rd switch as the destination.
-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
Nick Cutting
Sent: Friday, August 18, 2017 4:05 PM
To: Steven Pfister ; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] RSPAN and IP phones
It has been a while since I have
On Behalf Of
Nick Cutting
Sent: Friday, August 18, 2017 4:05 PM
To: Steven Pfister ; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] RSPAN and IP phones
It has been a while since I have done this - but I have battled this
exact setup a few times.
I seem to remember that the local switch needs to
I've got a setup at one of our sites where I've got several IP phones
and a SPAN session copying traffic to them to a port on the same switch
which is a call recorder. This works fine.
We're recently added a second switch to this location which also serves
IP phones. I'm trying to change from SPA
t with something similar, it turned out they
templated their config, and reused vss domain id numbers...
SVI MACs are generated based on that number. 4500Xs were back-and-forth
as the ARP would change...
They only had 10 Production VSS pairs to change. whoops.
-Garrett
On Apr 6, 2016 05:23, "Steven
I've just been through upgrading a couple of 4500X pairs using this same
procedure (without touching the VSS link) going from 3.7.1E to 3.7.3E.
The upgrade was done to try and fix a problem we've been having.
Occasionally, the 4500X pair will become unreachable for several minutes
and usually com
I have an application where I need to copy traffic at a remote site and
record it at a central site. At the remote site, all devices are in
their own VLAN and are all connected to a single WS-C2960X-48FPD-L
switch. At the central site, there are several switches I can use for
the recording server (
We have a client that has an aging 7204VXR that they're using as a
border router. I am trying to come up with options for a replacement.
Since they're all Cisco, I was thinking about an ASR1002-X, but I was
told to get quotes on equipment from other vendors as well. It needs 10
gigabit ethernet up
We have several remote sites connecting back to a central site through
AT&T's switched metro ethernet service, CSME. We have several CSME
connections at the central side, each providing 100 Mbps bandwidth to
about 10 sites each.
Recently, they're having us convert over to a new service, Opt-E-Man.
I'm trying to track down a Cisco software product called E-DI (Enhanced
Device Interface). All the posts on it, including some fairly recent
ones, have a link that now goes to "File Not Found". Is there any way to
get a copy of this, or something similar?
Steve Pfister
Network Engineer
Office o
I've got a situation where several remote sites are connected to a
central location using AT&T's Customized Switched Metro Ethernet
(CSME). The core switches at each location are Cisco 4500 series
units.
The problem is this... each remote site has a server assigned to it,
which is being imple
Yes, that's correct. Either content filter should be able to handle all
of the load if it needed to. The goal was mainly redundancy.
If we swap the links so interface 1 on one switch goes to interface 2
on the other and vice versa, would that help?
Steve Pfister
Network Engineer
Office of Info
find one gives you a better
distribution over another. In your case, it sounds like you need some
state on both sides of the content filter to be in tact. In this
scenario, you would need the same platform on both sides to guarantee
this kind of behavior.
Regards,
John Gill
cisco
On 7/19/11 4
I have a question regarding etherchannel load balancing. I've got a
4507R switch connected to a 3560 switch by means of two content filters
which are acting as transparent bridges. The two ports on each side that
the content filters are connected to are set up as access ports and are
in an ethercha
I've got a situation where I need to connect two switches, a 4507R (our
core switch) to a 3560, using two devices which are functioning as
transparent bridges, connected in parallel. The devices are actually
content filters (they're Lightspeed Rocket appliances if that makes any
difference), and we
We're in the middle of a project involving a server at each of several
remote sites that is being virtualized at a central location. The
virtual machine at the central location is in the same vlan as the
remote site. The network looks something like:
(remote side) 4506 -> AT&T CSME -> 4507R (cent
Thanks again for everyone's help on this matter, and sorry about the quoting
problems from yesterday...
I think this is almost working. I was hoping to ask about one more point on
this. The 8540 that is part of this equation is set up for IRB. The vlan that
the servers are on is bridged through
It's not really going router-switch-router... The video encoders are connected
to the 2960, which connects to the 4506 at the remote side. The vendor has
installed the video encoders but I haven't actually been to the remote end to
see them yet. I'm not sure yet if they're still trying to connec
That makes sense... igmp snooping seems to be enabled, but it still isn't
working. Is there something else that needs to be done to the 2960?
Steve Pfister
Technical Coordinator,
The Office of Information Technology
Dayton Public Schools
115 S. Ludlow St.
Dayton, OH 45402
Office (937) 542-314
goes!
John
On Mon, Oct 11, 2010 at 9:15 AM, Steven Pfister wrote:
> So, in my configuration that I mentioned, not only the 4506 on the remote
> site, the central site 4510 and 8540 need PIM enabled (which I think is the
> case now), but the 3560 needs it as well? I think that m
;s a lot more to optimization and troubleshooting, but that should provide
initial connectivity. Some good tutorials on the subject can be found at
http://nanog.org/resources/tutorials/
David Barak
Need Geek Rock? Try The Franchise:
http://www.listentothefranchise.com
--- On Fri, 10/8/10, Steven Pfiste
-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfis...@dps.k12.oh.us
>>> "Steven Pfister" 10/8/2010 3:39 PM >>>
We've got a client who needs to set up multicast routing between two sites (and
between two vlans) in order for some video encoders at re
We've got a client who needs to set up multicast routing between two sites (and
between two vlans) in order for some video encoders at remote sites to find
servers at the central site. I've never had experience with this. The setup
looks something like:
encoders -> Cisco 4506 -> (CSME) -> Cisc
cy map as a queue. You can make one of the eight possible classes an LLQ
by configuring 'priority' under the class entry.
Regards,
Sam
On Tue, Jun 8, 2010 at 9:51 PM, Steven Pfister wrote:
> Thanks for the replies... I'm beginning to understand what to do.
>
> How do I
bandwidth as required, then bind the policy-map to the
relevant interface (e.g. service-policy X input). I believe you can
configure up to 8 class-maps in a valid policy, so you may like to think of
this as having 8 queues available.
Check cisco.com for more information.
Regards,
Sam
On Tue, Jun
gt; quinn snyder 6/7/2010 4:22 PM >>>
what version of supervisor are you running in the chassis? if you are
running a sup6, is it a sup6 or a sup6e? the latter has bitten us
several times in the past.
q.
On Mon, Jun 7, 2010 at 12:56 PM, Steven Pfister wrote:
> I'm trying to set up
I'm trying to set up a new switch, a 4506e, for a remote site. Most of our
newer remote sites are using a 4506 and this is the first time I'm working with
a 4506e. Our standard configuration, which was in use before I started here,
has QoS settings. I'm not that familiar with QoS, but I've read
I'm reviewing some configs that were done before I got here. I had a quick
question on storm-control that I've never been sure about. The command
"storm-control action trap"... does that just generate traps when passing the
threshold levels, or does it filter too? I've seen posts in doing search
I've got an 8510 that's showing this error in the log:
Mar 5 09:33:28.736: %AAL5-3-INTERNAL_ERROR: aal5send: mmc_queuecell failed No
room on port 0 vpi 0 vci 5 for cells 1
No room on port 0 vpi 0 vci 5 for cells 1
No room on port 0 vpi 0 vci 5 for cells 1
No room on port 0 vpi 0 vci 5 for cells
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfis...@dps.k12.oh.us
>>> Nick Hilliard 2/23/2010 2:57 PM >>>
On 23/02/2010 19:27, Steven Pfister wrote:
> I've going over a customer's inventory, and I'm having some trouble with
> serial numbers. How
I've going over a customer's inventory, and I'm having some trouble with serial
numbers. How do you get the serial number for a 3640 router? I usually look for
the processor board ID in 'sho ver', but that's not matching what's listed in
the inventory.
Thanks!
Steve Pfister
Technical Coordin
.k12.oh.us
>>> "Steven Pfister" 1/27/2010 3:39 PM >>>
Thanks again to everyone who replied to my last post... I've got another
project related to the same VMWare server...
I have a situation where I need to set up network access for a new virtual
server in a vlan where
Thanks again to everyone who replied to my last post... I've got another
project related to the same VMWare server...
I have a situation where I need to set up network access for a new virtual
server in a vlan where most of the existing hosts are on the other side of a
PIX 525 (running 7.2(2)).
.
Dayton, OH 45402
Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfis...@dps.k12.oh.us
>>> Mike 1/26/2010 4:57 PM >>>
Steven Pfister wrote:
> Just wanted to follow up with some more details on this network set up...
>
> [remote side 45
ayers 1/26/2010 11:59 AM >>>
On 26/01/10 16:34, Steven Pfister wrote:
> I'm trying to troubleshoot connectivity problems between a virtual
> server at a central site and PCs in the same vlan at a remote site.
> At the central site is several VMWare servers connected to a 3560
I'm trying to troubleshoot connectivity problems between a virtual server at a
central site and PCs in the same vlan at a remote site. At the central site is
several VMWare servers connected to a 3560 switch. The PCs at the remote site
need to reach this virtual server, and while most do, some h
I've got a 8540 switch running 12.1(20)E set up with IRB and I've got two
interfaces I'm looking at:
interface GigabitEthernet0/0/3
no ip address
no ip redirects
!
interface GigabitEthernet0/0/3.1
description Native VLAN
encapsulation dot1Q 1 native
no ip redirects
!
interface GigabitEtherne
115 S. Ludlow St.
Dayton, OH 45402
Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfis...@dps.k12.oh.us
>>> Gerry Boudreaux 12/17/2009 2:46 PM >>>
is one reporting bits and the other bytes? (Factor of 8)
On Dec 17, 2009, at 12:41 PM, Steven Pfist
I'm trying to diagnose some bandwidth problems at one particular remote site.
At the moment, I'm concentrating on one particular server (a Novell site
server, looking at NCP packets...tcp port 524 outbound from that server to
addresses outside of that remote site).
I turned on ip accounting fo
I've got a remote site connected to the central site for Internet access via 2
T1s to an ATM network. Voice has been allocated 800k of this bandwidth, and the
rest is data. Network usage at this particular site has been growing within the
past couple of months and at times bandwidth has been max
s,
Antonio Soares, CCIE #18473 (R&S)
amsoa...@netcabo.pt
-Original Message-
From: Steven Pfister [mailto:spfis...@dps.k12.oh.us]
Sent: sexta-feira, 18 de Setembro de 2009 19:09
To: Antonio Soares; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] Need help troubleshooting CRC errors
Tha
Guide for ATM Interfaces
http://www.cisco.com/en/US/tech/tk39/tk48/technologies_tech_note09186a00800c93ef.shtml
Regards,
Antonio Soares, CCIE #18473 (R&S)
amsoa...@netcabo.pt
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Steve
Some of our older remote sites are connected via ATM. Two or three T1s come
into an Cisco 8510, and from there a 155mbps OC3 connection over fiber to a
3640 router. Lately, I've been noticing that pretty much every one of them is
showing what I think is a rather high receive error count on the 3
We're looking at replacing a 4507R at the core of our network with a 6500
series. Currently, the 4507R has a supervisor engine IV, 3 48-port copper
blades, and 2 6-port fiber blades. We're hoping to include in the 6500 series
replacement the firewall module (to replace a PIX 525), vpn (to replac
t.
Dayton, OH 45402
Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfis...@dps.k12.oh.us
>>> Andrew Yourtchenko 7/15/2009 2:07 PM >>>
Hi Steven,
On Wed, Jul 15, 2009 at 6:28 PM, Steven Pfister wrote:
> I'm having some trouble with h.323 (v
-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfis...@dps.k12.oh.us
>>> Andrew Yourtchenko 7/15/2009 2:07 PM >>>
Hi Steven,
On Wed, Jul 15, 2009 at 6:28 PM, Steven Pfister wrote:
> I'm having some trouble with h.323 (video) calls through a PIX 525 usi
I'm having some trouble with h.323 (video) calls through a PIX 525 using NAT.
We can get incoming calls fine, but not outgoing calls for some reason. My
question has to do with 'inspect h323' vs 'fixup protocol h323'. What's the
difference between them? The video conferencing unit in question ha
There is one particular outside mail server we're having trouble sending to.
Basically, our server (Groupwise) does an EHLO, and the other server offers
STARTTLS. Our server sends a STARTTLS, sends a few bytes of encrypted data, and
then the other server sends a RST.
If we try a test server ou
I'm sure this is something simple, but I'm not quite seeing it...
I need some help adding a device to an existing, recently created vlan.
Here is the fragment of our network:
[core 4507] -> [8540] -> [3550] -> [1230 WAP]
[configuration excerpts are below]
The 1230 access point described is at
We've got several remote sites that have a 3500XL switch running 12.0(5)WC17 as
the core of their network. All of them are showing cpu utilization around
35-55% pretty much constantly.
- is this too high? Shouldn't it be more like <= 10% most of the time?
- how can I troubleshoot this? I've seen
to the new interface name
* if you want to have "outside" as name for the new interface, then rename
it
Mathias
From:
"Steven Pfister" <[EMAIL PROTECTED]>
To:
Mathias Spoerr/Austria/[EMAIL PROTECTED], "Jeff Kell" <[EMAIL PROTECTED]>
Cc:
Date:
23.0
I think I'm probably going to do this from the command line. Would I be able to
have two interfaces marked as outside? Do something like:
int gig1
nameif outside
security-level 0
int eth0
nameif old.outside
security-level 6
no ip address
int gig1
ip address standby
(after backing u
We have a pair of PIX 525s (active/standby), and the 2900 switch they're
attached to is going to be replaced very shortly. The outside interface, which
is currently Ethernet0, will then be moved to GigabitEthernet1. What's the best
way to do this? Can I just rename the Ethernet0 interface to out
I'm trying to track down the source of some strange traffic patterns in our
network. All of our remote sites have VOIP from a remote PBX to a central PBX
at our main facility. All of this was set up before I got here, and I have very
little contact with it.
In checking out the strange traffic,
We have a 7204vxr currently in use as our border router. As part of a
transition of our upstream bandwidth from an ATM connection to gigabit
Ethernet, we need to replace some of the modules.
The router currently has a PA-A6-OC3MM module connecting to our service
provider (in the lower right slo
47*8
Email [EMAIL PROTECTED]
>>> "Adam Greene" <[EMAIL PROTECTED]> 7/8/2008 10:41 AM >>>
Steve,
Just take 10.77.0.1 255.255.0.0 off FastEthernet0/0.1 and put it on
FastEthernet0/0.77, and you should be good to go.
Thanks,
Adam
- Original Message -
F
to include vlan 1 as the native vlan on the 3550, and put the
10.77.0.10 address on vlan 1 rather than vlan 77.
Thanks,
Adam
----- Original Message -
From: "Steven Pfister" <[EMAIL PROTECTED]>
To:
Sent: Monday, July 07, 2008 8:35 AM
Subject: [c-nsp] Question on 802.1q trunks
I've got a 3640 router that's connected to a 3550 switch. The trunking is set
up as dynamic desirable, and I need to change it to be a dot1q trunk. I'm
having a little trouble getting that done. I tried doing a:
switchport trunk encapsulation dot1q
switchport mode trunk
and the switch became un
Here is the current config. I'm trying to gain access to vlan 77 on the remote
side (10.77.0.0/16).
Thanks!
--Steve
central side:
l2tp-class l2-dyn
authentication
hostname ADM
password somepassword
cookie size 8
!
pseudowire-class pw-dynamic
encapsulation l2tpv3
protocol l2tpv3 l2-dyn
I've got an L2TPv3 tunnel set up between our central location and one of our
remote sites. Everything looks OK, but data is only flowing one way (from the
central side to the remote side, it looks like). Has anyone seen anything like
this?
Thanks!
Steve Pfister
Technical Coordinator,
The Offi
In configuring L2TPv3, I'm getting:
Jun 25 10:07:20.077: uid:43 Tnl/Sn 32862/8086 L2TP: Session state change from
wait-connect to wait-for-service-selection-icrq
Jun 25 10:07:20.077: uid:43 Tnl/Sn 32862/8086 L2TP: Started service selection,
peer IP address 192.168.7.1, VCID 77
Jun 25 10:07:20.08
sites... Works
flawlessly if you configure it as a pseudowire using the "xconnect"
command to tunnel an entire interface across the network.
Thanks,
John van Oppen
Spectrum Networks LLC
206.973.8302 (Direct)
206.973.8300 (main office)
-Original Message-----
From: [EMAIL PROTECTED]
[
Sorry to keep sending emails on this, but this project I'm working on has been
going on for a couple of months and I'd like to finish it at some point.
I'm trying to gain access to vlans at a remote ATM-connected site and assign
them to ports on a switch at a central location. I need to do this
I think I'm making some progress on my L2TPv3 testing (between two 3640s). It
looks like the tunnel is being established, but then it tries to bring up a
session within that tunnel. One side sends an ICRQ to the other. That other
side responds by sending a service request to SSS. I'm not certain
Thanks for all who responded to my question from last week regarding an L2TPv3
tunnel between two 3640s. I've got the config redone using loopback addresses.
Now, I think I'm having a bit of trouble with authentication.
One of the 3640s authenticates logins using tacacs+. The other is a spare th
10:10 AM >>>
It looks like you have the incorrect ip address on the remote site or the
tunnel xconnect pointing to the wrong interface on the local side (FE2/0
instead of FE0/0)
Aaron
On Fri, Jun 13, 2008 at 9:27 AM, Steven Pfister <[EMAIL PROTECTED]>
wrote:
> I've got a projec
I've got a project I'm trying to use an l2tpv3 tunnel for. The tunnel seems to
establish just fine, but it doesn't seem to do quite what I expected it to do.
I'm trying to access vlans on a remote site that's connected via ATM. The
remote side is connected by a 3640 router, plus a 8510 switch. O
t; "Church, Charles" <[EMAIL PROTECTED]> 5/31/2008 10:10 AM >>>
What do the top 3 lines look? The free bytes of the processor and I/O
are probably most important.
Chuck
-----Original Message-
From: Steven Pfister [mailto:[EMAIL PROTECTED]
Sent: Friday, May 30,
be an error on the FN.
Chuck
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Steven Pfister
Sent: Friday, May 30, 2008 3:08 PM
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Memory requirements in Cisco Feature Navigator
It looks like without the com
.
Chuck
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Steven Pfister
Sent: Friday, May 30, 2008 1:42 PM
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Memory requirements in Cisco Feature Navigator
It's an IP plus image. It looks like there is a
Technology Services
EDS Contractor - Navy Marine Corps Intranet (NMCI)
1210 N. Parker Rd. | Greenville, SC 29609
Office: 864-335-9473 | Cell: 864-266-3978
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Steven Pfister
Sent: Friday, May 30, 2008
I've got an IOS (12.3(14)T7) that I'm trying to load onto a 3640 router.
According to the feature navigator, it should require 96mb DRAM, 32mb flash,
which this router has. But, when I try to boot it, it gives me an out-of-memory
error and crashes during boot. Is the FN wrong, or is there someth
plugged in...
Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
Senior Network Engineer
Coleman Technologies, Inc.
954-298-1697
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:cisco-nsp-
> [EMAIL PROTECTED] On Behalf Of Steven Pfister
> Sent: Thursday, May 22, 2008 3:11 PM
ween them.
Also, I'd change the loopback addresses to /32 masks.
with the configuration you have, I'd also make sure the connection between
the routers is on a different port than the vlans you are trying to xconnect
at layer 2.
Joe
On Thu, May 22, 2008 at 1:10 PM, Steven Pfiste
;
Yes, with 3845's, post your test config.
Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
Senior Network Engineer
Coleman Technologies, Inc.
954-298-1697
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:cisco-nsp-
> [EMAIL PROTECTED] On Behalf Of Steven Pfister
> Se
-6779
Direct Connect: 137*131747*8
Email [EMAIL PROTECTED]
>>> Robert Blayzor <[EMAIL PROTECTED]> 5/22/2008 1:21 PM >>>
On May 22, 2008, at 12:11 PM, Steven Pfister wrote:
> Does anyone have a working L2TPv3 tunnel between two 3640s?
According to feature navigator, L2TPv3
I'm trying to get L2TPv3 figured out to help with a project. I've got a test
network consisting of 2 3640s (which is what is going to be used as the
endpoints of the tunnels in the production network) connect by a crossover
cable. Even using sample configs from the cisco site, I can't seem to ke
I've got a situation where I have several (older) remote sites connected to a
central site via ATM (they're being phased out for the most part). I need to
find a way to have one particular vlan at each site assigned to a couple of
ports on a switch at the central site. This only needs to be temp
77 matches
Mail list logo
