Two VLANs on same Switch with NAT problem.

Similar Messages

• Quicktime pro -I have exported two mp4 to web formats with no problems.  all of a sudden it is now stopping and shutting down.  I am on a pc with windows 7  Help!

  Quicktime pro -I have exported two mp4 to web formats with no problems.  all of a sudden it is now stopping and shutting down.  I am on a pc with windows 7  Help!

  Is the problem limited to a specific file that you're exporting?

• Two VLAN's port forwarding to one, problem

  Hi all
  This is my first ever Cisco router for forgive me, if this is a simple matter, but I have spent the entire weekend trying to figure this out - with no luck.
  My employer has provided me with a Cisco 871W router for my homeoffice.
  The router is pre-configured with two VLANs and BVIs; VLAN1 (BVI1) and VLAN2 (BVI2) for home and office connection on two different subnets (192.168.1.0 and 192.168.0.0).
  My office connection is secured with IPSec or something similar - I have not that much insight in that aspect.
  The configuration works for normal internet access (www, mail etc) on both networks, and the tunneling to my workplace works fint too.
  My problem is that I would like to open up some ports for gaming etc. on the "home"-part of the configuration, but I cannot seems to get that to work.
  The attached configuration is my current running configuration, which contains some of my trials on getting this to work, so it might look a bit odd.
  If anyone could help me, I would appreciate it.
  Regards
  Jesper Lauridsen

  Hi,
  By the looks of it, you have an extended access list called 'outside_access_in' applied to your outside interface fa4.
  You would have to add a rule to this access list allowing the port in question.
  You would then need a static NAT entry that would map the port to the internal host.
  For instance, if you had a rule to allow port 80 like this:
  permit tcp any any eq www
  You would also need a NAT entry like this:
  ip nat inside source static tcp 192.168.0.10 80 interface FastEthernet4 80
  Assuming that 192.168.0.10 was the client PC.

• Two VLANs on one switch port?

  Currently we have the following
  Cat 4003 with VLAN trunking turned on to multiple switches. Each port in those exterior switches is assigned to a vlan(we have about 60 different vlans).
  What I would like to do is on those exterior switches have two vlans assigned to it.
  We'd like to create a single IP Phone VLAN(let's call it 999) that can span our entire enterprise and would have dhcp deployed on it.
  Each port is connected to an IP phone which has a 2 port switch in them. One port to the wall, one to the pc.
  The switch ports on those phones support vlan tagging
  How would setup an exterior switch to access 2 vlans that connect to 2 port switch on an IP phone?

  To facilitate ease of deployment, use VTP so that you can centrally create the vlans and propagate to each exterior switch. Now I believe you already do have a layer 3 engine or router that does routing between all these vlans. What switches are used on teh exterior ? This is to find out if voice vlan support is available.
  In cat switches, voice vlan is created using command,
  set port auxiliaryvlan vlan
  In IOS based switches,
  int fa0/1
  switchport mode trunk
  switchport trunk encap dot1q
  switchport trunk native vlan
  switchport voice vlan
  switchport priority cos extend 0
  or
  int fa0/1
  switchport mode access
  switchport access vlan
  switchport voice vlan
  I am not sure about support of voice/aux vlan in 4003. We will have check your other switch models/ software versions to determine support for this command.

• Mail on iMac not accessing MS Exchange server but both iPhone and iPad access the same account with no problems.

  I have been using an iPhone and iPad to access my work emails via our MS Exchange server for a number of years now with no problems at all.  I recently replaced my home PC with an iMac (first Mac I have owned) but cannot get it to communicate with the exchange server.  I've checked and re-checked the information on the iMac and my iPad - I even deleted the mail account on the iPad and input the details concurrently with setting up on the iMac - but the Mac will not access the exchange server.
  I receive the message "The Exchange server "---------------" rejected the password for user "------"  Enter you password again or cancel."  I am using the correct password.  iPad and iPhone are logging on using that password fine.  iMac just ends up repeating this message.
  Our IT support at work assure me that there is no reason from their end for it not to work, and reasonably point to it working using the iPhone etc.
  I'd be extremely grateful if anyone can provide a solution to this basic, but extremely frustrating, little problem.

  iPhone and iPad use a different way of accessing the server.
  I don't know the exact details, but we are using Zarafa instead of Exchange and have the same problem:
  iPhone and the likes can connect to Zarafas z-push interface, which is some identical interface to the native Exchange interface, while the desktop e-mail application tries to interface with the web front end (via http) of the server.
  These are completely different setups and it depends on the actual installation of the server to get this going.
  So, you will most likely need different access parameters for the desktop - and the web mail feature has to be enabled on the Exchange server.
  In my opinion using the web mail interface is just silly. On the other hand, the native protocol has less features comparedto the web front end, so you are somehow stuck with sins of the past.
  Good luck!

• How to set up NAT for two servers using same port with ASDM ASA 5505

  Hi there,
  We have a new installation of a ASA 5505 and are trying to get some NAT issues straightened out. Here is the scenario: On our internal network, we have two servers running Filemaker Server, a relational database server that clients connect with using port 5003. Our goal is to be able to allow users from the outside to access either of these servers as needed. I know how to set up a simple static NAT rule and matching Access rule in ASDM which would be fine for a case in which only one server using a given port is running on a network, but for simple static rules I seem to be blocked from entering a different translated port number from the orginal port number, which becomes a problem when two servers we need to access from the outside are running software using the same port number.
  What is the simplest way to address this need? I am guessing that I need to set up a scenario like this, where port 5004 (or any arbitrarily choosen unused port, can be used to access the second server:
  Outside user enters   FQDN:5004  and this translates to Database server # 1 as   192.168.1.40:5003
  and
  Outside user enters   FQDN:5003  and this translates to Database server # 1 as   192.168.1.38:5003
  If so, what is the easist way to get this done? Or is there a better what to handle this scenario?
  Thanks in advance,
  James

  I would create two objects and use object NAT
  object network Obj_5004
  host 192.168.1.40
  object network Obj_5004
  nat (inside,outside) static service tcp 5003 5004
  object network Obj_5003
  host 192.168.1.38
  object network Obj_5003
  nat (inside,outside) static service tcp 5003 5003
  Of course you will need to open your outside interface for tcp ports 5003 and 5004 to make this happen

• Z77A-GD65 mixing two DDRAM pack, same brand with same parameters problem

  Hello. I have question. My mobo is z77a-gd65. I have 16gb of ram. Is it pack of 4x4gb modules from corsair vengeance lp (CML16GX3M4A1600C9). Because one module is damaged (tested in memtest) i buy new pack. This new pack is absolutely the same as previous but only 8gb (2x4gb). Is it same brand and timings (CML8GX3M2A1600C9). My problem is.. i can not enable the xmp profile in bios. This option is not accesible if i use 2x2gb from first pack and 2x2gb from second pack. Next problem.. if i change the ddram frequency  manually to 1600mhz (from 1333 - detected whith bios) which is default fq after save settings and restart, bios automatically set frequency to 1333. I try use oc genie but the same and no luck.
  Is not possible use two different memory pack from one brand with absolutely same parameters? Why i cant use and is disabled xmp option? Why bios automatically changing ddram frequency?
  Thanks.

  Corsair warns of mixing RAM even with the same exact part numbers. Best thing to do would be to contact Corsair and ask them to replace what you have with a factory matched and tested RAM kit. I have heard they are very good about doing that for the end user.

• Loading two tables at same time with SQL Loader

  I have two tables I would like to populate from a file C:\my_data_file.txt.
  Many of the columns I am loading into both tables but there are a handful of columns I do not want. The first column I do not want for either table. My problem is how I can direct SQL Loader to go back to the first column and skip over it. I had tried using POSITION(1) and FILLER for the first column while loading the second table but I got THE following error message:
  SQL*Loader-350: Syntax error at line 65
  Expecting "," or ")" found keyword Filler
  col_a Poistion(1) FILLER INTEGER EXTERNALMy control file looks like the following:
  LOAD DATA
  INFILE 'C:\my_data_file.txt'
  BADFILE 'C:\my_data_file.txt'
  DISCARDFILE 'C:\my_data_file.txt'
  TRUNCATE INTO TABLE table_one
  WHEN (specific conditions)
  FIELDS TERMINATED BY ' '
  TRAILING NULLCOLS
  col_a FILLER INTEGER EXTERNAL,
  col_b INTEGER EXTERNAL,
  col_g FILLER CHAR,
  col_h CHAR,
  col_date DATE "yyyy-mm-dd"
  INTO TABLE table_two
  WHEN (specific conditions)
  FIELDS TERMINATED BY ' '
  TRAILING NULLCOLS
  col_a POSITION(1) FILLER INTEGER EXTERNAL,
  col_b INTEGER EXTERNAL,
  col_g FILLER CHAR,
  col_h CHAR,
  col_date DATE "yyyy-mm-dd"
  )

  Try adapting this for your scenario.
  tables for the test
  create table test1 ( fld1 varchar2(20), fld2 integer, fld3 varchar2(20) );
  create table test2 ( fld1 varchar2(20), fld2 integer, fld3 varchar2(20) );
  control file
  LOAD DATA
  INFILE "test.txt"
  INTO TABLE user.test1 TRUNCATE
  WHEN RECID = '1'
  FIELDS TERMINATED BY ' '
  recid filler integer external,
  fld1 char,
  fld2 integer external,
  fld3 char
  INTO TABLE user.test2 TRUNCATE
  WHEN RECID <> '1'
  FIELDS TERMINATED BY ' '
  recid filler position(1) integer external,
  fld1 char,
  fld2 integer external,
  fld3 char
  data for loading [text.txt]
  1 AAAAA 11111 IIIII
  2 BBBBB 22222 JJJJJ
  1 CCCCC 33333 KKKKK
  2 DDDDD 44444 LLLLL
  1 EEEEE 55555 MMMMM
  2 FFFFF 66666 NNNNN
  1 GGGGG 77777 OOOOO
  2 HHHHH 88888 PPPPP
  HTH
  RK

• Search results different for two machines on same network with same version of Lync (2013)

  When searching by Department in Lync 2013, one machine displays the individuals who are members of the department while the other machine just lists the group.  The same machine that displays just the group occasionally will not show contact information
  (work phone, department, title) for individuals either but the other machine will.  Two different Windows 7 machines but running Office 365 Lync 2013 client on the same network.  I have cleared Lync cache and downloaded the latest address book. Any
  thoughts on this? 
  Thanks,
  JARED

  This isn't an explanation for what's happening, there could be many things wrong.  But, it might be worth a shot to avoid the offline GAL search and go to an online web search only.  This may get you more consistent results.
  To test, create a new policy and assign it to a couple of users like this:
  New-CsClientPolicy -Identity WebSearchClientPolicy -AddressBookAvailability WebSearchOnly
  Grant-CsClientPolicy -Identity UserA -PolicyName WebSearchClientPolicy
  Grant-CsClientPolicy -Identity UserB -PolicyName WebSearchClientPolicy
  If that works, you could change your global and other client policies to use the same method.  There would be a bit more of a load on the server, so if you have thousands and thousands of users you may want to plan accordingly.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• Why does Apple TV sons using in dorm keep saying password is wrong when the home Apple TV uses same password with no problem

  MY son is away at school and the Apple TV I got him to use keeps telling him his password is wrong.  This is the same password we use on the home Apple TV and he wants to be able use the movies, shows etc that have been purchased from this Apple ID.  Please help

  Most school's require a login to use the network, and the Apple TV has no browser to accomplish this task. It is likely not connected to the network, which is causing the error. Best to speak to the IT dept

• When I fill fields on a form and ask to print using form fields only, the infomation doesn't show up. Other people in the office use the same form with no problem. Using XI standard.

  I have a fillable form that is used by everyone in the office. When the fields are filled we print using the form fields only option to print on our invoices. When I go to print it in Acrobat XI standard using the form fields only option, none of the information I filled shows up or prints. No one else in the office has this problem. Does anyone know why I can't do this, but other people can?

  I have a fillable form that is used by everyone in the office. When the fields are filled we print using the form fields only option to print on our invoices. When I go to print it in Acrobat XI standard using the form fields only option, none of the information I filled shows up or prints. No one else in the office has this problem. Does anyone know why I can't do this, but other people can?

• Cisco 2960S FPS-L PoE switch with Avaya 9811g VOIP setup

  Hello,
  I am connecting a setup for data/voice connecting Catalyst 2960S-FPS-L PoE switch with Avaya 9811g series VOIP phone. As per my knowledge cisco switch works well with Cisco phone as it has got some builtin "Macros" and Intelligent PoE recognition when we connect device getting the details of another device through CDP. I understand I have to create data and voice vlan with QOS then enable trunking on the interface to other switch that is also 2960. Little confuse if is there any compatibility issues with Switch and Avaya phone regarding protocol/data/voice...?
  Do I have to do PoE config for each port on the each interface?
  any help or detail config will help.
  Thanks in advance.

  Hi I am back after good research. created two vlan data and voice with trunk on interface1/0/48 given below config..
  connection b/w 2960s FPS Switch and Avaya 9611g IP Phone.
  lldp/cdp is enable on switch
  So I created this config if some one can take a look .
  expert advise if something wrong?..
  I am only concern with Voice and PoE as voice is my priority. do i have to map something for voice quality?
  also if i create another Trunk port one allow voice other allow data both cable will go to switch will that be issue?
  interface....
  switchport access vlan x
  switchport mode access
  switchport nonegotiate
  switchport voice vlan xx
  srr-queue bandwidth share 10 10 60 20
  queue-set 2
  priority-queue out
  mls qos trust cos
  auto qos voip trust
  spanning-tree portfast
  interface ........
  switchport trunk allowed vlan x,x
  switchport mode trunk
  switchport nonegotiate
  srr-queue bandwidth share 10 10 60 20
  queue-set 2
  priority-queue out
  mls qos trust cos
  auto qos voip trust

• Creating two vlan in AP 1131

  I need to create two vlan data and voice, with SSID, when I create two vlan with 31 for data 103 for voice with two different SSID, what ever vlan I created first is get broadcast, second one is not get broadcast, please let me know what I am missing.
  Security is in open mode.

  Hi Bala,
  Have a look at this recent post from Dan @ Cisco. He nicely addresses this question;
  http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Wireless%20-%20Mobility&topic=Security%20and%20Network%20Management&topicID=.ee6e8c0&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.2cd4109c/2#selected_message
  Hope this helps!
  Rob

• Problem with FWSM and L3 interface in same switch

  I have two 6513s with an 802.1q trunk connecting them. Each switch has redundant Sup720s running in Native mode, IOS ver 12.2(18)SXF (they were initially running SXD3). A FWSM (ver 2.3(3), routed mode, single context) is in each switch, setup in failover mode.
  I can not get a PC, in a vlan that has the layer 3 interface defined on the switch with the active FWSM in it, to communicate with devices "behind" the FWSM. If I move the layer 3 configuration for that vlan to the other 6513, everything works fine.
  The MSFCs are on the inside of the firewall, they have a layer 3 interface configured in the same vlan as the FWSM "inside" interface. Several "same security level" interfaces are defined on the FWSM and used to protect server farms. I am using OSPF on the MSFCs and FWSM and the routing table is correct.
  The FWSM builds connections for attempts made by the PC with the layer 3 interface defined on the same switch as the active FWSM just fine, so this is not a FWSM ACL problem.
  A ping of the FWSM "inside" interface from a PC with the layer 3 interface defined on the same switch as the active FWSM fails, even though debug icmp trace on the FWSM shows the request and the response. A packet capture, using the NAM-2, shows only the request packets. I have captured on the common vlan and the FWSM backplane port channel interface.
  Just to add to the confusion, if I capture in the same places, but do the ping from a PC that is in a vlan with the layer 3 interface defined in the 6513 that does not contain the active FWSM, which works fine, I see the request and reply on the common vlan capture, but only the request on the port channel capture.
  This problem has been there from the beginning of this implementation and has not changed with IOS and FWSM software upgrades. I have experienced this with any and all vlans that I tried to define the layer 3 interface for on the switch with the active FWSM. I have MLS turned on.
  If anyone else has experienced this and solved it, or knows what is going on, I would appreciate any insight.
  Thanks.
  Keith

  I will have to get setup to record more data, but I do know the FWSM showed a ping request and a ping reply at the "inside" interface.
  I believe my problem is related to the IOS command "firewall multiple-vlan-interfaces" which I put in place to allow IPX traffic to be brought around the FWSM. The little documentation that there is for this command, states that policy routing may need to be implemented to prevent ip packets from going around the firewall. I do not have any policy routing in place.
  I also do not have any active layer three interfaces defined for any of the vlans assigned to the firewall except the "inside" interface. So my resoning was that I did not need to be concerned about ip packets having a way around the FWSM. My suspicion is that this command and the fact that I have mls on is causing some type of a problem which results in the packet being "lost" when it needs to be going through the MSFC in the switch with the active FWSM to get to the PC. Hopefully that makes some sense.
  Do you have any idea where better documention on using the "firewall multiple-vlan-interfaces" may be, or a better explanation of all that is happening inside the switch when that command is used?
  Thanks.

• Two srw switches with vlans and pfsense gatway

  Hi,
  I've got a bit of a problem that a can't seem to get a handle of things.
  I've got two srw 48 port switches that I would like to link together  and then on to the pfsense box.
  First I'd like to connect the two switches to see if everything works and then on connect the pfsense box.
  Now I would be very great full if someone with a bit more experience with VLANs would be so kind to walk me trough the procedure of creating VLANs, configuring them to ports on the switch and connecting the whole thing to another switch.
  This is what I've done so fare.
  1. I created 3 VLANs on both switches (VLAN2-office,VLAN3-WiFi, VLAN5-VoIP). I've created these VLANs with the same tags on all the devices.
  2. I configured the ports that connect the switches as trunk. (I can't seem to be able to configure anything else on this port. Is there something else I should configure on these ports?)
  Now as fare as I understand the documentation the VLANs on each switch should now see each other.
  I'm still not sure on how to configure a physical port to one VLAN. After creating the VLANs on both switches and connecting them trough the trunk port I set ports 10-20 to VLAN2 by going to VLAN Management -> Ports to VLAN I selected VLAN2 and marked ports general and untagged and saved the settings. I repeated the procedure on the other switch. Now if I stuck my network cable into one of this ports I didn't get an IP anymore form the DHCP witch means that they were on a different VLAN than the other ports so I setup another router to act as a test DHCP with a different IP range as the main DHCPto see if it works. Now when I connectedthe test router to one of the ports in VLAN2 and my PC to the same VLAN2 port I got the test IP no problem. But when I connected the PC to the other switch VLAN2 port nothing happened until I connected the test DHCP to one of the VLAN2 ports. So clearly the switch VLANs are not communicating.
  Now I don't know did I forget something, made a mistake with some setting or I just don't know what I'm doing because I think I need to get the VLANs between switches working before tackling the pfsense connection.
  I would be really great full if someone explains to me how to set these VLANs up so that they would work between switches.
  Thank you for your help.

  Hi,
  I was successful and I did exactly that. I put all VLANs on trunk ports and the switch to switch to pfSense started to work.
  The only thing that gave me some problems was the end port(port connecting to the device pc, phone, printer) configuration. I was under the impression that the port was supposed to be in general mode and tagged. But I figured out that the port is supposed to be in access mode and untagged and only a member of one VLAN(the one I wanted it to connect to).
  Anyway all is working now and I've figured out all the kinks. 
  So thanks guys for the help.
  Nice day to all.
  Bye