Srw2008 snmp vlan to port

Similar Messages

• Is it better to use router port versus vlan member port?

  Hi CSC,
  This is more of a philosophical or "best practices" question.
  I have a Cisco 3550 at the home office. Connected to the 3550 is a number of branch offices by way of T1 circuits or VDSL modems. They all come to the home office, where we have a central internet connection and server farm for our entire organization.
  Except for one special case branch office, we don't forsee the need for appearances of the  home office vlan at the branch office sites. In that case, we bring it  into a trunk port at the home office, and at the special case branch office we have a dell 3024  switch and tag some ports as vlan 18 (the home office) or vlan 27 (the  special case branch office).
  We also do not forsee a need for the vlan from one branch office to appear at another branch office.
  They are all (except for the special case mentioned above) currently configured something like this:
  interface FastEthernet0/1
  description home office
  switchport access vlan 18
  switchport mode access
  interface FastEthernet0/2
  description t1 to branch office 1
  switchport access vlan 19
  switchport mode access
  interface Vlan18
  description subnet for home office
  ip address 192.168.18.1 255.255.255.0
  interface Vlan19
  description subnet for branch office 1
  ip address 192.168.19.1 255.255.255.0
  Is it better, in terms of reduced network complexity or performance on my 3550, to do something like this instead?
  That is, to make the interfaces router ports as opposed to vlan member ports?
  Of course, if we ever DID need to have appearances of the home office vlan at branch office sites, or appearances of one branch office's vlan at another branch office, we would lose that flexibility.
  interface FastEthernet0/1
  description home office
  switchport access vlan 18
    switchport mode access
  interface FastEthernet0/2
  description t1 to branch office 1
  ip address 192.168.19.1 255.255.255.0
  interface Vlan18
  description subnet for home office
  ip address 192.168.18.1 255.255.255.0
  no vlan 19

  Hello,
  In my opinion there is no 100% right answer here. I think it depends also about network forecast. I'll try to add here some thoughts:
  - if you use trunk interfaces from home to branch and SVI for L3 connection, in terms of scalability is much easier to expand (you have now only one p2p L3 link, but in future you'll need another one; if the port is a trunk one, you just configure another SVI interface, allow vlan on trunk and your good to go)
  - trunk interfaces involve more configuration (L2 interface and SVI L3 interface)
  - if you add in the home office another switch to existing one, and for some reason you have misconfiguration in STP / VTP, then you can run into problems like loops, vlan database modification (e.g. VTP server mode and the new added switch has a higher revision number than existing one)
  - L3 physical interfaces are easier to configure and less complex, but in case you want to scale to additional p2p link will be harder
  - L3 configuration is easier to troubleshoot as you avoid the L2 complexity
  - in terms of packet exchange a L3 interface will exchange less packets than a L2 trunk with SVI (I'm talking here about control traffic, not user traffic)
  - with L2 trunk you can have other problems like if somebody is "smart enough" to add a new switch into the existing switch (if you have a switch there) at the branch location; imagine that the new switch due to misconfigurated STP became root bridge; you have a large STP domain.
  As I said, there is no good or bad approach. You have to guide yourself about forecasts in your network. For example if you know that a branch location will not be extended in the next 2 years, then go ahead with L3 interface and that's it. On the other hands if you have doubts you can add for another location L2 trunk with SVI. You can mix this two solution to obtain the best results for your network characteristics.
  Cheers,
  Calin

• Re-routing of SNMP traps from port 162 to port greater than 1024

  Hello,
  I have to re-route SNMP traps received at port 162 to some other port greater that 1024 (say 2041). There is an application which sends SNMP traps to port 162 and our application running on Windows listens for SNMP traps on port 2041, so we want
  to route/forward the traps internally from port 162 to 2041.
  I have been looking at the rules defined in 'Windows Firewall with advanced security' but not able to succeed. I noticed that there is a predefined rule for SNMP traps but it does not give me an option to forward the trap to another port. I tried
  creating a new rule but that also does not give me an option to change the port.
  Please help.

  Hi,
  According to Technet Library:
  SNMP uses the default UDP port 161 for general SNMP messages and UDP port 162 for SNMP trap messages. If these ports are being used by another protocol or service, you can change the settings by modifying the local Services file on the agent. The Services
  file is located in \ % SystemRoot %\System32\Drivers\Etc
  There is no file name extension. You can use any text - based editor to modify the file. The management system must also be configured to listen and send on the new ports.
  Caution:
  If you have previously configured IP security to encrypt SNMP messages on the default ports, you must also update the IP security policy with the new port settings. Otherwise, communication can be erroneously blocked or SNMP communications might not be secured.
  You can access to the link below for this article:
  http://technet.microsoft.com/en-us/library/cc959643.aspx
  Roger Lu
  TechNet Community Support

• Operations Manager 2012 doesn't listening SNMP Trap UDP port 162

  hi,
  SCOM 2012 SP1, how come the operations manager started but the SNMP Trap UDP port 162 not listening?
  Without this port listening, I can't testing SNMP trap on SCOM.
  Thanks...KEN

  Hi,
  As described in the following blog, the TRAP service should be installed but turned off, we could not get traps coming in until we turned the service back on.
  So please verify if the service is on. You can continue audit the ports by running netstat –a.
  System Center 2012 Notes From the Field
  http://scom-2012.blogspot.in/2012/07/setting-up-snmp-monitoring-in-scom-2012.html
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
  Hope this helps.

• Cisco switch 300 configure vlan and ports

  Hi i need help
  i cant see the vlan on port vlan membership
  i did create the vlan and i did configure the port the access
  but when i try to port vlan membership to tell which port to wich vlan i cant see the vlan i have created in the list
  thanks to help

  Hi,
  This forum is focusing on the issues related Windows Server.
  To get better help, please post your question on the forum of cisco.
  Here is the address,
  https://supportforums.cisco.com/
  Best Regards.
  Steven Lee
  TechNet Community Support

• Supported VLANs per port 6500

  Hello,
  I need to know what is the number of supported vlans per port for a Cisco 6500 with sup 720?
  Thank you.

  On a port configured as access port, it can only belong to one and one vlan only. On a trunk port configured as dot1q iith software release 8.3(1) and later releases, instead of reserved VLANs, we now have only user and internal VLANs. VLAN manager no longer permanently sets aside VLANs for features that require them; they are now dynamically assigned as needed. The entire VLAN range (1 to 4094) is now available for user (and internal) VLANs.
  With ISL I believe it's 1005 vlans.

• HP 1810G-8 vlan tagged port

  Hello, friends!
  I have some issue on HP ProCurve 1810G. My HP switch is uplinked to Netgear GSM7248 6 port. Some machine1 is connected to Netgear untagged port with PVID 11. I needed machine2 connected to HP to get reachable from machine1. So, on HP I've created vlan 11, tagged uplink port and set untagged port which is connected to machine2. 
  On Netgear I just tagged 6 port.
  It works, no problem.
  But later I needed another 2 machines to see each other in same manner. So, I have done same steps, but for vlan 32.
  After this HP switch and all connected to it stuff became unreachable.No suspicious entries found in log.
  I tried to replace HP with old as hell cisco switch and it works.
  Tried also to upgrade HP to p2.12, but it didn't help.
  Please, help.

  Hi:
  You may also want to post your question on the HP Business Support Forum -- Procurve Switches section.
  http://h30499.www3.hp.com/t5/ProCurve-ProVision-Based/bd-p/switching-e-series-forum#.VCgRxHl0y9I

• System vlan an port-profile

  I have a profile uplink which include a system vlan of 50, 60, 220
  thne i also have a port profile for vlan 50 and 60
  but when i connect a vm to this port group, i do not get any connection.
  however other vlans that are not set as system vlan on the uplink are working fine on their own port group.
  any idea why?

  here is an example from my configs I use.
  port-profile type ethernet system-uplink-03
  vmware port-group
  switchport mode trunk
  switchport trunk native vlan 1034
  switchport trunk allowed vlan 1031-1034
  channel-group auto mode on mac-pinning
  no shutdown
  system vlan 1031-1033
  description  Development system profile for critical ports and vm traffic
  state enabled
  1031-1034 are vmware mgmt, ip storage and vmotion in this instance vcenter was in a different environment I have I think about 12 different system uplink port profiles
  here is a port-profile:
  port-profile type vethernet 03-development-vmsc
  capability l3control
  vmware port-group
  switchport mode access
  switchport access vlan 1031
  no shutdown
  system vlan 1031
  max-ports 32
  description 03 Development ESXi Management
  state enabled
  hope this helps.

• SNMP OID for Port & CPU Utilization

  I have a LinkSys SRW208P switch. Is it possible to retrieve Port & CPU Utilization using SNMP?
  If so, does anyone know the OIDs?

  SNMP sure does that. Default OID should work fine. Community password is set to "public" by default.

• SNMP traps on ports

  I have a few 65xx and having some issues with getting "snmp traps mac-note change add/remove:on the ports
  On my switch running IOS v12.2(33) SXH1 / ROM V12.2(17r) SX 3 i can enter the added/removed command on a range of ports no issues.
  On my swithces running IOS V12.2 (18) SXF10 / ROM V12.2(17r) SX 3 i am unable, only commands is Link-Status when i enter ?
  I am guessing this is due to the ISO version being different on the switches, is there a way to enable traps on the ports (snmp traps mac-note change added/remove) like on the other switch without having to upgrade the IOS?

  Thanks for the info, guess i will move forward with update of the IOS.  Its been a while since i have done an IOS upgrade, on the cisco site would i grab the Cat 6500 Supervisor Engine 32?  It looks like the latest ISO here is from 30 may 2008. 

• RV220W - VLAN 2 VLAN single port access

  Hi
  I just bought Cisco RV220W router, and i have some problems connecting VLANs.
  I have 2 vlans on my network. Now i would like to leave those 2 vlans seperate, so that nobody can go from one vlan to another.
  But i want 3 exceptions.
  1.) access from VLAN1 (default vlan) to a server (192.168.10.2) on VLAN10 port 3389 (RDP).
  2.) access from VLAN10 to a server (10.10.10.3) on VLAN1 (default vlan) port 62000.
  3.) allow ping from VLAN10 to a server (10.10.10.3) on VLAN1 (default vlan).
  Thanks for all your help in advance.
  Bostjan

  cool
  and when can we expect the next firmware release?
  (can i get a beta version of this firmware?)
  Bostjan

• Dynamic Vlan-Trunk port

  Hi,
  Is posible to configure a Switchport like dynamic vlan port and in the same time to be trunk port?

  Hi,
  Static ports that are trunking cannot become dynamic ports. You must turn off trunking on the trunk port before changing it from static to dynamic.
  You can find more info here.
  http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007f2ec.html
  HTH,
  Sundar

• Private vlan edge port & STP

  Hi:
  Is it possible (and a good design to avoid layer 2 loops) to combine the stp and protected ports features on uplinks ports of an edge "non-transit switch"?
  The uplinks ports that i would like to have also as protected ports will be dot1q trunks, anyway i have read that protected ports are also supported with dot1q on 3750 switches... my doubt is, if you already have STP working on these uplink ports, may the protected-port feature help to avoid the undesirable efects of a loop or it is not designed for this purpouse?
  Regards and TIA.
  Juan

  The PVLAN edge (protected port) is a feature that has only local significance to the switch (unlike Private Vlans), and there is no isolation provided between two protected ports located on different switches. A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port in the same switch. Traffic cannot be forwarded between protected ports at L2, all traffic passing between protected ports must be forwarded through a Layer 3 (L3) device

• Vlan vs port based qos

  Hi,
  I have a question about vlan based qos. I am happy with qos configuration as applied to ports. However, vlan based qos confuses me somewhat.
  Is vlan based qos intended for situations where packets are to cross vlans? In that case, am I correct in assuming that vlan based qos has no effect on packet flows within that vlan? In that case the idea of vlan based qos would be to police/mark traffic leaving/joing that vlan?
  Or, does vlan based qos extend queuing (priority queue etc) down to ports that are members of that vlan are configured with vlan based qos? I think not but I'm not absolutely sure.
  I can't seem to get to the bottom of this on cco.
  Thanks, Steve

  Hi Steve,
  Packets do not have to cross VLANs for you to need VLAN-based QoS.
  VLAN-based QoS gives you an additional layer of queueing hierarchy. With port-based Qos, there is a set of software queues per physical port. As packets are scheduled from these queues, they are emitted from the port.
  With VLAN-based QoS, there is another layer. Each VLAN configured for VLAN-based QoS will have a set of queues associated with it, instead of having a set of queues for the physical port. This comes in useful for providers of Metro Ethernet service who offer multiple classes of service. Such ethernet services are usually sold with a fixed bandwidth per-VLAN. At egress switch ports, the provider will use vlan-based QoS to police/shape traffic in order to conform to the sold rate. Within this shaped rate, queueing will be used to ensure that the higher classes of service get preference.
  In answer to your questio, vlan-based qos does have an effect on packet flows within that vlan.
  Hope that helps - pls rate the post if it does.
  Regards,
  Paresh.

• Two VLAN's port forwarding to one, problem

  Hi all
  This is my first ever Cisco router for forgive me, if this is a simple matter, but I have spent the entire weekend trying to figure this out - with no luck.
  My employer has provided me with a Cisco 871W router for my homeoffice.
  The router is pre-configured with two VLANs and BVIs; VLAN1 (BVI1) and VLAN2 (BVI2) for home and office connection on two different subnets (192.168.1.0 and 192.168.0.0).
  My office connection is secured with IPSec or something similar - I have not that much insight in that aspect.
  The configuration works for normal internet access (www, mail etc) on both networks, and the tunneling to my workplace works fint too.
  My problem is that I would like to open up some ports for gaming etc. on the "home"-part of the configuration, but I cannot seems to get that to work.
  The attached configuration is my current running configuration, which contains some of my trials on getting this to work, so it might look a bit odd.
  If anyone could help me, I would appreciate it.
  Regards
  Jesper Lauridsen

  Hi,
  By the looks of it, you have an extended access list called 'outside_access_in' applied to your outside interface fa4.
  You would have to add a rule to this access list allowing the port in question.
  You would then need a static NAT entry that would map the port to the internal host.
  For instance, if you had a rule to allow port 80 like this:
  permit tcp any any eq www
  You would also need a NAT entry like this:
  ip nat inside source static tcp 192.168.0.10 80 interface FastEthernet4 80
  Assuming that 192.168.0.10 was the client PC.