cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1938
Views
0
Helpful
7
Replies

Nexus 3064 and two Cisco Catalyst 2960 issues

Gypsy Dave
Level 1
Level 1

Hi all,

I'm configuring a Nexus 3064 on our network which I want to use as a core switch and have the other 2 Cisco Catalyst 2960's connected to it via 10G. The 2960's have the 10G SPF modules in them.

 

The desired network looks like this:

https://ibb.co/SdzKYTs

 

At present the 2960's are only Layer 2 and the fortigate 80E is routing all the VLANS, 6 in total. The two 2960's are connecter via a 10g connection and the fortigate is connected via 1000mbps to one of the 2960's.

 

When I connect the two 2960's via a trunk port to a port on the Nexus. I allow all 6 vlans on these two trunk ports.

 

The problem is when I install the Nexus 3064 as the core. I cant see other vlans even though I have a trunk port configured for each 2960 passing all vlans though it. Do I need to use layer 3 on the nexus? Or can I keep using the Fortigate as the layer 3 routing? 

 

I cant seem to ping anything from the nexus switch either?  Is this the best way to do this? 

 

Thanks,

 

 

 

7 Replies 7

balaji.bandi
Hall of Fame
Hall of Fame

if you looking Nexus as Core (single or dual ?) , Hope cisco 2960 access switches with clients connected.

 

you can re-design like below

 

Fortigate----nexus---2960 switches (they act as access switch for your users).

 

If you looking to be nexus as Pure L2, you do not need any special config, just Layer to configuration with trunk

But you do need the Layer 3 interface to management for mange these devices.

 

as per your setup, it should work, but i do best as per the above suggested changing things.

 

make sure you created VLAN inside nexus also for that VLAN to transit.

 

best to look is post the configuration all device so we can understand better what is configured.,

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Thanks for the reply. 

 

Correct at present Nexus will be a single core and the clients are all connecting to the 2960's. All servers and NAS are connected to the 10G nexus ports. 

 

So when you say a layer 3 interface for management you mean create a new vlan interface for all vlans and then assign an ip address to those interfaces? 

 

Attached the configs form the switches. I had to roll back because I had problems. So on the 2960's the TE ports are not configured currently to the nexus. 

I had something like that for the port:

 

interface TenGigabitEthernet1/0/1
description TRUNK_TO_CORE01
switchport trunk allowed vlan 1-9
switchport trunk native vlan 2
switchport mode trunk

 

 

Thanks,

what was the issue you encountered ? can you give more information.

 

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

1. I can't ping anything from the nexus on the lan. I'm thinking possible gateway config problem? 

2. I can't reach sw_studio3 and visa versa

 

i suspect it is Pure Layer 2 if you configured, you wont be able to ping other VLAN

but you can ping your default gateway as configured.

 

When you next time do the change :

 

1. make sure you check end device able to ping Gateway.

2. cross check all the VLAN allowed and created on all device in the path.

3. check is there any MAC and ARP learning. in each device.

 

i do not see any Loops here so it should work as expected.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

I have my 2960's setup like that. Layer 2 with the fortigate as the default gateway and this routes the VLANS and makes everything reachable. 

 

Can't I do the same with the Nexus? It seems not. If I set a default gateway if should find the fortigate and route the traffic right?

 

Is this the best way to do it? 

 

So now Nexus out of the way in your network right ?

 

can you post current Config along with diagram to understand.

 

Its not complicated setup it should work as Layer 2

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: