Cisco 3925 Routing Between 2 Network Segments
Feb 1, 2013
I have a new Cisco 3925 router. I have 2 network segments 10.0.1.X with net mask 255.255.255.0 and 10.0.2.x woith netmask 255.255.255.0. I have an internet gateway router at 10.0.1.21. I have set GBethernet 0/0 to 10.0.1.1 / 255.255.255.0 and GBethernet 0/1 to 10.0.2.1 / 255.255.255.0. I have set a static route 0.0.0.0 / 0.0.0.0 to 10.0.1.21 for gateway of last resort.
When I setup a workstation on the 10.0.2.X segment at 10.0.2.100 wirh a gateway of 10.0.2.1, I can ping 10.0.2.1 and 10.0.1.1 but can not ping anything else on the 10.0.1.X network or on the internet. When I am connected to the console port on the router I can ping 10.0.1.1 and 10.0.2.1 and 10.0.1.21 and any address in the internet but I can not ping 10.0.2.100.
When I am on a network connected to the 10.0.1.x network af 10.0.1.100 I can ping 10.0.1.1 and 10.0.2.1 and 10.0.1.21 and anywhere on the internet but can not ping 10.0.2.100 or any other address on the 10.0.2.x network other than 10.0.2.1. What Do I need to do on the 3925 to get to all address on each segment and to get to the 10.0.1.21 gateway from the 10.0.2.x addresses?
View 5 Replies
ADVERTISEMENT
Jul 22, 2012
I have a WAN router that's on 172.x.x.x segment, and another WAN router that's on a 147.x.x.x segments.How can I make them communicate, I would like to interconnect both segments to talk to each other.We are using a Cisco 2800 on both segments.
View 8 Replies
View Related
Oct 22, 2012
have a 2921 with 3 segments, let's say 172.16.0.1/24, 172.16.2.1/23 and 172.16.5.1/24
How can I browse for computers (in Network... Windows xp/7) from other segment?
View 7 Replies
View Related
Nov 29, 2012
I am using Cisco ASA 5505 between my two network.
1) I want 192.168.1.0/24 LAN user can go to access 172.16.1.0/24 network but 172.16.1.0/24 cant access 192.168.1.0/24 network
2) what interface nameif will be or security Laval
3)what access list should be configure
4)what IP route should be used
View 3 Replies
View Related
Feb 5, 2013
We want to use a Cisco 861 Ethernet router to link our LAN's data and voice segments together (each on separate switches). Our switches are not Layer3 so routing over them is not an option. We only use the default VLAN1 on both switches.There is a data segment 192.168.1.0/24 and a voice segment 192.168.150.0/24, each with it's own internet/WAN access (internet for the data lan and SIP provider for the voice lan).
Diagram:
internet-~--router_192.168.1.1------192.168.1.0/24_data_lan--------192.168.1.254_cisco861_192.168.150.254-----192.168.150.0/24_voice------192.168.150.1_router--~-sip_provider
This is want i want to achieve:
- Link the data and voice switches using the 861
- I want to make the Cisco 861 the default gw on both segments, but they should only route traffic destined for the other segment to each other and route all other traffic to their segment's designated internet connection. I don't want the Cisco to do any NATting and there's no need for firewalling either.
View 3 Replies
View Related
Nov 13, 2011
I have a question regarding the 3925 router. In the past on my old 3660's, in order to add a new line to an ACL, I would have to remove the entire ACL and readd it when adding new ACL lines to the list. Is this required on the 3925's, or is it like the ASA 5520's where you can just add an ACL any 'ol time without having to remove/add the entire ACL list?
View 2 Replies
View Related
Jun 27, 2010
I just receive a new Cisco 3925 with a etherswitch module 24 port :
SM-ES3G-24-P,I successfully boot the switch module and gain access to it.
I found some documentation on CCO but I don't sorted out this small information :,
Switch#sh cdp neig Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port IDRouter Gig 0/26 143 R S I CISCO3925 Gig 2/0Switch#
The Router is connected to the switch module via a HIMI :
The Cisco enhanced EtherSwitch service modules also provide a physical Gigabit Ethernet serializer/deserializer integrated circuit transceiver (HIMI) interface. In the Cisco 2900 series and Cisco 3900 series routers, the HIMI link on the Cisco enhanced EtherSwitch service modules is connected to the router internal Gigabit Ethernet backplane. This link is used for interconnection between other interface cards or network modules attached to the router Gigabit Ethernet backplane bypassing the router host CPU; thus, increasing CPU performance by decreasing CPU processing.
If I do a sh ip int brief on the switch, I have 26 interface but only 24 are physicaly present on the front.The type of the 0/25 and 0/26 are the same : media type is 1000BaseXThe interface gi 0/26 is up up but the 0/25 is down down.
View 3 Replies
View Related
Jan 14, 2013
We currently installed a 100Mbps fiber line with Ethernet hand-off. I purchased a Cisco 3925 ISR to be the gateway for this connection. I am not going to use it for any security purposes. I have an ASA5520 that will do that work. Right now I am currently just trying to get the router online.
I know the following
Laptop <--->GB 0/1((()))GB0/0<---->Ethern
et handoff from ISP.
I can ping and SSH to the outside interface of the router from outside the network. I can also ping and SSH to the router from the laptop that is directly attached to the routers GB0/1 port. From the Router's CLI I can ping IP addresses on the internet. From the laptop I can not. I can not access the internet through the router though. Here is my config.Building configuration...
Current configuration : 3724 bytes!! Last configuration change at 02:17:03 UTC Tue Jan 15 2013 by ggsis! NVRAM config last updated at 02:09:33 UTC Tue Jan 15 2013 by ggsis! NVRAM config last updated at 02:09:33 UTC Tue Jan 15 2013 by ggsisversion 15.1service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname XXXNAMEXXX!boot-start-markerboot-end-marker!!logging buffered 51200 warningsenable secret 4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX!no aaa new-modelmemory-size iomem 20!no ipv6 cefip source-routeip cef!!!!!no ip domain lookupip domain name XXXXXXXXXXXXXXDomainXXXXXXXXXXXmultilink bundle-name authenticated!!crypto pki token default removal timeout 0!crypto pki trustpoint TP-self-signed-XXXXXXXXXXXXXXXXenrollment selfsignedsubject-name cn=IOS-Self-Signed-Certificate-XXXXXXXXXXXXXrevocation-check nonersakeypair TP-self-signed-XXXXXXXXXXXXXX!!crypto pki certificate chain TP-self-signed-XXXXXXXXXXXXXXcertificate self-signed
[code]...
View 10 Replies
View Related
Jan 9, 2013
I just barely put in a Cisco 3925 on our network. I've configured gigabitethernet 0/2 to live on our management VLAN with an IP address of 10.129.0.31/16. I did a "no shut" on the interface. Everything should be ready to allow me to ping and/or SSH to that interface but I can't. It's really weird because I've done this a thousand times (at least on ASAs). I must be missing something. At any rate, the default gateway of the management VLAN is 10.129.0.1. I can ping that from the router. I can also ping that from my laptop (which lives on a completely different VLAN). But I can't ping the router from my laptop or vice versa.
Building configuration...
Current configuration : 1360 bytes
!
! Last configuration change at 19:05:13 UTC Thu Jan 10 2013
!
[Code].....
View 4 Replies
View Related
Jan 30, 2013
terms of Performance for 3925, 3925E and 3945.
didn't see much different between 3925 and 3925E except an additional port.
View 5 Replies
View Related
Apr 11, 2012
Is it possible to create a vlan on a standard 3925? We have no addon cards installed.
View 3 Replies
View Related
Nov 8, 2011
I was trying to give the following host name to my 3925 router.Iht comes up with the following error. DRT0(config)#hostname DRT#0 % Hostname contains one or more illegal characters.% Hostname "DRT#0" is not a legal LAT node name, Using "CISCO_000000" DRT#0(config)#
View 2 Replies
View Related
Jul 9, 2012
I am trying to research the possiblity of backing up IOS and configurations from an Etherswitch module, and being able to store the files onto the Host Router's flash (3925 ISR). and then being able to recover that IOS and configuration, in case I have to replace the Etherswitch Module.
View 4 Replies
View Related
Apr 3, 2012
I was trying to enable AutoQoS on my router 3925 GE interfaces, but failed to do so !! But I was able to do so on FE interfaces !! I have Security/K9 and Data/K9 license on this router. Or do I still miss out anything ?? I am on IOS 150-1(M4).
I was able to enable AutoQoS on all my Cisco 2811 and 1841 routers !
View 3 Replies
View Related
Jan 19, 2012
I have a 3925 Router with a 48 port switch module (part number SM-D-ES3G-48-P). I have no problem accessing the 3925 Router, but when I go into the 48 port, I get an error that reads
Error Hardware not supported by firmware. Try loading a newer software instead. System Resetting...
I know that the wrong IOS is installed on the switch, but the problem is that this is an endless loop. The switch resets then comes back to the same error. How to get the switch out of this loop so that I can load the correct IOS.
View 1 Replies
View Related
May 17, 2013
Client has a Cisco ASA 5510 with 4 L2L VPN's all using 5505's
The L2L connect to the "outside" interface as do the VPN Users (I'm leary of this
The VPN Users need access to the "inside" networks and all L2L subnets.
The VPN User has its own subnet (192.168.168.0/24( seperate from the Local LANs (172.16.0.0/16)
When the Users VPN in they can get to all the subnets connected to the inside interface but none of the L2L subnets
I have verified that the UserVPN Subnet is in the crypto acls and in the route statements of all L2L 5505s
View 3 Replies
View Related
May 23, 2013
I was asked to enable netflow in an ASA Firewall for Orion/Solarwinds server monitoration. Firewall is a 5550, with 4G RAM, and no extra modules but SSM-4GE. This firewall has 5 DMZ segments and ans specific segment for internet traffic.There are segments as unique subinterfaces in physical interfaces. Other segments as individual subinterfaces in the same physical interface (but individual VLANs)Usually firewall CPU flows between 30% to 40%. Rarely to 50%.
1 - How dangerous or risky could be implement netflow in this firewall?...This firewall is very critical for the customer. My concern is regrading CPU, traffic generated, memory, etc
2 - In a month, firewall will be migrated from 8.2 software version to 8.4 software version. Is there any incompatibility in some commands?...Would be recommended to perform netflow configuration after software upgrade?
3 - How could it be implemented for Orion monitoring, regarding each individual sub-interface (and so, each VLAN assigned)?I there any recommendation regarding configuration, best practices?
View 6 Replies
View Related
May 17, 2011
We have an ASA5510 and a few days ago we were unable to access some segments from remote access VPN, the problem was not the config. A few hours later the problem was resolved on its own and I suspect we have an IOS bug. This has happened a few times in the past and its becoming an issue. How can this be confirmed and which IOS should we upgrade to? Prefer not 8.3 given the syntax difference
View 1 Replies
View Related
Jul 25, 2012
I need 3925 router that support BGP as well as IPSEC VPN. is this correct part number i ordered? CISCO3925-SEC/K9. Its always hard to understand Cisco licensing, specially new one. will above package will have router wth ipbasek9+seck9?
View 4 Replies
View Related
May 24, 2011
I have a new 3925 ISR G2 router with the universal IOS, 256kb flash in CF0, 1gb flash in CF1. When the router boots it prompts to enter initial config. Whether I say yes or no, enter the appropriate info, "write memory", and reload it comes up with a blank config. I've checked the config-register (2142), copied the start up-config to nvram:, flash0:, and flash1: but nothing works.
View 2 Replies
View Related
Apr 19, 2013
I have one router 3925 equipment DIRECTLY connected to the Router that needs to be accessed by telnet port 23.
Please find the attached config details.
View 6 Replies
View Related
Jul 6, 2011
I have spend half day to look up this question in cisco official web site, but get nothing . Any infomation about vpn performance of 3925 router?Produce : cisco 3925 ( Cisco 3925 Security Bundle w/SEC license PAK )Question is , how much ipsec vpn tunnels can be carried as a vpn server of this bundle ? if more licenses may be bought, how much most tunnels can be held?
View 5 Replies
View Related
Nov 6, 2012
I have a Cisco 3925 router running IOS 15.2 I am trying to configure IP SLA on it. The configuration is supposed to be what is pasted below. but the CLI is rejecting the commands.Its taking oly the "ip sla responder" command after that if I enter "ip sla 1083180034" command it says invalid input. [code]
View 5 Replies
View Related
Feb 26, 2011
how to setup natting on a 3925 router.
View 1 Replies
View Related
Jan 25, 2012
we are configuring a ras on 3925 router with e1 controller. when we connect the e1 controller to pbx we got on pbx a no frame alarm (detailed error is that we have nfas but we do not have cas). what could be the error? do the router need dsp to have a framed e1?
View 1 Replies
View Related
Nov 30, 2012
i said in the title i have forgot my password for my cisco3925 rourtor and how to reset my password
View 3 Replies
View Related
Dec 20, 2010
checked all the recovery doc, however, there is no one specific for 3900 series router
View 2 Replies
View Related
Dec 20, 2012
I have cisco router 3925 and i add install HWIC-4ESW, as i sew on cisco documents you can hot swap the hwic without reload the router but i it's not working at all. How to do it ?
View 1 Replies
View Related
Mar 10, 2013
I am trying to set up a redundant OSPF setup and I am seeing behavior I don't quite understand. At the main office I have two routers, a 3825 connected via full DS3 to the MPLS cloud, and a 3925 connected to the Internet for VPN backup.There are nine branches, but I am only going to talk about three. The three branches all connect together as well as having their own MPLS connections to the cloud. They are all 2821 routers with a 4.5 Mbps multilink interface into the cloud (three T1's). One of the branches has a backup IPSec/GRE Internet connection that I want any of them to be able to use in case of an MPLS problem (which there have been many lately, sometimes involving all of them going down at the same time). The connection into MPLS uses Inter-area OSPF with the provider. The Tunnel connection is also using IA OSPF (the main office is area 0 and this cluster of branches are all on area 100).
OSPF seems to be behaving oddly. At the main office, on the 3825 with the "backup" shut off, if I do "show ip route 10.51.0.0" it shows this output: [code]If the metric before was 24, why would it put in a route with a metric of 53 now? What's worse is that the branches all think they should connect over the MPLS and the main office sends everything over the VPN. It works, but I don't really want asymetric routing! I have included some configs as well... those which I consider relevant. I am including a diagram that has more on it than is relevant, but what I referenced is here (and yes, spanning-tree has been properly configured on the red fiber connections with the connection between FEC2960 and Hl2960 blocking, but try to ignore the LAN stuff because this is in a transitional phase right now anyway).
View 8 Replies
View Related
Apr 12, 2012
I want to connect my clients from the Windows WS to a VPN Tunnel using 3925 router w/o Cisco VPN client. Is there the way to use native IPSec client on Windows XP or Windows 7?
View 1 Replies
View Related
Mar 14, 2012
I need to install an ATM module in a 3925 router. I would like to know if this card is that I have to buy with the transceiver(SFP)?
Will use a fiber cable LC LC singlemode fiber optic.
Module: NM-1A-OC3-POM
Transceiver :SFP-OC3-IR1
View 4 Replies
View Related
Apr 9, 2013
Monitoring H.323? I've got a 3925 running15.1(3)T with 9 PRI's. Because of our volume, syslogging is not the desired solution. We want something that we can potentially graph over an 8 hour period, so while the RTMT is accurate, either it won't store the data for 8 hours, or we aren't using it correctly (plus, mgmt may want access to the stats/graphs, and we're not keen on granting them access). So far, we've used: [code] None of these seem to accurately portray utilization. cdsp Active Channels seems to get the closest, so perhaps I have to tweak it a little bit, but so far, nothing accurate.
View 3 Replies
View Related
Feb 18, 2011
I have a network architecture like the one HERE but with alot more spokes (32). Would my cisco 3925 be able to support so many crypto maps?
View 2 Replies
View Related
