Cisco Firewall :: Assign Secondary ISP-2 Pool IP To DMZ Server?
May 15, 2011Can we assign Secondary ISP-2 Pool IP to DMZ Server, network design attached for reference.
View 2 Replies
ADVERTISEMENT
Cisco Firewall :: Assign Same VPN Pool IP To Client / ASA 5505-v8.4(2)
Sep 16, 2011Is there any way to always assign the same IP address to an AnyConnect VPN client logged into an ASA 5505 running v8.4?2
View 2 Replies View RelatedCisco :: Possible To Use DHCP Pool To Assign IP
Feb 27, 2013ON ASA, I understand that we can assign a static IP for a specific VPN client, or we can use a DHCP pool to assign IP. Now if I want to create DHCP pools, say pool_A and pool_B, for user A, B and C they use the IP from Pool_A, and user D, E, and F they get the IP from pool_B. Is there a way to do this in ASA?
View 4 Replies View RelatedCisco Firewall :: Create Dhcp Server Pool On ASA 5510
Jul 16, 2012I'd like to create dhcp server pool on ASA 5510. I was wondering how big is the DHCP scope that Cisco ASA 5510 can support? Are there any ASA models which can support up to subnet mask 22 for DHCP scope?
View 7 Replies View RelatedCisco Switching/Routing :: 3750X Stand Alone Secondary Power Supply Act As Pool Of Power
Apr 4, 2012In a stand alone 3750x switch configuration, can the secondary power supply only act as a redundant power supply (active/standby), or can it become a "pool" of power similar to power sharing mode for StackPower (somewhat active/active)? I understand there is no stack involved here but I'm curious if this functionality is possible.
View 1 Replies View RelatedCisco Routers :: RV220W Built-in DHCP Server Can't Save Class B IP Address Pool
Mar 28, 2012I was trying to set a DHCP pool with 127.16.0.0/16 with RV220W, however, RV220W UI can't save it. It displays "IP Address Range -"Step to reproduce: (it is 100% reproducible)
1. login into RV220W admin web
2. Create a VLAN, id 201
3. Go to "Multiple VLAN subnets", select the VLAN, click edit
4. Enter following info:
IP Address: 172.16.0.1
Subnet Mask: 255.255.0.0
DHCP Mode: DHCP Server
Domain Name: Cisco
Starting IP Address: 172.16.2.100
Ending IP Address: 172.16.10.254
Primary DNS Server: 172.16.0.1
Leave rest of settings with default value.
DNS proxy is enabled
5. Press Save button. The UI shows text "IP Address Range -".
Expected result: RV220W shall save the setting and make use of 172.16.0.0 subnet in IP pool. By the way, the error message "IP Address Range -" seems incompleteI tried same setting on netgear FVS318N (very similar settings to RV220W), it accepts 172.16.0.0/16 as DHCP IP pool and works.RV220W has great feature set meets my needs. Its UI is slow and sometime dashboard freezes, which I can live with comparing to features. But DHCP server IP pool can't be class B is huge limitation to me.
Cisco Switching/Routing :: Can Layer 2 2950 Switch Be Used As DHCP Server With Its Own Address Pool
Mar 18, 2009Can a layer 2 cisco 2950 switch be used as a dhcp server with it's own address pool.
View 3 Replies View RelatedCisco :: ACS 5.1 Promote Secondary Server
Mar 2, 2011In ACS 5.1 how do I promote the secondary server to local mode if I have lost the primary server, in this scenario is it only accessible by the CLI and would you have to manually promote it so as to enable further configuration elements via the GUI? I would have thought that if the primary failed some sort of keep alive from the primary to the secondary would be lost thus making the secondary force it's own promotion but this does not seem to be the case???
View 2 Replies View RelatedCisco Firewall :: ASA 8.4 No Nat Of Vpn Pool
Jul 17, 2012I am using a range of IPs from my inside LAN for my IPSec VPN clients. For example my inside network is 172.16.1.0/24 and I have a pool setup like this: ip local pool vpnpool 172.16.1.200-172.16.1.210 mask 255.255.255.0.
Before the upgrade to 8.4 it was working and now it isn't. Clients can connect and pickup and IP but can't cominuicate with the inside LAN. I think I have to do manual NAT to nonat this range. So I want to try the following:
object network obj-vpnpool range 172.16.1.200 172.16.1.210 nat (inside,outside) 1 source static any any destination static obj-vpnpool obj-vpnpool
However there are two things preventing me from doing this:
1) When I try to create obj-vpnpool I get an error stating that this object overlaps with local pool
2) Even if I create the obj-vpnpool with a non-overlapping range, when in the VPN config I don't have an option for selecting obj-vpnpool.
Cisco AAA/Identity/Nac :: ACS 5.3 How To Enable Log On Secondary Server
Feb 28, 2013We are using ACS 5.3 with two servers in a distributed solution.All logs are collected on primary server so when this server fails all logs are lost.How can I enable log on secondary server also?
View 2 Replies View RelatedCisco AAA/Identity/Nac :: ACS 5.3 Secondary Server Connection With RSA AM 6.1?
Oct 23, 2012We have 4 ACS 5.3 Servers connected as Primary and Secondary Servers.We use a "RSA SecurID Token Servers" External userdatabase for authentications and are able to sucessfully authenticate (vpn-)users when the requests are send from the primary ACS Server.As soon as a secondary ACS server sends the request to the RSA server the request fails. "Node verification failes"
On the RSA Authentication Manager 6.1 Server, we have created a Agent-host wich contains the 3 secondary nodes (FQDN and IP's). The "sdconf.rec" file has been installed on theprimary ACS Server and are automatically (so it looks like) replicated to all ACS Servers.Still none of the secondary server are able to authenticate the users agains the RSA server.
AAA/Identity/Nac :: 1121 - Add Secondary ACS Server 5.4?
May 29, 2013My customer has an ACS 1121 version 5.4. Now we want to install a secondary ACS 1121.
View 2 Replies View RelatedDIR-655 - Secondary DNS Server Blank In Router Info
Jul 14, 2011I was setting a static IPs for my PCs, and for the Preferred and Alternate DNS Server addresses I looked on my router's Device Information page. It had "Primary DNS Server: 121.98.0.1", but "Secondary DNS Server:" is reported as "0.0.0.0". Router is a DIR-655:
I looked on my ISP's website and they have "121.98.0.2" listed as the Secondary Name Server/DNS:
Why does the router not report that? Is there something wrong? Should I still set 121.98.0.2 as the Alternate DNS Server in Windows?
EDIT: BTW, my modem reports both primary and secondary DNS servers on it's info page.
Cisco AAA/Identity/Nac :: ACS 5.2 - Primary-secondary Radius Server Configuration
Apr 21, 2013I have a couple of ACS 5.2 configured as active and backup and I am doing dot 1x authentication using these servers . I have configured the switch with the bellow configuration.
radius-server host 10.0.10.15 auth-port 1645 acct-port 1646
radius-server host 10.0.10.16 auth-port 1645 acct-port 1646
radius-server key 7 aaaaaaaaaaaaaa
please help to understand what will happen in switch
1) in case of primary failure
2)in case if primary returns alive .
Cisco AAA/Identity/Nac :: ACS 5. 2 Secondary Server Is Not Collecting Logs From Primary
Nov 2, 2011Cisco ACS 5.2 secondary server is configured as a log collector for both primary and secondary server .Now i am facing problem in log collection from primary server .ACS secondary server is not collecting any logs from primary .
View 2 Replies View RelatedCisco Firewall :: To Get IP Addressed From VPN Pool Randomly ASA5510
Apr 18, 2012I’m using a cisco 5510 ASA at the head office and all the branches (32) connect to the head office via cisco VPN client(Remote access VPN), as per the configuration branches used to get ip addresses from the VPN pool randomly. Now, my requirement is I need that each branch should get the same ip address every time when the VPN is established. Is this feasible?
View 3 Replies View RelatedCisco Firewall :: ASA5510 Secondary Firewall Crashes After Upgrade To 8.4.1
Jun 29, 2011I have two ASA5510's set up in failover, and the secondary keeps crashing after doing the interface checks when bringing failover up. This only happens if I try to upgrade the image on the secondary to anything newer than 8.4.1 (I've tried with 8.4.1-11 and 8.4.2). The primary one run just fine with new images.
I don't have the exact error right now, as I need to do a screen capture from console. It's just a huge crash dump.Are there anything I might have missed during the upgrade? Should I cold-boot both the firewalls in the correct order?
Cisco WAN :: ASA 5505 - Assign External IP To Internal Server?
Mar 2, 2012I have 3 external ips from my isp:
222.222.222.221
222.222.222.222
222.222.222.223
The first one I use to provide internet access to my office. The other two I'm going to use for the following: I'm going to deploy a server in internal network which must have 2 external ips on his network interface (& one internal ip on the second,but that's ok: I cannot put an extra network switch before asa & plug this server there: this server is virtual & is on esxi host in internal network. External ips must be assigned to servers' interfacw,bot just forwarded there (ms direct access requirement).
My current config:
!
ASA Version 8.4(3)
!
hostname msk-office
[Code]....
Cisco Firewall :: Secondary ASA 5550 Firewall Getting Down Automatically?
Apr 17, 2011I am having two ASA 5550 firewall running in active/standby mode. With in last two months our secondary firewall got down automatically 3 times. Firewall is running with IOS version 7.1.2. how to proceed further troubleshooting because there are not any logs on firewall.
View 3 Replies View RelatedCisco Firewall :: Multiple DHCP Pool Configuration On ASA 5505
Oct 4, 2012I want to configure multiple DHCP configuration on ASA 5505. I tried to create sub interface for different IP Pool but it was not configure on ASA 5505. is it possible to create subinterface on ASA 5505?
ASA 5505 IOS version: 8.3(1)
License: Security Plus
Cisco Firewall :: 5510 - Static NAT Required But Outside NAT Pool Already Exhausted
Mar 10, 2012I got a project where I have to provide NATTED addresses to cutomers for the internal servers and I found out that the outside address range /27 already in use. We are using 5510 with ver 8.1. We cant use PAT here.
View 1 Replies View RelatedAAA/Identity/Nac :: ACS 5.3 - Assign Ip Addresses From A DHCP Server?
Dec 8, 2011I imagine I can use the framed-ip-address attribute to assign ip-addresses but there seem to be support for static ip addresses only?A bit of a drag when we're talking 200+ nodes.
View 1 Replies View RelatedCisco Routers :: Get The RVS4000s DHCP Server To Assign Another IP Address?
Feb 4, 2013I have a RVS4000 router with DHCP enabled and in router mode.
The LAN is 192.168.2.x. The RVS4000 static IP address is 192.168.2.8
The router is not the RVS4000 and is at 192.168.2.1
The RVS4000 dhcp is assigning it's clients a default gateway of 192.168.2.8 instead of what I want 192.168.2.1. How can I get the RVS4000's DHCP server to assign another IP address other than its own as the default gateway to its DHCP clients?
Cisco WAN :: 7609 / Assign Up / Down Bandwidth For Subscriber On PPPoE Server?
Feb 11, 2013I'm planning to deploy PPPoE Server (Cisco Router 7609) for an ISP. This ISP will provide Internet connection for customer over Ethernet (QinQ VLAN).I have to provide a solution to assign bandwidth to each customer by RADIUS. I found some documents about this function but they said that it could work with PPPoA or PPPoE over ATM only. So which method I shoud deploy to get this goal?
View 1 Replies View RelatedCisco WAN :: 7609 - How To Assign Up / Down Bandwidth For Subscriber On PPPoE Server
Feb 22, 2011I'm planning to deploy PPPoE Server (Cisco Router 7609) for an ISP. This ISP will provide Internet connection for customer over Ethernet (QinQ VLAN).I have to provide a solution to assign bandwidth to each customer by RADIUS. I found some documents about this function but they said that it could work with PPPoA or PPPoE over ATM only. So which method I shoud deploy to get this goal?
View 1 Replies View RelatedCisco Firewall :: Asa5510 - How To Add Secondary Firewall
May 4, 2012I have a cisco asa 5510 with security plus license in Live enviroment . I need to add a secondary firewall . I was planning to do in active /standby mode for failover .But i have a doubt , when i do "show version " on live asa output says Active /active failover , does this means that i can only configure failover in active/active mode not in active/standby (which i want to do )?
Maximum Physical Interfaces : 8
VLANs : 20, DMZ Unrestricted
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
VPN Peers : 25
WebVPN Peers : 2
Dual ISPs : Enabled
VLAN Trunk Ports : 8
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2
This platform has an ASA 5505 Security Plus license...
Belkin Routers :: N450 Router Will Not Assign The DNS Server Address
May 4, 2013It took a while of troubleshooting since I've never ran into this problem with my wireless router before. But finally I figured out that my router will not assign the proper DNS server addresses when assigning through DHCP. I upgraded from 2.10.02 and still the same issue.
View 1 Replies View RelatedCisco Switches :: SG500 DHCP Server Does Not Assign Predefined Static IP Addresses
May 17, 2013I upgraded my SG500 switch firmware to 1.3.0.59, since there is a new functionality DHCP server v.4 well I must say I came accross the issue I cannot solve. DHCP server assign dynamic address - no hassles. troubles start with static IP hosts.I defined a couple of hosts with static address within the correct subnet. I tried with hardware address and client identifiers. no luck. my switch does not assign the IP address I assigned to the suitable mac address. to define it I use both CLI & Web.
ip dhcp pool host HP-Elliteaddress 10.10.11.7 255.255.255.0 client-identifier 01:d8:d3:85:cf:09:72client-name HP-Ellitedefault-router 10.10.11.1exit
ip dhcp pool host VAIO-Zaddress 10.10.14.108 255.255.255.0 hardware-address 54:53:ed:1c:a1:46
default-router 10.10.14.1exit
Linksys Wired Router :: Can't Set RV016 To Assign A Default Gateway IP Of Server
Jun 22, 2011I am using a RV016 (192.168.1.2) as a router and DHCP. It automatically assigns its own IP which is 192.168.1.2. I can not set my RV016 to assign a Default Gateway IP of the server. The workstations will connect to internet via this server (192.168.1.1)
View 1 Replies View RelatedCisco Wireless :: 1141 - Get 12.4 Code To Assign DHCP Address To Ethernet Interface From Server?
Nov 7, 2012How do i get the 12.4 code to assign a dhcp address to my ethernet interface from my server? I deleted the default config on the 1141 and searching has not turned up anything useful.
View 1 Replies View RelatedCisco Firewall :: Secondary IP Address In ASA5510
Feb 7, 2013Just want to know if there is a way to configure secondary IP address on the outside/public interface of ASA/PIX.One of our clients have used most of their IP on the subnet given by their ISP. They use those IP's for staticallymapping to Servers inside their local LAN. Thus, they requested another block/subnet from their ISP. They will also use this for static mapping/port forwarding to other servers in their network. The current UTM they are using is allowing this but they would like to use ASA/PIX as their main Firewall. Is this even possible or is there a workaround for this kind of scenario?
View 5 Replies View RelatedCisco Firewall :: Secondary IP Over 5505 Fastethernet
Jun 13, 2012I would like to know if is possible to configure a secondary IP address in a 5505 interface ??
View 1 Replies View RelatedCisco Firewall :: Implement Secondary ISP To ASA 5510?
Aug 27, 2012We are in the process of implementing secondary ISP to our ASA firewall and We would like to run both ISPs in parallel so we can test until we finally cutover?
View 2 Replies View Related