I need some fiber to run between a Cisco Nexus and an IBM server with Intel NIC. It's 30meters, and LC-LC connectors.What is the difference between 62.5/125 vs 50/125?
View 1 RepliesAt home we have a business Fiber line with 100/100 connection, right now connected to a Cisco 2911 Router.Problem with this one is that it doesnt give the cool neat config options you get on for example the new EA routers, nor does it support uPNP. Now I was wondering if it would be an idea to use the EA4500 (which i have here aswell, though atm not in use) instead of the 2911.does the 2911 offer that much more power and speed that it would be unwise to use a EA4500 on Fiber?
View 1 Replies View RelatedI have a very basic networking question If I have, say, 3750's (or any L3 switch, capable of routing) at the edge and a 4500 at the core, where should I route? At the edge? At the Core? Both?
View 4 Replies View RelatedHow does the 3550 with enhanced image compare to the 3650 with enhanced image in terms of routing functionality?
View 5 Replies View RelatedI would like to know which patch cord should I be using between X2-10GB-SR and SFP-10G-SR.
View 5 Replies View RelatedI run my business from a home-office, and have a program that operates off a database.This database is run on what I'll refer to as the "server" computer.I have other laptop and desktop pc's that run this same program, but are referred to as "clients" since they don't house the database and only pull the data from the "server".I can connect wirelessly through my WLAN, but the connection is slow due to the database server. However I am told that a wired network would increase the data transfers tremendously between the machines.I have plenty of ethernet cable and a brand new switch.I run windows 7 64 on all machines that I'd like to connect.What steps do I need to take in order for the "client" machines to connect to the "server" via the LAN and not the WLAN?
View 3 Replies View RelatedOn an ASA 5505 with the proper licenses running version 8.3, which would you consider the more resource intensive for the ASA, IPSec VPN or an SSL VPN with a portal?
The connections through the firewall would be the same so I am curious how adding the different types of VPN will affect the CPU and overall ability of the ASA to function.
Any difference between G and N routers? Also, can you use either one? I currently have a wireless G. I have added A few wi-fi devices in the last couple of weeks I.E. Smart T.V., I-phone, I pad, and Satellite TV ( the on demand comes from the internet). My internet on my laptop seems to have really slowed down, and I it keeps locking up. I have to go reset the modem, and router to get it working again. Could all these wireless devices being on at the same time be dragging down my speed?
View 1 Replies View Relatedwhich is better to use from 1PC to multiple displays?
View 1 Replies View Relatedrecently I had a power cut in the office and my Cisco ASA 5505 512MB Base 10 user License stopped working.it was not possible to establish L2L VPN.I replaced it with another ASA 5505 with 256MB RAM Base 10 user License.I restored the configuration and everything is working now.The main problem is that before (with the 512MB ASA) I had two L2L tunnels established and many clients (up to 30 clients)using the two tunnels. Now with the 256MB ASA when the clients being in the L2L reach 10 clients,the other clients stop working inside the VPN, they cannot reach hosts which are on the other end of the L2L. This could be due to te less amount of RAM ?? Otherwise I can't explain this behaviour.Could I solve this buying the 50 user license upgrade ?But in my previous ASA I had the Basic 10 user license and everything was working with many clients reaching hosts behind the two tunnels.
View 4 Replies View RelatedI have two sites connected to each other using L2 MPLS/1Gbps "provided by the telecom", the link is configured as a 802.1q trunk and terminated on C3750 on both sites. Everything is working fine according to the below configuration. But i am facing QoS limitations on the number of queues, i checked cisco web site and found that the ME3600/3800 has HQoS which will give me advanced QoS features.I am thinking to migrate from the 3750 to ME3800, but i am new to metro switches. if i can apply the same below configuration on ME3800 except the QoS as i will replace it by MQC configuration? So can I consider that the ME3800 has all 3750 features plus MQC QoS?
!
!!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime
[code]....
We just got (2) Air-lap1242ag-a-k9 units here and i am also working on (2) air-ap1242ag-a-k9 units also.
my question is this, do the lap units function the same as the air-ap1242ag units?
if not, what will it take to make the lap units function like the ap1242 units?
We have configured BGP on Cisco Switch 6509E, firewall module on the switch is making nat for all users,but users is not going to internet yet, I do not know hot to configure 6509E to give internet access to users.If I route default route to FWSM,then BGP will not work? If I route default route what is the meaning of BGP then?
I do not want to write static route because BGP should work (4 ISPs redundancy)
How to let users to go out to the internet throug BGP, but nat is being done on the firewall module on 6509, routing is beiing done on 6509,to to configure it?
we are running 8.4(2) on the asa with the below configuration we basically have a static for .7 on .25 and a nat for .7 for port direction with manual nat that takes precedense over auto nat within the object group am I correct that I dontneed the dynamic statement and that its redundant?
-object network obj-10.X.0.25-02host 10.X.0.25
-object network obj-10.X.0.25nat (any,INSIDE) static X.X.X.7 dns
-object network obj-10.X.0.25-01nat (INSIDE,OUTSIDE) static X.X.X.7 service tcp smtp smtp
-object network obj-10.X.0.25-02nat (INSIDE,OUTSIDE) dynamic X.X.X.7
Does the CPU speed make any difference?I'm reading that the Asus offers great Wifi Coverage - which is nice cause both the wife and myself use the laptops a fair bit.. However - most of my devices are currently on a wired setup..through a belkin 1gbit powerline setup.I run a NAS for storage - a separate machine for media serving, 2x ps3s for media streaming a seagate HD+ media player + a sonos bridge and my desktop on the wired setup..As for wireless normally I'd have 3 Androids along with 2 laptops & 5 sonos players...
[code]....
I might have been talking rubbish there - I was sure I'd read somewhere that the Asus unit had a whopping 1gb ram installed vs. the 256mb of the Linksys/Cisco ea4500 - however looking at the specs again, both read @256mb.
In 2008-2010 timeframe, I used the ace 4710 appliances at one customer and kind of liked them. The deployment was not too SSL intensive and B/W requirements were low, but I configured a few HA pairs and that worked well. The configuration was pretty comparable to other Cisco devices; so easy to learn/pick-up.Fast forward to 2011: stepped into an environment, where customer purchased 3 - ACE 20 modules (before I got here), and had multiple issues with them. I found 4 documented TAC cases, and 1 was still open. I started working from December 2011 on getting Cisco to own-up WRT modules but customer by that time had had enough.
The most serious issue was a random reboot, hang or lockup. I wasn’t here to work with them to verify, but that’s eventually what the deal breaker was. Around the February 2012 timeframe, talking to Cisco SE, he revealed Cisco had an independent lab in Switzerland verify that some hardware component on the device had a terminal defect, in which a bit would flip, and force the device to lock or reboot - subject ot radioactive decay or interference.Cisco and the lab attributed this to improper shielding, coupled with defective material in the electronic component; hence the device was highly susceptible to radiation-type errors. This is the kind of stuff you read in doomsday reports! As a result, Cisco was EOL-ing the ACE-20 module. I am trying to get Cisco to replace the ACE-20 modules with something else, but they haven’t been too cooperative. They have also limited their SE/Salseperson presence where I work (Pacific Northwest); and are not too responsive.
I have gotten a verbal agreement to get a credit on prior purchases for the amount this customer spent on the ACE-20 modules. However, the credit is only a few points off their normal discounting model. And Cisco will not go into loss on new product sales. Using example, $100 product would cost me $55 with standard Cisco discounting. Cisco’s cost might be $45 so I will only get another $10 credit on this new purchase.The 3 Cisco ACE-20’s originally cost customer about $100K, so to dwindle this credit down, we would need to purchase about $1-$2 million of new hardware - that's a lot of new gear! And I don’t have any real way of knowing that Cisco is applying the credit honestly, and they won’t put anything in writing. This entire issue has really dampened customer’s impression of Cisco. They had smartnet on the ACE-20’s for 2+ years, but then dumped that after losing faith in the product. Now I am trying to resurrect smartnet to see if Cisco will give us an alternate product.
And to cap it all off, the original Cisco salesperson (who sold customer the ACE’s), has left and went to work for F5! And yes, he has been calling on customer to try to sell some big-IP's! At least there is some humor in all of this. So... Has anyone else had bad experience with ACE-20 module? How about ACE 4710? How to get a reliable working ACE module from Cisco?
I own a Cisco 892W router. The router has 2 WAN ports and 8 switch ports. Now I know -
-WAN ports can create sub interfaces, assigne IPs, cannot be assigned to a VLAN - sounds very much like a routing port. (sh interface gives - Hardware is PQII_PRO_UEC)
-Switch ports are for VLAN assignment, trunking, IP assigment etc,. (sh interface gives Hardware is Fast Ethernet)
I know they are different but at the same time confuced what the difference are? I also know on some 3xxx series switchs you could say "no switchport" and translate a switch port to a layer 3 port. But on 892W you can't do this? Struggeling to understand the difference.
We are planning on testing a new ISP provider in our company but we have the following doubt: This new provider is using a Optical Fiber line (GPON – PT Prime) for this new internet connection and we already have a Cisco RV220W router but they are not sure if that can be used, so they just informed that they a capable router is the Cisco 2951-SEC/K9, that they are selling of course. So our actual doubt is if the Cisco 2951-SEC/K9 can have some “extra” WAN configurations/authentications that are not available in our Cisco RV220W and that can implicate that we cannot use our RV220w router?
View 3 Replies View RelatedWhat is the difference between the Diameter and the Max Hops Remaining in RSTP/MSTP? Like Cisco, the maximun value for diameter is 7, but, can i have a ring topology with 10 switches in the Network?
View 1 Replies View RelatedI am selecting a router, let's say to be used as a VoIP Gateway (C3945 + PRI ports).If I order the "Security license" included (bundle C3945-VSEC/K9), what is the benefit of getting the security license for a gateway router? Today in the organization we don't see an immediate application for the security license, but I would like some feedback on ways that it could benefit the organization if future security policies are implemented in the future.
View 1 Replies View Relatedcurrently my firewall is Microsoft ISA Server 2006 and im using it very nicely but based on some security treats im changing my firewall from isa to ASA 5520 but im facing a problem that my i had installed on software name Soft Perfect Bandwdith Manager and i was limiting each users based on their MAC address to prevent using of full bandwidth in my internet so thats why i had a very relialble internet useage in my network.
after many search and searching i didnt find a good software or hardware that should support with Cisco ASA Apliances to support bandwidth management for endpoint users and etc and this is very troubel i dont want all users to use full badnwidth in my company becouse i have only 2MB internet badnwith taken via VSAT connection
imagine I am selecting a router, let's say to be used as a VoIP Gateway (C3945 + PRI ports).
If I order the "Security license" included (bundle C3945-VSEC/K9), what is the benefit of getting the security license for a gateway router? Today in the organization we don't see an immediate application for the security license, but I would like some feedback on ways that it could benefit the organization if future security policies are implemented in the future.
In my test lab I am playing with the Numbered ACL's and Named ACL's. Both configurations are working BUT , I am sure I do something wrong in the Named ACL's version. When I reboot or reload the CISCO 1841 ROUTER , I do not have INTERNET anymore , I still have access by TELNET or SSH , but no external communication anymore. The only way to start the communication again , is by adding :
PERMIT IP ANY ANY . This will of course work , but the funny thing is that when I do a : NO PERMIT IP ANY ANY It still works !!!
I have learned by this to always shut down and restart my ROUTER or SWITCH to see if everything still work . Here bellow some parts of the working Numbered ACL's version :
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh port 8096 rotary 1
ip ssh version 2
[ code] ....
I know serial interfaces are called that because they put bits on the wire serially - i.e. one bit at a time. If that's the case for serial interfaces, how do other kinds of interfaces, such as Ethernet interfaces, put bits on the wire? Do they somehow put more than one bit on the wire at a time? I assume it's a faster process, but how so?
View 4 Replies View Relatedi measured with Iperf over two Cisco 1811 router, that bandwidth speed is higher then is used IPsec+GRE tunnel between two routers, than just using a static routes.Bandwidth over GRE in average is about 91389Kbit/sec Over static routes is about 88474Kbit/sec.
View 1 Replies View RelatedI'm going to be upgrading my network (router and network cards etc). I was wondering if there will be any performance difference with the Belkin Fastcat 5e I currently have and CAT6 cables?
View 7 Replies View RelatedI like to create a access point and thinking to buy the Engenius ECB300 or the cheaper ZyXel WAP3205.
I cannot find anything about the power output of the ZyXel WAP3205 so I'm not sure what do buy.
So my company is replacing firewalls. In our EU HQ, they went with Palo Alto 2020 models to take the place of Cisco PIX and an IBM IDS box.However, as I'm responsible for the US branch, I'm re-evaluating their decision for our office. We currently have a Cisco 5510 and the same IBM IDS box behind it. Everything works, so I'm wondering if a PA device is worth the upgrade cost, but on the other hand, you can't really put a price on security. The application control, IPS, anti-virus, etc etc are all cool features that might be worth implementing now.
My questions is - why is PAN so expensive? As an example, Sonicwall's NSA 3500 with similar specs are coming in at 1/3 the price for the same feature set, and lower yearly cost. I've seen the demos, and the interfaces are both pretty slick - at least compared to what I have now. The all have the gateway security features and Deep Packet Inspection so what am I missing? I know PAN is all the rage right now in the networking world, but it seems like they're somewhat riding the fanaticism from their marketing teams - similar to Apple customers. We could also debate the differences between what's marketed as UTMs and NGFWs, but from the "black box" perspective (what comes in, what goes out) - aren't they more similar than different?
If I ran the office, I'd also look at Untanged and other vendors, but my boss wants something with a little more brand recognition. Anyway - I'm asking the Horde what's up since I'm not a networking guy by trade - more sys admin - but this office is my responsibility.
I have a layer 3 switch with a bunch of SVIs all in the 192.168.x.0/24 range. I just want to advertise a 192.168.0.0/16 summary to the BGP neighbors. I can do this either by:
1) Redistributing connected into BGP and then using the 'aggregate-address' command to advertise the summary.
2) Specifying a network statement in the BGP config for every single SVI, then using the 'aggregate-address' command.
3) Create a static route to null0 (ip route 192.168.0.0 255.255.0.0 null0) and put 'network 192.168.0.0 mask 255.255.0.0' command in the BGP config.All three fulfill the same purpose of summarizing all the SVIs, but creating the static route is much cleaner in this case. It seems like the aggregate-address command is mostly intended for routers that are aggregating connections coming from other routers and all of them share a common prefix.
I have a RV042 router setup with Client to gateway VPN access, and am connecting with a W7 PC running QuickVPN. We have many PC's that already have the standard CiscoVPN client on them, is it possible to configure the RV042 to allow these clients to conenct? I'm not sure how to get the Mutual authentication to work, or how to import the PEM certificiate into that client. It seems to allow it to import, but I can never select it.
View 2 Replies View RelatedBest practices for an ASA5520. I'm currently running a pair of these as internal firewall for my organization, and have about 750 rules dictating traffic. A lot of the rules are for individual ports to specific server(s), some of them having 50+ ports opened. For example, Exchange has about 115 ports opened right now, anywhere from port 25 to 55000.
My question is that would it be better (faster, less strain on the ASA) to open a port range, (ie 52000-55000) or would the individual ports (ie: 52112, 52336, 52698,53441,53495, etc...) be ok?Obviously the individual ports are much more granular for security, but I don't want to take that into consideration now. Just strictly individual ports vs ranges.
We replaced a 3560 with a new 2960S and I'm only able to configure a single ip sla where before we had three ip sla entries on the 3560. Obviously, one is a L2 switch and the other a L3 switch. This is an expected difference between switches, correct?
View 6 Replies View RelatedI am using a Cisco E4200 router today but I am moving to a ASA5505. I have a device that sets up a VPN tunnel that I want to put in my DMZ. It's called the ATT Gateway. I have attached the diagram. When I use a Cisco E4200 all I do is put the outside private ip address of 192.168.0.99 of the ATT Gateway into the DMZ of the E4200 and the VPN tunnel of the ATT Gateway comes right up. I cannot configure the DMZ to do the same with the ASA. I also need to have the laptop behind the gateway access the printers in the inside network.
View 15 Replies View Related