Sudden Ping Drop from Default Gateway in VLAN

Hi,
We have a Layer3 Switch 3560 and we have configure multiple VLANs along with SVI on it. We have then cascade layer2 Switches (Cisco 2960) with 3560 by Trunk links. Now we are facing problem on one VLAN that users are in specific VLAN sudden get ping drop from their default gateway (SVI on Cisco 3560) and this problem is not come with all users in that VLAN as just few users in a single time face this problem. When we unplug the systems for few second and reconnect then problem get resolved for few minutes till hours.
Kindly guide me to resolved this.
Regards,
Arshad

I have also clean the arp cache on users systems by using "'netsh interface ipv4 delete arpcache" but in vain. Now i have perform the below steps and operation is working fine since last 20 hours approx.
1- Change the First Casade Switch Cisco 2960.
2- Remove EtherChannel and Change the Backbone port on Cisco 3560 and Cisco 2960.
3- Connect both switches with single backbone Gig Port.
4- IOS Version on previous Cisco 2960 switch was IOS 12.2(50)SE3 and the IOS Version on newly installed switch is IOS 12.2(50)SE5

Similar Messages

MacBook Pro keeps dropping WiFi default gateway on Windows 7 Pro

I have to use Windows 7 for most of the work I do on my macbook Pro. I have the 3.2 bootcamp drivers installed, and I'm running Windows 7 Pro 64-bit. The wireless network frequently drops/hangs. Typically it loses the default gateway, and right clicking and doing a repair fixes it. However, I have to do this 6-10 times a day, and it's very annoying.
I contacted Apple support and they say it's a Windows issues, but none of my other non-mac Windows laptops are having this issue and they are connecting to the same wireless access point.
Does anyone have any suggestions since Apple's tech support can't help with this one? I think it has to be tied to drivers for the Wireless device.
Thanks!
--Kent

I am starting to ask myself why the **** I spent 1000 euros for a machine that is not able to connect to 95% of all the wireless networks I am using. And the best thing is that os x has these wifi related problems for years, so what the **** are the software guys doing the whole day, it cant be that hard to fix something that essential! And if I call them the tell me that its not an osx problem, the routers (which work with android Iphone windows linux ... ) are the problem. I am feeling fooled and start to get angry!!! Somebody with connections to some newspaper news-tv or whats so ever should bring this information out to people that think about getting such a crappy non-working piece of shxx. Maybe then they will stop ignoring this problem - its really ridiculous!!!!!!!!!!!

How to disable inter-VLAN ping response from L3 switch

Correction - This was originally posted for my SG300, but it's actually one of my SGE/2010
I am experiencing an odd behavior from my SG300. When pinging an IP that is in another VLAN (which requires L3 routing), my switch responds if an IP does not exist on the network. For example, let's say I am on subnet A (192.168.0.0) and I want to ping an IP on subnet B (192.168.1.0). If the IP does not exist on subnet B, the SG300 will respond that 'Destination host unreachable'.
You may ask, so what's the big deal? And for the most part I agree, however, there are some circumstances where certain searches on the network falsely identify this as a device residing at that IP. One example is Spiceworks and another is Symantec Endpoint Protection Manager. In both instances, the software is looking for devices to add to inventory and when it receives this 'Destination host unreachable' message from the SG300, it believes something is on that IP.
This problem does not occur if the search is on the same subnet, but only appears when it crosses over to another subnet and routing is involved.
My question is, how do I tell the SG300 to NOT respond with "Destination host unreachable" when an IP does not exist in another VLAN on the switch?
Thanks in advance!

The PC10 in vlan 10 can not ping the gateway (10.64.16.1) of vlan 20. It can only ping its own gateway 10.64.8.1
Both hosts are running Windows 7 professional with firewall turned off.
The same for the PC20 in vlan 20. It can only ping its own gateway (10.64.16.1) but not vlan10's gateway (10.64.8.1)
In fact, just for testing purposes.
I temporarily assign g0/1/2 (which was on vlan20) to vlan10 now. Changed the host (PC20) IP to 10.64.8.3.
After this change, the 2 hosts can ping each other (in the same vlan 10)....that's expected. So, the OSes and firewalls issues on the hosts are not the issue. They can ping each other when they are in the same vlan.
However, now that they are in the same vlan, they still can't ping out to G0/0 192.168.0.162.
So, the problem is how to ping from the layer 2 EHWIC to the built-in G0/0 and G0/1 router ports?

Get Default Gateway Address from BB app

Hi,
I need to get the WIFI default gateway address from an application. I searched in all the forum without a positive result. Some people talks about using WLanInfo but it does not provide the default gateway address.
Can anyone help me?
Thanks!

same question as before... are you developing an application?
http://supportforums.blackberry.com/t5/Downloaded-applications-for/Get-Default-Gateway-Address-from-...
1. If any post helps you please click the below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code

Vlan based default gateway

Alteon Web OS allows you to assign different default gateways for each VLAN. You can effectively map multiple customers to specific gateways on a single switch.
do cisco load balancers support different default gateway for each vlan?

one way of doing it today would be to define a serverfarm for each gateway, and have a vserver match_all for every vlan.
For example,
serverfarm gateway_1
no nat client
no nat server
real
x.x.x.x
serverfarm gateway_2
<...>
vserver gateway_vlan1
virtual 0.0.0.0 /0 any
serverfarm gateway_1
vlan
vserver gateway_vlan2
virtual 0.0.0.0 /0 any
serverfarm gateway_2
vlan

Some clients get Default Gateway assigned from WRT300N while others don't

Two existing desktops, one wired other wireless and existing laptop wireless connects to internet fine.
Trying to add work laptops, they aquire wireless signal, gets DHCP IP address assigned but doesn't connect. Looked at the ipconfig output and shows no default gateway - router IP is set to 192.168.1.1 - with everything default, I did a reset on it.
The existing machines all have default gateway assigned. Only difference I see is work machines are XP pro. Never had problems with work laptops connecting anywhere else.
Any ideas on how to setup so work laptops can connect?
Solved!
Go to Solution.

namralk wrote:
Ethernet adapter VMware Network Adapter VMnet8:
        Connection-specific DNS Suffix . :
        Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
        Physical Address. . . . . . . . . : 00-50-56-C0-00-08
        Dhcp Enabled. . . . . . . . . . . : No
         IP Address. . . . . . . . . . . . : 192.168.1.1
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
         Default Gateway . . . . . . . . . :
You have configured vmware on your computer to use 192.168.1.1 on the VMnet8 adapter. This means the computer uses 192.168.1.1 itself on that adapter and obviously won't set 192.168.1.1 as default gateway on your wireless adapter because 192.168.1.1 is the computer itself.
Fix your network configuration in vmware. After that a "ipconfig /renew *" or a reboot should obtain a new working lease including the default gateway. Make sure vmware does not use the 192.168.1.0/255.255.255.0 subnet for it's network adapters.

Default Gateway when connected to VPN

Thanks for reading!
This is probably a dump question so bear with me...
I have set up a VPN connection with a Cisco ASA 5505 fronting internet, with the customers environment behind it (on the same subnet), When connected ot the VPN I can reach the inside Router fronting me and one switch behind the Router (every switch is connected to the router), but nothing else.
My beet is that the Router is messing with my connection, but,, nevermind that!, the setup ain't complete anyway... my question is more related to the Gateway I'm missing when I'm, from the outside, is connected to the VPN on the ASA, could this mess it up? Shouldn't I have a Standard-Gateway in the ipconfig settings in windows?
This is who it looks like now:
        Anslutningsspecifika DNS-suffix . : VPNOFFICE
        IP-adress . . . . . . . . . . . . : 10.10.10.1
        Nätmask . . . . . . . . . . . . . : 255.255.255.0
        Standard-gateway . . . . . . . . :
The internal network is :
172.16.12.0 255.255.255.0
Below is my config for the ASA, thanks a lot!!!!!!!
!FlASH PÅ ROUTERN FRÅN BÖRJAN
!asa841-k8.bin
hostname DRAKENSBERG
domain-name default.domain.invalid
enable password XXXXXXX
names
interface Vlan1
nameif inside
security-level 100
ip address 172.16.12.4 255.255.255.0
interface Vlan10
nameif outside
security-level 0
ip address 97.XX.XX.20 255.255.255.248
interface Ethernet0/0
switchport access vlan 10
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
clock timezone CEST 1
clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
dns server-group DefaultDNS
domain-name default.domain.invalid
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
access-list nonat extended permit ip 172.16.12.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list MSS_EXCEEDED_ACL extended permit tcp any any
access-list VPN-SPLIT-TUNNEL remark VPN SPLIT TUNNEL
access-list VPN-SPLIT-TUNNEL standard permit 172.16.12.0 255.255.255.0
tcp-map MSS-MAP
exceed-mss allow
pager lines 24
logging enable
logging timestamp
logging buffer-size 8192
logging console notifications
logging buffered notifications
logging asdm notifications
mtu inside 1500
mtu outside 1500
ip local pool VPN 10.10.10.1-10.10.10.40 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
asdm image disk0:/asdm-625-53.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 172.16.12.0 255.255.255.0
route outside 0.0.0.0 0.0.0.0 97.XX.XX.17 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 172.16.12.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 172.16.12.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
group-policy VPNOFFICE internal
group-policy VPNOFFICE attributes
dns-server value 215.122.145.18
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPN-SPLIT-TUNNEL
default-domain value VPNOFFICE
split-dns value 215.122.145.18
msie-proxy method no-proxy
username admin password XXXXXX privilege 15
username Daniel password XXXXX privilege 0
username Daniel attributes
vpn-group-policy VPNOFFICE
tunnel-group VPNOFFICE type remote-access
tunnel-group VPNOFFICE general-attributes
address-pool VPN
default-group-policy VPNOFFICE
tunnel-group VPNOFFICE ipsec-attributes
pre-shared-key XXXXXXXXXX
class-map MSS_EXCEEDED_MAP
match access-list MSS_EXCEEDED_ACL
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect icmp error
inspect pptp
inspect ipsec-pass-thru
inspect icmp
class MSS_EXCEEDED_MAP
set connection advanced-options MSS-MAP
service-policy global_policy global
privilege cmd level 3 mode exec command perfmon
privilege cmd level 3 mode exec command ping
privilege cmd level 3 mode exec command who
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege cmd level 3 mode exec command packet-tracer
privilege show level 5 mode exec command import
privilege show level 5 mode exec command running-config
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 3 mode exec command asp
privilege show level 3 mode exec command cpu
privilege show level 3 mode exec command interface
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 3 mode exec command ipv6
privilege show level 3 mode exec command failover
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode exec command eigrp
privilege show level 3 mode exec command crypto
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command ssh
privilege show level 3 mode exec command dhcpd
privilege show level 3 mode exec command vpnclient
privilege show level 3 mode exec command vpn
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 3 mode exec command webvpn
privilege show level 3 mode exec command module
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 3 mode configure command interface
privilege show level 3 mode configure command clock
privilege show level 3 mode configure command access-list
privilege show level 3 mode configure command logging
privilege show level 3 mode configure command ip
privilege show level 3 mode configure command failover
privilege show level 5 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 3 mode configure command route
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege show level 3 mode configure command crypto
privilege show level 3 mode configure command ssh
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
privilege clear level 3 mode exec command dns-hosts
privilege clear level 3 mode exec command logging
privilege clear level 3 mode exec command arp
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode exec command crypto
privilege cmd level 3 mode configure command failover
privilege clear level 3 mode configure command logging
privilege clear level 3 mode configure command arp
privilege clear level 3 mode configure command crypto
privilege clear level 3 mode configure command aaa-server
prompt hostname context
Cryptochecksum:aaa1f198bf3fbf223719e7920273dc2e
: end

I didn't realise I had that crypto settings on, thanks my bad!!!
But... the 172.16.12.0 network is directly connected, the Router (that to be honest is a firewall) / switches is all on the same subnet (172.16.12.X/24), so sorry I didn't explain thoroughly, was more wondering about the GW and didn't want to overcomplicate things..
The Firewall/Router dosen't do any routing, so it should work right (I you count out the firewalling in the firewall and so forth, there shouldn't be any problems accomplishing this with the ASA)? The Firewall is more a DHCP for the clients/Firwall for the clients.. this will change in the future.. it will be removed,
the vpn network is staticly routed back to my ASA in that firewall...
I don't like this solution.. but this is who it looks.. for now..
(VPN network is 10.10.10.X/24)
But... shouldn't I see a default gateway under ipconfig when I'm connected to the VPN from internet, on the vpn client that's vpned in, is this correct?
THANKS for all the help!

Default Gateway address for multiple VPN users/clients

Hello,
We need some help with a VPN setup for a school project.
What we want to do:
We would like to have aprox. 10 different VPN uses that can connect to our Windows Server 2012 R2 which is setup as a VPN server, by the Role called Remote access. And the VPN server is working and we are able to connect to it from another location/computer.
Our current setup:
We have a Cisco router, that are configured with 10 Vlans, from Vlan 10 to Vlan 20, and a managament Vlan called Vlan 100.
The Cisco router is also acting as DHCP server, so inside each Vlan the DHCP gives IP addresses to that specific Vlan, Ex: Vlan 10 has a 192.168.10.0/24 network. Vlan 11 has a 192.168.11.0/24 network, and so on. Vlan 100 has 192.168.100.0/24 This Vlan 100
has connection to all the Vlans.
We have internet connection on the Router on port 0 and each Vlan are connected to the internet.
We have setup the VPN server with a static IP configuration so it is inside Vlan 100 with a Default gateway, like 192.168.100.1 So the VPN server is connected to the internet.
In AD we have created a User and assigned a static IP address in the user properties, under the Dial-In tab. Here we give this user this IP 192.168.10.225
Now when we connect to the VPN server useing this user, we have no connection to any of the Vlans (ping) and no internet. When we in cmd write ipconfig we can see that our VPN connection has this IP 192.168.10.225 but a Subnet called 255.255.255.255 and
a Default gateway called 0.0.0.0
We would like the user to recieve the correct IP settings like: If we connect with our user, it should recieve the IP as it does, but also a subnet called 255.255.255.0 and a default gateway called 192.168.10.1
How is this achieved?
The reason we want this is: We want to create a VPN user for each Vlan. So a user with permission to access Vlan 10 but are not able to see the other Vlans, and then a new user to access Vlan 11 but not able to see the other vlans, and so on.
Hope someone is able to help us to understand how this is done.
Thank you in advance.

Hi,
In brief, we can't achieve this. Normally, we would not do this.
Usually, we use firewall or ACL to restrict the remote users.
For example, 192.168.10.100 is assigned to user1 and 192.168.10.101 is assigned to user2. We can use firewall to restrict 192.168.10.100 to access 192.168.10.0/24 and 192.168.10.101 to access 192.168.11.0/24.
Best Regards.
Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

Duplicate IP on a default gateway interface = Bad

I just had an entire VLAN drop out due to a host being brought onto the network that had been erroneously configured with a static IP that happened to be in conflict with the HSRP default gateway IP of the core switch; fortunately, we were able to remove the offending host and reconfigure default gateways as a workaround until the core switch's ARP table updated.
Is there any way to configure a 6500 running IOS to inhibit or block a conflicting IP (especially one with a gateway IP) by using a static ARP entry or other authoritative command?
Thanks,
Marc

Hi,
You may use the following.
enable Unicast Reverse Path Forwarding on an interface. Unicast RPF guards against IP spoofing (a packet uses an incorrect source IP address to obscure its true source) by ensuring that all packets have a source IP address that matches the correct source interface according to the routing table.
Normally, the FWSM only looks at the destination address when determining where to forward the packet. Unicast RPF instructs the FWSM to also look at the source address; this is why it is called Reverse Path Forwarding. For any traffic that you want to allow through the FWSM, the FWSM routing table must include a route back to the source address. See RFC 2267 for more information.
For outside traffic, for example, the FWSM can use the default route to satisfy the Unicast RPF protection. If traffic enters from an outside interface, and the source address is not known to the routing table, the FWSM uses the default route to correctly identify the outside interface as the source interface.
If traffic enters the outside interface from an address that is known to the routing table, but is associated with the inside interface, then the FWSM drops the packet. Similarly, if traffic enters the inside interface from an unknown source address, the FWSM drops the packet because the matching route (the default route) indicates the outside interface.
Unicast RPF is implemented as follows:
?ICMP packets have no session, so each packet is checked.
?UDP and TCP have sessions, so the initial packet requires a reverse route lookup. Subsequent packets arriving during the session are checked using an existing state maintained as part of the session. Non-initial packets are checked to ensure they arrived on the same interface used by the initial packet.
To enable Unicast RPF, enter the following command:
hostname(config)# ip verify reverse-path interface interface_name
http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080577c66.html#wp1042625
It may be useful..
Rgrds
Rajeev.S

Default gateway arp lookup failed

Hi there
On a 5500 series WLC I see I have an issue where peap clients get randomly disconnected with these errors
MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 24:77:03:35:79:34
AAA-6-ARP_LOOKUP_FAIL: radius_db.c:3232 Default gateway arp lookup failed.
aaaQueueReader: Aug 31 19:12:14.938: %AAA-4-RADIUSMSG_SEND_FAILED: radius_db.c:3567 Unable to send RADIUS message to
Any ideas?
Thanks
Naresh
Sent from Cisco Technical Support iPhone App

(Cisco Controller) >show wlan 1
WLAN Identifier.................................. 1
Profile Name..................................... SSID1
Network Name (SSID).............................. SSID1
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Enabled
Network Admission Control
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ i_wifi
Multicast Interface.............................. Not Configured
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Drop
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
   Authentication................................ 1.1.1.1 1812
   Authentication................................ 1.2.1.1 1812
   Accounting.................................... 1.1.1.1 1813
   Accounting.................................... 1.2.1.1 1813
   Dynamic Interface............................. Enabled
Local EAP Authentication......................... Disabled
Security
   802.11 Authentication:........................ Open System
   Static WEP Keys............................... Disabled
   802.1X........................................ Disabled
   Wi-Fi Protected Access (WPA/WPA2)............. Enabled
      WPA (SSN IE)............................... Disabled
      WPA2 (RSN IE).............................. Enabled
         TKIP Cipher............................. Disabled
         AES Cipher.............................. Enabled
      Auth Key Management
         802.1x.................................. Enabled
         PSK..................................... Disabled
         CCKM.................................... Enabled
         FT(802.11r)............................. Disabled
         FT-PSK(802.11r)......................... Disabled
FT Reassociation Timeout......................... 20
FT Over-The-Air mode............................. Enabled
FT Over-The-Ds mode.............................. Enabled
CCKM tsf Tolerance............................... 1000
   CKIP ......................................... Disabled
   Web Based Authentication...................... Disabled
   Web-Passthrough............................... Disabled
   Conditional Web Redirect...................... Disabled
   Splash-Page Web Redirect...................... Disabled
   Auto Anchor................................... Disabled
   H-REAP Local Switching........................ Disabled
   H-REAP Local Authentication................... Disabled
   H-REAP Learn IP Address....................... Enabled
   Client MFP.................................... Optional
   Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Mobility Anchor List
WLAN ID     IP Address            Status

Management port for management switch(2960x) / IP default-gateway for L2 management switch

1)
I am going to connect all mgmt ports of server to this access switch (L2; 2960x) like below. Then I have a management port in 2960x (FastEthernet / L3 port). As you can see below, even though one of Core switch is down, I am able to access through the other Core switch for mgmt SW. Do I need this FastEthernet port of 2960X?
Core Pri ------- Core Sec   (Core Pri 192.168.1.2 / Sec 192.168.1.3 / HSRP VIP 192.168.1.1)
            mgmt SW ----- (FastEthernet0) ------ Goes to where? I don't have RAS (Remote Access Server)
                  |
                  |
      servers' mgmt ports
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swint.html#wp2220949
2) From server side, server put default gateway (192.168.0.1) so if destination is not known, it dumps all to default gateway. This is L3. I understand this. What about L2 default gateway from switch itself? The L2 access switch supports "ip default-gateway" command. I know that without this command still servers do not have any problems to connect to network. Then this command is for switch (2960x) itself? i.e I log into the switch and ping google.com then switch will try to resolve through DNS, but if DNS is not set up in the switch, it sends all traffic to "ip default-gateway"? Is it right?
3) If L2 (Access) switch has multiple data vlans and mgmt vlan (10.0.0.0/24 10.0.10.0/24 192.168.0.1). Then what will be the "ip default-gateway" for this switch?
Thanks for your time and knowledge.
======================== Reference from Cisco regarding ip default-gateway --------------------------------------
How to configure the ip default-gateway command on a Cisco 3550 series switch
VERSION 2
Resolution
To define a default gateway when IP routing is disabled, issue the ip default-gateway global configuration command. Then, enter the IP address of the next-hop router interface that is directly connected to the switch where a default gateway is being configured.
The default gateway receives IP packets with unresolved destination IP addresses from the switch. Once the default gateway is configured, the switch has connectivity to the remote networks with which a host needs to communicate.
Note: When the switch is configured to route with IP, it does not need to have a default gateway set.
For more information, refer to Assigning the Switch IP Address and Default Gateway.
ip default-gateway
https://supportforums.cisco.com/docs/DOC-5090

Vlan 99 is management port. This is an access switch. I am accessing this swtich through SSH remotely (10.1.2.x)
WirelessSWLab#sh ip int b
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM administratively down down
Vlan99                 10.1.99.35      YES manual up                    up
GigabitEthernet0/1     unassigned      YES unset up                    up
GigabitEthernet0/2     unassigned      YES unset down                  down
GigabitEthernet0/3     unassigned      YES unset down                  down
GigabitEthernet0/4     unassigned      YES unset down                  down
GigabitEthernet0/5     unassigned      YES unset down                  down
GigabitEthernet0/6     unassigned      YES unset down                  down
GigabitEthernet0/7     unassigned      YES unset down                  down
GigabitEthernet0/8     unassigned      YES unset down                  down
GigabitEthernet0/9     unassigned      YES unset down                  down
GigabitEthernet0/10    unassigned      YES unset down                  down
GigabitEthernet0/11    unassigned      YES unset down                  down
GigabitEthernet0/12    unassigned      YES unset down                  down
GigabitEthernet0/13    unassigned      YES unset down                  down
GigabitEthernet0/14    unassigned      YES unset down                  down
GigabitEthernet0/15    unassigned      YES unset down                  down
GigabitEthernet0/16    unassigned      YES unset down                  down
GigabitEthernet0/17    unassigned      YES unset down                  down
GigabitEthernet0/18    unassigned      YES unset down                  down
GigabitEthernet0/19    unassigned      YES unset down                  down
GigabitEthernet0/20    unassigned      YES unset down                  down
GigabitEthernet0/21    unassigned      YES unset down                  down
GigabitEthernet0/22    unassigned      YES unset down                  down
GigabitEthernet0/23    unassigned      YES unset down                  down
GigabitEthernet0/24    unassigned      YES unset up                    up
WirelessSWLab#

B2b unable to pick the file from xml gateway

Hi All,
I am taking a scenario where B2B picks the files from xml gateway and drop the files in FTP folder. I modified the XML gateway inbound and outbound, i has given my user credentials(unmae, host ,pwd ,sid, port). In agreement in the place of internal delivery channel i has given XML gateway outbound.
Still its unable to pick the files from xml gateway.
Clarify my understanding please
While b2b picks the files from xml gateway, It will pick from ECX_Inbound or ECX_Outbound?
Here i am attaching the logs:
2010.01.15 at 07:32:51:101: B2BStarter thread: B2B - (DEBUG) B2BStarter - Context Initialized
2010.01.15 at 07:32:56:366: B2BStarter thread: B2B - (DEBUG) B2BStarter - Start B2B
2010.01.15 at 07:32:56:369: B2BStarter thread: B2B - (DEBUG) B2BStarter - Starting B2B
2010.01.15 at 07:32:56:392: B2BStarter thread: B2B - (DEBUG) B2BStarter - configuration obtained
2010.01.15 at 07:32:56:395: B2BStarter thread: B2B - (DEBUG) B2BStarter - clear global cache
2010.01.15 at 07:32:56:547: B2BStarter thread: B2B - (DEBUG) XEngine not running. So no need to clear cached objects inside XEngine.
2010.01.15 at 07:32:56:821: B2BStarter thread: B2B - (INFORMATION) Repository:print: [0] HL7 over MLLP Exchange
2010.01.15 at 07:32:56:824: B2BStarter thread: B2B - (INFORMATION) Repository:print: [1] EDI X12 over AS1
2010.01.15 at 07:32:56:826: B2BStarter thread: B2B - (INFORMATION) Repository:print: [2] Custom Document over Generic Exchange
2010.01.15 at 07:32:56:829: B2BStarter thread: B2B - (INFORMATION) Repository:print: [3] EDI EDIFACT over Generic Exchange
2010.01.15 at 07:32:56:832: B2BStarter thread: B2B - (INFORMATION) Repository:print: [4] RosettaNet over RNIF
2010.01.15 at 07:32:56:835: B2BStarter thread: B2B - (INFORMATION) Repository:print: [5] EDI X12 over Generic Exchange
2010.01.15 at 07:32:56:837: B2BStarter thread: B2B - (INFORMATION) Repository:print: [6] Custom Document over MLLP Exchange
2010.01.15 at 07:32:56:840: B2BStarter thread: B2B - (INFORMATION) Repository:print: [7] Custom Document over AS1
2010.01.15 at 07:32:56:842: B2BStarter thread: B2B - (INFORMATION) Repository:print: [8] EDI EDIFACT over AS1
2010.01.15 at 07:32:56:845: B2BStarter thread: B2B - (INFORMATION) Repository:print: [9] HL7 over Generic Exchange
2010.01.15 at 07:32:56:848: B2BStarter thread: B2B - (INFORMATION) Repository:print: [10] Custom Document over Internet
2010.01.15 at 07:32:56:851: B2BStarter thread: B2B - (INFORMATION) Repository:print: [11] Custom Document over ebMS
2010.01.15 at 07:32:56:853: B2BStarter thread: B2B - (INFORMATION) Repository:print: [12] EDI X12 over Internet
2010.01.15 at 07:32:56:856: B2BStarter thread: B2B - (INFORMATION) Repository:print: [13] EDI EDIFACT over Internet
2010.01.15 at 07:32:57:649: B2BStarter thread: B2B - (DEBUG) Repository:constructCertSQL SELECT cert.ID, cert.CLASSTYPE FROM TIP_Certificate_ra cert, TIP_Party_ra party, TIP_DocumentExchange_ra docex WHERE cert.ID = docex.signingcredential AND cert.tradingpartner = party.ID AND party.ishosted != 'Y'
2010.01.15 at 07:32:57:785: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.document.custom.CustomDocumentPlugin:initialize Enter
2010.01.15 at 07:32:58:077: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.document.custom.CustomDocumentPlugin:initialize Exit
2010.01.15 at 07:32:58:824: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize Enter
2010.01.15 at 07:32:58:827: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize resetListener = true
2010.01.15 at 07:32:58:831: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize initdcx = true
2010.01.15 at 07:32:58:891: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize initialize TPAProcessor
2010.01.15 at 07:32:59:010: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize Clear TPA Cache
2010.01.15 at 07:32:59:013: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize initialize DataContext. Pool Size 0
2010.01.15 at 07:32:59:038: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:initialize Treat Response as Request = false
2010.01.15 at 07:32:59:041: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:initialize Exit
2010.01.15 at 07:32:59:043: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize initialize Transport
2010.01.15 at 07:32:59:046: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.transport.TransportInterface:initialize Initialize Transport Logger.
2010.01.15 at 07:32:59:059: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.transport.TransportInterface:initialize Transport LogLevel = ERROR
2010.01.15 at 07:32:59:294: B2BStarter thread: B2B - (DEBUG) Repository:Repository:getDeliveryEndPointList() Wallet Location /apps/elshad4/aelshad4/elshad4_OracleB2B/Apache/Apache/conf/ssl.wlt/default/ewallet.p12
2010.01.15 at 07:32:59:297: B2BStarter thread: B2B - (INFORMATION) Repository:getDeliveryEndPointList: No Archive dir
2010.01.15 at 07:32:59:300: B2BStarter thread: B2B - (INFORMATION) Repository:getDeliveryEndPointList: marker :false
2010.01.15 at 07:32:59:314: B2BStarter thread: B2B - (INFORMATION) Repository:getDeliveryEndPointList: Putting ftp://elshad1.emerson.com//ftpdata/elshad1/ice/infile/850/PO
2010.01.15 at 07:32:59:322: B2BStarter thread: B2B - (INFORMATION) oracle.tip.adapter.b2b.transport.TransportInterface:initialize: Props: ftp://elshad1.emerson.com//ftpdata/elshad1/ice/infile/850/PO file.receiver.wallet_location = /apps/elshad4/aelshad4/elshad4_OracleB2B/Apache/Apache/conf/ssl.wlt/default/ewallet.p12
file.receiver.wallet_password = *****
file.receiver.polling_interval = 5
file.receiver.path = /ftpdata/elshad1/ice/infile/850/PO
file.receiver.marker = false
marker = false
ccc = false
file.receiver.channel_mask = None
file.receiver.minimum_age = 0
filename_format = %FROM_PARTY%_%TIMESTAMP%.dat
file.receiver.van = false
file.sender.channel_mask = None
file.receiver.user = eiced1
PROTOCOL_ENDPOINT = null
file.receiver.password = *****
file.receiver.preserve_filename = false
transport_callout_waittime = 30
preserve_filename = false
file.receiver.ccc = false
van = false
polling_interval = 5
2010.01.15 at 07:32:59:491: B2BStarter thread: B2B - (DEBUG) initialize TransportReceiver: [Emerson_Robin_FTP_TransportServer < ftp > < Emerson >]
2010.01.15 at 07:32:59:858: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.transport.AppTransportInterface:initialize Initialize AppTransport Logger.
2010.01.15 at 07:32:59:864: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.transport.AppTransportInterface:initialize AppTransport LogLevel = ERROR
2010.01.15 at 07:32:59:949: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 07:32:59 GMT+00:00 2010 Outbound - initialize
2010.01.15 at 07:32:59:953: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 07:32:59 GMT+00:00 2010 Obtaining outbound connection...
2010.01.15 at 07:32:59:956: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 07:32:59 GMT+00:00 2010 outbound connect string: jdbc:oracle:thin:@essdbdu31.emrsn.com:36001:ROBIND1
2010.01.15 at 07:32:59:960: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 07:32:59 GMT+00:00 2010 outbound username: apps
2010.01.15 at 07:33:04:319: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 07:33:04 GMT+00:00 2010 Outbound - initialize exit
2010.01.15 at 07:33:04:322: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:startListen Enter
2010.01.15 at 07:33:04:326: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:startListen Exit
2010.01.15 at 07:33:04:329: Thread-10: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:run Thread start
2010.01.15 at 07:33:04:332: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize Exit
2010.01.15 at 07:33:04:335: B2BStarter thread: B2B8:15:32:157: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 08:15:32 GMT+00:00 2010 inbound username: apps
2010.01.15 at 08:15:33:757: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 08:15:33 GMT+00:00 2010 inbound initialize exit
2010.01.15 at 08:15:33:761: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 08:15:33 GMT+00:00 2010 Outbound - initialize
2010.01.15 at 08:15:33:764: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 08:15:33 GMT+00:00 2010 Obtaining outbound connection...
2010.01.15 at 08:15:33:767: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 08:15:33 GMT+00:00 2010 outbound connect string: jdbc:oracle:thin:@essdbdu31.emrsn.com:36001:ROBIND1
2010.01.15 at 08:15:33:770: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 08:15:33 GMT+00:00 2010 outbound username: apps
2010.01.15 at 08:15:34:473: B2BStarter thread: B2B - (DEBUG) : Fri Jan 15 08:15:34 GMT+00:00 2010 Outbound - initialize exit
2010.01.15 at 08:15:34:476: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:startListen Enter
2010.01.15 at 08:15:34:479: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:startListen Exit
2010.01.15 at 08:15:34:481: Thread-10: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:run Thread start
2010.01.15 at 08:15:34:484: B2BStarter thread: B2B - (DEBUG) oracle.tip.adapter.b2b.engine.Engine:initialize Exit
2010.01.15 at 08:15:34:487: B2BStarter thread: B2B - (DEBUG) B2BStarter - B2B initialized
2010.01.15 at 08:15:35:928: Thread-10: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:run initialize Enter
2010.01.15 at 08:15:36:132: Thread-10: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:run initialize B2BListen turned off, will not listen on IP_OUT_QUEUE for messages
2010.01.15 at 08:15:36:139: Thread-10: B2B - (DEBUG) oracle.tip.adapter.b2b.data.MsgListener:run start listening on message
regards
cnu

Anuj,
The log which i placed on top, thats the complete log and DC log is given below
2010.01.18 at 12:58:06:117: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:11:130: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:16:143: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:21:153: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:26:169: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:31:164: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:36:173: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:41:182: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:46:194: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:51:210: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:58:56:217: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:01:244: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:06:254: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:11:256: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:16:283: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:21:276: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:26:285: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:31:297: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:36:314: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:41:324: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:46:327: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:51:341: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 12:59:56:352: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered.
2010.01.18 at 13:00:01:359: Thread-14: (ERROR) FTPClient.listNames(): unexpected 550 is encountered

Internet speed dropped from 2Mbps to 135Kbps for p...

Hi,
Until last week i had 2Mbps internet which was fine and stable, then it suddenly dropped to 135K.
I did not change anything on my network to caus this
I have tried a different router/cables/microfilters and virus checked with avira and malwarebytes none of which did anything so i am convinced it is an external problem.
I called india who reckoned i had 6Meg available.
Please can you find out if anything has changed somewhere else in your network or with my account that would cause this.
here is the speedtest results
Download speedachieved during the test was - 114 Kbps
For your connection, the acceptable range of speeds is 50-250 Kbps.
Additional Information:
Your DSL Connection Rate :6624 Kbps(DOWN-STREAM), 448 Kbps(UP-STREAM)
IP Profile for your line is - 135 Kbps
here are my routers details
tatus
System Date and Time
LAN Settings
Date/Time
October 5 2011 , 8 : 10 : 41
LAN MAC Address
00:11:502:06:81
IP Address
192.168.2.1
Version Info
Subnet Mask
255.255.255.0
Runtime Code version
F5D7633-4Av1_UK_1.00.009
DHCP Server
Enabled
Boot Code Version
1.0.37-5.15
Hardware Version
V1.0J3
WLAN Settings
ADSL Modem Code Version
A2pB015c6
Wireless Function
Enabled
Serial Num
168-168-16888
WLAN MAC Address
00:11:501D:B7
Mode
125 High-Speed Mode
Features
SSID
coelodonta
Firewall
Enabled
ESSID Broadcast
Enabled
NAT
Enabled
Channel
11
UPnP
Disabled
Security
WPA-PSK
ADSL
Internet Settings
Type
Interleave
WAN IP
86.139.117.131
Status
No Defect
Default Gateway
217.32.91.140
Downstream
Upstream
Primary DNS Server
217.32.171.22
Data rate
6624
448
Secondary DNS Server
194.74.65.68
Noise margin
14.8
28.0
Output power
19.8
12.4
Attenuation
31.5
18.5
Solved!
Go to Solution.

Hi Welcome Your IP Profile has dropped because of a noise issue on your line causing the exchange equipment to see your line as unstable normally the profile will rise within a period of 3/5 days providing there are no restarts on your hub.
Some exchanges are now using a new profiling system that gives 88.2% of your connection speed the profile change on these exchanges is immediate at the new connection speed all you can do is wait while the exchange equipment restores your profile
If you want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side If the the reply answers your question then please mark as ’Mark as Accepted Solution’
If you want to say thanks for a helpful answer,please click on the Ratings star on the left-hand side If the reply answers your question then please mark as ’Mark as Accepted Solution’

VRF , Management access only and default gateway

Hello
I am preparing (3) new devices to become my new WAN. The topology looks like,
                 ASR1002x - Has management int and dg for remote access.
                                     Also has DG to WAN ISP via BGP
                 3750x stack - Has management int and dg for remote access. (ip vrf management 0.0.0.0 0.0.0.0 (Management vlan hsrp ip))
                                       Also has DG to ASR hsrp - which causes the Management access to drop.
                 ASA5545x - Has management int and dg for remote access.
                                      Also has DG to ASR hsrp - which causes the Management access to drop.
I MUST KEEP THESE NEW DEVICES OFF THE PRODUCTION NETWORK TO AVOID ANY POSSIBLE ROUTING ISSUES.
I have implemented unique EIGRP instances between the new devices.
These new devices have a management interface so I can access them remotely. I configured the default gateway pointing to the HSRP of the management Vlan and I have remote access.
Obviously I cannot have (2) default gateways out different interfaces, without assigning one with higher admin.
What should my management default gateway look like so I can have remote access to the device and still have the WAN/LAN routing work as needed??

found another thread with some suggestions, maybe it helps at the moment.
http://forums.lenovo.com/lnv/board/message?board.id=Special_Interest_Utilities&thread.id=6000

Best practice to change default gateway for HA-CAM

Hi,
The next week end, i will have a downtime to change it's HA-CAM's default gateway.
My question is, how can i do that?.
This change is not synchronized if i change only from an active cam (service Ip) o it does?
I was thinking on stops services for standby cam, then connect to a service ip, change its default gateway to active cam, then stops services and start them for standby cam and so on...
This is correct or this idea is wrong?
Please, I need suggestions.
Thanks for advance.

Kaylan
If the user vlan is routed on a L3 device before going to either the MPLS router or the firewall you could use PBR on the L3 device (if supported).
But as Reza says, we need more info on your network layout.
Jon

Sudden Ping Drop from Default Gateway in VLAN

Similar Messages

Maybe you are looking for