Hello All.

I like to see if I can get this worked out.

first question is can an SFP connector pass VLAN information? If the answer is no, then disregard the rest of this question and I then have my answer, if the and is yes  please read on.

So I have a edgerouter eth0 is config for ISP, eth1 -8 are all briged .
I have config a DHCP for eth1 and I connected a cable from eth1 to port 1 on the EdgeSwitch 24 ports PEO 250w.
All works correctly, not problem whatsoever.

A week later I created a VLAN2 to separate my wireless traffic, this is my config

on Router created a VLAN2, with its DCHP IP 10.10.5.0/24

On the EdgeSwitch I config the ports like this

So far everything works correctly, I get an IP for my LAN 192.168.5.x and an IP for my Wireless 10.10.5.x

Now , remember I have a cable connected from port eth01 to port 1 on the switch.

My problem is when I disconnect the cable from the eth01 to the switch port 1 I can only get lan traffic, the wireless traffic dies

Can't access GUI on Cisco 2960S. Any ideas?

This is what I get when I try to use the GUI.

VoIPSwitch#sh flash

Directory of flash:/

    2  -rwx    10893632   Jan 1 1970 00:01:22 +00:00  c2960s-universalk9-mz.122-55.SE2.bin
    3  -rwx         676   Mar 1 1993 00:42:04 +00:00  vlan.dat
    4  drwx         512   Mar 1 1993 00:03:02 +00:00  online_diag
    5  -rwx        3096   Mar 1 1993 00:18:29 +00:00  multiple-fs
    6  -rwx        1915   Mar 1 1993 00:18:29 +00:00  private-config.text
    8  -rwx        7582   Mar 1 1993 00:18:29 +00:00  config.text


System image file is "flash:/c2960s-universalk9-mz.122-55.SE2.bin"



cisco WS-C2960S-48LPS-L



Switch Ports Model              SW Version            SW Image
------ ----- -----              ----------            ----------
*    1 52    WS-C2960S-48LPS-L  12.2(55)SE2           C2960S-UNIVERSALK9-M


Configuration register is 0xF

VoIPSwitch#
Here is the running config
VoIPSwitch#sh run
Building configuration...

Current configuration : 7582 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname VoIPSwitch
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$7zA0
enable password 7 0000GqN8z/tU
!
username admin password 7 104359121112104359121112104359121112104359121112

!
no aaa new-model
switch 1 provision ws-c2960s-48lps-l
!
!
no ip …

Microsoft Windows 2008 R2 Server NPS

I recently set up a Microsoft Windows 2008 R2 Server running an AD, DNS, Certificate Authority, and NPS.  The goal is to authenticate wireless and wired clients via EAP/TLS and PEAP-MSCHAPv2.

Currently, the wireless clients are authenticating with both PEAP/MSCHAPv2 and EAP/TLS as expected.

The wireless network is a Cisco 2504WLAN controller running 8.2.112 firmware.

However, none of my wired clients will authenticate with either EAP Type.  I do know they are contacting the NPS server because each time I initiate a connection I receive the following events.

4672, 4624 and 4634



 

 

 

The NPS event log does not have any entries in the system for when my wired clients attempt to authenticate.

I have tested with two different switches’.  One is a Cisco 3560CX running IOS 15.2 and the other is a NetGear GS110TP.

I did read in another forum that it could be the MTU setting on the NPS server and it suggested setting the MTU size in NPS to 1344 which I did.  This did not seem to make any change.  I’m not sure what to look at from here any help would be greatly appreciated.

I double and tripled checked the shared secret’s which at this point I have simply set to “password” for testing purposes.  Later obviously this will change.

Cisco switch configuration:

| => ssh Cisco@10.0.1.5
Password: 

c3560cx#sh run bri
Building configuration...

Select all Open in new window

…

I have a Mikrotik CCR 1009-8G 1S-1S+ and 5 Cisco Switches WS-C2960-24TC-L that were provided by the customer for our use in this network. I have a question on how to setup the VLANS so no Tenant in the building can access any other Tenants network. There is a mix of Static IP tenants and DHCP Tenants. I have the Mikrotik Setup with all the needed VLANS for each DHCP Tenant. I have also assigned each port for VLAN access to only one Tenant. My issue is how to secure the VLANS.

I know this is a vague description of what I have to work with so I have attached a PDF of the network. If any other information is needed please message me and I will attempt to comply.

Thanks in advance for any and all help.

Seven-Floor-Multi-Tenant-Building-De.pdf

My office have many cisco switch and  routers. What is best centralized tool/ software to monitor\ control the cisco router and switch?

In my environment, I have many IOS devices and 2 Nexus 5XXX switches. A former engineer configured radius for the IOS switches and the policy works without any challenges.

I followed the following article (https://www.802101.com/cisco-nexus-aaa-authentication-radius/)  for configuring RADIUS on the Nexus and the config appears to be correct. The challenge is that when I log in with my AD account, I am given a total of 17 commands instead of the full listing for priv-15.

I checked the event logs and see the Nexus are using the correct network policy.

I have tried the following values for the Cisco-AV-Pair without any success:

shell:roles=*”network-admin vdc-admin”
shell:roles=*”network-admin”
shell:roles=”network-admin vdc-admin”
shell:roles=network-admin
shell:roles=*network-admin
shell:role=network-admin
shell:role=*network-admin
priv-lvl=15, shell:roles=*"network-admin vdc-admin

Please see attached screenshot of the Network policy.

I have 2 Windows Server 2016 Std servers with the NPS role installed and configured.

Here is the running config for RADIUS - I have changed the IPs for privacy and changed the radius password for here:

Nexus5k01# sh ru radius all

!Command: show running-config radius all
!Time: Tue Jun  5 14:28:46 2018

version 6.0(2)N2(1)
radius-server key 7 "radius*password"
radius-server test username test password test idle-time 0 
radius-server timeout 5
radius-server retransmit 1
radius-server deadtime 0
radius-server 

Select all Open in new window

…

I bought used cisco 3750 switches and after a reset I cannot get them into express setup mode

Dear Experts, I'm testing this network diagram with EVE-NG


Without the NAT translation and access-list, all 3 VLAN PCs can ping to 8.8.8.8, SLA also work OK to switch from default route to backup route.

With the NAT and access-list, PCs from VLAN11 and 12 could not ping 8.8.8.8 although I allowed icmp on R1's interface. The PC on VLAN13 (not it NAT and access-list still could ping to 8.8.8.8). How can I fix it with NAT and access-list?

I attached the configuration files.
Desktop.zip

I have a cisco 3750G switch that for some strange reason, all of a sudden my trunk port, that is the link to the other switch just stopped working.
I have restarted the switch, works fine for a few hours and then shut off again.  I don't get any errors in the logs, just dies, any idea how to troubleshoot?

Dear Wizards, is it possible for a DHCP pool was deleted automatically? How can I check the log for that? Is it possible to check the historic commands on switch when the ssh connection was turned off? Many thanks.

I have a HP 2530 24G switch that I'm trying to get into ICMP V3 mode.  Trying the command: <ip igmp lookup-mode ip> it tells me it's invalid.  I don't see any igmp commands that allow me to switch versions despite having version YA.16.05.0008 of firmware and the manual showing that I can configure this.  Any ideas?

Good afternoon All

I am looking for community help to get me started on a Dell PowerConnect X4012 (2switch stack) configuration for 3 Dell XC servers with Nutanix on them.  I also have a TOR switch stack of 2 x Dell 3024 switches.  I have found in the past best practice documents for configuring Dell kit for VMware but I can't find anything conclusive for the above.

What vlans am I going to require for Nutanix AHV HCI?  

Any help gratefully received.

Thanks

I am trying to provide access to a camera on a remote network for a user by configuring VLAN on various L3 HP switches. The network I am working in has numerous VLANs and the path from the device to the camera crosses at least 4 L3 switches. I have been unable to get the connection to work and at this point need troubleshooting tips and a better understanding of how this should work.

At this point I would like to focus on a suggested methodology to troubleshoot connectivity on a VLAN. I have been told ping will not work because this is a L2 VLAN not intended to be routed from everything and that is why ping will not work, I think this is nonsense but please let me know if there is a way to track the VLAN path to see where the disconnect might be. Also, there has to be a L3 component as the source and destination networks are different and the route to the destination is specified on an L3 route table.


The following is the basic configuration:

Device :
Attaches to Switch 1 in VLAN 13 using an untagged (access) port. The PVID (native) VLAN on the configured port is 13.
There is no VLAN 13 interface configured on Switch 1. Using NDP and routing tables, I know that Switch 1 connects to Switch 2 using Tagged (Trunk) ports that include VLAN 13.
Switch 2 does not have an interface configured for VLAN 13.
I am unable to ping the camera from Switch 1 or Switch 2. There are no ARP entries for VLAN 13 in Switch 1. There are VLAN 13 entries in the ARP table on Switch …