Cisco Switching/Routing :: 1941 - SSH Not Working From Internet
Feb 12, 2012
I have a Cisco 1941 router configured using Cisco Configuration Professional... SSH management works from the LAN IP 10.0.1.254 and 10.0.2.254 Also, SSH management works from the LAN using the external domain name which resolves to the public IP address.
The problem i have is if I try SSH from the internet to the public IP.. nothing happens.
cisco1941#show config
Using 18498 out of 262136 bytes
!
! Last configuration change at 13:57:49 PCTime Tue Feb 14 2012 by admin
[Code].....
View 2 Replies
ADVERTISEMENT
Mar 12, 2012
I am having an issue accessing the internet from a PC on the LAN. I have configured the PC with the gateway of the router infront of the ISP to test. I can ping from the router to google or any other internet IP. From the PC I can ping to the GIG0/1 (Inside LAN IP) and the GIG0/0 (Outside WAN IP going to ISP) but I can't ping the Next Hop IP of the ISP or anything past that. If I do a trace route from the PC to the google IP address it hits the GIG0/1 Inside LAN IP Address but fails from there. Here is a cut down snap shot of the router configure
[code]....
View 6 Replies
View Related
Jun 24, 2012
I have a 1941 router configured for Policy based routing with two ISPs.Two static default routes configured to point the gateways of respoective ISPs with same metric.But the problem is, packets are going throug the one ISP only while doing traceroute.
N/W connectivity:
ISP1-----> <----------------------> LAN1
| Router |
ISP-------> <----------------------> LAN 2
Below is my configuration :
Current configuration : 5958 bytes
!
! Last configuration change at 05:18:56 UTC Mon Jun 25 2012
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
[code]....
View 26 Replies
View Related
Mar 12, 2013
I have this Cisco 1941 router with two Ethernet ports g0/0 and g0/1. The g0/0 is connected to office LAN with internet access. As my office LAN is DHCP, it will assigned a IP address for g0/0 since this g0/0 is configured as "ip address dhcp". Now my question is that i have a group of 5 pcs, namely PC1, PC2, PC3, PC4 and PC5 that is connected to the switch and one of the ports of this switch is connected to g0/1 of Cisco 1941. Is it possible that let say PC2 and PC3 (both DHCP enabled) could access the internet access from g0/0 and at the same time, the office LAN assigned IP address for PC2 and PC3 automatically?
Office Lan with internet access (DHCP) (Default gateway 10.0.0.1)
|
|
g0/0 (DHCP enable) (DHCP assigned IP address 10.0.0.138)
Cisco router 1941
g0/1
|
|
HP Switch
|
PC1 PC2 PC3 PC4 PC5
Is this operation possible? if possible, how to configure inside the router 1941 to achieve this objective?
View 8 Replies
View Related
Oct 15, 2012
I have just set up my Cisco 1941 router to my cable internet connection. I have access to everything, but I cant login successfully into Cisco CP.
I set up a new user with level 15 privileges and a secret password. I go to login via webbrowser and I put in my credentials, but I get rejected. I have tested the username and password via the CLI, and it works fine, I just cant seam to login to Cisco CP.
View 2 Replies
View Related
Nov 26, 2012
I've got a 1941 router that keeps on rebooting by itself every minute. currently, there's no power issue.
I've detected the show version returned a bus error. Is this an IOS bug?
ROUTER uptime is 1 minute
System returned to ROM by bus error at PC 0x222FE2D4, address 0xD0D0D71 at 14:27:13 SGT Tue Nov 27 2012
[Code].....
View 1 Replies
View Related
Sep 11, 2012
I have a strange behavior and a simple proble . I configured the following static route
ip route 10.84.22.0 255.255.254.0 10.84.23.254
That I advertsied in eBGP :
router bgp 65000
network 10.84.22.0 mask 255.255.254.0
the IP next hop 10.84.23.254 is cascaded on my customer LAN . At nominal time the router advertsed the route in BGP
pjnb1376#sh ip bgp nei 57.213.169.169 ad
Next Hop Metric LocPrf Weight Path
*> 10.84.22.0/23 10.84.23.254 0 32768 i
When the lan interface of the router goes down , the router still advertise the route !!! Even if the IP next hop
10.84.23.254 is not reacheable anymore ....
The box is a Cisco 1941 using
1900-universalk9-mz.SPA.151-4.M1
View 17 Replies
View Related
Sep 6, 2012
im having trouble setting up a vpn for a 1941 router this is what I have setup
crypto isakmp policy 10
encr aes 256
authentication pre-share
crypto isakmp key ########## address 63.247.48.50
[code]....
my whole problem comes about when i need to Nat 192.168.1.0 to 10.12.14.0/24 before it goes through the tunnel.
View 1 Replies
View Related
Mar 5, 2013
I bought a secondhand small business router (model 1941 Integrated Services Router) for personal use. It runs version IOS 15.0(1)M1 software, which seems to work well, but I'd like to download a firmware update that addresess some of the security flaws in this software. When I tried the download process it told me I need to buy a service contract first? Is this right, or am I doing something wrong?
View 1 Replies
View Related
Oct 10, 2012
I did have a router cisco 1941 but can not do ipsec with it,i did take a smart net.
View 3 Replies
View Related
Aug 9, 2012
I’m looking for some specific parameters of Cisco 1941 and not able to find them .
1. Maximum number of DHCP clients2. Maximum number of DHCP pools3. Maximum number of V LANs on trunk port.
View 2 Replies
View Related
Apr 4, 2013
Recently my company buy a EHWIC4ESG card and put into the cisco 1941. The reason we buy this card is because the in built two network ports of cisco 1941 are being used up. g0/1 is being connected to the internet and g0/0 is being connected to the office switch (192.168.5.x)
We have two servers (192.168.6.x and 158.55.33.x) that required to be connected to this router 1941 where the router will be configured as VPN for external user to access this server.
The EHWIC4ESG card is put into the router 1941 and after typing the "running-config" command, i could see it create a vlan 1 interface and
interface GigabitEthernet0/1/0
interface GigabitEthernet0/1/1
interface GigabitEthernet0/1/2
interface GigabitEthernet0/1/3
[Code]...
View 2 Replies
View Related
Feb 22, 2012
I have a 1941W that has a connection to my ISP (Gi0/1) and another connection to a remote lab (Gi0/0). Everything is working fine how it is setup. All my traffic from my internal networks can access the Internet and devices on the 192.168.201.0 /24 can access the Internet and the lab 10.89.0.0/16.
Now I want to have two devices (192.168.201.51 & .147) use Gi0/0 when accessing host 63.85.190.67. There is no route to this subnet since it reside in the remote lab. Here is what I have right now. How would I setup a PBR to have those two host use Gi0/0 when accessing 63.85.190.67
interface Vlan192
ip address 192.168.201.1 255.255.255.0
ip nat inside
ip virtual-reassembly (code)
View 12 Replies
View Related
Aug 22, 2012
I have a new cisco 1941 router that I am setting up with pxe-booting. I have never setup pxebooting before and i have this setup so far ip dhcp pool Admin
-option 66 ip 192.168.1.4
-option 67 ascii pxelinux.0
and i can pull an ip but it keeps getting hung up when it comes to the TFTP part.
View 4 Replies
View Related
Apr 5, 2013
I have a Cisco router 1941 connected to a switch. I'm configuring the w LAN- AP and i need to have the wireless devices have an ip in the same range of the wired devices.Since i cant use the same ip range on the gig0/1 and the V LAN 1 for the wireless, i wanted to know how to config the giga0/1 connected to the switch to act as a layer 2 port and i keep the ip on the v LAN 1.
View 9 Replies
View Related
Aug 22, 2012
I have a 1941 integrated services router that will not keep the configs. After several atempts of saving running config to the startup config, then rebooting the device. I am having to reload the configs manually from TFTP because they are gone. I have also tryed the "wr" command to see. Is there a proper way to shutdown this particular type of router?
View 2 Replies
View Related
Mar 12, 2013
I have a cisco router 1941 and i have uploaded before evaluation license , now i have already bought cisco security license .I have already installed on cisco router , but the problem the router is still using the evaluation license not the new license .
RSP#sh flash:
-#- --length-- -----date/time------ path
1 55088360 Oct 10 2012 06:04:10 +00:00 c1900-universalk9-mz.SPA.151-4.M4.bin
2 2903 Feb 4 2013 12:23:32 +00:00 cpconfig-19xx.cfg
[Code].....
View 19 Replies
View Related
Oct 27, 2011
What is the procedure to reset a 1941 router to factory defaults? I just recieved my1 1941 router. I connected it up to my Mac using USB. I got loged in using the cisco/cisco login and it said it will only work once and that I should create a new account. So I entered the command as directed on the screen and it gave my an error about the command. I verified it three times and each time it rejected. While I was looking online for an answer the connection timed out and now I can't get back in.
View 1 Replies
View Related
Jul 2, 2012
I decided recently to switch out our border router (1841 12.4 advsecurity) with a shiny new 1941 (15.2 SEC/K9) as the CPU upgrade was needed.The core below acts as a VPN end point to various other remote offices we have, all of which have a similar network design at each end (and all entirely managed by me). All of these are still running 1841's with 12.4 advsecurity on them as well. These are all GRE tunnels with ipsec procection on them (not crypto maps). [code]
Everything else works fine (NAT, route-maps etc), it's just these IPSEC/isakmp tunnels that are not playing ballIt's definitely not an ARP issue (all arps were cleared) and ICMP appears to work fine (ie, I can ping the remote tunnel's public IP endpoint from the core using the loopback for that tunnel as the source). I am suspecting it's something strange with the stateful firewall config, but I did try and apply ipsec and isakmp-msft to the ip inspect list, with no success.
View 1 Replies
View Related
Oct 28, 2012
I don't have access to my config at the moment and I haven't had a chance to get to the console of this router as of yet.A little background info:This is a Cisco 1941 router in which I have multiple NAT inside interfaces for internal VLANs. Before my current problem I was using one NAT outside interface for Internet access with another NAT outside connecting to our corporate network that was in a shutdown state.The router is performing router on a stick and had layer 3 subinterfaces for each VLAN. I have ACLs filtering on each subinterfaces allowing only the traffic I need through.I also currently only have one static NAT port for an FTP server.The time finally came when I had to connect our corporate network to this router via an access port on a 2950 which trunks to the router.The problem comes when I send any traffic to the subinterfaces on the corporate network which is the second NAT outside interface on the router. The main point for this connection is to do a static NAT from this interface to a web server on another VLAN. Any traffic to this interface including just pinging from the outside causes connection to the router to fail for about 3-4 min.Like I said I haven't ha the chance to get to the console yet Sony cant tell everything that happens. Nothing shows up in the logs after I can get connection back and the router didn't reboot as a "show version" says the router has been up for a long time.The CPU is also usually very low as not that much traffic flows through this router at a time.I built a very similar network in packet tracer and it works just fine.
View 1 Replies
View Related
May 16, 2012
Router 1941 is installed with additional 4 Gig-interfaces card; we have 4 ADSL Router with 4 MB connections. I need to connect all the ADSL connection to the router 4 port and combine them into 16 MB, is there any way to combine 4 Gig interfaces?
View 4 Replies
View Related
Dec 9, 2012
Here is my current config, how to enable and setup NVI on a cisco 1941 router.i think it would fix my issue but i'm unclear on how to implement it to test.
i would like to be able to access an internal server from an outside address.
View 4 Replies
View Related
Mar 7, 2013
I have an IPSec tunnel configured on my Cisco 1941. The other device is an ZyXEL router.I can see the tunnel is up but there is no traffic.This comes out the show crypto ipsec sa
interface: Dialer1
Crypto map tag: CMAP_AVW, local addr 10.10.10.89
protected vrf: (none)
local ident (addr/mask/prot/port): (192.168.200.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (192.168.150.0/255.255.255.0/0/0)
current_peer 20.20.20.161 port 500
[code]....
View 3 Replies
View Related
Oct 23, 2011
I have a 1941 router tt needs to be setup with the range of WAN ip addresses ip nat inside outside don't allow me to use it..How can i configure on the router to ensure from outside i'm able to access to firewall (129.2.1.2) ?
View 4 Replies
View Related
May 27, 2013
We have a Cisco 1941 with the 8 port EHWIC (with 8 layer 2 gig ports). We are trying to do something very basic .We need to set up 2 VLANs (vlan 10 & vlan 20) to connect to 2 networks - Server & Users.The Internet connection (via a comcast modem) is connected to the G0/0 port of the 1941 and it just gets a DHCP address.
[code]...
View 11 Replies
View Related
Jul 1, 2012
We need to give TCP 3389 & 3399 priority over all other traffic between a Cisco 1941 and 2951.What is needed to do this?
View 6 Replies
View Related
Mar 5, 2013
I'm setting up a lot of small remote sites that are only reachable via VHF ethernet radios that operate at 32k. I'm going to be using 2 of these radios shooting to two seperate base station radios to provide diversity. I'm going to have a Cisco 1941 sitting between the two radios and the way I have it configured now is to only use one radio and the second is only sitting there in case the primary fails. I was thinking though that I could load balance them to give a little more throughput. The devices at these sites are really low speed but we like to use snmp to monitor everything that is ethernet so I wanted to give as much bandwidth as I can.
Will load balancing work in this situation? What would the basic configuration be? This is all internal to our network so there are no ISPs to deal with. We're using C1900-UNIVERSALK9-M IOS will that work or will I need to change that?
View 1 Replies
View Related
Jun 14, 2012
I have been recently asked to design a network. What I have for equipment is four 2960G's and one 1941 router. One switch is a root switch and the other three will have end devices on them.I have decided on three V lans to go with: VLAN20 Data, VLAN30 ISCSI, and VLAN99 Management each with seperate trunk links and redundancy (see picture below).
I have a seperate trunks for each V lan using the switch port trunk allowed. With exception to the Data V lan.My design has the Data V lan as the native because it is going to be receiving untagged traffic from the external network. I have set up inter v lan routing on the 1941 via sub-interfaces to allow them to talk to each other (or because of allowed they cannot?). I have one port coming from my router to my switch via Ethernet cable which is my bridge out. I have my external port doing a NAT translation for my inside addresses and a Default route set up ip route 0.0.0.0 0.0.0.0 gig0/0. I am using rapid- PVST to prevent loops and provide my zero downtime convergence when a link goes down. As it stands right now I cannot talk out of my network or inside of my network.
You can see it is highly redundant and I do not want to change it. This network is going to be deployed but there will never be anybody physically there to manage it which is why I made it as redundant as humanly possible.
View 10 Replies
View Related
Apr 4, 2013
I'm trying to upgrade NBAR protocol pack on my Cisco 1941 router, so i downloaded new NABR protocol pack (version 4.0.0) and transferred it into router flash via tftp. When i try to apply new protocol pack with command : ip nbar protocol-pack flash:[protocol-pack-name]
i got this error :
% NBAR Error : Advanced Protocol Pack can not be loaded on top of Standard Protocol Pack
The router is running IPBASE IOS with Security License, IOS image is c1900-universalk9-mz.SPA.153-1.T.bin. Does NBAR2 packages works on IO BASE images?
View 2 Replies
View Related
Dec 7, 2012
i have the topology :=========want to mention that im using port address translation on the router & not sure if it is making a conflict .
here is the config below :
why the cache is not working ?i mean that i tried going to internet with source ips of the subnet 10.20.30 , but i seems went to internet without any precedence of cahce server
[code]...
View 1 Replies
View Related
Dec 20, 2011
I have a Cisco 1941 K9 Router. I want to add POE functionaltiy to it. Specifically I want a 4 port EHWIC POE switch to power a couple of AP's.
This is what I understand I need; Upgrade/replace the internal power supply with PWR-1941-POE power supply, This is supplied with a fan replacement also (not yet purchased).buy 1 x EHWIC-4ESG (4 port switch)buy 1 x ILPM-4 (inline daughter card / power supply board) I think the real question here is the 4 port switch... there are two types available one is EHWIC-4ESG=the other is EHWIC-4ESG-P=
Is there any difference between these two switch modules? or are they the same and the more expensive "P" version is simply supplied with the ILPM-4 daughter card for POE?
I have recieved via courier today 1 x EHWIC-4ESG, and found a ILPM-4 on ebay for a good price. WIll this provide POE through the switch EHWIC-4ESG?
View 7 Replies
View Related
Mar 11, 2013
I have a Cisco 1941 ISM. It sits between my Fortinet Firewall and the Internet. I tried to console to it so I can backup the configuration. Is there any way I can do this as I do not know the name and password for this unit as the previous net admin is no longer employed.
View 1 Replies
View Related
Aug 29, 2012
I Have a Cisco 1941 router which had its GE0/1 port burnt out and we have since plugged in a module with 4 fast ethernet ports. I need to reconfigure the router such that at least one of the Fast ethernet ports can server the purpose of the GE0/1. GE0/0 connects to our Service provider and GE0/1 connected to the inside network.Currently, while connected to one of the ethernet ports, i can telnet into the router on the address 192.168.29.1. when i'm on the router, i can ping our remote site, network address 192.168.24.0 with no problem, but when i use the command "Ping 192.168.24.0 source 192.168.29.1" there is no response.
View 1 Replies
View Related