SFE2000 Layer 3 configuration
Hi Everyone. I have a SFE2000 managed switch and I want to do the following:
1) Setup 2 VLANs, One on port 1 (172.20.73.x), the second on port 5 (172.20.74.x), the remaining ports on the default VLAN (172.20.72.x)
2) Enable Layer 3 mode and have all VLANs route between one another
So far I have the VLANs set up and assigned to the correct ports, I have enabled layer 3 mode through the serial port console. I am unsure What to do from here or how to configure the routing. The manuals provided by linksys are not very helpful.
Solved!
Go to Solution.
I don't have a SFE but you have to configure IP addresses for the switch in each VLAN. If the online reference guide is correct it should be on the ip interface page (System > System Management > IP Addressing > IP Interface).
For example, you setup IP address 172.20.73.1, 255.255.255.0 on VLAN 10 (if that's the VLAN on port 1).
You setup IP address 172.20.74.1, 255.255.255.0 on VLAN 20 (if that's the VLAN on port 5).
You setup IP address 172.20.72.1, 255.255.255.0 on VLAN 1 (if that's the default/management VLAN).
All devices in VLAN 10 must use default gateway 172.20.73.1 in their IP configuration (either static or assigned through an DHCP server you have set up).
All devices in VLAN 20 must use default gateway 172.20.74.1 in their IP configuration (dito).
All devices in VLAN 1 must use default gateway 172.20.72.1 in their IP configuration.
I think, by default, the SFE should route all traffic between these subnets. If you want to limit traffic to be routed between subnets you have to set up filter rules.
Similar Messages
-
Configuring C3560X as a Layer 3
Hi,
Currently my network has a Cisco 3825 performing all the vlan routing work. I have a Cisco 3560X behind it that could be configured as a full layer 3 switch, thus removing the need for the Cisco 3825 altogether or at least optimizing the functions of the 3560X.
The C3825 has a mix of subinterfaces off one of the gb interfaces and FastEthernet interfaces configured with a total of 9 vlans. My initial plan is to configure the 3560X to deal with the vlans that are configured in the subinterfaces. Therefore, I'd basically need to move those subnets and vlan configurations to the 3560X. The vlans that are tied to the FastEthernet interfaces would remain in the C3825 (until eventually moved). Will the switch support this configuration? In other words, even if it's configured to act as a full Layer 3 switch, will it be able to send the traffic to the C3825 for those vlans that it doesn't have layer 3 configurations for?Part of the info that I didn't include in my initial post (mainly to keep things simple) is that there's a Barracuda webfilter 410 between the 3825 and 3560X. Whoever implemented this, thought it was a good idea to have a device with an interface that maxes at 50Mbps right in the middle of the core of the network. Because of this, I can't move all the VLANs to the 3560X at once. I want to move some of the vlans that have lighter traffic and let the 3825 handle a couple of the vlans that deal with external web traffic and that can potential have higher traffic rates. I'm including a partial diagram of the layout I'm considering.
Questions:
1. If I move three vlans to the 3560X, how do I have to modify the interface or routing table configuration in the 3825 so it forwards the traffic for those vlans to the 3560X
2. These are the configs (in general) that I plan to implement in the 3560X
2.1 Enable routing on 3560
ip routing
2.2 Configure vlans IPs in 3560
interface vlan6
ip address [vlan ip] [vlan mask]
no shut
Repeat for every vlan
2.3 Configure interface to 3825
int g0/48
no switchport
ip address [switch ip] [switch mask]
no shut
2.4 Configure default route for 3560
ip route 0.0.0.0 0.0.0.0 [router ip]
I'm assuming that the static route that outline above will be enough to allow the 3560X to forward the traffic for the VLANs that it is not managing. Do I have to configure this static route to be tied to the interface that is connected to the router? I believe this is a global command, but this scenario may consider it otherwise.
As you can see in the diagram, there's a Cisco 2960X that is connected to the 3560X and that the web servers are connected to. This is to facilitate traffic between the VLANs and the WEB VLAN. With the 3560X doing the intervlan routing, the traffic to the WEB VLAN will go to the 3825. This may or may not be a desired result. So is there a way to direct traffic from VLANs 10, 20, and 30 to go through the trunk to the 2960X?
At some point the Barracuda web filter will be out of the picture. At that point all the VLANs will be routed in the 3560X -
Can't getting layer 7 app filtering in ZONE based policy FW
Hi all,
I am trying to get layer 7 application protocol to work in a simple test setup, I need to get this working to filter roommate traffric . Simple configuration with two interface(inside and outside). With layer application configured, everything works fine, but when applied layer 7 it does not block the web site i want... URL filter and parameter map don't work either...
Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(24)T1, RELEASE SOFTWARE (fc3)
parameter-map type urlfilter URL-FILTER
audit-trail on
parameter-map type regex humoron
pattern [Hh][Uu][Mm][Oo][Rr][Oo][Nn][.][Cc][Oo][Mm]
parameter-map type regex LAPOSTE1
pattern LAPOSTE.NET
class-map type inspect match-any EXPRESSION
match access-group 105
match protocol tcp
match protocol udp
match protocol dns
match protocol http
match protocol https
class-map type inspect match-any HTTP
match access-group 105
match protocol tcp
match protocol udp
match protocol ftp
match protocol icmp
class-map type inspect http match-any HUMORON
match request body regex humoron
match request header regex humoron
match request port-misuse im
match request port-misuse p2p
match request port-misuse tunneling
match request port-misuse any
match request arg regex humoron
match request uri regex humoron
match response status-line regex humoron
match req-resp header regex humoron
match req-resp protocol-violation
class-map type inspect http match-any LAPOSTE
match request body regex LAPOSTE1
match request header regex LAPOSTE1
match request port-misuse p2p
match request port-misuse tunneling
match request arg regex LAPOSTE1
match request uri regex LAPOSTE1
match response body regex LAPOSTE1
match response body java-applet
match response status-line regex LAPOSTE1
match req-resp protocol-violation
policy-map type inspect HTTP_POL
class type inspect HTTP
inspect
class type inspect EXPRESSION
inspect
class class-default
drop
policy-map type inspect http Adult_site
class type inspect http HUMORON
log
reset
policy-map type access-control out2inside_policy
zone security INSIDE_ZONE
description inside interface f0/2
zone security OUTSIDE_ZONE
description outside interface f0/0
zone-pair security outside2inside source OUTSIDE_ZONE destination INSIDE_ZONE
zone-pair security INSIDE2OUTSIDE source INSIDE_ZONE destination OUTSIDE_ZONE
description web traffic
service-policy type inspect HTTP_POL
IOS_VPN#sh policy-map type inspect
Policy Map type inspect HTTP_POL
Class HTTP
Inspect
Class EXPRESSION
Drop
Class class-default
Pass
Thanks,Any ideas??
Thanks,
Eddy -
Dear experts,
I am new to sap hr.
I would like to know, if we get some issues, like which server we need to configure.
Development or quality or production ?
Which are the cases, we will do the configuration in production ? also please clarify what is pre production server ?
Regards
BalaHey Balaji,
R/3 means Application Layer,Database Layer,Presentation Layer. Configurations can be done in Development server then move the request to QA Server and then to Production server. The Production server is considered as a Golden box, where the configurations done should be very accurate. Hence the initial configurations must be done in Sand Box (Dev Server). Hope this gives you some idea.
Regards
Veena -
Problem with FWSM and L3 interface in same switch
I have two 6513s with an 802.1q trunk connecting them. Each switch has redundant Sup720s running in Native mode, IOS ver 12.2(18)SXF (they were initially running SXD3). A FWSM (ver 2.3(3), routed mode, single context) is in each switch, setup in failover mode.
I can not get a PC, in a vlan that has the layer 3 interface defined on the switch with the active FWSM in it, to communicate with devices "behind" the FWSM. If I move the layer 3 configuration for that vlan to the other 6513, everything works fine.
The MSFCs are on the inside of the firewall, they have a layer 3 interface configured in the same vlan as the FWSM "inside" interface. Several "same security level" interfaces are defined on the FWSM and used to protect server farms. I am using OSPF on the MSFCs and FWSM and the routing table is correct.
The FWSM builds connections for attempts made by the PC with the layer 3 interface defined on the same switch as the active FWSM just fine, so this is not a FWSM ACL problem.
A ping of the FWSM "inside" interface from a PC with the layer 3 interface defined on the same switch as the active FWSM fails, even though debug icmp trace on the FWSM shows the request and the response. A packet capture, using the NAM-2, shows only the request packets. I have captured on the common vlan and the FWSM backplane port channel interface.
Just to add to the confusion, if I capture in the same places, but do the ping from a PC that is in a vlan with the layer 3 interface defined in the 6513 that does not contain the active FWSM, which works fine, I see the request and reply on the common vlan capture, but only the request on the port channel capture.
This problem has been there from the beginning of this implementation and has not changed with IOS and FWSM software upgrades. I have experienced this with any and all vlans that I tried to define the layer 3 interface for on the switch with the active FWSM. I have MLS turned on.
If anyone else has experienced this and solved it, or knows what is going on, I would appreciate any insight.
Thanks.
KeithI will have to get setup to record more data, but I do know the FWSM showed a ping request and a ping reply at the "inside" interface.
I believe my problem is related to the IOS command "firewall multiple-vlan-interfaces" which I put in place to allow IPX traffic to be brought around the FWSM. The little documentation that there is for this command, states that policy routing may need to be implemented to prevent ip packets from going around the firewall. I do not have any policy routing in place.
I also do not have any active layer three interfaces defined for any of the vlans assigned to the firewall except the "inside" interface. So my resoning was that I did not need to be concerned about ip packets having a way around the FWSM. My suspicion is that this command and the fact that I have mls on is causing some type of a problem which results in the packet being "lost" when it needs to be going through the MSFC in the switch with the active FWSM to get to the PC. Hopefully that makes some sense.
Do you have any idea where better documention on using the "firewall multiple-vlan-interfaces" may be, or a better explanation of all that is happening inside the switch when that command is used?
Thanks. -
Discoverer Report Requirements
Hi
I am fairly new to Portal and currently looking at implementing it for a client using Portal v 10.1.4.1 and AS 11.5.10.2. Currently I am gathering requirements and one of these is to allow the users to display a number of Discoverer reports. At present the reports have not been defined and this is currently in progress. However from a Portal perspective can someone clarify please what components are needed both from Portal and also from Oracle AS in order to display these reports as well as any other comps. I have been reviewing the documentation and it seems to state that we need a Oracle BI component installed. Is this just for Dashboards or also for displaying reports in the Portlet ?
The documentation states that the Pre requisites for Discoverer Portlets are
1) Install Oracle Application Server Infrastructure
2) Install Oracle Application Server Portal
3) Install Oracle Business Intelligence
Can someone please confirm what I need to install in order to achieve this functionality ?
Thanks in advance
KevinKevin,
If you have Portal installed and Discoverer Viewer then you can simply create a page in Portal with url items which contain links to the discoverer viewer reports. You need to create public connections within Discoverer. The easiest way of getting the correct url is to simply run the desired report within a browser and copy the url into the portal item.
If you need to set some of the parameters dynamically you can do this in a dynamic page and htp.p() the link as html, setting the desired parameters at runtime.
Portal allows you to create Discoverer portlets but these are pre-run and cached, which is great for performance but not so good if you need them to be dynamic.
You may need buiness intelligence if you are wanting to work with Oracle Applications: my understanding is that Business Intelligence is a pre-built End User Layer with Business Areas that get you up and running quickly with Discoverer in the eBusiness Suite. It is possible to do without Business Intelligence but it will require some up-front work to build your own end user layer and configure it.
There are a number of articles on Metalink about getting Discoverer to work with Oracle Applications which covers all this in great detail.
Patrick. -
VIP: 10.1.1.1:80
real service 1: 192.1.1.1:80
real service 2: 192.1.1.2:80
user IP: 10.2.2.1
CSS ver 8.2
when user opens a web-browser connection to http://10.1.1.1, he always gets attached to 192.1.1.1 unless he closes the browser and opens a new one only then is the session directed to 192.1.1.2.
How can I configure the content rule to force the user to 192.1.1.2 when the user merely refreshes his browser with F5.
here's the content rule:
content EPL
add service a
add service b
vip address 10.1.1.1
protocol tcp
port 80
active
dayoWhen you configure no persistence on the content rule, you are instructing the CSS to initiate a non-persistence connection in the backend (to the server).
You can configure the global command "persistence reset remap", so the CSS will RST and remap each request, however this configuration is used when you have many content rules with same VIP and different layer 5 configuration, so you could have different server farms for different URLs, and then you would like to have the CSS checking at every request and remap if a more specific content rule is matched.
I do not think that this configuration would change your behavior with a single persistent connection from the browser to the same rule, but you might want to give it a try.
Hope it helps!! -
Why do podcasts no longer auto-delete in new v10.6.3.25 on Dell laptop Win7 despite menu settings?
tksFound the error and posted a blog post here: http://www.red-abstract.com/blog/2009/11/19/itunes-90-and-auto-deleting-podcasts .html
The issue is that Apple put this behind another layer of configuration on the podcasts screen. Go to that screen and click "Settings." You will see there that you can configure the podcasts individually or set the defaults to remove played episodes. Only after setting this will iTunes honor to auto-delete. -
How to Seed Cache using Event Polling Table
Hello Experts
I Have configured Event Polling Table in my PC
Steps :
1) Created table using SAEPT.Oracle.sql schema in 10g
2) Imported SAEPT.Oracle.sql by creating an new connection pool in Physical Layer
3) Configured in Repository - Tools - Utilities - OBI Event Polling Tables by selecting SAEPT.Oracle.sql and gave 15 min in polling frequency
4) Inserted some data in SAEPT.Oracle.sql
5) Checked NQserver.log after the polling time which is 15 min . NQserver.log was not getting updated or has any details about the event occurred .
Do you guys think i have missed some step in configuring EPT , if so ..please help me out i need to implement on client machine soon.
Appreciate your time guys .
Edited by: newbi on Jul 1, 2010 10:34 AMAs far as i know event polling tables are used to purge the cache automatically. It is not used to seed the cache.
If you want to seed the cache, use ibots or you have to do it as a program..
Edited by: user8000915 on Jul 1, 2010 7:37 AM -
Web Policy Pass Through On Standalone AP
On Cisco WLC SSID layer 3 configuration you can setup a web policy pass through to redirect a connected clients web browser to a certain starting page. Is this possible with a standalone Cisco AP not connected to a WLC?
Thanks.No it's not possible. If you have a stand alone AP, you will need a 3rd party appliance or software to have the splash page option.
Sent from Cisco Technical Support iPhone App -
Stopping Repainting in Form Server
Hi All,
We are calling a new form from an existing form using NEW_FORM - built-in. Now when the forms are run on the server, there is a distinct gap in time period between opening the new form, and closing the old one i.e. the old form closes, and it takes a few seconds for the new form to open, thus anything on the Windows behind is displayed.
Can we stop the repainting of the forms in between the closing and opening sequence i.e. the form will be repainted only after the new window opens, and it would look that the new window has replaced the old window, and the background windows would not be visible.
Any help/ pointers would be highly appreciated.
Thanx,
Suvendra
[email protected]Ban chay tu form server ha. Ban cau hinh chua dung roi. Ban hay cau hinh lai file configure de chay
-
Hi,
I m having problem on the custom inbound configuration.I am following the sample tutorial.I configured in Jdev.In my configuration,B2B will receive file from c:\xyz then it will write to a directory via mediator layer.I configured TP.In TP i configured the channel which will poll from c:\xyz directory.Then it will pass the doc to Host TP.But for the above configuration the file(xml) is not getting read by the TP.I copy the file to the c:\xyz but not getting polled.I even saw the log file and business report section, but did not get any thing regrading this project. Please suggest.Hi,
I droped the file name Welfergo_12345.dat at c:\xyz.The earlier probl. is solved but still m getting error.Please see the log below
Id 0AE391A5127F56CCAD600000F5DD7700
Message Id 0AE391A5127F56CCAC600000F5DD7200
Refer To Message Refer To Message
Sender Type
Sender Value
Receiver Type
Receiver Value
Sender Welfergo
Receiver Cognizant
Agreement Id
Agreement
Document Type ORDERS
Document Protocol Custom
Document Version
Message Type REQ
Direction INBOUND
State MSG_ERROR
Acknowledgement Mode NONE
Response Mode ASYNC
Send Time Stamp Tuesday, April 13, 2010 9:58:20 AM GMT+05:30
Receive Time Stamp Tuesday, April 13, 2010 9:58:20 AM GMT+05:30
Document Retry Interval 0
Document Remaining Retry 0
Native Message Size 21953
Translated Message Size
Business Action Name
Business Transaction Name
Xpath Name1
Xpath Value1
Xpath Expression1
Xpath Name2
Xpath Value2
Xpath Expression2
Xpath Name3
Xpath Value3
Xpath Expression3
Correlation From XPath Name
Correlation From XPath Value
Correlation From XPath Expression
Correlation To XPath Name
Correlation To XPath Value
Correlation To XPath Expression
Wire Message Wire Message
Application Message Application Message
Payload Storage Payload Storage
Attachment Attachment
Label
Collaboration Id 0AE391A5127F56CCAC600000F5DD7600
Collabration Name
Collabration Version
Business Action Name
Exchange Protocol Name Generic File
Exchange Protocol Version 1.0
Interchange Control Number
Group Control Number
Transaction Set Control Number
Error Code B2B-50547
Error Description Machine Info: (CTSINCALESX1AF) Description: Agreement not found for trading partners: FromTP Welfergo, ToTP Cognizant with document type ORDERS-1.0-INBOUND.
Error Level ERROR_LEVEL_COLLABORATION
Error Severity ERROR
Error Text Agreement not found for trading partners: FromTP Welfergo, ToTP Cognizant with document type ORDERS-1.0-INBOUND. -
Can N55-M160L3-V2 and N55-DL2 install in the same chassis of 5548UP?
Don't know why, but I am seeing Hw not supported on M160L3 module, I am running 5.2(1)N1, the OS should be able to support it, and I also have license installed.
Hi,
The only Layer 3 support in the Nexus 5548 is with one of the Layer 3 daughterboard i.e., N55-D160L3 or the N55-D160L3-V2.
I can't find a reference in any release note, FAQ etc., but the following graphic shows the available Layer-3 configuration options within the Cisco Commerce Workspace.
Regards -
Sharepint task Sync with exchange
Hi There,
i followed
http://technet.microsoft.com/en-us/library/jj552524(v=office.15).aspx. to configure task sync witth exchange server.
after successful execution of all the cmds i m getting following errors in ULS logs
1. An Operation failed because following certification has validation errors.
when i click site mailbox in my sharepoint site im getting following error:Hi ,
Secure Sockets Layer (SSL) configured for the Default Zone is a requirement for web applications that are deployed in scenarios that support server-to-server authentication and app authentication. This is
such a scenario. As a prerequisite for configuring Site Mailboxes, the computer that is running SharePoint Server must have SSL configured. For more information, see Create
claims-based web applications in SharePoint 2013 and follow the steps for creating an SSL site collection and server certificate.
You may need to import the Exchange Server SSL certificate from Exchange 2013 to SharePoint 2013, and from SharePoint 2013 to Exchange 2013. This is only necessary if the certificate is not trusted for the
API endpoints (such as a Self-SSL Certificate in a lab environment).
To import an untrusted SSL certificate to a new server:
Open Internet Explorer and navigate to Outlook Web App (if the deployment is on SharePoint Server) or the SSL SharePoint site (if the deployment is on Exchange Server): https://<ExServerName>/owa or
https://<SP_FQDN>.
Accept to trust the certificate by clicking Continue to website.
Click Certificate Error info in Internet Explorer next to the Address bar, and then click View Certificates.
Select Install Certificate and then select Place all certificates in the following store.
Select the checkbox to show physical stores.
Install the certificate to Trusted Root Certification Authorities > Local Computer.
Reference:
http://technet.microsoft.com/en-us/library/jj552524(v=office.15).aspx
Best Regards,
Eric
Eric Tao
TechNet Community Support -
Debug error when changing blending modes
Hi there,
I get a Debug Error every time I use 2 Adjustment Layers one above each other, with the following effects applied:
Adjustment Layer Above:
- Tint, not keyframed
- Opacity Blending Mode: Color Dodge
Adjustment Layer Below:
- Venetian Blinds, not keyframed
- Offset, keyframed
- Turbulent Displace, keyframed
- Opacity Blending Mode: Normal
Media layer below:
- JPG, Canon 60D - 5184x3456 - no effects applied
The error I get (option to 'Continue', but the program doesn't respond and needs to be closed):
Premiere Pro Debug Event
Premiere Pro has encountered an error.
[..\..\Src\CutlistRenderer.cpp-717]
Error in Events panel:
An input contract violation has occurred!
I first started to get this error, while working with various media files in 1440x1080/HDV 1080i mode (Sony Z7U native)/29.97fps/1.33 sequence. Trying to understand what it goes wrong, I created a new project and recreated the adjustment layers (AL) with same effects applied - the only thing changed was the JPG added as media under both ALs. Same debug errors every time the blending is changed from normal to any other blending mode. With normal blending on the AL above, everything is fine.
After further testing, it looks like even with only one AL (no effects) above the JPG, get the same debug error when blending is changed from normal to any other mode.
Important note: Same layer+effect configuration applied in 1920x1080/ARRI Cinema mode/24fps/1.0 sequence - it works with no debug error. Haven't tried any other editing modes yet.
Layers, in order from top:
- AL (Venetian Blinds, Tint, Offset, Turbulent Displace - Color Dodge blending)
- AL (Venetian Blinds, Tint, Offset, Turbulent Displace - Normal blending)
- AL (Timecode effect)
- Title
- media, MPEG (1440x1080, 29.97 frame rate, 1.3333 pixel aspect ratio)
- After Effects composition (dynamic link) 1920x1080 - content: media file, MPEG (640x480, 30fps, 1.0 + various titles and effects, including color dodge blending
I googled for similar error reports, there are none related to Premiere Pro.
I don't know what else to do, rather than just avoid using this effect configuration.
Does anyone else had this issue, even in different situations?
Thank you very much for any feedback.
Best,
Mark
Hardware:
HP Z820
Dual Xeon E5-2643 - driver 6.1.7600.16385
Dual nVidia Quadro 4000 - driver 8.17.12.7628
64GB RAM
SSD 250GB for System
HDD 3TB for Media
Software (up to date):
Adobe Premiere Pro CS6 - Version 6.0.3 (001 (MC: 264587))
Windows 7 x64 - 6.1.7601 Service Pack 1 Build 7601I've never seen that error myself. If you have a way to avoid it, might be best to just do that.
Maybe you are looking for
-
[solved]eth0: timed out
Hi, I am having problems getting internet connection bia ethernet. I have no way of posting the exact files from the arch box, but here is my rc.conf network part: eth0="dhcp" INTERFACES=(eth0) ROUTES=(!gateway) And i can not connect It always says i
-
I have an external table as described below. One record of the csv has these values: 104,Referencia de reclamación,ES. But when I query the table, TP_DESC, here are the values I get: 1,Referencia de reclamaci�S, null. How do I get it to display the S
-
New FireWire DVD Burner Plugged In - DVD Player Wants To Change Region?!
I have just bought an external Freecom FW/USB 2.0 DVD Burner. As part of my testing, I inserted a DVD-R video I had made and attempted to view it via DVD Player. However, I got a warning window saying that as this was the first time I had played a DV
-
Itunes syncing songs already on iphone
Hello! After updating my iTunes (Windows 7, 64-bit) to version 10.6.3.25, each time I sync my iPhone 4s (iOS 5.0.1) , it will re-sync about 90-100 songs that are already on my phone. I narrowed these songs down and deleted the album art, then re-dow
-
Itunes will not sync with ipod touch
itunes is installed with the latest version of itunes. all of a sudden, itunes will not sync with my ipod, itunes sees it, when i click to sync it goes through the motions, but never syncs. I get no messages or errors, it just never syncs. the ipod i