handy to connect to in worst case scenarios
which works because of routing
as to whether its a feature or a bug or a limitation is hard to say without more info from cisco -
ACE design with inter-Vlan routing
Hello all.
I'm working on a design for a customer where the ACE will perform inter vlan routing.
A few questions about that :
- is routed traffic enforced in hardware with some kind of CEF-like mechanism ? (I suppose yes because there is a FIB ? per
https://supportforums.cisco.com/docs/DOC-19253 ) we expect a certain load and routing is software will not be acceptable
- if I put my VIPs within the VLANs hosting the application, is there any restriction on accesses made to this VIP (if the VIP is reached after the routing process is performed) ?
example :
VLAN2 (client) ----- ACE ----- VLAN3 (servers)192.168.2.0/24 192.168.3.0/24
If I try to access the VIP (192.168.3.20) from a PC in the VLAN2 (192.168.2.15) does it work ?
I assume yes because the VIP appears as a connected /32 in the routing table, I just want to be sure to not fall into some tricky part of code because the access to the VIP is done after the routing process. I just want to be sure there is no drawback / restriction about that.
Thanks in advance.Hello Surya!
Yes this is possible. You can reach the VIP from one VLAN to another (The VIP is not really inside of the VLAN). Important is to check your ACLs and you need to have the service-policy either globally or local on both VLAN-interfaces.
And I guess there is nothing like CEF implemented in the ACE, because it is not needed there.
Cheers,
Marko -
Setting Inter VLAN in the Router.
Hi,
I trying to set up inter VLAN on the Cisco 2651XM router. I try to type the IP address on the sub interface but it gives me an error. I need to set up first
the encapsulation dot1 q. I type encapsulation command but it doesn't recognized.
This is the version of my router
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 12.2(8)T5, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Fri 21-Jun-02 08:50 by ccai
Image text-base: 0x80008074, data-base: 0x80A2BD40
ROM: System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
Router uptime is 32 minutes
System returned to ROM by power-on
System image file is "flash:c2600-i-mz.122-8.T5.bin"
cisco 2651XM (MPC860P) processor (revision 0x100) with 125952K/5120K bytes of memory.
Processor board ID JAD07130B30 (708131756)
M860 processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)
Configuration register is 0x2142
Do I need to update my cisco IOS if I do what os version I need and how can i download the cisco IOS.Thanks for the help. I don't need to change the version. I figure it out already..
-
Inter-VLAN routing, Auto-Voice VLAN and IP Address-Helper
Hope that somebody can help me with the setup in the screenshot.
Planning to use Auto-Voice VLAN and Smartports to configure VOIP
LLDP-MED will be enabled on the switch to detect the IP phones so they will be moved to the Voice VLAN (If not the first 6 signs will be added to the OID table). The Voice VLAN ID will be 2 >> Voice VLAN will be automatically enabled once a device is recognized as a IP phone right?
Workstations will be connected to the Cisco switch, VLAN data will be untagged and will remain on the native VLAN.
Smartports will be used to configure the ports (Macro's) >> Should configure the ports as trunks as assigns the correct VLANs right?
But how do i configure the IP Helper-Address? Do i have to create the Voice VLAN on both switches and then run the command "IP Helper Address" to specify a DHCP server? From what i've been reading it's required, when using Inter-VLAN routing, to configure the VLAN interface with an IP address. But it's going to give problems when both switches are connected to eachother and both have the same VLAN configured including the same IP address assigned to their VLAN interface?
Normal data should pass the ASA firewall, VOIP traffic should go through the Vigor modem to a hosted VOIP provider. The best way, i assume, is to configure 2 separate scopes on the DHCP server?
Still confused on how to set it up, hope that someone can point me in the right directionIf you're sending voice to only the Vigor modem then there is no need for a trunk between the SF-300 and the Vigor modem. You can just set that to an untag packet for the VLAN 2 between that switch and the Vigor modem.
On the 'edge' SF300 where the IP phone/PC is it is obviously going to interoute there and of course the phone port is tagged and PC port is untagged.
For the IP helper, it uses UDP-RELAY and it should be enabled on the port itself and enabled on the global configuration. You may also need option 82. Also keep in mind, depending how your DHCP server works, it may need option 82 configured as well or at least a route to understand the subnets in the layer 3 environment to get traffic across the VLANS. -
RV180 Router: Cannot get Inter-VLAN Routing to work.
I have been banging at this now for two days and just cannot get Inter-VLAN routing working to work on this router.
Here is the est-up:.
Upgraded to latest Cisco firmware (1.0.1.9).
Starting with factory default settings, I added 2 VLANS as follows:
vlan default(id=1): dhcpmode=server IP=192.168.1.1/24 port 1
vlan vlan2 (id=2): dhcpmode=server IP=192.168.2.1/24 port 2
vlan vlan3 (id=3): dhcpmode=server IP=192.168.3.1/24 port 3
(unconnected)
WAN port
|
Routing/NAT
|
vlan ip 192.168.1.1 192.168.2.1 192.168.3.1
vlan name default vlan2 vlan3
vlan id ID=1 ID=2 ID=3
Inter-VLAN Routing No Yes Yes
Port 1 Untagged Excluded Excluded
Port 2 Excluded Untagged Excluded
Port 3 Excluded Excluded Untagged
Port 4(not of interest) Untagged Excluded Excluded
Port 1 Port 2 Port 3
| | |
AdminPC PC2 PC3
192.168.2.191 192.168.3.181
PC2 gets assigned an IP Address of 192.168.2.191 (DGW=192.168.2.1) - OK
PC3 gets assigned an IP Address of 192.168.3.181 (DGW=192.168.3.1) - OK
PC2 with (IP 192.168.2.191) can ping 192.168.2.1 and 192.168.3.1 - OK
PC3 with (IP 192.168.3.181) can ping 192.168.3.1 and 192.168.2.1 - OK
BUT....
PC2 cannot ping PC3 - NOT WORKING
PC3 cannot ping PC2 - NOT WORKING
(does not work in both Gateway Mode and Router Mode)
ANYONE CAN HELP ME FIGURE OUT WHY ??????
Your help is much appreciated.
I bought this device specifically because it supported inter-VLAN routing!.
Venu
Supporting Information:
Screen captures:
VLAN Membership:
VLAN ID Description Inter VLAN Device Port 1 Port 2 Port 3 Port 4
Routing Mgment
1 Default Disabled Enabled Untagged Excluded Excluded Untagged
2 VLAN2 Enabled Enabled Excluded Untagged Excluded Excluded
3 VLAN3 Enabled Enabled Excluded Excluded Untagged Excluded
Multiple VLAN Subnets:
VLAN ID IP Address Subnet Mask DHCP Mode DNS Proxy Status
1 192.168.1.1 255.255.255.0 DHCP Server Enabled
2 192.168.2.1 255.255.255.0 DHCP Server Enabled
3 192.168.3.1 255.255.255.0 DHCP Server Enabled
Routing Table (Gateway Mode)
Destination Gateway Genmask Metric Ref Use Interface Type Flags
127.0.0.1 127.0.0.1 255.255.255.255 1 0 0 lo Static UP,Gateway,Host
192.168.3.0 0.0.0.0 255.255.255.0 0 0 0 bdg3 Dynamic UP
192.168.2.0 0.0.0.0 255.255.255.0 0 0 0 bdg2 Dynamic UP
192.168.1.0 0.0.0.0 255.255.255.0 0 0 0 bdg1 Static UP
192.168.1.0 192.168.1.1 255.255.255.0 1 0 0 bdg1 Static UP,Gateway
127.0.0.0 0.0.0.0 255.0.0.0 0 0 0 lo Dynamic
Routing Table (Router Mode)
(Same)cadet alain, you hit the nail on the head. The router was doing Iner-VLAN routing, but the PCs were blocking the pings because they came from another subnet. Thank you for your help in resolving this.
I have a follow-up question if I may - I need to add a default route but can't seem to find a way to do that. Tried adding a static route with IP=0.0.0.0 Mask=0.0.0.0 but it will not allow it. My current routing table looks like this:
Destination Gateway Genmask Metric Ref Use Interface Type Flags
127.0.0.1 127.0.0.1 255.255.255.255 1 0 0 lo Static UP,Gateway,Host
192.168.2.0 0.0.0.0 255.255.255.0 0 0 0 bdg2 Dynamic UP
192.168.1.0 0.0.0.0 255.255.255.0 0 0 0 bdg1 Static UP
127.0.0.0 0.0.0.0 255.0.0.0 0 0 0 lo Dynamic UP
It routes all packets to VLAN2 and VLAN3 correctly; but if a packet arrives to any other network address, I would like to get it to forward to another gateway on VLAN2 (at address 192.168.2.254). Can't seem to find a way to add a default route. -
I have read from cisco sites that 2960X with Lan base supports up to 16 static routes however I believe this is a layer 2 switch . One of my confusion is that would I be able to do Inter-vlan routing with this . Has anyone tried this ?
Thanks for the reply .
Yes i understand that dyamic routing is not supported . If we have one switch I can make 3 SVI and assign each port to each SVI , later each port can be connected to a Laptop . This way each laptop will have different IP . Because Laptop's default gateway would be SVI created on switch all data would travel there .
Now if i do a show ip route on that switch I will see all 3 SVI as Directly Connected route with an administrative distance of 0 because the line protocol of SVI is up .
My question is would Laptop A be able to ping Laptop B , Intervlan routing ? -
WLC 8510 Time Based ACL Support
Hi,
I see something like this in the Data Sheet of 8510 "A wireless policy engine on the Cisco 8500 Series enables profiling of wireless devices and enforcement of policies such as VLAN assignment, QoS, access control lists (ACLs), and time-of-day- based access." I wonder if does WLC 8500 has time-based ACL support, or data sheet is talking about anything else?
Thank you for replies.
M.S.Temelli / Istanbul Technical UniversityYou want a straight answer or you want an answer coming out from the SALES team?
Sales team will say "YES". Will it be effective? Not one bit. You go to Security > Local Policy. You create a Local Policy (and attached to your SSID) and determine what time/day you want specific criterea (like wireless client manufacturer).
However, if you want what time/day you want the SSID to go down or UP, then you'll need something more robust, like a Layer 3 ACL.
If you want something like a time/day you want the radio(s) of the AP to go down/up then you need something like EnergyWise or WCS/NCS/PI. -
Inter VLAN Routing with ASA 5520 and Cat 2960
Hi there,
I am a complete novice at networking, but I was tasked to have an ASA 5520 do inter VLAN routing (since my shop doesn't have a layer 3 router).
As a basic setup, I am trying to have three workstations on three different VLANs communicate with each other. The attached screenshot shows the topology.
I am unable to ping from a PC to the ASA...therefore I can't ping to other VLANs. Any assistance would be greatly appreciated.
ROUTER CONFIG:
ciscoasa#
ciscoasa# show run
: Saved
ASA Version 8.3(1)
hostname ciscoasa
domain-name null
enable password ###### encrypted
passwd ###### encrypted
names
dns-guard
interface GigabitEthernet0/0
no nameif
no security-level
no ip address
interface GigabitEthernet0/1
no nameif
security-level 100
ip address 10.10.1.1 255.255.255.0
interface GigabitEthernet0/1.10
vlan 10
nameif vlan10
security-level 100
ip address 10.10.10.1 255.255.255.0
interface GigabitEthernet0/1.20
vlan 20
nameif vlan20
security-level 100
ip address 10.10.20.1 255.255.255.0
interface GigabitEthernet0/1.30
vlan 30
nameif vlan30
security-level 100
ip address 10.10.30.1 255.255.255.0
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
boot system disk0:/asa831-k8.bin
ftp mode passive
dns server-group DefaultDNS
domain-name null
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
access-list global_access extended permit icmp any any
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu vlan10 1500
mtu vlan20 1500
mtu vlan30 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
asdm image disk0:/asdm-631.bin
no asdm history enable
arp timeout 14400
access-group global_access global
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd address 192.168.1.2-192.168.1.5 inside
dhcpd enable inside
dhcpd address 10.10.10.101-10.10.10.253 vlan10
dhcpd enable vlan10
dhcpd address 10.10.20.101-10.10.20.253 vlan20
dhcpd enable vlan20
dhcpd address 10.10.30.101-10.10.30.253 vlan30
dhcpd enable vlan30
threat-detection basic-threat
threat-detection statistics host
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect ip-options
service-policy global_policy global
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DD
CEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:4ad1bba72f1f51b2a47e8cacb9d3606a
: end
SWITCH CONFIG
Switch#show run
Building configuration...
Current configuration : 2543 bytes
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Switch
boot-start-marker
boot-end-marker
no aaa new-model
system mtu routing 1500
ip subnet-zero
spanning-tree mode pvst
spanning-tree extend system-id
no spanning-tree vlan 1
vlan internal allocation policy ascending
interface GigabitEthernet0/1
description Port Configured As Trunk
switchport trunk allowed vlan 1,10,20,30,1002-1005
switchport mode trunk
interface GigabitEthernet0/2
switchport access vlan 10
switchport mode access
interface GigabitEthernet0/3
switchport access vlan 20
switchport mode access
interface GigabitEthernet0/4
switchport access vlan 30
switchport mode access
interface GigabitEthernet0/5
interface GigabitEthernet0/6
interface GigabitEthernet0/7
interface GigabitEthernet0/8
interface GigabitEthernet0/9
interface GigabitEthernet0/10
interface GigabitEthernet0/11
interface GigabitEthernet0/12
interface GigabitEthernet0/13
interface GigabitEthernet0/14
interface GigabitEthernet0/15
interface GigabitEthernet0/16
interface GigabitEthernet0/17
interface GigabitEthernet0/18
interface GigabitEthernet0/19
interface GigabitEthernet0/20
interface GigabitEthernet0/21
interface GigabitEthernet0/22
interface GigabitEthernet0/23
interface GigabitEthernet0/24
interface GigabitEthernet0/25
interface GigabitEthernet0/26
interface GigabitEthernet0/27
interface GigabitEthernet0/28
interface GigabitEthernet0/29
interface GigabitEthernet0/30
interface GigabitEthernet0/31
interface GigabitEthernet0/32
interface GigabitEthernet0/33
interface GigabitEthernet0/34
interface GigabitEthernet0/35
interface GigabitEthernet0/36
interface GigabitEthernet0/37
interface GigabitEthernet0/38
interface GigabitEthernet0/39
interface GigabitEthernet0/40
interface GigabitEthernet0/41
interface GigabitEthernet0/42
interface GigabitEthernet0/43
interface GigabitEthernet0/44
interface GigabitEthernet0/45
interface GigabitEthernet0/46
interface GigabitEthernet0/47
interface GigabitEthernet0/48
interface Vlan1
ip address 10.10.1.2 255.255.255.0
no ip route-cache
interface Vlan10
no ip address
no ip route-cache
interface Vlan20
no ip address
no ip route-cache
interface Vlan30
no ip address
no ip route-cache
ip default-gateway 10.10.1.1
ip http server
ip http secure-server
control-plane
line con 0
line vty 5 15
endciscoasa# capture cap10 interface vlan10
ciscoasa# capture cap20 interface vlan20
ciscoasa# show cap cap10
97 packets captured
1: 17:32:32.541262 802.1Q vlan#10 P0 10.10.10.101.2461 > 10.10.10.1.8905: ud
p 96
2: 17:32:36.741294 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
3: 17:32:36.741523 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
4: 17:32:37.539217 802.1Q vlan#10 P0 10.10.10.101.2462 > 10.10.10.1.8905: ud
p 98
5: 17:32:39.104914 802.1Q vlan#10 P0 10.10.10.101.2463 > 10.12.5.64.8906: ud
p 95
6: 17:32:41.738914 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
7: 17:32:41.739143 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
8: 17:32:42.544023 802.1Q vlan#10 P0 10.10.10.101.2464 > 10.10.10.1.8905: ud
p 93
9: 17:32:46.747352 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
10: 17:32:46.747580 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
11: 17:32:47.546633 802.1Q vlan#10 P0 10.10.10.101.2465 > 10.10.10.1.8905: ud
p 98
12: 17:32:51.739921 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
13: 17:32:51.740150 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
14: 17:32:52.544100 802.1Q vlan#10 P0 10.10.10.101.2466 > 10.10.10.1.8905: ud
p 98
15: 17:32:56.741859 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
16: 17:32:56.742088 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
17: 17:32:57.547396 802.1Q vlan#10 P0 10.10.10.101.2467 > 10.10.10.1.8905: ud
p 98
18: 17:33:01.742728 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
19: 17:33:01.742957 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
20: 17:33:02.547609 802.1Q vlan#10 P0 10.10.10.101.2468 > 10.10.10.1.8905: ud
p 97
21: 17:33:06.742774 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
22: 17:33:06.743018 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
23: 17:33:07.543337 802.1Q vlan#10 P0 10.10.10.101.2469 > 10.10.10.1.8905: ud
p 93
24: 17:33:10.375514 802.1Q vlan#10 P0 10.10.10.101.137 > 10.10.10.255.137: ud
p 50
25: 17:33:11.114679 802.1Q vlan#10 P0 10.10.10.101.137 > 10.10.10.255.137: ud
p 50
26: 17:33:11.742728 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
27: 17:33:11.742957 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
28: 17:33:11.864731 802.1Q vlan#10 P0 10.10.10.101.137 > 10.10.10.255.137: ud
p 50
29: 17:33:12.546266 802.1Q vlan#10 P0 10.10.10.101.2470 > 10.10.10.1.8905: ud
p 98
30: 17:33:16.746497 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
31: 17:33:16.746726 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
32: 17:33:17.548403 802.1Q vlan#10 P0 10.10.10.101.2471 > 10.10.10.1.8905: ud
p 97
33: 17:33:21.744880 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
34: 17:33:21.745109 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
35: 17:33:22.545351 802.1Q vlan#10 P0 10.10.10.101.2472 > 10.10.10.1.8905: ud
p 95
36: 17:33:23.785558 802.1Q vlan#10 P0 10.10.10.101.137 > 10.10.10.255.137: ud
p 50
37: 17:33:24.522464 802.1Q vlan#10 P0 10.10.10.101.137 > 10.10.10.255.137: ud
p 50
38: 17:33:25.272568 802.1Q vlan#10 P0 10.10.10.101.137 > 10.10.10.255.137: ud
p 50
39: 17:33:26.744926 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
40: 17:33:26.745154 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
41: 17:33:27.548708 802.1Q vlan#10 P0 10.10.10.101.2473 > 10.10.10.1.8905: ud
p 96
42: 17:33:31.749625 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
43: 17:33:31.749854 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
44: 17:33:32.550096 802.1Q vlan#10 P0 10.10.10.101.2474 > 10.10.10.1.8905: ud
p 97
45: 17:33:36.748343 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
46: 17:33:36.748572 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
47: 17:33:37.546251 802.1Q vlan#10 P0 10.10.10.101.2475 > 10.10.10.1.8905: ud
p 95
48: 17:33:41.745566 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
49: 17:33:41.745795 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
50: 17:33:42.547975 802.1Q vlan#10 P0 10.10.10.101.2476 > 10.10.10.1.8905: ud
p 97
51: 17:33:46.747855 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
52: 17:33:46.748084 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
53: 17:33:47.548403 802.1Q vlan#10 P0 10.10.10.101.2477 > 10.10.10.1.8905: ud
p 94
54: 17:33:51.747718 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
55: 17:33:51.747931 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
56: 17:33:52.547670 802.1Q vlan#10 P0 10.10.10.101.2478 > 10.10.10.1.8905: ud
p 97
57: 17:33:54.134239 802.1Q vlan#10 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
58: 17:33:56.750678 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
59: 17:33:56.750891 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
60: 17:33:57.563035 802.1Q vlan#10 P0 10.10.10.101.2479 > 10.10.10.1.8905: ud
p 97
61: 17:33:59.245272 802.1Q vlan#10 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
62: 17:34:01.752188 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
63: 17:34:01.752402 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
64: 17:34:01.995737 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.23.427: u
dp 49
65: 17:34:01.995813 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.23.427: u
dp 34
66: 17:34:01.995950 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.22.427: u
dp 49
67: 17:34:01.996011 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.22.427: u
dp 34
68: 17:34:01.996118 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.200.40.427:
udp 49
69: 17:34:01.996179 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.200.40.427:
udp 34
70: 17:34:02.551836 802.1Q vlan#10 P0 10.10.10.101.2480 > 10.10.10.1.8905: ud
p 98
71: 17:34:03.011306 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.23.427: u
dp 49
72: 17:34:03.011367 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.23.427: u
dp 34
73: 17:34:03.011443 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.22.427: u
dp 49
74: 17:34:03.011489 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.22.427: u
dp 34
75: 17:34:03.011550 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.200.40.427:
udp 49
76: 17:34:03.011596 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.200.40.427:
udp 34
77: 17:34:04.027037 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.23.427: u
dp 49
78: 17:34:04.027082 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.23.427: u
dp 34
79: 17:34:04.027174 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.22.427: u
dp 49
80: 17:34:04.027250 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.22.427: u
dp 34
81: 17:34:04.027311 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.200.40.427:
udp 49
82: 17:34:04.027357 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.200.40.427:
udp 34
83: 17:34:04.745811 802.1Q vlan#10 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
84: 17:34:06.058514 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.23.427: u
dp 49
85: 17:34:06.058605 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.23.427: u
dp 34
86: 17:34:06.058651 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.22.427: u
dp 49
87: 17:34:06.058712 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.16.22.427: u
dp 34
88: 17:34:06.058758 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.200.40.427:
udp 49
89: 17:34:06.058819 802.1Q vlan#10 P0 10.10.10.101.2263 > 156.80.200.40.427:
udp 34
90: 17:34:06.750907 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
91: 17:34:06.751151 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
92: 17:34:07.552751 802.1Q vlan#10 P0 10.10.10.101.2481 > 10.10.10.1.8905: ud
p 96
93: 17:34:11.752082 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
94: 17:34:11.752326 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
95: 17:34:12.553392 802.1Q vlan#10 P0 10.10.10.101.2482 > 10.10.10.1.8905: ud
p 96
96: 17:34:16.755438 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
97: 17:34:16.755682 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
98: 17:34:17.554811 802.1Q vlan#10 P0 10.10.10.101.2483 > 10.10.10.1.8905: ud
p 97
99: 17:34:21.751303 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
100: 17:34:21.751563 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
101: 17:34:22.552034 802.1Q vlan#10 P0 10.10.10.101.2484 > 10.10.10.1.8905: ud
p 95
102: 17:34:26.753989 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
103: 17:34:26.754218 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
104: 17:34:27.560334 802.1Q vlan#10 P0 10.10.10.101.2485 > 10.10.10.1.8905: ud
p 98
105: 17:34:31.755499 802.1Q vlan#10 P0 10.10.10.101 > 10.10.10.1: icmp: echo re
quest
106: 17:34:31.755728 802.1Q vlan#10 P0 10.10.10.1 > 10.10.10.101: icmp: echo re
ply
107: 17:34:32.563950 802.1Q vlan#10 P0 10.10.10.101.2486 > 10.10.10.1.8905: ud
p 95
107 packets shown
ciscoasa# show cap cap20
92 packets captured
1: 17:26:53.653378 802.1Q vlan#20 P0 10.10.20.101.1187 > 216.49.94.13.80: S 8
20343450:820343450(0) win 65535
2: 17:27:12.019133 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
3: 17:27:17.214481 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
4: 17:27:55.593688 802.1Q vlan#20 P0 10.10.20.101.1188 > 216.49.94.13.80: S 1
499891746:1499891746(0) win 65535
5: 17:27:58.555284 802.1Q vlan#20 P0 10.10.20.101.1188 > 216.49.94.13.80: S 1
499891746:1499891746(0) win 65535
6: 17:28:04.564790 802.1Q vlan#20 P0 10.10.20.101.1188 > 216.49.94.13.80: S 1
499891746:1499891746(0) win 65535
7: 17:29:06.504856 802.1Q vlan#20 P0 arp who-has 10.10.20.1 tell 10.10.20.101
8: 17:29:06.504917 802.1Q vlan#20 P0 arp reply 10.10.20.1 is-at 54:75:d0:ba:4
6:bb
9: 17:29:06.505222 802.1Q vlan#20 P0 10.10.20.101.1189 > 216.49.94.13.80: S 4
7080594:47080594(0) win 65535
10: 17:29:09.467032 802.1Q vlan#20 P0 10.10.20.101.1189 > 216.49.94.13.80: S 4
7080594:47080594(0) win 65535
11: 17:29:15.476537 802.1Q vlan#20 P0 10.10.20.101.1189 > 216.49.94.13.80: S 4
7080594:47080594(0) win 65535
12: 17:30:17.417245 802.1Q vlan#20 P0 10.10.20.101.1190 > 216.49.94.13.80: S 1
445997597:1445997597(0) win 65535
13: 17:30:18.156043 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
14: 17:30:20.378688 802.1Q vlan#20 P0 10.10.20.101.1190 > 216.49.94.13.80: S 1
445997597:1445997597(0) win 65535
15: 17:30:23.220356 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
16: 17:30:26.388102 802.1Q vlan#20 P0 10.10.20.101.1190 > 216.49.94.13.80: S 1
445997597:1445997597(0) win 65535
17: 17:30:28.721047 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
18: 17:30:34.222507 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
19: 17:33:43.156928 802.1Q vlan#20 P0 arp who-has 10.10.20.101 tell 10.10.20.1
01
20: 17:33:44.187002 802.1Q vlan#20 P0 arp who-has 10.10.20.1 tell 10.10.20.101
21: 17:33:44.187047 802.1Q vlan#20 P0 arp reply 10.10.20.1 is-at 54:75:d0:ba:4
6:bb
22: 17:33:44.187261 802.1Q vlan#20 P0 10.10.20.101 > 10.10.20.1: icmp: echo re
quest
23: 17:33:44.187520 802.1Q vlan#20 P0 10.10.20.1 > 10.10.20.101: icmp: echo re
ply
24: 17:33:44.239016 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
25: 17:33:44.327360 802.1Q vlan#20 P0 10.10.20.101.53835 > 208.231.55.26.53:
udp 34
26: 17:33:44.989740 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
27: 17:33:45.150611 802.1Q vlan#20 P0 10.10.20.101.6646 > 10.10.20.255.6646:
udp 236
28: 17:33:45.331312 802.1Q vlan#20 P0 10.10.20.101.53835 > 208.231.55.27.53:
udp 34
29: 17:33:45.740943 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
30: 17:33:46.331892 802.1Q vlan#20 P0 10.10.20.101.53835 > 208.231.55.26.53:
udp 34
31: 17:33:46.492131 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
32: 17:33:47.243502 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
33: 17:33:47.994501 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
34: 17:33:48.335050 802.1Q vlan#20 P0 10.10.20.101.53835 > 208.231.55.26.53:
udp 34
35: 17:33:48.335141 802.1Q vlan#20 P0 10.10.20.101.53835 > 208.231.55.27.53:
udp 34
36: 17:33:48.745658 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
37: 17:33:49.496861 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
38: 17:33:50.248812 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
39: 17:33:50.249300 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
40: 17:33:50.999170 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
41: 17:33:50.999246 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
42: 17:33:51.750342 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
43: 17:33:51.750418 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
44: 17:33:52.341336 802.1Q vlan#20 P0 10.10.20.101.53835 > 208.231.55.26.53:
udp 34
45: 17:33:52.341474 802.1Q vlan#20 P0 10.10.20.101.53835 > 208.231.55.27.53:
udp 34
46: 17:33:52.501576 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
47: 17:33:52.501652 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
48: 17:33:53.254183 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 174
49: 17:33:53.254320 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 204
50: 17:33:54.134361 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
51: 17:33:54.755118 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 174
52: 17:33:54.823535 802.1Q vlan#20 P0 10.120.2.198.1261 > 161.69.12.13.443: R
250934743:250934743(0) ack 2427374744 win 0
53: 17:33:54.823901 802.1Q vlan#20 P0 10.120.2.198.1262 > 161.69.12.13.443: R
3313764765:3313764765(0) ack 1397588942 win 0
54: 17:33:54.824618 802.1Q vlan#20 P0 10.10.20.101.1269 > 161.69.12.13.443: S
2860571026:2860571026(0) win 65535
55: 17:33:56.257448 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 174
56: 17:33:57.759833 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 174
57: 17:33:57.779729 802.1Q vlan#20 P0 10.10.20.101.1269 > 161.69.12.13.443: S
2860571026:2860571026(0) win 65535
58: 17:33:59.245394 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
59: 17:33:59.262178 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 186
60: 17:34:00.263780 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 186
61: 17:34:01.265382 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 186
62: 17:34:02.266908 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 186
63: 17:34:03.268540 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
64: 17:34:03.789189 802.1Q vlan#20 P0 10.10.20.101.1269 > 161.69.12.13.443: S
2860571026:2860571026(0) win 65535
65: 17:34:04.019591 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
66: 17:34:04.745933 802.1Q vlan#20 P0 10.10.10.101 > 10.10.20.101: icmp: echo
request
67: 17:34:04.770757 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
68: 17:34:05.521991 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
69: 17:34:06.273209 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
70: 17:34:07.024367 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
71: 17:34:07.775518 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
72: 17:34:08.526706 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 68
73: 17:34:09.277939 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 174
74: 17:34:09.278061 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 174
75: 17:34:09.278702 802.1Q vlan#20 P0 10.10.20.101.138 > 10.10.20.255.138: ud
p 204
76: 17:34:15.810489 802.1Q vlan#20 P0 10.10.20.101.49796 > 208.231.55.26.53:
udp 31
77: 17:34:16.809726 802.1Q vlan#20 P0 10.10.20.101.49796 > 208.231.55.27.53:
udp 31
78: 17:34:17.811222 802.1Q vlan#20 P0 10.10.20.101.49796 > 208.231.55.26.53:
udp 31
79: 17:34:19.814349 802.1Q vlan#20 P0 10.10.20.101.49796 > 208.231.55.26.53:
udp 31
80: 17:34:19.814380 802.1Q vlan#20 P0 10.10.20.101.49796 > 208.231.55.27.53:
udp 31
81: 17:34:23.820682 802.1Q vlan#20 P0 10.10.20.101.49796 > 208.231.55.26.53:
udp 31
82: 17:34:23.820788 802.1Q vlan#20 P0 10.10.20.101.49796 > 208.231.55.27.53:
udp 31
83: 17:34:30.822924 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 50
84: 17:34:31.572892 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 50
85: 17:34:32.324079 802.1Q vlan#20 P0 10.10.20.101.137 > 10.10.20.255.137: ud
p 50
86: 17:34:33.083079 802.1Q vlan#20 P0 10.10.20.101.61089 > 208.231.55.26.53:
udp 44
87: 17:34:34.077007 802.1Q vlan#20 P0 10.10.20.101.61089 > 208.231.55.27.53:
udp 44
88: 17:34:35.078639 802.1Q vlan#20 P0 10.10.20.101.61089 > 208.231.55.26.53:
udp 44
89: 17:34:37.081584 802.1Q vlan#20 P0 10.10.20.101.61089 > 208.231.55.26.53:
udp 44
90: 17:34:37.081706 802.1Q vlan#20 P0 10.10.20.101.61089 > 208.231.55.27.53:
udp 44
91: 17:34:41.087809 802.1Q vlan#20 P0 10.10.20.101.61089 > 208.231.55.26.53:
udp 44
92: 17:34:41.087840 802.1Q vlan#20 P0 10.10.20.101.61089 > 208.231.55.27.53:
udp 44
92 packets shown -
RV042G Router - Inter VLAN:
Does this router supports 802.1Q? Or should I connect one router port per VLAN?
eg. If I have 2 VLAN configured on ONE SWITCH, Do I:
a) TRUNK the VLAN on SWITCH and connect ONE port to the ROUTER?
b) connect ONE port on ROUTER to VLAN1, and another port to VLAN2?
Thanks,
HenriqueHello Henrique,
I don't usually deal with sales or pricing, so I'm honestly not sure which routers are low priced. However, all of the RVs except for the RV016, RV042, and RV082 support VLAN trunking, so I would just compare the other models and see what kind of a deal you can get. I usually recommend the RV180 (which is being replaced by the RV130 soon) or maybe the RV320 if you want the newest one.
With your SG200 you will probably need to disable spanning tree on the uplinks to your RV042 for the multiple links to work, but a quick check of the Spanning Tree, RTP Interface status page on the SG will let you know if those links are being taken down.
Thank you for choosing Cisco,
Christopher Ebert - Advanced Network Support Engineer
Cisco Small Business Support Center -
APs and switch voice vlans also supporting data traffic
hi, i hv a wireless IP phone,AP, 2960 switch1 and another 2960 switch2. My question is, if i configured voice vlans on th access ports on th switch1 (for voice and data), this switch1 is connected to the AP and the IP phone gets connected to the AP somehow (please guide),will this configuration work or i m missing alot of info.?
thx srahn, 1 more question, if i configured a single voice vlan on my switch1 (supporting data and voice)like this..
voice vlan on switch1:
mls qos
interface fastethernet 0/1
description connection to Accesspoint1
mls qos trust cos
switchport mode trunk
switchport mode encapsulation dot1q
switchport voice vlan 10
switchport priority extend trust
interface fastethernet 0/0
description connection to switch2 for inter-vlan
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
Then a native vlan on AP like this ...
interface fastethernet 0.2
encapsulation dot1q 2 native
interface dot11radio 0.2
encapsulation dot1q 2 native
Voices (vlan 10) vlan on AP like this ...
interface dot11radio 0
ssid voices
vlan 10
authentication open
interface fastethernet 0.10
encapsulation dot1Q 10
bridge-group 10
interface dot11radio 0.10
encapsulation dot1Q 10
bridge-group 10
Looking at this configuration examaple, how do i support voice and data traffic on th vlans on the AP.... Do i also have to configure a native vlan (for data) on switch1? b'se i intend to have 1 vlan tht supports both voice and data.
**** Will the configuration above work for my network? -
How do I download Adobe Acrobat using the Agreement Number provided by my employer? Having difficulty connecting to Adobe Chat with Support option.
Hi,
If you already have the serial number then I would request you to download the software from the below link and install it.
http://www.adobe.com/downloads/other-downloads.html
Regards,
Anand -
No Language and Input Support option in my OS 6 Applications list - need to add second language
I have a Curve 9300 bought a few weeks ago in the Caribbean (Digicel carrier). I'm now in Germany and was able to switch between english and german languages for the past few weeks; however this evening I synced the device with my Macbook for the first time, which prompted an upgrade in software.
Now I have OS version 6, but my language selection is only English and portuguese. When I select Applications on the desktop software, it does not give me the Language and Input Support option to re-add german.
I tried uninstalling and reinstalling from the offiste RIM link,(where people can choose their international carriers), but the download is an unreadable Text Edit format. I've tried un- and re-installing on my mac, but that doesn't do anything, and i don't know how to uninstall from the device itself (plus am scared i'll lose all my info).
Can anyone help? I've exhausted every option and I need to write in both languages for work...
Thanks in advance!sariadina23 wrote :
I wanna add korean..
Downloading OS pack? I haven't.. How could i? The link please..
And,fyi.. I downloaded the bb desktop software from official blackberry website malaysia..
And it's successfully installed,no prob at all..
Hi sariadina23
Please remember as this section of forums is for Mac so the below mentioned steps can only be performed on a PC only not Mac. If you want to install Korean language support on your device you can try this :
1.Download and Install on your PC an OS pack having All Language from here Indosat or Device Software Download Sites for BlackBerry
( Make sure you are downloading for the same device model )
2.. Download and install the latest BlackBerry desktop software for Windows from here BlackBerry desktop software
3.Search your C: drive for Vendor.xml and delete them, there may be one or two vendor.xml ( On your Pc change your folders option to show hidden files/folders ) :
C:\Program Files (x86)\Common Files\Research In Motion\AppLoader
C:\Users\Windows UserName\AppData\Roaming\Research In Motion\BlackBerry\Loader XML
Once completed Open BlackBerry Desktop Software for Windows > Select Applications. > In the Language and Input Support section, select the language to be added to the BlackBerry smartphone (a + will appear next to the language to install) > Click Apply.
KB13067 : How to obtain language packs for BlackBerry smartphone.
KB05305 : Localization support for BlackBerry Smartphones.
So try it and let us know.
Prince
Click " Like " if you want to Thank someone.
If Problem Resolves mark the post(s) as " Solution ", so that other can make use of it.
Click " Like " if you want to Thank someone.
If Problem Resolves mark the post(s) as " Solution ", so that other can make use of it.
Maybe you are looking for
-
Mixing RAM speeds in Mac Pro 3.1
I recently bought a used Mac Pro 3.1 early 2008 2xquad core 2.8 gHz. It came with 6 1 Gig 667 MHz in RAM. This Mac takes 800 MHz- can I fill one of the risers with 4x4 Gig 800 MHz while temporarily keeping 4 1 Gig in the other riser? I realize all
-
Since I upgraded to Leopard I am unable to properly view certain pdf files in Preview (Adobe also has some challenges). This is not a consistent problem. Certain pdf files open fine. My graphic designer just sent me a brochure that she created in CS
-
Af:tree table Server Exception During PPR#10
Hi, I am using jdev 11.1.1.4. I am facing error in tree table.I have used af:inputtext in nodestamp facet. My page is running successfully, but when I click on show hierarchy arrow from context menu it's giving the following error. RegistrationConfig
-
Question about creating Forms in Java.
Hello , im new to Java , i find kinda weird how Java creates Forms , its pretty simple in Oracle Forms , why did Java designers make it this difficult ? do people say this is something bad about Java ? when i learned about the Layout Managers that Ja
-
E52 - ActiveSync / Microsoft ActiveSync / Mail for...
Hello, we are using the ZCS (Zimbra) Server with IMAP an Mobile Module - you can access to it via MfE an synchronize Dates, Notes, Contacts and E-Mail. With the E51 everything was working well - we installed MfE and E-Mails sometimes appeared faster