Switches / Hubs

21K

Solutions

17K

Contributors

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi Experts,

on my CISCO switch I have connected 3 access points.
I just know the IP and MAC but I need to know the switchport.

How to find out what is connected on the switchport ?
0
Build an E-Commerce Site with Angular 5
LVL 12
Build an E-Commerce Site with Angular 5

Learn how to build an E-Commerce site with Angular 5, a JavaScript framework used by developers to build web, desktop, and mobile applications.

How Telnet works in GRE Tunnel

t
in the topology above I have created a GRE tunnel between R1 and R3. The configuration is shown below:
R1#show running-config 
Building configuration...

Current configuration : 2295 bytes
!
! Last configuration change at 09:31:13 CET Wed Sep 5 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
!
redundancy
!
!
!
class-map match-all MAPMYGRE
 match access-group name MYGRE
class-map match-all MAPTELNET
 match access-group name MYTELNET
!
policy-map MYPOLICE
 class MAPTELNET
  police 128000
 class MAPMYGRE
!
! 
!
!
!
!
!
!         
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Tunnel0
 ip address 172.16.13.1 255.255.255.0
 tunnel source 192.168.12.1
 tunnel destination 192.168.23.3
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
 service-policy output MYPOLICE
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown

Open in new window

0
Hello,
I have the topology (upper one in the figure below) where an ESX is directly connected to a Cisco Router. And the link between the two, is TRUNK link handling three VLANs.

I would like to use a Cisco switch c2960 between the router and the ESX server to connect other servers to one of the VLANs.  (lower one in the figure above)
Configuring the ports of the Cisco switch as trunk ports didn't help.
I would like to know what i should do to make everything work correctly.
Thank you.
0
Fortigate 200D in HA cluster

i have a problem (user "accidentaly started wizard" to change gateway)....

and fortinet stoped routing as expected, as it seems nothing has changed.
static routes are the same as before, route lookup hits the right route, traffic seems to hit the right policy.

Monitoring the traffic it says       "Accept: session timeout" for everything

i can ping port to internal network from CLI, i can ping something on Internet (WAN) from CLI

but nothing gets thru from external(WAN) to internal network (PORT1) or viceversa
0
Precedence in Cisco Qos:

in QoS Precedence, there is a list of precedence settings as shown, below.. I would like to know in which case should I select which precedence in the list..
For instance , in case of Voice, or Video, or specific protocol HTTP or HTTPS or FTP or TELNET or SSH, etc how  would I know which on this list to select ?

Thank you


R2(config-pmap-c)#set precedence ?
  <0-7>           Precedence value
  cos             Set packet precedence from L2 cos.
  critical        Match packets with critical precedence (5)
  flash           Match packets with flash precedence (3)
  flash-override  Match packets with flash override precedence (4)
  immediate       Match packets with immediate precedence (2)
  internet        Match packets with internetwork control precedence (6)
  network         Match Packets with network control precedence (7)
  priority        Match packets with priority precedence (1)
  qos-group       Set packet precedence from QoS Group.
  routine         Match packets with routine precedence (0)
  tunnel          Set tunnel packet precedence

Open in new window

0
Hi All,

I need some assistance setting up the below. I've got 3 "subnets" to set up internally. All must be able to reach the internet through the suppliers router.

The networks are 2x /26 and 1x /27. VLANS 601 & 603 are desktop pc's. VLAN 602 will be Cisco phones. 601 and 603 do not need any seperation, they're just to cover the seperate DHCP ranges. DHCP will be provided by an external source (hopefully) through a VPN setup on the ASA Firewall. I'm looking to setup outside interface, inside interface and access for all vlans.

Is anyone able to provide a sample config on how I could get this working?

Network Overview
Thanks,

J
0
Shoretel and switch STP on/off?

Hi

Looking at replacing our switches from procurve to Aruba.   Changing the method from daisy chained via ports to a stacked method using same models.  

Im unsure if we need to have STP disabled for shoretel to function?  If this is the case we cannot stack, which i find odd.

Thanks
0
Can I configure NAT with Static Route ?

This lab, is for Site to Site VPN, but I have used NAT with it. I used the example from this site:
http://www.mustbegeek.com/configure-site-to-site-ipsec-vpn-tunnel-in-cisco-ios-router/


In the configuration below, I have configured static routes for end to end reachability, and it is working fine. however I am not sure about NAT. when I run : R1#sh ip nat translations
 on R1 or R2, it does not show anything translated after I ping from R3 to R4 or vice-versa.

Any idea ?

Thank you
n


R1#show run
Building configuration...

Current configuration : 2313 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!         
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!         
redundancy
!
!
! 
!
!
!
!
crypto isakmp policy 5
 encr 3des
 authentication pre-share
 group 2
crypto isakmp key cisco@123 address 192.168.12.2   
!
!
crypto ipsec transform-set MY-SET esp-aes esp-md5-hmac 
 mode tunnel
!
!
!
crypto map IPSEC-SITE-TO-SITE-VPN 10 ipsec-isakmp 
 set peer 192.168.12.2
 set transform-set MY-SET 
 match address VPN-TRAFFIC
!
!
!
!
!
interface Ethernet0/0
 ip address 192.168.12.1 

Open in new window

0
Configuring NAT

in the LAB configuration below:
I have R1 and R2 in subnet 192.168.12.0/24 ----R3 in subnet 10.10.13.0/16  and R4 in subnet 10.10.24.0/16

I would like to have R3 be able to ping R4

The NAT configuration does not seem to work as it is supposed to.
Any Help ?

Thank you

n




R1#sh run 
Building configuration...

Current configuration : 2199 bytes
!
! Last configuration change at 02:39:42 CET Sun Sep 2 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
!
redundancy
!
!
! 
!
!
!
!
crypto isakmp policy 5
 encr 3des
 authentication pre-share
 group 2
crypto isakmp key cisco@123 address 192.168.12.2   
!
!
crypto ipsec transform-set MY-SET esp-aes esp-md5-hmac 
 mode tunnel
!
!
!
crypto map IPSEC-SITE-TO-SITE-VPN 10 ipsec-isakmp 
 ! Incomplete
 set transform-set MY-SET 
 match address VPN-TRAFFIC
!
!
!
!
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
 crypto map IPSEC-SITE-TO-SITE-VPN
!
interface Ethernet0/1
 ip address 10.10.13.1 255.255.0.0
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown

Open in new window

0
I want to know if I can monitoring my Dell switches using MIBs as a custom device or using SNMP v2.

Found this guide

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/117707-config-ngwc-00.html#anc4

But I have read that even using open standards. Sometimes Cisco Prime couldn't recognise the device.

Any experience with Dell switches?
0
Become a Certified Penetration Testing Engineer
LVL 12
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Understanding uRPF Loose Mode /Strict Mode,

Let's say we have R1 connected on both of its 2 interfaces to R2 and R3
R1 interface IP address(192.168.12.1/24) connecting to R2
R1 interface IP address(192.168.13.1/24) connecting to R3

R2 interface IP address(192.168.12.2/24) connecting to R1
R3 interface IP address(192.168.13.3/24) connecting to R1

R2 has a loopback 0 with ip address 2.2.2.2/32

R1 has static route : Ip route 2.2.2.2 255.255.255.255 192.168.12.2

For test purpose I have created lopback 0 on R3 with the same IP address 2.2.2.2/32 as the loopback 0 on R2

With Strict Mode or Loose Mode configured, I can ping from R2 (source Loopback 0:2.2.2.2) to R1 (192.168.12.1)
I can see the ping replies. but I cannot ping from R3 (Source Loopback 0: 2.2.2.2) to R1 (192.16.13.1).
However when reading online, it states that with Loose Mode, R1 will accept packets from R3 and with Strict Mode it does not.
from my side, I still cannot see the difference between Strict/Loose Mode as both will cause Ping fails from R3 source loopback 0 to R1

Any clarification on this ?

Thank you
0
Problem:
No one inside the office has internet access.

I'm working with a Cisco 1900 series router,  Cisco 5520 ASA(firewall) and Dell Powerconnect 6224 switches.

Service has been confirmed up to the router.  The line out of the router goes into the Cisco 5520 ASA (firewall).  The line out the firewall goes into one of the Powerconnect Switches which are stacked (configured as master/slave (unit 1 & 2).

I can ping and connect to the switch from the Domain Controller but when I ping the Cisco 5520 (firewall) the reply I get is "Destination Host is Unreachable".  I get the same reply from workstations.

When the problem began one of the PC 6224 switches would not come on so the cables plugged into it were moved to the other switch.  Shortly after the switch that wasn't working came back on.  The cables were then randomly moved back into the switch.  I'm not sure if certain cables were designated for certain ports.

How can I get things working again.

Any help would be greatly appreciated.

Thanks in advance
0
Cisco computer not on the network because of a MAC Address conflict. Shut down the computer. Not sure how to clear the Security violation count, and change the port status Secure shutdown back to up. Did a clear port-security, clear port-security dynamic, no switch port-securty, switch port-security, shut no shut, etc. on the offending/offended port. No luck.
0
I am trying to tag the TenGigabiteEthernet1/1 with several vlans on a Cisco 3560. The commands seem simple enough but the tagged vlans do not show after I run it. See below

int TenGigabitEthernet1/1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan add 1,5,10,15,18,100
exit
show vlan

After running
This is the output.

interface TenGigabitEthernet1/1
 switchport trunk encapsulation dot1q
 switchport mode trunk

Any help would be appreciated.
0
I am looking for a solution, either cloud based, or preferably a local, hosted program, that will show me in real time the network bandwidth usage by each user in my network.
I have cisco 2960S and 3750G switches, and a 4948 for my core.  Basically, when my network is slow, it's usually because one or more individuals are downloading or uploading gigs of data, and I need to pinpoint that any time of the day.

My firewall shows me the bandwidth used for for day, but not in real time, so that doesn't help me much.

Any suggestions?
0
I am looking to prepare a template for cisco networking troubleshooting guide. Can someone help and share their layer1 through layer 7 troubleshooting guide or commands or any templates with details. Thank you.
0
ASA Firewall vs Router Zone based Firewall

I would like to know what is the difference between ASA firewall and Zone based firewall configured on the router.
I mean if I have a router that support zone based firewall, then I do not need to have ASA firewall ?

Thanks
0
Hi!

I know you his is a stupid question.

I have factory reset my office’s JL380A and logged in using the ip 192.168.1.1 but when I tried to configure the interface to assign an IP address, I don’t see such option, is there something I need to do to enable the editing of the switch?
0
On a Cisco Nexus 9k - if you want to test a WAN circuit with a provider - can you set looks on your SFP interfaces (10Gbps fiber)
that the carrier can test to? Thanks.
0
Python 3 Fundamentals
LVL 12
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

I have a Draytek 2960 router and two servers; one SBS2011 (192.168.10.5) and one Windows 2016 Essentials (192.168.5.5).
I'm in the process of migrating from SBS2011 to Windows 2016 after which the SBS2011 server will be retired.
During the migration I would like both servers online. The SBS2011 is running DNS and DHCP and the Windows 2016 is just running DNS (DHCP is not installed yet).

I am attempting to configure VLANS on the Draytek, and although all seems sort of OK I'm getting dropouts and poor response when the Windows 2016 server is connected and ports 2,3 and 4 are enabled so I conclude there must be some traffic conflict going on.
My Draytek settings are:
Switch.png
General.png
My intention is that I'm using port 1 for the SBS2011 server and ports 2,3 and 4 for the Windows 2016 (iDRAC, Windows NIC and a single PC on the new domain) so I'm not intending to use VLAN Tagging - I want it all to be physical port based config.
I've achieved a similar configuration on another site but that was using a Draytek 2862N and that worked fine.

Not sure what's going on with this.
0
Configure Span to mirror 2 ports on 1 port.  

I have a cisco 2960, I want to sniff traffic SPAN on 2 ports to the 1 port my laptop is connected to.  How can this be done?
0
Hello,

I am trying to set up a simple configuration for VLAN and VTP for Cisco layer three switches. First I change the port to trunk then I created two VLANs 10 and 20 and set up the domain name for VTP and made first switch as a server and second switch as a client. However, the VLANs are not transferred to the second switch.

Any help will be appreciated

below part of the configuration for both switches

Switch 1
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0

Feature VLAN :
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
Configuration Revision : 2
MD5 digest : 0xCC 0x6D 0x2C 0x0A 0x56 0xBF 0x02 0xBC
0x61 0x64 0x81 0x44 0x22 0xE5 0xC3 0x2F

Switch 2
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0

Feature VLAN :
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 0
MD5 digest : 0x5F …
0
Hello,

I have a flat network with some unmanage switches and  1 firewall.

I would like to separate at least Workstations and Servers in different VLANS

Do i need Switches Layer 3 or i can use Layer 2 Switches?
0
hello experts
i have 3 SSID configured on an autonomous Cisco AP, all authenticate against ACS server, so three policy for each SSID, i did configured DNIS as *WIRELESS_SSID in "End Station Filter" but looks like it only works for WLC not autonomous AP, and seem Cisco autonomous AP not sending SSID info to ACS while the processing of authentication, my question is how to make Cisco autonomous AP to do this, i did try the following:
radius-server attribute 32 include-in-access-req format %h
radius-server attribute 30 original-called-number
radius-server vsa send authentication
but it doesn't help, please give me your suggestion.
thanks
0
i have problems with HP switches getting stuck,

i have 2 hp 1920s Officeconnect (layer 2) and v1910 (layer 3) as the main switch

We don't have any VLAN except the primary one - all the other networks are physically separated (Voice etc...)  

both of the 1920s is connected to the v1910 with  SFP and fiber - trk1 and trk2

There is another unmanaged switch that is connected to the v1910 with network cable (don't have SFP) and the port is configured with Storm Control

The 1920s isn't connected to each other

I've got 2 question

The first one - on the 1920s the trunk is configured - admin mode : on, static : on, LACP : disabled - is this the right configuration?
Second, do i need to enable spanning  tree on the switches? - i know the unmanaged one don't have this option i will probably replace it as soon as possible to a managed one.

thanks
0

Switches / Hubs

21K

Solutions

17K

Contributors

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.