Cisco :: Packet Tracer - Must Block Communication Between Computers
Mar 22, 2013
I'm student from IT school and i have a school project but i have a problem on packet tracer.In a vlan, i must block the communication between computers in it but i dont know how i must do that.Effectively, it's about 250 computers in this VLAN but each computer can't caommunicate between us.
having some issues. My basic VOIP network I can get to work no problem uner Vlan 1. But when I try tomake multiple basic networks to connect and put them in to diffrent Vlans such as Vlan 2, 3, 4 and conect them the phones now say configuering IP.
I'm trying to set up a network comprised of three LANs connected by serial. As this is a small part of an assignment I've been instructed to subnet into /26 and to use /30 subnets for my serial connections.At the moment I can ping between devices on each of the LANs but I can't ping between routers at all. Embarrassingly I'm not sure why, I think it may be something I've missed on setting up the serial links as I have set routers up fine before using other connection types.
I'm preparing myself for CCNA exam and i started doing a lot of different examples. I've got problem with Packet Tracer when i'm trying to apply some security settings for the range of switch ports in default VLAN 1. I might just demonstrate my commands so it will be easier do understand.
I am trying to test PIM SM mode between some 2811 routers built up in my packet tracer 5.3.3 .But surprisingly PIM option is not coming in the interface mode .Even IP multicast option is not shown in global config mode.
I have been playing around with Packet Tracer trying to understand EIGRP and to put it into practice. Well im not doing so well, I cant get the routers to form an adjacency therefore nothing is pinging outside of the routers. [URL]
I'm an IT student and I've been assigned with homework simulating a network including an ISA server and some clients in Packet Tracer but I can't find anything which can be configured like an ISA (Internet Security and Acceleration) server(this is kind of Microsoft's technology as I know) in Packet Tracer, the generic Server from the devices box has only some basic services such as HTTP, DHCP, DNS, FTP, AAA, ... but none of anything related to ISA, all the servers in Packet Tracer have only 1 interface whereas the ISA server (as far as I know) should have at least two interfaces, and there is also no CLI supported for those servers so I think I can't simulate ISA server in Packet Tracer, can I?
I'm trying to create a silent, scripted install of Cisco Packet Tracer 5.33. At the end of the install there is a box that comes up about Packet Tracer Skills Based Assessment (PTSBA). Is there a way to supress this dialogue box? I'm using "PacketTracer533_setup.exe" /sp- /verysilent /norestart" with no luck.
I am using packet tracer 5.3 version and I am trying to configure IGRP on it but it doesn't show me igrp under routing protocol selection.Router number is 2621XM.IOS version is 12.2.learn the configuration of IGRP.
Asking about Packet Tracer. I currently use packet tracer 5.3.2.Can you give me any link where to download router template on packet tracer? I want to explore cisco 2821 but packet tracer 5.3.2 has an existing of cisco 2811 only then, I tried to add the 4 ports of RJ11 but I cannot see the 4 port telphone.
I am unable to get traffic from any VLAN to communicate outside of the router, as well as get any traffic from outside of the router to communicate with any device on either VLAN. I am able to ping the router from each device on each VLAN, and vice versa. However, the traffic seems to die at the router, and I cannot figure out why. I know it's probably a small, easy fix, but I cannot seem to find any kind of documentation on it.
I am trying to troubleshoot a problem where in one of my remote site is not able to access some networks at HQ over Site to SIte VPN ( asa 5505 at Remote and 5520 at HQ). I ran packet tracer and HQ ASA looks clean as everything came out as ALLOW. Remote site ASA packet tracer give me DROP out at Phase 9 (VPN). I am not very sure what to look in ASA for resolution now. Is it an access list that is blocking the traffice or VPN setup.
I've been using packet-tracer for some time on and off with mixed results.
I'm running a multi context firewall with over 10 of the contexts sharing the same outside interface / network. All interfaces obviously have valid, unique IPs and also unique MAC addresses as mac-address auto is enabled in the system context.
This is an ASA 5550 running 8.3(2.10) interim so includes the fix for the well known packet-tracer classication failed bug.
So in theory, with firewall contexts on a shared interface the ASA should use the firewall MAC address to classify incoming traffic to the correct firewall and as far as I am aware, only fall back on using NAT to classify if the interface MACs are the same. In reality on my platform this doesn't seem to be happening and the classifier is using NAT to determine the destination context. I'm seeing this with live traffic (i.e. not generated by packet-tracer) in logs and can prove it by disabling certain NAT rules (there is some overlap with the IP addressing behind each firewall).
My question regarding packet tracer is this - in the above scenario with a shared outside interface, does packet tracer ALWAYS use NAT to determine the destination context? Or does packet tracer look up the MAC address of the ingress interface according to what context you are running packet tracer from? It appears that packet-tracer is using NAT in my case which could be just symptomatic of the potential bug I've described above rather than by design.
here, am used to the RouterSwitch CLI but been asked to set up an ASA 5505 8.4.Quite simply I am trying to at least test out a static PAT from an external source to an internal server in a test environment and no matter whether I set it up as an auto-nat or a twice-nat whenever I run a packet tracer I end up with the same error. This is the packet-tracer I am running-packet-trace input outside tcp 22.214.171.124 3389 10.240.0.10 3389
Phase: 5 Type: NAT Subtype: rpf-check Result: DROP Config:nat (inside,outside) source static server publicIP service RDP RDP Additional Information:
Now I have a couple of questions initially. I have made the presumption that packet-tracer does not look at any external devices while running - as in as long as the ports are up it doesn't matter what is on the end of them for testing purposes? Is there anything I am missing?I have this morning wiped the config and have simply set up the adapters, a default route and twice nat and am not sure why I keep getting the error. I am sure it is something very simple and I'm being a massive donut!
i have made a topology in packet tracer related to etherchannel configuration.i am using 2 3560 switches and 1 2950 switch. Now what i want is to bundle up the redundant links between these 3 switches. The links fa0/1-3 between 2950_1 and 3560_1 switches have been bundled up but when i try to bundle the links fa0/4-6 of 3560_1 to fa0/4-6 of 3560_2 it wont work. i am using channel-group 1 mode desirable between the 3560 switches. secondly if i want to assign ip to port channels then it has to be of same subnet between 2 3560 switches right and it must be same between 2950_1 and 3560_1. But these 2 subnets should be different from one another.
I am using Packet Tracer to simulate Cisco networking.As the existing IOS of the 3560 and 2960 switch are in older version which has no new feature in new IOS, how to upgarde the IOS of Cisco switch at Packet Tracer?
I have a wireless network with LWAPPs and 1 WLC 5508. How to block communication between SSIDs (clients in different SSIDs bassically) and whether that is even possible from the controller? I'd like to mention that communication between clients whithin the same SSID is already blocked.
Bought DIR-655 from Amazon. Rev. B. Come with 2.00NA firmware. Updated to latest one, and there are a lot of problems, to most of them, I was not able find any solution. Here they start:
1. WIFI SPEED PROBLEMS.No matter what speed, parameters, channel, mode, etc I select, router keeps working on 20mhz channel width. So I never get speeds above 65 mbit. In absolutely same conditions, my DIR-300 B1 (with DD-WRT firmware) gives me stable 150mbit. SO I KINDLY ASK, MAYBE THERE IS A WAY TO FORCE "40 MHZ ONLY" OPTION?
2. PASSWORD PROBLEMS.Router came with no admin password, I enter new password, hit "update" it says - wait 20 sec, after that, login page is displayed, but, new pasword does not works! since it asks again for empty password!
3. FILTERING PROBLEMS.I need to block certain IP address to be accesed by all my computers. Say this is 126.96.36.199 . So I added inbound filter rule, to block access to that IP. It does not works - IP is still accesible.
4. MORE FILTERING PROBLEMS.Since above mentioned method does not works, I have to use "ACCESS CONTROL" feature. It does works, but it causes another problem, with access control enabled, all webpages with form submit stop to work. For example, if I'll have that feature enabled, when I press "post" on this webpage, it instantly will go to "this page cannot be displayed".
I bought this router solely for one purpose - I was happy with speed of my DIR-300, but I needed gigabit for my computers. So I thought, instead of buying separate switch, I'd better buy a router with gigabit. I was suggested to get TP-LINK 1043, since it's quite popular, alternate firmwares available and so on, but I refused to buy it, since I thought that some chinese company does not worth my attention. So I bought this D-Link (for almost 2x price of TP-Link) and having huge problems as you can see.
I want to do what I thought would have been a simple enough task - block my kids phone/computer after certain hours. Instead of blocking the specified MAC address(es), all my computers does not have internet access. As soon as I disable the policy, internet access is on again. Here's what I did:
Router connects to ISP but cannot browse the Internet. I have updated the firmware to 188.8.131.52 and that did not work. Reset the router to factory settings and that did not work either. Router had worked until the ISP changed the ONT. The router worked initally after the ONT was changed, but that changed sometime during the day as it did not work that night. The ISP gave me a netgear router and that works, so I can connect, but I would rather the RVS4000 would work. I assume a setting at the ISP, but do not know which one. I get an error on the computer "name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded" I can ping, tracert and my little weather gadget works, but a web page will not display
I have a customer who has vlan's and SVIs residing on a core 6509. the 6509 is connected to an ASA 5515 then out to the internet/sp edge deviceIP routing is not turned on. there is a static route on the 6509 that routes all ip's to the inside interface of the asa 5515 that the 6509 core is connected to.there is a set of vlans that are apart of a 192.168.128.0/19 subnet and all those vlans can "speak" to each other.
I am working on a Cisco 5510 with multiple interfaces and requirements. I have experience with Cisco IOS, but not too much with the ASAs. I seem to be getting a bit confused on the NATing and ACLs on a firewall that was started by another employee, who is no longer here. With my current config I can get the firewall in place (we are currently using an older PIX) and most basic functions work except for two key things: 1) communication from the finance interface to the inside interface. The finance subnet has some restrictions that you will see in the ACL- we are trying to limit connections to the those systems, but they need to be able access an e-mail server on the inside. 2) communication from the DMZ interface to the inside interface. Maybe related to the first problem?