Cisco 3560 questions.

W

Wrench00

2[H]4U
Joined
Sep 30, 2003
Messages
3,423
I just inhertited a fairly sized network. I found that the network has been vlaned to hell and back for about 40 users (about 10 vlans) I am not a cisco user, I prefer my HP switches. Any who can a 3560 switch route its vlan own traffic or hold acl or some sort? I know on a layer2 the router does the layer trafic routing on a vlaned switch. There is a 5505 but that has no vlan configuration nor does it have the horse power for the network. There is a 2921 but its a VOIP system but I suspect its doing the routing but I have no idea how to get into it..

I also have no documentation and half the password that I was given don't work?

Is there an app I have to use to manage the 2921 (There is one for VOIP) There is one for the Cisco asa 5505 adsm launcher. Or is it all shell access.
 
A 3560 can do Layer 3 with the right IOS. That will do vlan routing. Can also handle routing protocols, acls, etc.

A 2921 router can do routing and also have Call Manager Express on it. Depending on the IOS and config.

As long as password recovery is enabled, you can recover the configs and reset the passwords. Check cisco.com for more info.

The 2921 and 3560 can be managed by telnet, ssh, serial console, http, https, etc. depending on the config. Serial console is used to recover the passwords. You just need a blue console cable (or make one).

Cisco.com is the best resource for documentation. Can be tricky to navigate their website. Try searching for your specific model and drill down to documentation.
 
3560 is a Layer 3 switch like djflow said. It'll be doing your VLAN routing for you.

Do a show run to get a look at the configuration of the switch to figure out how it's all setup. I recommend making a backup of it as well.

For password recovery, search google. There's tons of info on it.
 
I am familiar with HP prcurves, the cli is similar but not the same. Any who I did get into the switch, and did a show config like I would on a Procurve. I got a dump of the settings and using putty log but I saw no acl is the acl seperate from the config setup?
 
Wrench00 said:
I am familiar with HP prcurves, the cli is similar but not the same. Any who I did get into the switch, and did a show config like I would on a Procurve. I got a dump of the settings and using putty log but I saw no acl is the acl seperate from the config setup?
Click to expand...

Access list will be very visible if you do a sh run. Access-list x and so forth.
 
Well I figured out what was going on. The person who designed it just vlaned the switch. 14 seperate VLANs for about 50 users. I thought maybe the 2921 did routing I figured it out that it didn't do anything except pass traffic back to the switch. I added route information to the servers and everything work after that. This is the dumbest setup I have ever seen in my life. The router doesn't actually route anything.

Switch is the gateway - Passes traffic to asa 5505 for external resources in front of that there is a barracuda and another vlan baracuda to do email and a third one to do backups. Since the guy couldn't figure out how to create vpn tunnels to satelites from asa to sonicwall he decided to add a another gateway Sonicwall (Legacy to do the vpn). So now it looks like based on the network destined it goes out a certain gateway. Only sane reason I can gather this was done was to stop broadcasts?
To top it all vm cluster is on the same 3560 switch including vm/iscsi/data with no rudandant switch.I am still trying to figure out how to simplify this mess of three routers, 8 other switches that I have no credentials for.
Tha Active directory was even worse.
 
It sounds like whoever was in charge didn't get enough resources "aka money" to do it the proper way. If he is using the L3 switch as a iSCSI network for VMware, either he was really dumb or didn't have enough money and had to make it work. As far as the router not routing, does the internet line come into it? Do you have a PRI for the phone system? Some VOIP guys recommend you have a separate router that just handles the VOIP/PRI, that could be the case.
 
djflow195 said:
A 3560 can do Layer 3 with the right IOS. That will do vlan routing. Can also handle routing protocols, acls, etc.

A 2921 router can do routing and also have Call Manager Express on it. Depending on the IOS and config.

As long as password recovery is enabled, you can recover the configs and reset the passwords. Check cisco.com for more info.

The 2921 and 3560 can be managed by telnet, ssh, serial console, http, https, etc. depending on the config. Serial console is used to recover the passwords. You just need a blue console cable (or make one).

Cisco.com is the best resource for documentation. Can be tricky to navigate their website. Try searching for your specific model and drill down to documentation.
Click to expand...

This is correct. In my environment we use ISR routers such as the Cisco 2900 series to do all of our networking and what not. The router is very beastly and can do a lot.
 
CCP is pretty much useless. It's great for a noobie just setting up NAT and DHCP and a few NAT entries, but for everything else command line is a lot better.

Now ASDM on the other hand is great. Too be honest, I've never needed to use CLI on my ASA. Anything I've needed to do, I have done it in ASDM.
 
You must log in or register to reply here.
Back
Top