Cisco Switching/Routing :: 2800 Series - Dual ADSL Links?
Jan 31, 2012
In a site we currently have 1 BT provided ADSL link which is currently terminated using their device which I believe is some kind of 2wire device, which is extremely slow due to distance from the Exchange (4Mbps)...We have a growing number of users here and want to install a second ADSL line from BT to give them increased performance.
We have a Cisco 2800 sat not doing much so I was wondering if I could use this to load balance the link? I know BT do not support MPPP so therefore the maximum any user can get will be the speed of a single link (4Mbps)...But basically how can this be done..
Can I leave the two BT routers in place and place the Cisco 2800 behind them, or do I need to purchase two ADSL modules for the 2800 and terminate the connection there?Also once done, what do I need to do regarding actually setting up the load balancing? I have seen this:
[URL]
But am unsure as to how relevant it is? I am not sure I understand what the ACL's are being used for? I just want all users on the LAN to load balance out...
Also I am unsure of this statement:You potentially need to add policy-based routing for specific traffic to ensure that it always uses one ISP connection. Examples of traffic that require this behavior include IPSec VPN clients, VoIP handsets, and any other traffic that use only one of the ISP-connection options to prefer the same IP address, higher speed, or lower latency on the connection.I do not understand why a established session such as a VPN client, would ever traverse the second ISP connection anyway?
View 2 Replies
ADVERTISEMENT
Aug 21, 2012
I'm trying to turn off SSH version 1 & 2 to pass PCI compliance. Problem is, I cannot touch the VPN link between the two offices. I'm afraid the PKI certificate used for the VPN will be deleted if i zeroize the RSA key which seems to be the only way to stop the router responding on port 22.
Here is the stuff from the running config related to the crypto map:
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
[ code].....
I'm only CCNA so I'm not even sure if the certificate or RSA key is being used for the VPN link, but I can't tell from the running config that zeroizing it would be a good idea and not break the VPN. I'm open to other ways of disabling SSH, as we are able to just connect using a console cable. But it looks like denying port 22 with an access-list doesn't even stop the router from responding to the port.
View 6 Replies
View Related
Jan 25, 2013
My Cisco seems to be stuck when it boots up, with the following:
Upgrade ROMMON initalized
And it goes on with self comperessing image then an OK but then it starts loading again all over.
View 13 Replies
View Related
May 22, 2013
I have Router 2800 series Global nating is configured on it.
ip nat inside source list 111 interface Dialer1 overload
!
access-list 111 deny ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 111 permit ip 192.168.1.0 0.0.0.255 any
My object is that i want give internet access only for few users ip E.g IPs addresses from range 192.168.1.0-10 can acess intenet access other all are deny.How i do this with ACL .
View 2 Replies
View Related
Aug 3, 2012
Is there a way to set static routes per VLAN?Example VLAN 100 sends all traffic to 192.168.1.1 and VLAN 200 sends all traffic to 10.1.1.1. (2800 Series RTR)I have 5 networks that have their own gateway to the Internet via satellite link. Those networks run over the same infrastructure on separate VLANs. They frequently send traffic to each other, which gets sent over a slow SAT link. I introduced a router to the network and would like to set all my hosts default gateway to the local routers sub-interface then have a static route that send all traffic that is not on one of my 5 networks back to that VLANs respective SAT modem to get routed out over the Internet.
View 4 Replies
View Related
Aug 16, 2012
I am trying to add WCCP to be configured for websense. My first option seems to be either purchase an IPServices license for the stack of 3750E switches, but i am thinking this will require us to license all three switches in the stack. The second option i am looking at is to do the WCCP configuration on the 2800 router we have on the edge. The problem is both Gig ports are in use, one going to the firewall and the second going to the ISP. My first question would be, which option is better in terms of manging as well as cost of implementing it.The second question is, if WCCP on the router is a better option, what is the add on module i should be looking to get to add the additional ports to hook up the Websense cache.
View 8 Replies
View Related
Mar 25, 2012
We have recently implemented Windows Deployment Services on our local network, but everytime we do a multicast image deployment the network get flooded to point of total saturation.
We have Netgear switches and a Cisco 2800 series router. IGMP Snooping has been enabled on all Switches, however, we are unsure on how to implement multicasting on the router.
The whole network is flat - no VLANs over than the default VLAN1. We only want multicasting to work within our local network and does not need to go out the other side of the router as that is the connection to the internet.
How to get the Cisco router configured properly to enable multicasting to not flood the network. It seems that even if we were to image 4 PCs using multicast this is enough to completely get the network flooded.
Also, am I right in thinking that IGMP needs to be enabled on all of the Switches?
View 5 Replies
View Related
Nov 15, 2011
I just read the Removing and Installing CompactFlash Memory Cards in Cisco 2800 Series Routers instructions and there was nothing said regading powering down the router. Are these CompactFlash cards hot swappable??
View 2 Replies
View Related
Jun 7, 2013
Basically I have a simple LAN of 30 users and 2 servers that sit on a private address range (192.168.1.1 - 254). I have a Cisco 1921 router with 2 Gigabit Ethnet interfaces and have installed a 2 port Ethernet module to expand interfaces,I have Two Internet providers that provide me an Optic connection to a converter and then a CAT 5 cable. On both of these connections have private public assigned IP addresses.I have a email server and webserver on the LAN (192.168.2 and 192.168.1.3) and with to port forward various ports to these servers - 25, 80, 443 3389, and 2222.
In my external DNS I have two MX records for the mail server (mail.globalhomegroup.com) that point to 2 A records - one record for the publicly assigned IP address of one ISP and another IP address for the other ISP. Ideally what i would like is for mail to be delivered to the first ISP Ip address - the one with the lower MX weighting and then if that line goes down, through the IP address of the second MX record - the backup ISP we are using.
So I guess I am port forwarding to the inetrnal server IP addresses via one of the two external interfaces.At the same time I need to allow internal users to access HTTP, HTTPS etc.So I have managed somehow to configure the external interfaces of the routers to connect to the ISPs and have managed to assign IP info to intenral LAN interface. I can telnet to the router from the Internet via Dialer0 or Dialer1. Other than that I am totally stuck - I have tried to configure and debug NAT etc but cant see wood for the trees now. Basically the port forwarding is not working and i am not sure if the config I have done is in anyway correct.
View 10 Replies
View Related
Jun 2, 2012
why I can't use cisco ehwic-3g-hspa-u card in cisco 2800 series and 1841 series router?documentation said that it should work with that devices but when I installed it, it doesn't work even as device i can't see I am using cisco latest ios advance ent. 15.1(4)M4?
View 3 Replies
View Related
Oct 16, 2011
I currently admin a WAN link between two international sites. I have a 2800 at each end. The primary connection between the two sites is 20MB Ethernet PIP MPLS BGP circuit. I also have a pair of T1's in a PPP multilink that I switch over to in the event the primary circuit goes down. I currently am doing the switch over manually. It takes me about 15 minutes to complete it, but I know there must be a way to make this an automatic process.
So a couple questions:
1) Is there a way to create an "enhanced multilink" with the 2 T1's and the Ethernet circuit in the same bundle, in effect giving me 23MBps bandwidth while still being able to maintain connectivity if one of the 3 links goes down? This is my preferred solution
and if 1 is not possible then
2) Is there a way to configure the router so if the Ethernet circuit goes down, all traffic will be automatically directed over the T1's, and then come back to the Ethernet when it's back online?
View 5 Replies
View Related
Jul 18, 2012
can a Cisco 2811 router bundle 2 or 4 ADSL lines ? Reason am asking, we need a device that would be able to bundle 2 or 4 ADSL lines from ISP so that we can you it as backup link in-case the company Internet link does down.
View 5 Replies
View Related
Feb 2, 2012
I have a cisco 2801 router and I want to connect two ADSL links on it and balance the load but not that kind of IOS that team would need
View 2 Replies
View Related
Nov 3, 2011
I have two Internet links:ISP1: only Site 2 Site VPNsISP2: only HTTP/HTTPS traffic and incoming remote access VPNs With the security plus license I could correctly configure them both as active at the same time on the same ASA device. Also, I've successfully accomplished the following traffic separation:
Site to Site VPNs goes out through ISP1HTTP/HTTPS traffic goes out through ISP2 The customer request is that, when ISP1 fails the S2S traffic is relayed through ISP2 -> This is working fine, I've already tested!But when ISP1's service is restored and that link is working fine, I want that the S2S VPN traffic gets relayed through it again automatically, which didn't happen. My question is: using SLA will the S2S traffic be relayed through ISP1 again automatically when it's services are restored? If not, which technology should I use to accomplish this?
PS: This is all configured on only 1 ASA 5505 whose license was upgraded.
View 2 Replies
View Related
Sep 5, 2011
I have two sites with identical asa 5505's and each has the dual wan/ISP links and are set for failover using sla monitor tracking. I would like to create a vpn between these two sites that stays active regardless of which ISP link is online. Do I simply make two crytpo map statements10 and a 20 inside each of the asa's to each of the other ASA's STATIC PUBLIC IP's? [code]
View 6 Replies
View Related
May 3, 2011
We have a few WAN connecting sites to ISP using BGP. we are looking at getting backup link for 1 site.
We have decide to use an IP WAN ADS L link. we will have 877 and 2800 for each link. from understanding, we have a static routing on IPWAN service. means when both BGP WAN and IP WAN connected to the ISP. ISP will use ADSL as primary ignore the BGP link. so other sites will see a BGP route coming from ISP via the ADSL link for this location.
So we have find a manuel solution, leave ADSL unplugged of power but setup same LAN ip address and connect the cable towards the core switch. when WAN link fail, switch on ADSL. So the static route will advertise to the rest of sites.
just want to know is there any auto solution can disable the ADSL link/ ppp link when the 2800/WAN route is up. and enable the ADSL port when the WAN is down. not sure if HSRP/backup interface/tracking will work? and how?
site office switch - > 2800 - > ISP - > ADSL -> ISP
(need this link to be backup and protocol down, so the ISP will not able to connect to this link and advertise as next hop)
View 5 Replies
View Related
Aug 6, 2011
Can we terminate 2 WAN link first Lease line and second Broadband internet link on 800 series router . As 800 series router have only 1 wan port and 4 switch port. Also we want to Configure load balancing over the 2 WAN link, is it possible or Basic router for SMB.
View 1 Replies
View Related
Aug 1, 2011
We've just discovered it seems the 2800 series aren't getting IOS 15.2?
We're running a 2851 for our CME and specifically want some features in CME 8.8...
End of Sale has been announced, but as it stands you can still purchase this router new today.
View 5 Replies
View Related
Sep 19, 2012
I have a 1921 router with two wan interface configured, one is primary and the other is standby or backup in case the primary goes down, I was able to configure links to failover from primary to backup once there primary is down, but how do I configure to make sure when primary is up it failbak to to it. [code]
View 3 Replies
View Related
Aug 4, 2012
I have a 5510 with me. I want to terminate two Internet links on that. The primary Internet Leased Line to access my DC network using Site-to-Site VPN, and the secondary ADSL connection to access my other location network via VPN and and for web browsing. How can I achieve these goals.
View 1 Replies
View Related
Feb 19, 2012
I would like to make a design with 4 Nexus 5596UP. 2 of them equipped with Layer 3 Expansion Module so they can serve as core layer and the other 2 Nexus used as Layer 2 for aggregation server layer.The 2 Nexus in the core layer will run HSRP and will peer with ISP via BGP for Internet connection The 2 Nexus in the aggregation layer will be configured as layer 2 device and have FEX and switches connected to them.What I am ensure of is how the vpc and port-channel configuration should look like between the 4 nexus. What I was thinking is to run vpc between the 2 Nexus in the aggregation layer and between the 2 Nexus in the core layer. Than I was thinking of connecting each Nexus in the aggragtion layer to both Nexus in the core layer using port-channel and vice-versa.
View 3 Replies
View Related
Aug 1, 2011
Site A, site B, site C, site D is connected using leased line each other. We are using Cisco 1800, 2800 and 2900. Each site also have Internet connection using ADSL connected to firewall, we are using pix 501 and ASA 5510.My question is, can i use the existing ADSL line to be use as a backup line if the leased line is down on any of the site??And i want it to trigger itself, once the leased line is down, the firewall UP the backup line? something like that..
View 1 Replies
View Related
May 7, 2013
i have one cisco router 2811 now its not booting normally.
Router was working without any problems but due to power loss router restarted and goes into rommon mode
I tried to boot from flash and usbfalsh with different images but no use router is in still rommon mode.
here the output of my router:
program load complete, entry point: 0x8000f000, size: 0x3117470
Error : compressed image checksum is incorrect 0x8E095E7F
Expected a checksum of 0x8E0AE77F
*** System received a Software forced crash ***
signal= 0x17, code= 0x5, context= 0x80014e20
[Code].....
View 7 Replies
View Related
Mar 25, 2012
I have an environment where i have two nexus 7010 switches, along with 2 nexus 5510's. I need to run OSPF as a layer 3 routing protocol between the vpc peer links. I have 1 link being used as a keep alive link, and 3 other links being used as a VpC link.
1) Is it best to configure a separate Vpc VLAN i.e 1010
2) Is it best to configure a vrf context keep-alive
3) just have the management address as the peer ip's.
View 2 Replies
View Related
Feb 20, 2012
We have an MPLS network to a half dozen remote sites. At our main location we have a 2800 series router. In the routers config are the following lines for QOS. When I go to the routers on the other end of the MPLS, none of them are configured with these same policies. Would these not be in the running config of the 1800 series routers, or is this not setup correct and this should be removed?
View 13 Replies
View Related
Feb 7, 2011
Each time I enter show run on my router 2821, it takes ages to display and I have a cpu peak from the ssh process ( I am connected through SSH)
RTR-2821-01#sh proc cpu sorted
CPU utilization for five seconds: 96%/21%; one minute: 34%; five minutes: 22%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
55 26948 814 33105 74.96% 16.92% 5.87% 323 SSH Process
View 3 Replies
View Related
Sep 3, 2012
Checking the logs we have seen the following messages:
%SPANTREE-3-PRESTD_NEIGH: pre-standard MST interaction not configured (Port-channel3). Please, configure: 'spanning-tree mst pre-standard' on ports connected to MST pre-standard switches.
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel3, changed state to down
%LINK-3-UPDOWN: Interface Port-channel3, changed state to down
%LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
%LINK-3-UPDOWN: Interface GigabitEthernet2/0/1, changed state to down
When this happened, the interface that was actually blocked by STP didn't come to forwarding state, and as a result this switch became isolated.This switch is connected to a switch that runs standard MST, and to some switches that run PVST but have bpdufilter enabled as we don't want them to participate on the STP. It is a 3750 switch with software version 12.2(55)SE5.
As far as I knew, when a MST pre-standard BPDU was received, the interface was able to receive more pre-standard BPDUs, but I didn't know it would turn the link down. Why the links went down, and if there is any way we can configure those links to accept only MST standard BPDUs.
I would also like to know if there is any chance a switch running PVST can send a MST pre-standard BPDU if it has a software version 12.2(25)SEE3.
View 5 Replies
View Related
Oct 3, 2011
Any problem/issue with using 28VDC to power the 2811 router. The spec calls for a 24VDC power.
View 1 Replies
View Related
Jan 10, 2011
i have Router 2800 series we are using leased line Connection 8 Pubilc IP.One IP Config in Router FE0/0 IP 101.102.148.91 and FE0/1 192.168.0.0 Local IP.I have 6 Web Server. How to Config other 7 IP address on Web server in the router 2800 series.
View 6 Replies
View Related
Jun 10, 2012
Can I use Sandisk Compact 4GB Flash card on Cisco 2800 series Routers
View 8 Replies
View Related
Jun 29, 2011
I have a comcast business class cable modem and am trying to connect it to my cisco 2821 to route only certain types of traffic.
View 3 Replies
View Related
Feb 27, 2012
Any issues with SXJ and source specific multicast? We upgraded our core from SXI6 to SXJ2 and multicast stopped working for all but our L3 links.Our L2/L3 links stopped working and the only thing that has changed is the IOS version. All the configurations are still valid etc. Currently have a call open with TAC.
View 7 Replies
View Related
Apr 9, 2012
I am working in a environment that is classed as collapssed Layer 3 environment. We have a core 6500 with routed links to 3560's which are access switches.
We have layer 3 vlans on the access switches, one for data one for voice.On the layer 3 vlans we have ip helper addresses that are used for DHCP. The DHCP servers are located on the 6500.
I recently had a incident where someone plugged a netgear router into a desk point because they thought they could use it for a switch. This router then started to dish out IP addresses to people in the morning for those who came in and docked their laptops. 99% of people weren't affected because they have desktop PC's are their leases hadn't expired.
Now we have bpduguard, bpdufilter to prevent people from plugging in switches that send out BPDU's. However this doesn't prevent the above senario where someone plugs a router or a 'dumb' switch that doesn't send BPDU's.Because of the above senario I started looking at DHCP Snooping, but I am unsure on a couple of things.
With the topology of our network I understand that I don't need to configure IP DHCP Snooping Trust on the L3 uplinks to our core switch. From what I understand I just need to enable IP DHCP Snooping globaly and then on the VLAN's on the access switch (because of the L3 topology VLAN's are local to the access switches). Only if I had L2 uplinks to the core would I need to configure IP DHCP Snooping Trust on the trunk links.
View 2 Replies
View Related
