Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About Alex Pfeil
04-17-2019
Alex Pfeil
Member since
01-08-2008
Enthusiast
04-02-2019
01:58 PM
Authorization works because the backup is local. The issue is that the accounting does not have a local backup. So, if the accounting server is not reachable on the network, each command entry will wait for the timeout period (I'm guessing). Should I set the timeout to two seconds?
... View more
04-01-2019
05:41 AM
I have aaa configured with authentication, authorization, and accounting. When I make a change that affects connectivity to the AAA server, I can still add commands to the device. However, there is a significant wait time between executing commands. If I remove aaa accounting, then I can continue to enter commands as normal. Is there a command to decrease the wait time such as a timeout? Thanks in advance!
... View more
Labels:
Created by
Alex Pfeil
in Other Collaboration Subjects
in Other Collaboration Subjects
03-19-2019
05:31 AM
03-19-2019
05:31 AM
I was wondering if there is a document which shows the different member status/level? I have seen many different levels, such as Beginner, Enthusiast, Rising Star, Contributor, Advocate, and VIP. I understand that some levels are based on participation. However, what is the criteria for moving from Beginner to Enthusiast to Rising Star, etc.? What are all of the possible levels?
Thanks in advance!
... View more
Labels:
Created by
Alex Pfeil
in Small Business Routers
in Small Business Routers
03-19-2019
05:17 AM
03-19-2019
05:17 AM
Did firmware ever fix this issue?
... View more
02-27-2019
05:49 AM
I have read in multiple forums that some people effectively shut off device tracking with the ip device tracking max 0 command. Other users suggested the nmsp attachment suppress command. I then read that some switches do not offer the ip device tracking maximum 0 command. I also read that the nmsp attach suppress command was not turning IPDT off on some switches. Is one command a best practice over the other? It sounds like I might have to configure both on all ports to cover an issue where one works and the other does not.
I look forward to any comments.
Please rate helpful posts.
... View more
Labels:
02-27-2019
05:44 AM
I have read a couple of posts that state IPDT is automatically enabled when features on a switch are enabled that use it.
First, is that true? Are there features that get enabled and then automatically turn on IPDT?
Second, Does anybody know of the other features that need to be enabled to automatically enable IPDT? I just wanted to check if I need those features enabled or not so that I could remove them and see IPDT turn off automatically.
I appreciate any comments.
Please rate helpful posts.
... View more
Labels:
02-27-2019
05:36 AM
I ran into the IP device tracking issue where clients/servers were seeing duplicate IP addresses. My question is, would turning off gratuitous ARP resolve the issue? It seems to me like the server sends out an ARP packet and receives a response from my switch. Is that what is causing the issue? I have seen posts where people are disabling IPDT with nmsp attach suppress, or ip device tracking maximum 0.
How would turning off gratuitous ARP on a layer 2 switch effect the network? It seems to me like we really don't need or want gratuitous ARP on, and that would also resolve the duplicate ip address detection problem. I look forward to any comments.
Please rate helpful posts.
... View more
- Tags:
- arp
- DAD
- device tracking
- duplicate ip address
- Gratuitous ARP
- ip device tracking
- ipdt
- nmsp
- nmsp attach suppress
Labels:
02-21-2019
11:29 AM
It sounds like you are not going to stack these using the stack module and cables plugged into the back of the 3650, correct?
For basic connectivity, you can plug port 24 into port 24 and it should link up and form at least an access port on VLAN 1. MDIX auto allows a straight through cable to be used and you shouldn't have any issue. If you plug a device into a port without configuring it, it should become an access port on vlan 1. Switches are pretty nice when you are not adding a lot of additional configuration.
You can change the default settings such as below.
conf t
vtp mode transparent
int gi1/0/24
switchport mode trunk
int range gi1/0 - 23
switchport mode access
... View more
02-21-2019
07:28 AM
The boot system command was entered incorrectly.
boot system c2960-lanlitek9-mz.152-4.E6.bin
It should be boot system flash:/ c2960-lanlitek9-mz.152-4.E6.bin
Thanks,
Alex
... View more
Created by
Alex Pfeil
in VPN and AnyConnect
in VPN and AnyConnect
02-21-2019
07:23 AM
02-21-2019
07:23 AM
I am not sure if this is considered a work-around or the solution.
The solution is to disable the IP Layer Filtering in Umbrella on a per PC basis.
... View more
02-20-2019
02:03 PM
Yes, I have seen issues with PoE and 2960x switches. It could make sense that the power is spread between different ports on the switch and you could overwhelm one said group of ports, but I have never read anything saying that. I have always thought that you should be able to do a show power inline and look at the results. It should tell you how much power you have and how much power is being used.
I agree to try the firmware first and then TAC it.
... View more
02-20-2019
01:54 PM
If you want to save time, these two can automate the process.
SolarWinds Network Topology Mapper
NetBrain
... View more
02-20-2019
01:50 PM
Try using a secondary subnet liket this.
interface VLAN 12 ip address 10.12.12.42 255.255.255.0 ip nat outside ! interface VLAN 6 ip address 172.31.6.1 255.255.255.0 ip address 172.31.7.1 255.255.255.0 secondary ip nat inside ! interface VLAN 23 ip address 172.31.23.1 255.255.255.0 ip nat outside ! interface VLAN 24 ip address 172.31.24.1 255.255.255.0 ip nat outside ! interface VLAN 25 ip address 172.31.25.1 255.255.255.0 ip nat outside ! interface VLAN 26 ip address 172.31.26.1 255.255.255.0 ip nat outside ! interface VLAN 27 ip address 172.31.27.1 255.255.255.0 ip nat outside
no ip nat inside source static 172.31.6.2 10.12.12.2 route-map RM_SERVER_PRODU ip nat inside source static 172.31.6.2 172.31.7.2
If you only want to translate certain IP addresses going to 172.31.6.2, you can use a route-map then. However, no route-map is necessary.
Please mark helpful posts.
... View more
02-20-2019
01:00 PM
I agree that you should run the no boot system command first because the boot system command is an additive command meaning that it does not replace the previous boot system command.
... View more
02-20-2019
12:56 PM
You can also run an extended ping to the IP address, and run she show ip nat translation command.
... View more
2 weeks ago
Authorization works because the backup is local. The issue is that the
accounting does not have a lo...
3 weeks ago
I have aaa configured with authentication, authorization, and
accounting. When I make a change that ...
Created by
Alex Pfeil
in Other Collaboration Subjects
a month ago
a month ago
I was wondering if there is a document which shows the different member
status/level? I have seen ma...
03-18-2019 12:58 PM
For the Enable Stateless Session Resume, would 24 hours be ok for the
setting? Would one week be too...
Created by
Alex Pfeil
in Identity Services Engine (ISE)
02-27-2019 04:49 PM
02-27-2019 04:49 PM
I have read that it was not a best practice. I just wanted to make sure.
Created by
Alex Pfeil
in Identity Services Engine (ISE)
02-27-2019 04:45 PM
02-27-2019 04:45 PM
I am deploying 802.1x and the command access-session template monitor
was in a best practices config...
Created by
Alex Pfeil
in Identity Services Engine (ISE)
02-27-2019 11:26 AM
02-27-2019 11:26 AM
We were trying to determine if there is a solution to limit then number
of MAC addresses learned on ...
Created by
Alex Pfeil
in Switching
02-27-2019 05:49 AM
02-27-2019 05:49 AM
I have read in multiple forums that some people effectively shut off
device tracking with the ip dev...
Created by
Alex Pfeil
in Switching
02-27-2019 05:44 AM
02-27-2019 05:44 AM
I have read a couple of posts that state IPDT is automatically enabled
when features on a switch are...
02-27-2019 05:36 AM
I ran into the IP device tracking issue where clients/servers were
seeing duplicate IP addresses. My...
Created by
Alex Pfeil
in Identity Services Engine (ISE)
02-26-2019 12:00 PM
02-26-2019 12:00 PM
Is there any change on the best practice for port-security and
multi-auth. This discussion dates bac...
02-21-2019 11:29 AM
It sounds like you are not going to stack these using the stack module
and cables plugged into the b...
Created by
Alex Pfeil
in Switching
02-21-2019 07:28 AM
02-21-2019 07:28 AM
The boot system command was entered incorrectly. boot system
c2960-lanlitek9-mz.152-4.E6.bin It shou...
Created by
Alex Pfeil
in VPN and AnyConnect
02-21-2019 07:23 AM
02-21-2019 07:23 AM
I am not sure if this is considered a work-around or the solution. The
solution is to disable the IP...
Public Statistics
| Date Registered | 01-08-2008 12:55 PM |
| Date Last Visited | 04-17-2019 04:39 PM |
| Total Messages Posted | 518 |
| Total Helpful Votes Received | 361 |
Helpful Votes Given To
.jpg "VIP Engager"){kind=icon}
Helpful Votes From
