Two srw switches with vlans and pfsense gatway

Similar Messages

• Connecting two Nexus switches with link

  Hi,
  I would like to connect two nexus switches with a link. Like one c5020 and one c5548p. How do i need to configure the ports at both the switches which will be joined with a fiber cable.
  For MDS switches such links becomes E-port and fabric is merged. Not sure what happenes at the Nexus swictches. Any input will be appreciated.
  Thanks,

  Do you have fc modules in each nexus? If so, they act much like the MDS 9148. All ports should be default auto speed and auto switchport mode. Insert fc-sfp's and a regular multimode fc cable between them. Default mode is fc switch.
  If that doesn't work, configure the mode on each port as E.
  Once done, the fc switch portion of each nexus will merge.
  Dave

• Peer-Switch with vPC and non-vPC Vlan Port-Channels

  Hi,                 
  in a design guide i have noticed that it is best practice to split vPC and non-vPC vlans on different inter-switch port-channels. Now, if i want to use the Peer-Switch function, but the port-channel interface of the non-vPC-vlan channel moves into blocking state. The option spanning-tree pseudo-information has no influence. Is peer-switch possible in my kind of topology?
  Greeting,
  Stephan

  I believe absolutly possible. specifically coz peer-switch and spt pseudo-info are specific and local to cisco fabric services running as part of  vpc technology. Personally me has lab with vpc-domain compounded of 2 N5Ks. They are peer-switches with spt-pseudoinfo and they have MST running on non VPC links independantly from vpc.

• LGS308 problem with vlan and multicast

  Hello,
  I have a LGS308 smart switch and am having problems putting multicast traffic on a specific vlan.
  The switch is connected to a PC for management (vlan 1).
  All ports are in acces mode, vlan 1 untagged.
  I created vlan 2 and put it untagged on port 7 and 8.
  Now, when I connect a multicast device (IPTV) on port 8, the switch becomes unresponsive and nothing works.
  It seems the switch is flooded with multicast traffic.
  Simply turning IGMP snooping on didn't help so I think it needs more configuration.
  Is this a known problem?
  ps: Once I have this simple setup running I'm planning for a more advanced setup with trunking 2 vlans (iptv + internet) to another switch over a single UTP cable. But first things first

  Yes it should!
  I have changed the setup like this:
  Switch 1
  port 1 - access mode - vlan 1U <---> Internet
  port 2 - access mode - vlan 1U <---> PC
  port 7 - access mode - vlan 2U <---> IPTV source (IGMP)
  port 8 - trunk mode - vlan 1T + 2T <---> switch 2 port 8
  Switch 2
  port 7 - access mode - vlan 2U <---> IPTV source (IGMP)
  port 8 - trunk mode - vlan 1T + 2T <---> switch 2 port 8
  With this setup, I can reach both switches from my PC.
  However, multicast doesn't work. I don't get IPTV on switch 2 port 7.

• Cisco 4507 with VLANs and Norton Ghost

  Hi Guys,
  I have Cisco 4507 switch with multiple VLANs. The problem is that I can put Norton Ghost in one VLAN and it reimages the client with no problem.
  But I want to reimage the clients in all VLANs in one go. Can some of the experts can tell me how to do that?
  Thanks in advance.

  We have a similar setup. We also have a 4507 with Norton Ghost. In this article on Ghost (Part 1-How Ghost starts the session)(http://service1.symantec.com/SUPPORT/ghost.nsf/docid/1999033015222425), it saids that ghost client uses broadcast initially to contact the Ghost Server. Since it uses broadcast, the broadcast arent going to traverse VLANs. Thats the point of VLANs is to minimize broadcasts. So in other words, lets say a client on VLAN1 broacasts to communicate with the ghost server. Well, if the ghost server is on VLAN1, then it will work of cource because the server will see the broadcast. If the ghost server is on a different VLAN, then its not going to see the broadcast.
  How we get around this is that we have a special NIC on our Ghost Server that allows the ghost server to access more than one VLAN at a time. In other words, the NIC enables trunking from your computer to the switch. So you enable trunking on your switch port for whichever vlans you want the ghost server to access. Then on the ghost server NIC, you set up the NIC to use those same VLANS. Now, the ghost serve will be able to communicate with any computer (ie ghost client) on those VLANS set on the NIC and switch port. The type of NIC that we have is a INTEL PROSet. There are other NICs out there though that have this VLAN capability.

• My wife and I have two different accounts with apple, and want to share a database.

  Let me start by saying that we both just moved from under a rock and started using Apple and Itunes. 
  I have a 4S she has a 4.  We both created an account before using Itunes.  I set up itunes on our home pc (XP) without thinking about her wanting/needing to share the pc for syncing and loading music to our phones.  I dont want to plug her in until I am sure we wont mess anything up. 
  Is there a way we can use one pc and two different devices with two different accounts without a divorce.  The majority of cds were hers, so i'm already on her bad list
  Please help
  Len Adams

  You're welcome.
  Happy Holidays to you and your family.
  Please note the items listed under Legend in the right sidebar of this page.

• Two Radeons 3870 with FCP and Motion?

  Hi!
  Have you tried to use two 3870 with FCP and Motion?
  I just wanted to have all 512MB of video RAM for my canvas and use the second card with my Matrox MXO to display broadcast preview.
  I know it could be risky, but as I remember earlier the problems shows only while rendering some of the plugins in FCP (my test was on 2006).
  Do you have any experience with pair of 3870 cards?
  I've just ordered two of them:)
  regards
  arti

  From what I've read on this forum, FCP doesn't work properly with two video cards.
  -DH

• Running two SSIDs, one with WPA2 and one with WEP

  Hi,
  I have a WRT610N. 
  How isolated are the two SSIDs that I can run?
  I know one is running at 5GHz and the other at 2.4GHz.  I've given each an SSID and a different security policy:  I run "sensitive" stuff under WPA2, and I run the other for legacy hardware that supports only WEP (eg my son's Nintento DS).
  But are these two keys to the same house, so to speak?  If someone cracks my WEP network, can they access the machines on the WPA network?  Or are they completely isolated?
  Does this make sense?
  Thanks for any enlightenment.
  -- Mike 
  Solved!
  Go to Solution.

  Yes, they are "two keys to the same house".   The "house" is your LAN.   If someone cracks your WEP, and wirelessly breaks into your router, then they have access to your LAN.   This would be like allowing a hacker to wire his computer directly to your router.   Being on your LAN, puts the hacker in a very good position to break into any other computer on your network.    Your WPA2 encryption does not give you any protection from someone who is already on your LAN.
  The solution to your problem is to run two separate wireless routers:
  modem  ----  router1  ---  router2
  router1 is set to "Local IP address"  192.168.1.1 , WEP encryption , set "AP isolation" to "enabled" , (note: no printers on router1)
  router2 is set to "Local IP address"  192.168.2.1 , WPA2 encryption, use a strong password (and not anything similar to the WEP password). 
  modem is wired to Internet port of router1
  LAN port of router1 is wired to Internet port of router2
  The wireless 2.4 GHz channels on the two routers must be different, and are preferably at least 5 channels apart.  Usually channels 1, 6, or 11 work best. 
  With the above two router setup, the Internet port of router2 should protect you from any intruders on router1. 

• Two websites-one with .Mac and one with .Mac using personal domain

  Good Day All! I know I asked this before but I think the question got wrapped in with another and I don't see that it has been answered. If I overlooked it I apologize for the duplicate post.
  I have a .Mac subscription with one published website already. I am working on another website now in iWeb but I want to publish it using a personal domain name. Can I do this? If so, can I keep them from being linked together?? Does that make sense? Thanks! quinlis

  Aloha,
  if you use CNAME both sites will be reachable using either the CNAME or the web.mac.com/username/ address
  if you use Webforwarding entering the personal domain will get to the site you pointed the domain to
  but that site will also be reachable through web.mac.com/username/sitename/
  I'd recommend you to use webforward with cloaking/masking/framing in your case. Thus the site you want to have the personal domain for will show the personal domain in the browser and will also be reachable through web.mac.com/username/sitename/ but your other website will not be reachable through your personal domain.
  Note that using masking google will not index the content of your pages using your personal domain if you're interested in that.
  Have a look at the following page for further information on setup and knowing what's CNAME, Febforward, Webforward with cloaking
  http://alyeska.altervista.org/en/iWeb_Domains.html
  I guess the best way would be having a family account or two .mac accounts so you can set it up as CNAME and your other site would be published to another account or sub-account and thus not reachable using your personal domain.
  Regards,
  Cédric

• Need basic Help - SG300 with vlan and routing

  Hi,
  i need some basic help with configuring vlan/routing.
  Situation:
  DSL Router - Cisco 300 - XenServer
  192.168.1.253 - 192.168.1.19 - 192.168.1.10 (mgmt ip)
  goal is, to reach from inside xenserver vms the internet.
  vms = 192.168.2.x
  gateway ip = 192.168.2.1
  what i did:
  - configured vlan 102, tagged, with the xenserver port
  - configured on xenserver a network with vlan id 102, attached to the vm
  - this network is conntected to an external bond
  - configured ipva4 interface: vlan102 - Static - IP 192.168.2.1 (this is the gateway ip of the vms)
  - automatic configured IPv4 Route: 192.168.2.0/24 next hop 0.0.0.0, Directly connected
  So at the moment i cant ping from inside a vm to the DSL Router (192.168.2.2 to 192.168.1.253)
  any ideas what i misconfigured or whats wrong?
  cheers,
  -Marco

  Hi Tom,
  ok, that make sense. I can ping the router now inside vms from 192.168.2.x network.
  But i cant ping external adresses, error: Destination net unreachable.
  My other problem i have, i cant reach any server from outside over router portforwarding.
  How do i have to configure the upload port to the dsl router? Is it a access port or a trunk
  port with all vlans (tagged or untagged?) At the moment ive a tagged Trunkport with all vlans.
  IPv4 Interface Table
  Interface
  IP Address Type
  IP Address
  Mask
  Status
  VLAN 1
  Static
  192.168.1.19
  255.255.255.0
  Valid
  Should the VLAN1 ip adress not the router ip adress ? Do i need an additional vlan for
  the router ? At the end i like to change the switch ip from dhcp to static (change automaticly
  when switching to layer 3 mode), but ive to look for the ios commands first.
  What else do i missing ?
  Thanks a lot,
  Marcus

• Problems with vlan and dot1q trunking port

  Dear Folks,
  i have problems with my AccessPoint Konfiguration.
  Even when i set the Catalyst Port to trunk, i can only connect to VLAN 1 but not to VLAN 10.
  and if i change the port to statik vlan 10 i can not connect to the ap but it works...
  config below:
  User Access Verification
  version 12.2
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname 1200_PP_1
  logging queue-limit 100
  enable secret xxxx
  clock timezone A 1
  ip subnet-zero
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  ssid DEPACNGLW0HS
  vlan 10
  authentication shared
  infrastructure-ssid
  mobility network-id 10
  speed basic-1.0 2.0 5.5 11.0
  rts threshold 2312
  channel 2412
  antenna receive right
  antenna transmit right
  station-role root
  interface Dot11Radio0.1
  no ip route-cache
  interface Dot11Radio0.10
  encapsulation dot1Q 10 native
  no ip route-cache
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 port-protected
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface FastEthernet0
  no ip address
  no ip route-cache
  speed 100
  full-duplex
  ntp broadcast client
  interface FastEthernet0.1
  encapsulation dot1Q 1
  no ip route-cache
  bridge-group 254
  no bridge-group 254 source-learning
  bridge-group 254 spanning-disabled
  interface FastEthernet0.10
  encapsulation dot1Q 10 native
  no ip route-cache
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  interface BVI1
  ip address 10.2.2.222 255.255.255.0
  no ip route-cache
  ip default-gateway 10.2.2.2
  ip http server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/122-15.JA/1100
  ip radius source-interface BVI1
  bridge 1 route ip
  line con 0
  line vty 0 4
  login local
  line vty 5 15
  login
  end
  it would be fine if anyone could help me....

  You configure Layer 3 Mobility with WLSM. No trunking is required on the CAT switch. However, you need to set the switch port on the CAT switch as access port in VLAN 10.
  Please post the WLSM and SUP720 configuration. Also, which VLAN do you want to access the AP?
  The following URL may be useful for you to verify the configuration:
  http://www.cisco.com/en/US/partner/products/hw/wireless/ps430/prod_technical_reference09186a00802a86a7.html

• Create Hyper-V virtual switch with VLAN tagging

  Hello All,
  I would like to create virtual network switch on a physical NIC of the Hyper-V host in Powershell.
  I use "New-VMSwitch" with "-AllowManagementOS $true" and the virtual switch will be ready. I would like to use "Enable virtual LAN identification for management operating system"
  and tag a VLAN to the virtual switch. Can you please help me with an example how to do it in Powershell?

  Start with this walk-through.
  http://www.vnotebook.ca/2013/11/configuring-management-vlan-in-hyper-v.html
  tags are bound to adapters.  A switch must have minimum of one adapter.
  ¯\_(ツ)_/¯

• Connecting two Acer monitors with VGA and DVI output to my Macbook Pro (mid 2010)

  Hi All,
  I need to connect 2 Acer monitors that have both VGA and DVI ports to my MacBook Pro.  What's the best way to do that?
  Thanks for your help!

  hey! Thats normal for notebook! That actually happens to almost all of us - as there are a small fraction of people with two and more thunderbolt displays or with newest rMBP and external multi-monitor setup.

• Two boolean buttons with colors and text?

  HI,
  I need two boolean buttons which will represent a power switch. So one will be ON and one will be OFF, but I need the text to be right on the button and I also want the buttons to switch colors. I have found only one or the other property (text on button or color) but not both on the pallette. Am I just not looking at the right buttons/properties? Please recommend what I should be using. (i.e. when ON is depressed I want it to be green, and OFF to be grey and viceversa)

  Programatically, there are two attribute nodes, one of them is strings, which will accept an array of 4 strings, being the following:
  1-OFF state
  2-ON state
  3-ON to OFF state (when latched or switched until release)
  4-OFF to ON state (when latched or switched until release)
  The other attribute is Colors, which is composed of an array of clusters of two numeric or color constants(controls):
  1-OFF sate foreground and background
  2-ON state foreground and background
  3-ON to OFF state foreground and background (when latched or switched until release)
  4-OFF to ON state foreground and background (when latched or switched until release)
  Hope this helps

• Any way to link two iPhones (numbers) with iMessage and iOS6?

  iOS6 unifies iMessage with your devices . . . but . . . what do you do to unify two iPhones for iMessage?? I have a work iPhone, and a personal iPhone, in the settings for iOS6 you can add multiple emails, but only ONE phone number. Any way to link more than one phone? Would using the same Apple ID work?

  To those having the problem of un-linking your phone from your wife's phone, etc . . .
  I am NOT linked with my wife's phone because she has a separate iCloud account, even though we use the same Apple ID for apps, music, etc. with iTunes. You can have a distinct and separate Apple ID for iTunes vs. the one you use for iCloud. Same setup on my daughter's phone.
  My problem with my other personal phone may be that I have downgraded my phone to upgrade the rest of the family when I got my work 4s. My personal phone is now a 3G, and there is no iCloud or iOS6 for the 3G. I may have to wait until I upgrade to see if I can link them with the same iCloud account . . . and have iMessage relate to both.
  On the same topic, I assume that this linking only works for iMessage, and NOT other text messages received from non-iOS phones/devices? Curious if I am correct on this.
  When I had a work Blackberry, I had an app called txtforward on the Blackberry, that would send me an email to my iPhone (personal) when I got a text on my work phone. It made it much easier to not have to carry two phones. Have not found such an app in the app store to date.