SD205 (unmanaged) switch and VLANs

In addition to all my Cisco Catalyst (managed) switches, I have a bunch of Linksys SD205 unmanaged switches on my LAN. 
I want to configure my network for VLANs, which means I will be changing all of my Cisco managed switches to a "trunking" configuration.   This configuration is working correctly with the Cisco Catalyst switches
Question: can the SD205 function in this environment?  I know I can't set any of the ports on the SD205 to be "trunking", but I would like to connect the SD205 to a Cisco port that is "trunked", so the devices on the SD205 can communicate to the rest of the world.
So far, I have not been successful, so -- maybe they just won't work in a trunked environment.  Anyone have a definitive answer?  If they simply can't do it, I'll stop wasting my time!
Thanks
Solved!
Go to Solution.

No. An unmanaged switch does not support 802.1q. It will drop any ethernet frame that has been 802.1q tagged. The only frames which go through an unmanaged switch are untagged frames, i.e. the native VLAN of the port on the Catalyst.
If you want to use unmanaged switches you have to connect them to a port configured in access mode, member of a single VLAN. For example, you can configure a port on the Catalyst for access mode in VLAN 10 and connect an unmanaged switch to this port. Then all devices connected to the unmanaged switch will be VLAN 10. This is as much as you can do.
But getting multiple VLANs through unmanaged switches is impossible as all ethernet frames on the unmanaged switch must be untagged.

Similar Messages

  • Extending VLANs over an unmanaged switch

    We have a network which consists of primarily Cisco 3560X switches and Meraki MR34 wireless access points.  We have a handful of VLANs setup.  In one instance, a WAP was plugged into an unmanaged SD100D-08 switch.  I would have expected this to "break" our wireless access.  However, it appears everything is working as we'd want.
    The switchport on the 3560X that the unmanaged switch is connected to is configured as a trunk port with the default VLAN of 1.  No matter which SSID/VLAN we connect to on the Meraki Access Points, we get assigned a proper IP in the VLAN that we'd expect.  If we connect a computer to the unmanaged switch, it gets an IP from VLAN 1, just as we would have wanted.
    Why is this working?  I thought the unmanaged switch would drop all packets with VLAN headers?

    Thanks for the quick response Jon.  I have continued with my testing and connected two 3560X switches together with the same unmanaged switch in between them. I configured the 3560X ports as trunk ports and am able to pass all VLANs between the two 3560X switches with the unmanaged switch in between.
    As you stated, it looks like the unmanaged switch is capable of handling the VLAN tagged frames and passing them out all connected ports.
    Obviously this configuration is not best practice, but I guess it is pretty cool it's working that way.
    Jason

  • Cisco 5 port and 8 port gigabit unmanaged switches

    I am looking for 5 port and 8 port gigabit unmanaged switches in Cisco. Please provide the BoM for the same. As per my understanding the following switches can suffice the requirement (SG100D-05 and SG100D-080) however I am not sure about the DC power, whether they can be used in normal AC environments.
     

    The SG100D-05 and SG100D-08 are too small and their power requirements are too low to justify building an AC power supply into them like the larger SGx00 switches have, so they are wired to accept DC power and use an external power adapter (included) for connection to an AC environment.
    There are really no optional components to these devices, so the BOM would be as follows:
    5-port SG100D swich: SG100D-05
    8-port SG100D swich: SG100D-08

  • Two srw switches with vlans and pfsense gatway

    Hi,
    I've got a bit of a problem that a can't seem to get a handle of things.
    I've got two srw 48 port switches that I would like to link together  and then on to the pfsense box.
    First I'd like to connect the two switches to see if everything works and then on connect the pfsense box.
    Now I would be very great full if someone with a bit more experience with VLANs would be so kind to walk me trough the procedure of creating VLANs, configuring them to ports on the switch and connecting the whole thing to another switch.
    This is what I've done so fare.
    1. I created 3 VLANs on both switches (VLAN2-office,VLAN3-WiFi, VLAN5-VoIP). I've created these VLANs with the same tags on all the devices.
    2. I configured the ports that connect the switches as trunk. (I can't seem to be able to configure anything else on this port. Is there something else I should configure on these ports?)
    Now as fare as I understand the documentation the VLANs on each switch should now see each other.
    I'm still not sure on how to configure a physical port to one VLAN. After creating the VLANs on both switches and connecting them trough the trunk port I set ports 10-20 to VLAN2 by going to VLAN Management -> Ports to VLAN I selected VLAN2 and marked ports general and untagged and saved the settings. I repeated the procedure on the other switch. Now if I stuck my network cable into one of this ports I didn't get an IP anymore form the DHCP witch means that they were on a different VLAN than the other ports so I setup another router to act as a test DHCP with a different IP range as the main DHCPto see if it works. Now when I connectedthe test router to one of the ports in VLAN2 and my PC to the same VLAN2 port I got the test IP no problem. But when I connected the PC to the other switch VLAN2 port nothing happened until I connected the test DHCP to one of the VLAN2 ports. So clearly the switch VLANs are not communicating.
    Now I don't know did I forget something, made a mistake with some setting or I just don't know what I'm doing because I think I need to get the VLANs between switches working before tackling the pfsense connection.
    I would be really great full if someone explains to me how to set these VLANs up so that they would work between switches.
    Thank you for your help.

    Hi,
    I was successful and I did exactly that. I put all VLANs on trunk ports and the switch to switch to pfSense started to work.
    The only thing that gave me some problems was the end port(port connecting to the device pc, phone, printer) configuration. I was under the impression that the port was supposed to be in general mode and tagged. But I figured out that the port is supposed to be in access mode and untagged and only a member of one VLAN(the one I wanted it to connect to).
    Anyway all is working now and I've figured out all the kinks. 
    So thanks guys for the help.
    Nice day to all.
    Bye

  • Logical network to physical network mapping (subnets and VLANS) in SCVMM 2012 R2

    In much of the blogs, documentation and literature on VMM, there are examples of deploying multiple logical networks onto one physical network i.e. Cluster (logical) + Storage (logical) + Backup (logical) + Live Migration (logical) + Management
    (logical) on top of Datacenter (physical).
    Does this mean it would be possible to have one (physical) flat VLAN-less network with one subnet and then have all those logical networks (with subnets and VLANs) on top of it? Even with a simple unmanaged L2 switch that doesn't support VLANs itself?
    If not, just how do you map multiple logical networks to just one physical network? How does that work in practice? Is a L3 switch needed to route traffic between logical networks for example?

    Hi. VMM Networking may be overwhelmed for the most, at first. But you really need to understand the modeling here and how things are related to each other. Especially if using NIC teaming in WS 2012 (and R2) together with this mix.
    I suggest that you read the following whitepaper where we explain how to setup networking in VMM (also to support network virtualization, but that is absolutely not mandatory): http://gallery.technet.microsoft.com/Hybrid-Cloud-with-NVGRE-aa6e1e9a
    -kn
    Kristian (Virtualization and some coffee: http://kristiannese.blogspot.com )

  • Cisco sg 100d unmanaged switch not connecting to network

    I have a Cisco sg 100d-08 unmanaged switched that had been working just fine for several months  but now devices attached to the network thru are no longer on the network.  All lights are on indicating the ports are active.  Tried power recycle but no joy. When I replaced the switch with an old Belkin model everything works fine.  Is there anyway to reset this unmanaged switch or do I now just have an expensive paper weight?

    When the management interface is part of VLAN x
    Make sure that the management interface vlan id is set to 0  (untagged ) If the native vlan on the switch trunk connected to controller is vlan x. If the native vlan is something else make sure to tag the mangement interface vlan with x.
    Another interesting thing that might happen with switch having the following command enabled:
    SW(config)#dot1q tag native
    In that case all trunk native vlan frames will be tagged , so you have to tag the management vlan on the controller as well in that case.
    To be able to troubleshoot such connectivity problem, you should get the output of:
    show run int
    show interface <\\ > switchport
    the latter command should be your best friend.
    One recommondation, make sure to tag your management / ap-manager interface with vlan id  to maintain QoS limiting based on dot1p values for downstream traffic from the wired side.
    In the above scenario , If you can provide the output of show interface <\\> switchport
    I should tell you why the recommended action solved your issue based on the above explanation, and if you would like I can maitain the tag for you.
    Please Don't Forget to rate correct Answers

  • Connect unmanaged switch to 887VA fast ethernet port

    I tried connecting an unmanaged (and dumb) switch to one of the four fast ethernet ports on the back of the router. I configured the port to act as an access port bound to a specific VLAN, say no. 100.
    What I can see on the LEDs of the unmanaged switch is that the link goes up and down every few seconds. I don't know if this is related to the spanning tree protocol and unfortunately the unmanaged switch doesn't know about STP and doesn't send out BPDUs.
    So, how I should configure the port in order to avoid the link going up and down?
    The actual conf. for the port:
    interface fastEthernet 3
    switchport mode access
    switchport access vlan 100

    What do you mean by dumb siwthc? What model/make/company is that switch?
    Can you try to do the reset of the switch so that it wipe off all the config what so ever present on the box and then try to connect the switch to the router?

  • Which Switch and Router to choose?

    I am interested in purchasing a Cisco Switch and Router, or possible a Cisco Switch Router.
    However, I am not sure of what model to go with.
    Currently, we have a network with about 200 Workstations and 30 Servers for our Corporation Infrastructure.
    Also, for our lab, we have about 50 Linux Based Servers, and 30 Solaris Based Servers, that are part of our Network. We are a Research and Development Company, and we have had issues with the Lab machines bringing down our network, as well as our corporate network adversely affecting the lab machines. What we would like to do is segment the network so that the different areas will be isolated. However, we also would like to have a lot of control over the traffic that will be able to cross from our network into the lab so that users will still be able to run their tests.
    Security is also an issue, and it would be great to have more control, and a better view of what kind of traffic is running through our network.
    Currently, we have about 8 Gigabyte Switches which are unmanaged (Linksys and NetGear). Our idea was to get a 1 or 2 Cisco Switch Routers, and then split them up into VLANS and cascade our current switches so that we can still make use of them. The other ideas was to just get a Cisco Switch and use our CheckPoint Router/Firewall to do the routing.
    Can you give me any advice as to what model of Cisco Product you would recommend?
    Is it better to go with a Switch Router, or simply get a separate Switch and Router?
    Please note that all of our Machines have 10/100/1000 NICs, so the device will need to be Gigabyte.
    Thanks you so much!

    You have two choices. Either to use a chassis based solution or to use stacable switches such as a 3750. Are all the cat 5(or 5e,6) runs coming into one centralized location ? Or are there separate wiring closets that you plan to put. If then we need to put separate switches at those locations and run fiber back to the central location which has a chassis based or stackable switch.
    If using a chassis based solution, you can get a 4506 (4507 for redundancy, with a redundant supervisor engine). Supervisor engine is nothing but the CPU of the switch. 4506 is a 6 slot modular switch with 2 power supplies for redundancy. You cannot add two Supervisor engines on a 4506 (4507 can).
    Slot 1 is always for supervisor engine, the remaining 5 slots you can fill using 48 port 10/100/1000 modules.(48 * 5 = 240). So your maximum port density is 240 ports on a 4506. (Note that there are 4507, 4510 which are similar models with more slots)
    If using 3750, you can stack upto 9 switches in a stack using stacking cables on the back side of the switch. Each switch will have 48 ports (10/100/1000) and you can stack 5 switches to get 240 ports.
    For the firewall I would recommend using a PIX 515E, (Why go for Checkpoint firewall when you can use all Cisco). For routing between the vlans, the switches that I recommended above are all Layer 3 switches. They will route between the different vlans. You can also configure ACLs to restrict traffic between multiple vlans.
    HTH

  • 1 isp(T1), 1 unmanaged switch, 2 routers(WRT54G), 2 public ips

    1 isp(T1), 1 unmanaged switch, 2 routers(WRT54G), 2 public ips - How should I connect everthing?
    Help. I got a client with a T1 and multiple public IP's that he wants to share with his neighboring companies. How should I connect everying.

    You need a manageable switch and create VLAN so you can segement the taffic between the 2 internet connections.

  • Configure SG300 to work like an unmanaged switch

    Hi!
    How do i have to configure the SG300 so that it acts like any other completely unmanaged Switch. 
    I dont want to configure any vlans on the sg300. It should just work like there wouldnt be a sg300, but an unmanaged switch.
    The story behind:
    I want to use a SG300-28P as POE-Switch for FortiAP-Access Points, but it doesnt work out of the box cause FortiAP receives and sends some tagged and untagged VLAN-traffic.
    Everything works, if i use a cheaper, unmanaged POE-Switch, but i cant get it to work if i use a SG300.
    Thanks for any help.
    Tom

    Thanks for your help. After disabling CDP and LLDP it started working.

  • How do I add a Subnet and vlan with a catalyst 3550 and RV120

    Hello Friends.
    I have a scenario that i'm hoping i can get some help with. I'll be as detailed and descriptive as i can.
    This is for a business with 100 employees nodes and 100 camera nodes all needing IP internet through private addressing and public gateway.
    I have a business class gateway with a private range of 12 public addresses. Ther modem does nothing but act as a gateway since i have disabled the firewall and DHCP.
    In place of the firewall and DCHP from the modem i have installed a RV120 Firewall with VPN. When installing i replicated the IP scheme of the modem as to not disturb and distrup the devices assigned addresses from that scheme from the modem. I did this because the owner could not have any down time or any disruption to the business operations.
    The RV120 now acts as firewall , DHCP , and VPN. I'll address the subnet first. I's using 10.0.0.0/24 subnet range.
    DHCP is assigning 10.1.10.50 - 10.1.10.100 the rest are static and i plan to use static DHCP with the IP and MAC assigned to each static DHCP address.
    There are 100 cameras with static IP addresses in the range of 10.1.10.11 - 10.1.10.40, and 10.1.0.1.101 - 10.1.10.170.
    VPN uses PPTP assigned address 10.1.10.6 - 10.1.10.10.
    There are no layer 3 switches that i know of. Just a layer two that is the primary swith and ports have run out, and various out of the box switches and wireless access points connected to the primary switch.
    I want to implement subnets into the network and VLANS as well on a new Layer 3 switche from cisco. Thinking 3550 from Cisco or one of the older layer 2 switches with layer three capabilities.
    I also want to introduce a 192.168.0.0/24 IP range for the existing wireless network and segment the traffic from the rest of the traffic on other ranges.
    I want to replace the 10.0.0.0/24 DHCP alltogether and the static addresses for end user nodes on the same network, but keep that range just for camera nodes segmented.
    I want to implement a NEW end user IP range and VLAN for employee/guest networks using the 172.16.0.0/24 range.
    Iv'e thought of replacing all the wireless nodes with RV120's and use VLAN. Dont know if that strategy works. Need to think it through.
    I want the 192.168.0.0/24 IP range comunicate to with the 172.16.0.0/24 and possibly the 10.0.0.0/24 range.
    Any advice on how to do this?
    As a side note the next step after this is to install a server domain controller as all the computers are all stand alones in their own workgroups. It's a simultaneous project that will introdue a DCHP, WINS, DNS server.

    Hi Omid, it sounds like you're proposing the 3550 switch but you're not decided yet. The 3550 switch is a pretty old device and needs enhanced multilayer image. It may be more prudent to use a more current switch such as small business SG300 or SG500 as the feature set is more rich and it supports around 480 LAN connections.
    To answer the inquiry, the RV120W, when you create a VLAN it will automatically create an IP interface. From this you may assign subnet as you like along with 'enable or disable' for inter vlan routing. Since the RV120W has this feature, a layer 3 switch is not required unless you are looking to keep the routing load smaller by routing locally with the switch.
    With Catalyst or a small business switch you would need to create a VLAN. After creating the VLAN, on a Catalyst you can simply issue "switchport trunk encapsulation dot1q" on the desired interface and all VLAN will passage without issue. For a port connecting a user "switchport mode access" "native vlan xx" This will assign the port as untag member of the desired VLAN.
    If using a small business switch, it is slightly different, you still create the VLAN but the command issue is a bit different  "switchport trunk allowed vlan add xx" for the link to the router, where xx = the VLAN ID to tag to the router. For access client it remains the same as Catalyst.

  • How do I configure Time Capsule to work with 8 port unmanaged switch?

    This is what I want to end up with.
    cable modem
    Time Capsule
                                                            wireless network           8 port unmanaged switch TRENDnet TEGS80G
                                                                                                  entertainment center(TV, xbox 360, dvd, apple tv, ect...)
    I have been using the above setup with an E3000 router in place of the time capsule without any problems, and was expecting to just be able to switch out the E3000 for the time capsule and keep right on rolling. At the moment, without the switch plugged in, using the time capsule as a stand alone wireless router, everything works as intended. However, I don't want to have every device in the house pulling off of wireless. Whenever I plug my switch in I lose internet connectivity. I assume this is because both the switch and the Time Capsule are trying to direct traffic and creating a conflict. I have attempted to disable the NAT in the Airport Utility and this is what happens.
    Where do I go from here, or am I heading in completely the wrong direction?

    Unfortunately, you are on the wrong track, heading in the wrong direction at the moment.
    We need to learn whether you have a simple modem or a modem/router.
    This will determine whether the Time Capsule is to be configured in router mode to provide DHCP and NAT services for the network......or if your "modem" is already doing this.....the Time Capsule needs to be configured in Bridge Mode.
    So, I suggest that you disconnect the switch from the Time Capsule for now, and power everything off except the modem, Time Capsule and the computer you are using to configure the Time Capsule, and get things working correctly first. Then, devices can be added one at a time to verify proper operation.
    If this seems to make sense to you, and you want to move forward, please post back with the make and model number of your cable modem.

  • Branch office setup with L3 switch and router with IOS security

    Hello,
    I am in the process of putting together a small branch office network and I am in need of some design advise. The network will support about 10-15 workstations/phones, 3-4 printers, and 4-5 servers. In addition we will eventually have up to 25-30 remote users connecting to the servers via remote access VPN, and there will also be 2-3 site-to-site IPSec tunnels to reach other branches.
    I have a 2911 (security bundle) router and 3560 IP Base L3 switch to work with. I have attached a basic diagram of my topology. My initial design plan for the network was to setup separate VLANs for workstation, phone, printer, and server traffic. The 3560 would then be setup with SVIs to perform routing between VLANs. The port between the router and switch would be setup as a routed port, and static routes would be applied on the switch and router as necessary. The thought behind this was that I'd be utilizing the switch backplane for VLAN routing instead instead of doing router-on-a-stick.
    Since there is no firewall between the switch and router my plan was to setup IOS firewalling on the router. From what I am reading ZBF is my best option for this. What I was hoping for was a way to set custom policies for each VLAN, but it seems that zones are applied per interface. Since the interface between the router and switch is a routed interface, not a trunk/subinterface(s), it doesn't seem like there would be a way for me to use ZBF to control traffic on different VLANs. From what I am gathering I would have to group all of my internal network into one zone, or I would have to scrap L3 switching all together and do router-on-a-stick if I want to be able to set separate policies for each VLAN. Am I correct in my thinking here?
    I guess what I am getting at is that I really don't want to do router-on-a-stick if I have a nice switch backplane to do all of the internal routing. At the same time I obviously need some kind of firewalling done on the router, and since different VLANs have different security requirements the firewalling needs to be fairly granular.
    If I am indeed correct in the above thinking what would be the best solution for my scenario? That is, how can I setup this network so that I am utilizing the switch to do L3 routing while also leveraging the firewall capabilities of IOS security?
    Any input would be appreciated.
    Thanks,
    Austin

    Thanks for the input.
    1. I agree, since I have only three to four printers, they need not be in a separate VLAN. I simply was compartmentalizing VLANs by function when I initially came up with the design.
    2. Here's a little more info on the phone situation. The phones are VoIP. The IP PBX is on premise, but they are currently on a completely separate ISP/network. The goal in the future is to converge the data and voice networks and setup PBR/route maps to route voice traffic out the voice ISP and data traffic out the other ISP. This leads up to #3. 
    3. The reason a router was purchased over a firewall was that ASA's cannot handle routing and dual ISPs very well. PBR is not supported at all on an ASA, and dual ISPs can only be setup in an active/standby state. Also, an ASA Sec+ does not have near the VPN capabilities that the 2911 security does. The ASA Sec+ would support only 25 concurrent IPSec connections while the 2911 security is capable of doing an upwards of 200 IPSec connections.
    Your point about moving the SVI's to a firewall to perform filtering between VLANs makes sense, however, wouldn't this be the same thing as creating subinterfaces on a router? In both cases you are moving routing from the switch backplane to the firewall/routing device, which is what I am trying to avoid.  

  • Switch and Broadcast filtering

    I read this article in the cisco curriculum, but I did not understand it well :
    " Occasionally, a device will malfunction and continually send out broadcast frames, which are copied around the network. This is called a broadcast storm and it can significantly reduce network performance.
    A switch that can filter broadcast frames makes a broadcast storm less harmful.
    Today, switches are also able to filter according to the network-layer protocol. This blurs the demarcation between switches and routers. A router operates on the network layer using a routing protocol to direct traffic around the network. A switch that implements advanced filtering techniques is usually called a brouter. Brouters filter by looking at network layer information but they do not use a routing protocol ".
    Can the switch filter the broadcast ? Yes, it can,,,,as Cisco says :"This filtering is achieved through the implementation of virtual local-area networks or VLANs ".,,,,,Is there any other type of filtering ?
    What is the main difference between router and brouter

    hi
    if u would like to control the broadcast and multicast storms you can refer the link for configuring the storm control for both broadcast and multicast.
    you can define up the values and shut the port if it exceeds the threshold limit..
    http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hif_r/int_s4h.htm#wp1229258
    About the difference between a router and a Brouter afaik BROUTER u use in most of the SP network where you got customers in either DSL or Metro ethernet network where you will have the aggregation of the whole network traffic and from where it will be forwarded to upstream.
    It depends on the ios code too which is available to serve the purpose for the same..
    you got to have something like 7200 or 7300 in place to serve your purpose of brouter.
    regds

  • Not Working-central web-authentication with a switch and Identity Service Engine

    on the followup the document "Configuration example : central web-authentication with a switch and Identity Service Engine" by Nicolas Darchis, since the redirection on the switch is not working, i'm asking for your help...
    I'm using ISE Version : 1.0.4.573 and WS-C2960-24PC-L w/software 12.2(55)SE1 and image C2960-LANBASEK9-M for the access.
    The interface configuration looks like this:
    interface FastEthernet0/24
    switchport access vlan 6
    switchport mode access
    switchport voice vlan 20
    ip access-group webauth in
    authentication event fail action next-method
    authentication event server dead action authorize
    authentication event server alive action reinitialize
    authentication order mab
    authentication priority mab
    authentication port-control auto
    authentication periodic
    authentication timer reauthenticate server
    authentication violation restrict
    mab
    spanning-tree portfast
    end
    The ACL's
    Extended IP access list webauth
        10 permit ip any any
    Extended IP access list redirect
        10 deny ip any host 172.22.2.38
        20 permit tcp any any eq www
        30 permit tcp any any eq 443
    The ISE side configuration I follow it step by step...
    When I conect the XP client, e see the following Autenthication session...
    swlx0x0x#show authentication sessions interface fastEthernet 0/24
               Interface:  FastEthernet0/24
              MAC Address:  0015.c549.5c99
               IP Address:  172.22.3.184
                User-Name:  00-15-C5-49-5C-99
                   Status:  Authz Success
                   Domain:  DATA
           Oper host mode:  single-host
         Oper control dir:  both
            Authorized By:  Authentication Server
               Vlan Group:  N/A
         URL Redirect ACL:  redirect
             URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
          Session timeout:  N/A
             Idle timeout:  N/A
        Common Session ID:  AC16011F000000490AC1A9E2
          Acct Session ID:  0x00000077
                   Handle:  0xB7000049
    Runnable methods list:
           Method   State
           mab      Authc Success
    But there is no redirection, and I get the the following message on switch console:
    756005: Mar 28 11:40:30: epm-redirect:IP=172.22.3.184: No redirection policy for this host
    756006: Mar 28 11:40:30: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
    I have to mention I'm using an http proxy on port 8080...
    Any Ideas on what is going wrong?
    Regards
    Nuno

    OK, so I upgraded the IOS to version
    SW Version: 12.2(55)SE5, SW Image: C2960-LANBASEK9-M
    I tweak with ACL's to the following:
    Extended IP access list redirect
        10 permit ip any any (13 matches)
    and created a DACL that is downloaded along with the authentication
    Extended IP access list xACSACLx-IP-redirect-4f743d58 (per-user)
        10 permit ip any any
    I can see the epm session
    swlx0x0x#show epm session ip 172.22.3.74
         Admission feature:  DOT1X
         ACS ACL:  xACSACLx-IP-redirect-4f743d58
         URL Redirect ACL:  redirect
         URL Redirect:  https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
    And authentication
    swlx0x0x#show authentication sessions interface fastEthernet 0/24
         Interface:  FastEthernet0/24
         MAC Address:  0015.c549.5c99
         IP Address:  172.22.3.74
         User-Name:  00-15-C5-49-5C-99
         Status:  Authz Success
         Domain:  DATA
         Oper host mode:  multi-auth
         Oper control dir:  both
         Authorized By:  Authentication Server
         Vlan Group:  N/A
         ACS ACL:  xACSACLx-IP-redirect-4f743d58
         URL Redirect ACL:  redirect
         URL Redirect:  https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
         Session timeout:  N/A
         Idle timeout:  N/A
         Common Session ID:  AC16011F000000160042BD98
         Acct Session ID:  0x0000001B
         Handle:  0x90000016
         Runnable methods list:
         Method   State
         mab      Authc Success
    on the logging, I get the following messages...
    017857: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
    017858: Mar 29 11:27:04: epm-redirect:epm_redirect_cache_gen_hash: IP=172.22.3.74 Hash=271
    017859: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: CacheEntryGet Success
    017860: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: Ingress packet on [idb= FastEthernet0/24] matched with [acl=redirect]
    017861: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Enqueue the packet with if_input=FastEthernet0/24
    017862: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_process ...
    017863: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Not an HTTP(s) packet
    What I'm I missing?

Maybe you are looking for

  • Problem in BDC for IT0585

    Dear All,   I am uploading data into IT0585 through a BDC program and I am getting one problem.   Even when I was passing Tax Ded. Field as 'X' or  as 'A', the Tick mark is not getting effected asnd it is    showing as Proposed values only not as Act

  • SSRS 2012 SharePoint Mode Impersonate

    SP 2013 / SSRS 2012 in SharePoint Mode. Everything worked fine until we started configuring for Kerberos for using Pass-Through Authentication to data sources. We have this working in our current SP 2010 / SSRS 2008 Integrated Mode and so have experi

  • Credit memo- cleared invoice

    Dear Gurus, What are the impacts from SD & FICO if I create a credit memo against a cleared invoice? Sumith

  • Is there a way to transfer ownership of a Pages document that is being shared between different users via iCloud?

    I created a document in Pages and am sharing it with another user. However, I want to transfer ownership of this document away from me and to the other user. Is it possible to do this on either iCloud.com, Pages for Mac, or Pages for iOS? Thank you f

  • IDSM-2

    Hello Dears, I'm planning to place IDSM-2 in INLINE VLAN PAIR mode rather than  promiscous  mode.Please correct my steps if i m wrong in below points. Steps to  configure 6500 switch with cisco IOS for IDSM-2 router(config)#  intrusion-detection modu