Cisco :: QoS Resources
Dec 12, 2011I got asked recently to start working on QoS for our networks. I have dealt very little with this. I ordered the Cisco Press QoS book and have been saving information from Cisco's website on this.
View 5 RepliesI got asked recently to start working on QoS for our networks. I have dealt very little with this. I ordered the Cisco Press QoS book and have been saving information from Cisco's website on this.
View 5 RepliesI have set up a smal LAN in my home with two Windows XP PCs connected tot he Internet using a DSL connection. I have a DSL router box connected to the DSL and to a small switch. My two PCs connect to the switch. I can browse the Internet from either PC. However, I discovered that each PC cannot use the resources on the other PC. What is the problem and what do I do?
View 14 Replies View RelatedI have a Cisco 881 and I want to use Easy VPN.
-VLAN 1: 192.168.4.0
-WAN: 10.0.0.0
-VPN: 192.168.8.0
VPN connects and I get an IP of 192.168.8.100 from my pool. I can ping my cisco at VLAN1 (192.168.4.1), but I cannot access my local resources. I guess I miss a NAT configuration.
I can connect via VPN with the QVPN but once I am connected to my network I cannot view the resources available to me by LAN. I am nowhere near aware as to why.
View 4 Replies View RelatedI have a VPN server set up behind a home router in my apartment. I'm able to connect to it from other locations, and have verified that internet traffic is going thru the connection (ipchicken.com reports the IP address of the VPN network). But I can't seem to connect to other machines on the router subnet. For example, 192.168.1.1 connects me to the local gateway rather than my apartment router. Also, I can't connect to known good static IPs for other machines on the remote subnet, including the machine I'm VPN'd thru!
Note that in connection properties, the setting to 'use remote default gateway' is checked.
The Linksys is connected to a cable modem and a Dell Vostro system, the Netgear is connected via Cat 5 to the Linksys and the Linksys is the DHCP provider to the Netgear.The Vostro shares hard drives, folders and printers to the networkBoth have wireless and wired users.They are each DHCP providers to their users.How must I configure each to provide users on both routers access to all network resources
View 2 Replies View RelatedI've set up a VPN using a fortigate 50b wifi and forticlient ipsec VPN. when I log into my office from home, I cant see anything on my network at all. I can however remote desktop into other PC's and can access stuff that way. I was under the assumption that ... one a VPN connection is made in the LAN you should be able to see other pcs and servers in the workgroup. Is this not the case or do i need to configure something?
View 2 Replies View RelatedI have an RV042 with the PPTP server configured, which is working because I can connect with my iPad and droid phones, however, I'm unable to access resources on the RV042 side (192.168.1.X) when my local network is the same ip scheme (192.168.1.x). It works fine when I'm on a different network like 3G or someone else's Wifi network (192.168.11.X).
View 1 Replies View RelatedI am getting to many teardown tcp connection for outside interface.
i want to block this ip using CISCO IPS or using A access-list in ASA 5520 .
I have a (central) ASA5510 acting as a EasyVPN server and a number of (remote) ASA5505 as EasyVPN client. All the communication works fine between the different networks. The issu is the ASA itself. The remote ASA can ping the central ASA on it's internal IP-adress, but it can't ping any other resoruces at the central network. If I ping the DC at the central network from the remote ASA I get a deny in the central ASA with source address as the public IP-adress of the remote ASA and destination of the internal address of the DC. If I from the remote ASA do "ping inside ip-of-central-dc" it work's like a charm, but "ping ip-of-central-dc" dosen't work.
View 3 Replies View RelatedI have 3 networks coming from the DMZ (VPN) and only one works:10.132.24.0/24 Not working10.132.25.0/24 Not working10.132.26.0/24 Working The thing is, the one that works is on the same network as the DMZ(VPN) interface. The other two do authenticate and they get an IP from the VPN Pool. but they just cant access anything.
View 11 Replies View RelatedI am connected with qvpn, I can log in to the router bios remotely, but when I try to map the network drive from my remote location it does not work.I can detect the machine on the network, but it will not go further and tells me that "said IP was found but could not locate G". Does this mean it is behind a firewall on server side and that I need to create a rule to allow the incoming traffic? Or could it be something else.
View 1 Replies View RelatedI've got a VPN setup on an ASA 5510, it connects fine and my users, and myself are able to remote desktop, and ping. However, when accessing the servers by hostname I get nothing. When I want to access a fileshare I have to do it by IP. I've got my internal DNS added in the config.
View 3 Replies View RelatedWe setup about 5 MAC based VLAN groups with about 40 MACs total and now we are getting "There are no resources for this range.." when we try to add more MACs or try to assign them to the port/VLAN "MAC-Based Groups to VLAN". We tried to reboot and use the CLI, same error. Is there some undocumented small limit on the MAC based VLAN groups?
View 2 Replies View RelatedI'm working on setting up a couple of new WAN sites with 256K frame relay circuits back to our main building. Each new site has a new PVC, and both are pointing back to a PVC on a T1 at the main building. The main site has a 2801 with a single CSU/DSU WIC, and each new site has a 1841 with a 3560 connected to fa0/1. At both sites, I'm able to get the circuit up, and the serial interfaces at both new sites show up/up, and the subinterfaces at the main site also show up/up for both sites. Routing is being done by EIGRP, and both sites are able to establish the 2801 as an EIGRP neighbor, and I'm able to ping/tracert anywhere on our network by name or IP, so routing and DNS appear to be working. I can also ping both new routers from the main site. However, that's about all I can do. I'm not able to access any resources on our network (email/shares/internet/intranet/etc) from the two new sites. I can ping the new routers/switches from the main site, but can't ssh to them. I can ssh to them locally. There are no firewalls in the equation, and I don't think there are any ACL's in the picture either.
Can ping and tracert just fine anywhere on our network (from both the 1841, a PC plugged into the 3560, or a PC plugged directly into the fa0/1 port on the 1841), including out to the internet, by name or ip.Can ssh to local router, but not to anything that isn't localDNS is workingDHCP not working using ip helper pointing to DHCP scope on server at main site, have to use static IPCan't rdp to anythingCan't get emailCan't browse windows sharesCan't get to any websites, external or intranet. IE says "Website found, waiting for reply..." but eventually times out.
I did some testing for communication over certain port numbers using telnet and nmap, and found the following:
Can telnet to url.. and local intranet webserver on port 80 (http)Can telnet to two of our Exchange Servers on port 25 (SMTP)If I run an nmap scan on url...com, or our intranet webserver, it confirms that 80 and 443 are open, but the pages will not load. I am able to telnet (port 23) to a state mainframe via the internet that some of our employees use, and I do get the expected login screen. I tried erasing the config one of the new routers, and just added back the bare minimum config to get the circuits up (serial/ethernet interface configs, eigrp), but saw the same symptoms.
One other thing to note: the 2801 at the main site has three other frame relay sites connected to it on the same WIC as the new sites, all of which are working fine.
I just don't understand why I can ping everywhere I need to be able to ping, and port scans show that communication is open over needed ports, but the applications don't work.
I am having an issue with my Cisco VPN Client. I am new to VPN setup, so this is probably something easy I am missing. I have a 2611XM router acting as my internet gateway for my local lan, and my VPN Server. I am doing all my testing from a company laptop with a mobile broadband card. The VPN will connect, but anytime I ping anything within the inside network, it comes back with the public IP of the outside interface. I have NAT overload configured so everything on the inside network can access the internet, which it looks like might be causing my problem.
When i remove the nat overload on my fa0/1 interface, the vpn will connect to any resource on the inside.
how to share printers and folders between two different networks. My Current set up is AT&T Uverse 2Wire 3800HGV-B with a Linksys WRT320N running WRT plugged into one of the 3800's lan ports. The WRT's WAN port is plugged into the 3800 LAN port. The Ip set up is as follows:
2Wire, Inc. 3800HGV-B (My Router / Internet Connection)
192.168.1.254/24
Linksys WRT320N (Kids Router)
192.168.1.63/24 WAN
192.168.0.1/24 LAN
I use the WRT to manage the kid's Internet usage and limit their bandwidth. Everything works great EXCEPT they (192.168.0.0/24) cannot reach resources on the 192.168.1.0/24 network and I (192.168.1.0/24) cannot reach resources on the 192.168.0.0/24 network. I imagine its because the 2wire router does not know how to get to the 192.168.0.0/24 network. The configuration of the 3800 isnt very intuitive. If I could, I would just put a route in the 3800's routing table so that it knows that 192.168.0.0/24 is behind 192.168.1.63.
how to configure that 3800 to do this
I have two places that I work out of. One is in Romania and one in Bulgaria. In Romania, I have a small office/home network set up. It has at least 8 computers (including the three that I have with me currently - some wireless and some towers) and a couple of android phones and Ipods. I have no trouble accessing any of the computers shared folders or them accessing mine. There are a varity of operating systems used there from XP, Windows 7 and Mac.Everything works great. All the computers can access each other shared resources. All the computers are set to get IP automatically from my DLink DIR - 600 router. I have brought my three computers to Bulgaria (tower and two laptops). They are all set the same- no changes in settings. However, in Bulgaria, All three computers CAN access the internet but NOT each other.
[code]...
I was wondering if i can create (a) bookmark(s) of resources which are located behind a particular Site-to-Site VPN?We are using a Cisco ASA 5510 (9.0.2) with SSL VPN configured. The tunnel is up but when i try the bookmark, i get the error "server unavailable".
View 2 Replies View RelatedI know this *should* be simple but having a devil of a time getting it to work.
I have 2 routers. Both have a static ip. Each is setup for a different private subnet. At the moment they are not connected to each other. Consider this setup (made up numbers obviously):
RV016
has 13 lan ports, 2 internet ports, 1 dmz port
Internet port: 10.10.10.10
[Code].....
I'd like clients on the rv082 lan to be able to access the printer on the rv016 lan, and use the rv016 as an alternate internet connection (optional). I would prefer the rv016 client not be able to access the rv082.
How to fix our LMS 4.0 high CPU issues?. It takes lots of resources and also some time stop responding.
View 7 Replies View RelatedWe are currently running a ACE20 with 11 contexts. Recently we have seen that one of the contexts is being 'starved' of resources, especially Concurrent Connections, Bandwidth and Throughput.
Whilst we know how to address this situation by reallocating resources from less busy contexts, I was wondering if there was a more scientific way of looking at the resources being used and calculating the best way to allocate them across the ACE other than just looking at the 'show resource usage' and 'show resource allocated' commands?
Has Cisco or any other 3rd party developed a handy tool to monitor the the ACE resources which will possibly assist with calculating the optimum resource allocations across all contexts?
2504 contrller with 1042N ap's. NPS and group policy (for computers) is setup. Certificates are setup.Logging on as a domain user I can connect to the wireless network but am only getting Internet access. I can not access any domain resources.DHCP is handled by a domain controller. I can ping servers and printers, but cannot access them. Can't map a drive, add a printer or access services on the network.
View 1 Replies View RelatedI want to use Cisco VPN Client to VPN to my SA520 to manage a UC320W. I can establish a VPN connection to the SA and ping both the SA and a switch that I have on the network, but I cannot ping my UC. I've set up firewall rules to allow ANY-ANY access from LAN-WAN, and a WAN-LAN rule to allow a certain range of IP addresses (the IP addresses assigned from the VPN DHCP pool, in this case, 192.168.12.x) access to the UC.
My SA IP address is 192.168.75.1 and my UC is 192.168.75.2 (I can ping both when I am directly connected to a LAN port on either equipment).
I managed to set up an ipsec vpn between the RV 120W (responder) and Shrewsoft vpn client.The virtual ip and dns for the client pc are manually set. The tunnel is enabled, but I see no traffic between the local and the remote LAN.I can't ping or reach any pc behind the router.Using the command ipconfig /all on the client pc, I see that no gateway is assigned to the virtual vpn interface.So it seems that the RV 102W is unable to pass to the client the address of the default gateway for the lan, and I think this is why I can't access any resource.
View 4 Replies View RelatedHow do we begin troubleshooting a wireless device accessing the network that a user is complaining slow accessing network recources? We are getting complaints that it is slow, when connected to internet we get about 20 MB. There is only one user connected.
We switched to 2.4 GHz 802.11n from 802.11 bgn, but are told that did not work. We also have it on its own VLAN.
Product Identifier:AP541N-A-K9 Hardware Version:V01 Software Version:AP541N-K9-2.0(0) Device Description:802.11n Dual Band Access Point - Single Radio
Since we upgraded our ASA from 8.3 to 8.4(4), VPN users cannot access resources. This worked fine until the appliances were upgraded. We get the message:
[code]....
I have an intermittent issue happening on my company's firewall, and I'm at a loss as to how to troubleshoot further.
We recently made some changes to our network, which included moving an ASA 5505 from one location to another. In moving this we also connected it to a different switch. It used to hang off a Cisco 3560, and now it hangs off a ProCurve 5406zl.
The setup is that the ASA is connected on two ports to the HP, which is simply a layer 2 device sitting between the firewall and the uplink to our ISP. One port, e0/0, is the outside interface and is set to switchport access vlan 2. The second interface, e0/1, is set for vlan 1, also access mode. It has an IP of 10.0.0.2. The HP on the other end of that has an IP of 10.0.0.1. So outside VPN connections come through the HP to the ASA on e0/0, and back out the ASA on port e0/1 to reach devices on the internal network.
What happens is that when a user connects to the VPN, they can reach internal resources intermittently. For example, I tried to ping an internal server IP address (let's say 10.0.0.23) from my laptop, while on the VPN, and pings failed. However I could ping that IP from the ASA itself. Another example is that during one VPN connection I was unable to connect to an internal web server, but once I disconnected and connected ahain I could reach the server fine.
The intermittent nature of the problem made me think that it could be an ARP issue, that somehow the traffic is getting sent back out the wrong interface sometimes, hence the lack of communication. However when I did show switch mac-address | include mac address, using the base mac of the HP, I only saw the mac address of the HP on one interface, e0/1. That makes me think that things are working as they should. Although I guess maybe it should appear on both interfaces...? I don't know. How I can most effectively troubleshoot this? It seems like the symptoms are indicative of some kind of rookie mistake, but for the life of me I can't figure out what it is.
I have an RV042 with the PPTP server configured, which is working because I can connect with my iPad and droid phones, however, I'm unable to access resources on the RV042 side (192.168.1.X) when my local network is the same ip scheme (192.168.1.x). It works fine when I'm on a different network like 3G or someone else's Wifi network (192.168.11.X).
View 1 Replies View RelatedAt our small business, we have one person who brings in Windows 7 laptop. When she does, it hijacks all network resources: The printer will not work, any new computers that come in will not be able to connect to wireless network, etc. This is consistent --every time the person brings the computer.
View 1 Replies View RelatedI have setup a VPN connection on a 891 router. I can connect to the VP both but am unable to ping or access any resources on the remote network.
Here is my running configuration:
[code]...
Updated formware of a partners ESW224 to the current GA code.I tried to add a ACL to a ESW switch. The switch was connected to a SA520.
I setup a guest network on a AP541 and propogated that guest VAP VLAN down through a ESW224 and down to a SA520.
On the SA520 I disabled IP routing between VLANs. All worked OK.
Guest and corporate clients could get differeing IP addresses deopending on which VAP they connect to.
But the wireless guests could still ping the management interface of the SA520. This is a security violation for the partner.Tried to setup a ACL on a ESW224 to deny traffic from getting to the normal corporate vlan or 192.168.75.0.
But received a popup on the ESW when i tried to create a ACL. It suggested there is a lack HW resources.
I disabled ESW advanced QOS.Tried to add a ACL , but still have a error message saying lack of HW resources.Why do I get a message saying lack of HW resources ?
I have easy vpn on my PIX 515e and working normally everywhere, except when my users go FRANCE, the vpn client connect, but, can't ping or access any inside network resources. when same user try any where here in EGYPT, it works normally.
View 2 Replies View Related