Why the AP can not connect with the Cisco 2960?

2 Cisco switches 2960 (WS-C2960S-24TD-L and WS-C2960S-48TD-L ) were connected with a trunk to carry 2 VLANs - VLAN 101 for data, and VLAN 102 for voice - IP phones. Please see the switch configurations as attached:

 Basically, switch01 is a 24-port Gigabit Ethernet with POE support, whereas Switch02 is a 24-port Fast Ethernet without POE. A trunk was created that carries VLAN101 and 102 between 2 switches. Switch01 is working fine with mixture of laptop/desktops/ip phones, with DHCP server hosted on one of the server connected to switch02. However, for switch01, only existing devices that connected are working fine. My co-worker tried to connect a Wireless AP with a static IP, and he found that the network port "Activity" and "link" LEDs are off.  Connect to other port on switch01 is the same.

What could be a problem? Does the switch configured wrongly? How about trunk? Could it be the port speed, duplex? How about spanning-tree, does this needed?

The solution:

On the trunks:

interface GigabitEthernet0/2

 no switchport access vlan 101

 switchport trunk allowed vlan 101,102

 switchport mode trunk

 switchport nonegotiate

 duplex full

You don't need the switchport access vlan 101

For the port on switch one that you want to connect to the AP do this:

interface GigabitEthernet0/24

 switchport mode access

 switchport access vlan 101

 no switchport voice vlan 102

 spanning-tree portfast

Try that. It may be that since you have voice vlan configured, the port is trying to negotiate a trunk with the AP and the AP is not configured for that.

The AP should be configured as VLAN 101. I am saying change the port that the AP will connect to into an ACCESS port. With voice vlan on it, it's really a trunk port.

The access command doesn't have any effect since the port is in trunk mode, so it's not needed.   VLAN 1 by default is the native vlan anyway unless you specify a different vlan with switchport trunk native vlan x (x being the vlan number)

More information about the cisco 2960 FAQ, please visit: http://cisco2960faq.blogspot.com

What's the fastest way to connect the 3 Cisco 2960-S switches

what's the best/recommended and most reliable/fastest way to connect my 3 Cisco 2960-S switches? WS-C2960S-48LPS-L and WS-C2960S-24TS-S

I work with  a home automation company that needs the most reliable network possible since the entire house relies on the network/wireless.

i have a Fortigate 60C as my main router, 5 Ruckus 7363 APs and 1 Cisco 2960-S PoE and 2 Cisco 2960-S Catalyst Switches.

All 3 swtiches are located in 3 different parts of the house and are connected via CAT6 from the main 2960-S PoE on port 23 and 24 to switches in Living and Theater respectively.

i know this swtiches have 4 SFP ports?

can i get an adapter form SFP to CAT6e or CAT5?

is there an advantage to configuring a port role depending on what's connected on each port?

The solution:

1 If you can connect all three switches together, Switch A to B, B to C and C to A, you will have the most redundancy. Spanning tree will prevent a switching loop. Most of your equipment will likely support only one network connection; however, ideally, connecting a server to two separate switches will provide better redundancy.

If possible, try distributing the AP across the various switches for redundancy as well. 

As for the SFP ports, you can get Copper SFP's, but since the switches are Gigabit to begin with, there really is now point. Unless you are using VLANs, any switch port will do.

If throughput is an issue, you may choose to connect the switches with two or more cables, and enable etherchannel for link aggregation.

2 I advise to use Optical SFPs to crossconnect the swithes, if you bought 10G version you able to use 10G if not you able to use 1G.

You need to use STP (which is defaultly enabled)

If you have 1g UPLINK you able to use 2 SFP-s for same for link aggregation  switch to another via PaGP.

I advise to use single mode cable for optical!

Tips for where to buy the SFP

The distrobutor 3anetwork is a world leading Cisco networking products wholesaler, offers Cisco networking  products, Cisco switches, Cisco routers and other products at competitive price. Best price on SFP modules. You can request a quote by emailing us at info@3Anetwork.com or pick up the phone and speak to one of our friendly and helpful sales reps at +852-3069-7733.

Contact information:

Telephone: +852-3069-7733(Hong Kong)

Fax: +852-3069-7731

Email:   info@3Anetwork.com(Sales Inquiries)

Address: 23/F Lucky Plaza, 315-321 Lockhart Road, Wanchai, Hongkong

Website: http://www.3anetwork.com

How to Connecting Cisco Router to another DSL modem-router

I have two routers:

First one, connected to the DSL line directly, a huawei HG532ci, it gives me access to the internet correctly to any computer by simply connection an ethernet cable to any of its 4 ports (or wireless as well).

I have another Cisco 2911(cisco WRT120N) i want to connect to the fist one, and connect another computer to this second router (i have my reasons to do this, and not connecting directl to the first one).

So i want the second router (cisco) to give access to the internet with its ports, just like the first one.

I connected the second router (cisco) to the first one, from a LAN2 port in the first router to the "internet" port in the second, that receives the signal, as you see in the picture below.

The first (huawei) router, settings are as follows: see picture huawei.jpg

And the cisco router settins are also in the next pictures.

Whan am i doing wrong? Cisco IP is 192.168.1.2, Huawei router IP is the same but .1, dhcp is enabled, etc... I have no i idea what setting should be whats causing the cisco router not givin internet access

I have also attached an IPconfig from the computer connected to the cisco router.

thank you!!

The solution:

It sounds like you just want to use the Cisco router as a switch to get more network ports.  If this is the case, then you will want to disable all DHCP services on the Cisco and connect the LAN ports of the two routers.  If you are trying to segment a section of your network behind the Cisco router, then you will need to choose separate IP ranges for the two networks, in order for the Cisco router to properly NAT.  If I am completely off on what you are trying to do, then you may want to provide a little more information as to why you are adding the cisco into the mix. Then we can figure out how it should be setup.

Cisco 2911 price: 

http://www.3anetwork.com/cisco-cisco2911/k9-price_p238.html

The GBIC Connection of Cisco WS-C2960S-24PS-L

The GBIC Connection

Need to terminate two fibres and use two gbics on each end and that this is due to how single-mode gbics/fibres work (and in this particular case its single-mode being used, not multi-mode)

The whole point behind this is that we're going to connect a "main-cabinet" to two "sub-cabinets", and we are trying to figure out if a WS-C2960S-24TS-L has sufficient "gbic-room" to connect the four WS-C2960S-48TS-L's (two in each "sub-cabinets")

1 The bottle neck would not be the 24TS-L itself, but speed of the up-links to the 24TS.
For each 48TS-L you will have up to 48 devices connect at 1 Gbps, that all are going to try and go over the same single 1 Gbps up-link to the 24TS-L.
The only way to remove that bottle neck would be to ether get new switches that allow for  10 Gbps up-links or run multiple 1 Gbps links in a Etherchannel setup.

2 "Is the right gbic to use this one: GLC-LH-SM=   ?"

Yes, but make sure the installed fiber is "single mode"  That gbic will NOT work with "multi mode" fiber

"And each one of these gbic takes 2 stands of fiber?"

 Yes

"How would you lay fibres in such a setup?"

I would give each 48TS a connection straight back to the 24TS.  I would not connect the 48TS's to each other.  That runs the risk of creating a spanning-tree loop, which could take down the network.

WS-C2960S-24TS-L Price please visit www.3anetwork.com. the discount news.

How are the ports labeled on a Cisco WS-C2960G-48TC-L

WS-C2960G-48TC-L： 44 10/100/1000 and 4 dual-purpose uplinks, has two or four dual purpose ports that are a combination of an RJ45 copper and an SFP slot. In the CLI when I do a show interface status I get 48 ports. Gi0/1-44 show as 10/100/1000baseTX but Gi0/45-48 show as auto not present.

How does this work?

Do the dual purpose ports de-activate port Gi0/45-48 when they are used?

Below is the solution:

It is a dual purpose port, so you able to use it 10/100/1000 copper or you able to plug SFP to use optical connections!

so you have GigabitEthernet ports 0/1 to 0/44 copper

and you have GigabitEthernet 0/45 to 0/48 dual purpose ports....

it shows no sfp detected....:

Gi0/2  notconnect  1    auto  auto Not Present

it shows sfp detected....:

Gi0/1  40 es szoba     connected   trunk  a-full a-1000 1000BaseSX SFP

The similar product: WS-C2960S-48FPD-L and WS-C2960S-48LPD-L, you maybe want to know more, visit the blog: http://www.3anetwork.com/blog/ for the newest information and discount news.

How to Recover the Cisco WS-C2960S-48FPD-L Default Factory Settings

How to Recover the Cisco WS-C2960S-48FPD-L Default Factory Settings

Do you meet the problem, too? Have tried to reset WS-C2960S-48LPD-L to default factory settings with procedures listed by CISCO, including holding the Mode button longer to go into Express Setup. However, it still intializes flashfs and continues its normal setup. It may be a hardware malfunction, but I just wanted to make sure there was not another solution. Now, some tips for to recover it:

If you just want to clear the settings, do a "show vlan", and then in config mode do a "no vlan xxx" for all vlans listed in the first command (except vlan 1 because it can't be removed). From there, a "write erase" and all configuration will be cleared after a reboot. Or you can contact your previous supplier or contact your sales representative. You can also email to the supplier 3anetwork.com to have a good advice.

3Anetwork.com is a world wholesaler, we wholesale the original Cisco networking products, including Cisco Catalyst switches, Cisco routers, Cisco firewalls, Cisco wireless products, Cisco modules and interface cards products. 3Anetwork.com is most competitive on Cisco switches and Cisco routers, such as: Cisco Catalyst swiches: 2960 3560 3750 4500 4900 6500 Cisco series routers: 800 1900 2900 3900 1800 2800 3800 7600. 3Anetwork.com is a trusty world seller, you can't miss it if you want to buy the Cisco products:

1. The products are professional and high quality.

2. They are huge stock and the competitive price, usually lower than the list price, as we the wholesaller

3. We ship to worldwide, can reach your city in 5 business days (not including custom clearance time), conveniently to you to order wherever you are.

4. It supports all leading payment methods like PayPal, Credit Card, Western Union Wire Transfer.

Contact information:

Telephone: +852-3069-7733(Hong Kong)

Fax: +852-3069-7731

Email:   info@3Anetwork.com(Sales Inquiries)

Address: 23/F Lucky Plaza, 315-321 Lockhart Road, c, Hongkong

Website: http://www.3anetwork.com

What is NAT and when does the router perform NAT

NAT: Network address translation,  is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device.When you use the Cisco 2900 router, Cisco 1921 router, you should know these.

Two different types of NAT:

Static NAT: The simplest type of NAT provides a one-to-one translation of IP addresses. It is often also referred to as one-to-one NAT. In this type of NAT only the IP addresses, IP header checksum and any higher level checksums that include the IP address need to be changed. The rest of the packet can be left untouched (at least for basic TCP/UDP functionality, some higher level protocols may need further translation). Basic NATs can be used when there is a requirement to interconnect two IP networks with incompatible addressing. With static NAT, translations exist in the NAT translation table as soon as you configure static NAT command(s), and they remain in the translation table until you delete the static NAT command(s).

Dynamic NAT: Dynamic NAT has some similarities and differences compared to static NAT. Like static NAT, the NAT router creates a one-to-one mapping between an inside local and inside global address and changes the IP addresses in packets as they exit and enter the inside network. However, the mapping of an inside local address to an inside global address happens dynamically. Dynamic NAT sets up a pool of possible inside global addresses and defines matching criteria to determine which inside local IP addresses should be translated with NAT. The dynamic entry stays in the table as long as traffic flows occasionally. With dynamic NAT, translations do not exist in the NAT table until the router receives traffic that requires translation. Dynamic translations have a timeout period after which they are purged from the translation table.

When does the router perform NAT?

Inside to Outside:

If IPSec then check input access list

decryption – for CET (Cisco Encryption Technology) or IPSec

check input access list

check input rate limits

input accounting

redirect to web cache

policy routing

routing

NAT inside to outside (local to global translation)

crypto (check map and mark for encryption)

check output access list

inspect (Context-based Access Control (CBAC))

TCP intercept

encryption

Queueing

Outside to Inside:

If IPSec then check input access list

decryption – for CET or IPSec

check input access list

check input rate limits

input accounting

redirect to web cache

NAT outside to inside (global to local translation)

policy routing

routing

crypto (check map and mark for encryption)

check output access list

inspect CBAC

TCP intercept

encryption

Queueing

Where to buy Cisco WS-X6724-SFP

Where to buy Cisco WS-X6724-SFP, more lower price and original product?

WS-X6724-SFP : Fabric-Enabled 24-Port SFP-Based Gigabit Ethernet Module. The list price is US$15,000.00.

Distributors, like Ingram Micro, Comstor, Tech Data, Redington etc, different countries different distributors, also different price related to your region, partner level and project level, normally around 30%~60% off GPL;

The price comparison:

1 http://www.hardware.com/products/cisco/WS-X6724-SFP%3d 6342.34 USD, 32% off, more professional but price too too expensive;

2 http://www.servermonkey.com/cisco-ws-x6724-sfp.html 4999.99 USD，as can see from their description, also the list price is not correct. But they are the shop of US, if you are located in US, maybe you can try, otherwise better find a professional networking supplier.

3 http://www.amazon.com/Cisco-WS-X6724-SFP-Catalyst-24-Port-Ethernet/dp/B00018BCTE3849 USD, good price but frankly speaking Amazon is not professional in Cisco products at all, and mary products maybe not the original ones.

4 according to our research on WS-X6724-SFP Price, best price is from, http://www.3anetwork.com/cisco-ws-x6724-sfp-price_p1291.html, 5248 USD, 65% off, but they are based in Hong Kong, so may take 3 days to reach your country.

The similar products: WS-X4624-SFP-E, WS-X4648-RJ45-E, WS-X4648-RJ45V+E, more discount news visit 3anetwork.com.

Cisco Catalyst 2960 switch configuration commands

(1) the enable password (enable password), the password in plaintext display

Enable password (enbale secret), the password to cipher text display

Model Switch.> / user prompt straight

The Switch.>enable / * enter privilege mode

Switch.# / privileged mode (input ciphertext before entry)

Switch.#config terminal / * enter global configuration mode

Switch. (config) # / configuration mode prompt

Switch. (config hostname Pconline) # / * set the host name Pconline

Pconline (config) enable password cisco3560 # / * set the enable password for pconline

Pconline (config) enable secret cisco3560 # / set enable password for network

Pconline (config) line vty 015 # / set the virtual terminal lines

Pconline (config-line) login / # landing verification

Pconline (config-line password cisco3560) # / set the virtual terminal password

Two, VLAN switch setting

Model Switch.> / user prompt straight

The Switch.>enable / * enter privilege mode

Switch#vlan database into the VLAN settings;

Switch (VLAN) # VLAN 2; VLAN 2

Switch (VLAN) #no VLAN 2 + VLAN 2;

Switch (config) #int f0/1; into the network port 1

Switch (config) #int giga0/1; into the sink Gigabit port 1

Switch (config-if) duplex {auto full half} # | | set port --- automatic / full duplex or half duplex

Switch (config-if) #switchport mode trunk; the port is set to sink mouth

Switch (config-if) #switchport mode access; the port settings for the access mode

Switch (config-if) #switchport trunk allowed VLAN 1, 2; group VLAN set 1,2 export permit

Switch (config-if) #switchport trunk VLAN 2; 1 is set in VLAN allowed

Switch (config-if) #switchport access VLAN 2; the current port into VLAN 2

Switch (config-if) #switchport trunk encap dot1q; set the VLAN relay

In Cisco network, there are four main types of switches in the LAN interface in the final steady state:

Access/ trunk/ multi/ dot1q-tunnel.

1, access: is mainly used to access terminal equipment, such as PC, server, print server.

2, trunk: is mainly used in connection with other switches, to support multiple VLAN in line.

Multiple VLAN bearing 3, multi: in a line, but unlike trunk, it does not carry data tagging. Mainly used for access to support multiple VLAN servers or network analysis apparatus. Now don'tuse this kind of interface, in the Cisco network equipment, also does not support this type ofinterface.

4, dot1q-tunnel: is used in the Q-in-Q tunnel configuration.

Switch (config) #vtp domain; set the VTP domain name

Switch (config) #vtp password; set the VTP password

Switch (config) #vtp mode server set up the VTP model;

Switch (config) #vtp mode client set up the VTP model;

Three. Set the IP address switch

Switch (config) #interface VLAN 1 to VLAN 1

Switch (config-if) #ip address 132.37.48.3 255.255.255.0; set the switch management IP

Switch (config) #ip default-gateway 132.37.48.1; set the switch the default gateway

Switch (config) #end; exit current mode

Switch#conf t enter privilege mode

Switch (config interface fa0/5) #

Switch (config-if) # shutdown closed port

Switch (config-if no shutdown) # open ports

The four switch show commands.

Privileged mode:

Save the configuration information of switch#write;

Switch#show VTP; see the VTP configuration information

Switch#show run; see the current configuration information

Switch#show VTP; see VTP switch information

Switch#show VLAN; see the VLAN configuration information

Switch#show interface view port information;

Switch#show interfaces FastEthernet 0/1 switchport; two layer display port state, can be used to determine whether the port is two or three layers of export.

Switch#show int f0/0; look at the specified port information

Sw1924_b#show IP; see the setting

Sw1924_b#show versi; check the switch version information

Sw1924_b#show running-config; check the switch current running configuration information

Sw1924_b#show int e0/1; first port information view switch

MAC address binding ports based on

Switch#config terminal enter configuration mode

Switch (config Interface FastEthernet) # 0/1 into the specific interface configuration mode

Switch (config-if) #Switchport port-secruity configure port security mode

Switch (config-if) switchport port-security mac-address MAC (address MAC)

To configure the port to bind the host MAC address

Switch (config-if) no switchport port-security mac-address MAC (address MAC)

Delete the MAC address of the host.

Cisco router: Cisco 2921 router more information on 3anetwork.com.

How to solve the minor error of Cisco module

Cisco SFP Modules：includes Fast Ethernet SFP, WS-X4624-SFP-E Gigabit Ethernet SFP, OC3/ STM-1, OC12/STM-4, and OC48/ STM-16 SFPs for multimode, short reach, intermediate reach, long reach (40km), and long rach (80m) applications. 

On the network of cisco module, We had a severe lightning storm with power cuts and multiple lightbolts hitting our buildings and grounds around our core server rooms. Luckly the UPSes carried the load and gobbled up the overvoltages etc no problem.

When checking the switch I saw the following (see below), and even after running a "hw-module" reset on each of the affected modules (blades) we still got no power (POE) to the phones, however the computers directly connected were working fine.

Upon reseating or resetting the module we got these errors on bootup of the module:

%PM_SCP-SP-2-LCP_FW_ERR_INFORM: Module 6 is experiencing the following error: Inline Power Module - PS voltage bad

%CONST_DIAG-SP-3-BOOTUP_TEST_FAIL: Module 6: TestVDB failed

A "show module" was showing this:

Mod  Online Diag Status

---- -------------------

  1  Pass

  3  Pass

  4  Pass

  5  Pass

  6  Minor Error

  7  Minor Error

  8  Minor Error

show diagnostic mod 7

Current bootup diagnostic level: complete

Module 7: SFM-capable 48 port 10/100/1000mb RJ45  SerialNo : xxxxxx

  Overall Diagnostic Result for Module 7 : MINOR ERROR

  Diagnostic level at card bootup: complete

  Test results: (. = Pass, F = Fail, U = Untested)

    1) TestLoopback:

   Port  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

   ----------------------------------------------------------------------------

         .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .

   Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48

   ----------------------------------------------------------------------------

         .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .

    2) TestSynchedFabChannel -----------> .

    3) TestL3VlanMet -------------------> .

    4) TestIngressSpan -----------------> .

    5) TestEgressSpan ------------------> .

    6) TestAsicMemory ------------------> U

    7) TestFirmwareDiagStatus ----------> .

    8) TestEobcStressPing --------------> U

    9) TestAsicSync --------------------> .

   10) TestUnusedPortLoopback:

   Port  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

   ----------------------------------------------------------------------------

         U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U

   Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48

   ----------------------------------------------------------------------------

         U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U

   11) TestErrorCounterMonitor ---------> .

   12) TestIntPortLoopback -------------> .

   13) TestPortTxMonitoring:

   Port  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

   ----------------------------------------------------------------------------

         U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U

   Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48

   ----------------------------------------------------------------------------

         U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U  U

   14) TestVDB -------------------------> F

Basically from what I've found the TESTVDB means that the POE component on the blade has failed, and it will refuse to deliver power, at the time of writing this post, we don't know whether the whole chassis is fried, we assume it isn't as all the other blades and the data is working okay. And one of the other POE blades in the switch survived and still delivers power.

Fault to Cisco, cross fingers and hope the chassis isn't toast too.

Moral of the Story:

It doesn't matter how much UPS protection you add a direct lightning strike will cause significant damage and disruption to systems, the only protection you can have is to have enough staff to deal with the problems, and enough money to fix or replace the faulty kit.

Hope can help you in the daily network, more cisco modules wholesale WS-X4648-RJ45-E on www.3anetwork.com

How to configure ”Saving VLAN” on Cisco 2960

A VLAN is a switched network that is logically segmented by function, project team, or application, without regard to the physical locations of the users.

Saving VLAN Configuration

The configurations of VLAN IDs 1 to 1005 are always saved in the VLAN database (vlan.dat file). If the VTP mode is transparent, they are also saved in the switch running configuration file. You can enter the copy running-config startup-config privileged EXEC command to save the configuration in the startup configuration file. To display the VLAN configuration, enter the show vlan privileged EXEC command.

When you save VLAN and VTP information (including extended-range VLAN configuration information) in the startup configuration file and reboot the switch, the switch configuration is selected as follows:

• If the VTP mode is transparent in the startup configuration, and the VLAN database and the VTP domain name from the VLAN database matches that in the startup configuration file, the VLAN database is ignored (cleared), and the VTP and VLAN configurations in the startup configuration file are used. The VLAN database revision number remains unchanged in the VLAN database.

• If the VTP mode or domain name in the startup configuration does not match the VLAN database, the domain name and VTP mode and configuration for the first 1005 VLANs use the VLAN database information.

• If VTP mode is server, the domain name and VLAN configuration for the first 1005 VLANs use the VLAN database information

Catalyst 2960 and 2960-S switches are the leading fixed-configuration Layer 2 edge access switches, 2960 is FE access switch while 2960-S most ports are GE. The Catalyst 2960-S Series Switches are stackable switches and support POE+ function. 3Anetwork.com keeps stock for most 2960 and 2960-S LAN base switches. Among all Cisco Catalyst 2960 switches, WS-C2960-24TT-L and WS-C2960-24TC-L are best selling models. Among all Cisco Catalyst 2960S switches, WS-C2960S-24TS-L and WS-C2960S-48TS-L are best selling models. 3Anetwork.com offers best Cisco 2960 Price, Cisco 2960S (2960-S) Price, ship to worldwide.