Cisco Switching/Routing :: 2811 - Bridging Wireless And LAN?
Jan 19, 2012
I currently have a 2811 and a LAN setup via a sub-interface FA0/1.3 and using a HWIC-AP I have a sub-interface dot11radio 0/1.5. I have them setup to work and surf the inet great, but I have recently been overly annoyed with the fact that the wifi cannot access windows shares on desktops and visa versa with the laptops.
The trick to make this happen is currently they are not on the same subnet. I know the answer is bridging the interfaces but when I do this using the simple commands:
bridge 1 protocol ieee
interface x & y
bridge-group 1
Although what should be simple has failed (good thing I tftp'd my working config). Here is my current configuration.
interface FastEthernet0/1.30
encapsulation dot1Q 30
ip address 192.168.3.1 255.255.255.0
I am trying to have F4 (the WAN interface) bridged to a VLAN interface. I have put my VLAN interface and my F4 in the same bridge-group, set an IP in the BVI Interface, and made sure that VLAN was properly trunked and configured on one of the router's switch ports
In other words, I need F4 to be treated as a switchport in access mode on my VLAN 10.
I am trying to bridge the traffic(including different vlan traffic) from rtrA to rtrB using "bridge-group" functionality.I achived the same using a 7200 using the below configuration. [code] When I tried the same using 7600 router ping failed between rtrA and rtrB. Then from the documents it seems "bridge irb" is not supported in 7600.Is there any other way we can achieve the same fuctionality ( eg: using switchport also fine) ?
I have following requirements to implement on cisco asr1001 router.
1.G0/0/0 and G0/0/1 interfaces are connected to a swith through trunk. Multiple customers are will be using this trunk interface . Each customer will have subinterface with dot1q tag.
2 I want both sides of the ASR1001 to be in same segment .
3 If above two is possible I would like to implement shaping on each customers sub-interface level
is above implementation is possible on asr1001. configration and ios information. I found a technology called EVC . but I am not sure is that the one suited for me.
NETWORK 1:EOC connection fro ISP going into a router (not the RV042) with a static WAN address from ISP. This router is hooked up to a switch that all the computers are connected to. All the computers on this network are using 192.168.1.x addresses. Most of these addresses are static, but the router is running DHCP in case we hook up temporary computers like laptops or client machines to this network.
NETWORK 2:DSL connection going into a router (not the RV042) with a static block of IPs from ISP. (8 IPs, 5 usable for the WAN interface, 1 static IP is being used for WAN interface). This router has a VPN connection set up for remote access to the linux machines on this network. This router is running DHCP on the LAN interface for this network with addresses 172.16.1.x. All the computers on this network are tied together with another switch, completely seperate from the 192.168.1.x network switch.
PROBLEM:We needed computers on the 192 network to be able to access computers on the 172 network. Someone decided to just run a cat 5 cable from the 192 switch to the 172 switch (not the routers, the switches). This "worked" - badly. Appearently there is a DHCP conflict (or something else going on) that was causing the router on the 172 network to try and assign addresses to the 192 network computers, and it was also "resetting" a connection about once an hour. This crashed our server on the 192 network. I disconnected that cat 5 cable between the two siwtches, and now each of the two networks are working properly, but they are now completely isolated from one another.
I need to create a bridge between the 2 networks so that machines on the 192 network can access machines on the 172 network while filtering out DHCP broadcasts from either network router to the other network. (I may need to filter out other protocols as well, but don't know yet.)So, I see 3 potential ways of doing this but don't know if they will work:
1) Can I just set up multiple subnets on the LAN interface of the RV042 and just run 2 cat5 cables from each switch on the two networks to the LAN ports of the RV042?
1a) If I do set up multiple subnets on the LAN interface of the RV042, do I need to assign the two ports to different VLANs? (I don't see any way to set each port to a specific IP address.)
2) Can I set up the 2 WAN ports on the RV042, one static for each network, and will the RV042 route traffic from 1 WAN port to the second WAN port?
3) Is there some other way I should consider setting this up?
Finally, someone mentioned that once I get the RV042 set up correctly as a bridge, I will need to route 172 addresses on the 192 network to the 192 interface of the RV042 via the DHCP router on the 192 network, and conversely, I will need to route 192 addresses on the 172 network from the DHCP router to the 172 IP interface of the RV042. I think this will be easy enough to set up in each of the DHCP routers...
I have a network where if an end user attaches an hub to the network, or rather one of those cheap unmanaged 8-port mini-switches and then plugs the two ends of the same cable into two ports of that mini-switch, all the network goes down. Loops are generated and many uplinks are shut down in err-disable state due to the loopback reason.
I know I could discourage the use of those mini-switches using port security. I even have NAC (cisco) deployed on the network, but there are cases where that mini-switches are allowed by the managment.In those cases, is not possible to exactly know wich hosts (mac addresses), and even how many of them will attach the network concurrently.As I know, they could even chain many mini-switch one to another. Of course, when even a single mini-switch is allowed on the network, it raises as a security hole.
Is there a way to allow the use of those devices without the risk of network outages? Some STP protection method? The best would be to have the Cisco access switch to get aware of the loop on its affected switchport (where the mini-switch is attached), immediately shutting down that port (to avoid loops on the network) and maybe sending an SNMP trap or a syslog message.
We are using Cisco Catalyst 2950 and 2960 for our access layer.
I need to bridge 2 subinterfaces; F0/0.301 and F0/0.302 on a single router.The router interfaces with a Cisco 2960 (LAYER-2) switch.QUESTION is, does a Cisco router support bridging on subinterfaces on the same physical interface?Currently this is NOT operational Spaiing-tree on F0/0.301 and F0/0.302 is down, switch side is forwarding for both Vlans.show ip interface brief shows up/down status of F0/0.301, F0/0.301 and BVI6 is down/down?
: SETUP: bridge irb ! ! Interface F0/0 no ip address
I have faced a problem with configuring Cisco 3750G series switches as Sever farm switches with redudance.
servers have 2NIC (1GBps) and both are bridged for redundant connections.In both switches all ports get green coluor except one port on Secondary SW. I saw some Spanning tree block port status on that switch.when i type Show cdp neghbor command on switch i can see other switch through a server connected port. Also Spannig tree root bridge election is occured through that port . Simply i need to configure both switches to pass traffic through there uplinks them selves.. but it seems like Secondry switch pass its traffic through primary switch ( i think according to STP ) usinginterconnection of bridge port of a server. [code]
I have a Cisco 2801 with a 4 port Layer2 switch card installed (HWIC-4ESW).
How do I bridge Ethernet0/1 to the 4ESW so if you were to plug a computer into the 4ESW, it would be on the same network as Eth0/1? see my config below:
interface FastEthernet0/1 description Internal Interface ip address 10.1.2.1 255.255.0.0
We have a customer that is relocating thier headquarters. They have a temporary requirement to bridge multiple vlans or a router T3 link to the new location as they cannot change the IP subnets. Setup is 3560 switch connecting to a 3845 then T3 to remote 3845 and 3560. I need to bridge multiple VLANs. I have seen a good example on how to do it over sonet but I don't see how to translate that to an HDLC or Frame Relay encapsulation for the T3 Link.
I have four 2811 routers with IOS 12.4(15)T installed. Embedded Event Manager was introduced in IOS 12.3(4)T, why do I not have it?! I've been at this for over a month, when I try to see the command 'event manager' I get Unrecognized command? According to all EEM documentation I can find, this should work on our machines!
This is a 2811 rotuer running Cisco IOS Software, 2800 Software (C2800NM-SPSERVICESK9-M), Version 12.4(24)T3, RELEASE SOFTWARE (fc2) Not sure why this isn't working. Can see it expects to parse the command. Can see this device is vtp server. Can see other vlans were defined here.
I am facing a problem on a 2811 router. The CPU is remaining around 60% and the router throughput is reaching at most 18 MB while according to the data sheet the 2811 maximum throughput is 61MB. I have checked the output interpreter in order to try and figure out the cause of the high CPU and to determine if it is affecting throughput but there are not processes consuming more than 10%. I have attached the show tech-support and the show process cpu history outputs.
Whether Cisco has part number for the large fan in 2811. I know p/n for small fan is already there, but I can't find any for large one( I think it s fan 3).
We have a site and on that site we have a server which is down form last two days. However , to manage these devices we are not using any tools. We are not able to find this server that where it is located and on which switch it is connected to.
I want to know that the timer for mac address is 5 minutes and arp timeout is 4 hours . Is there any way to find out the mac address of the server . I feel like this can we done with cef ? Is it true or not I am not sure. I am running 3750 stacks and 2811 routers. 3750 stacks are working as layer 3 devices. They are also running the pretty new IOS 12.2(53)SE.
According to my understanding now a days CEF entry does not expire if we are not using them. They remain in cache as we are running with destination base CEF.
I purchased several Cisco 2811 with Advanced IP Services - they are version 12.2.X
The product number looked like this CISCO2811-HSEC/K9 2811 Bundle w/AIM-VPN/SSL-2,Adv IP Serv,10 SSL lic,128F/512D
I need to upgrade the IOS to version 15.1 - Do I require a license ? What happens if I install it without a License ? Am I entitled to a free license as I am not changing the software type (ADV IP Serv) ?
I have a remote site on a 2811 IOS 12.4(15). Interface FA 0/0 faces the ISP and is set for DHCP. What command can I run to see all of the information given out with the IP lease from the ISP? I need to find out what the IP address of the DNS servers are.
we have 2811 router with multiple servers connected to it's lan from which there are monitoring servers in between , the router suffers always from high cpu utilization configuration has alot of ACLs & NAT & IPSEC Tunnel with wan bandwidth 20 M? Is there any method to reduce the high CPU utilization shown below !!
CPU utilization for five seconds: 90%/80%; one minute: 93%; five minutes: 90% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 104 737029848 427864243 1722 5.45% 5.65% 5.65% 0 IP Input 253 63392216 11081854 5720 1.04% 1.15% 1.12% 0 IP NAT Ager 260 82602372 137425723 601 0.64% 0.64% 0.66% 0 PDU DISPATCHER
I have a Cisco 2811 Router. I have two VLANS on the router. The first one of course is VLAN 1 and the second one is one that I created from reading everything from this forum.. it is called VLAN 531
On VLAN one I have an IP address of 10.8.1.1 and on VLAN 531 I have an IP Address of 172.16.1.1, now what I can do is this... I can.. from a workstation on the 10.8.0.0 segment, ping 172.16.1.1 and one server on that segment that has an IP address of 172.16.1.50, which is fine, but what I really want to be able to do is ping our email server which is on a 10.21.0.0 segment and I cannot. Any commands on what I would need to do to make this work as I would like the 172.16.0.0 segment to ping any other part of my LAN of my choosing.
I have a Cisco 2811 router and i want to experiment on the IOS firewall.The thing is, none of the commands that are proposed in online guides - like ip inspect, ip audit, etc. - seem to be working. I just get "unrecognized command" on a router that is supposed to support such features. I'm wondering if it has something to do with the IOS image.
My show version output is this:
Cisco IOS Software, 2800 Software (C2800NM-SPSERVICESK9-M), Version 12.3(11)T9, RELEASE SOFTWARE (fc3) Technical Support: [URL] Copyright (c) 1986-2005 by Cisco Systems, Inc. Compiled Tue 13-Dec-05 08:24 by ccai
I have a Cisco 2811 Router with a NM-16ESW card installed. I've connected this to my DSL connecting and I'm trying to build myself a learning lab. From the router I can ping to the internet and back to a test computer I have connected to one of the card's ethernet ports. From the test computer, I can ping the router's WAN interface, but no further. [code]
I want to configurate Vpdn protocol PPOE but i can not write protocol ppoe under vpdn group name on cisco 2811. cisco 2811 iso is 12.4 T adventurer and i upgrade it 15.1 advansecure but problem is still.
Cisco 2811 runs ITP IOS. On that router we run the SMPP service. A client on the network connects to this service, and we need to capture the traffic for debug.
I've tried traffic-export, but I cannot see any outbound traffic. Is there any way to capture the outbound traffic?
I was previously using SDM for our Cisco 2811, and this past week installed CISCO Configuration Professional so I could have access to a bandwidth/traffic monitor.
I have successfully started the monitoring service and monitored traffic from within CCP, but it appears that if I turn off the computer I am using to monitor the traffic, it stops collecting data until I start CCP and the monitor up again.
Is there a way (maybe with IOS console commands) that I can have the monitor always running, so I can pull up, say, a week's worth of info at any time? Leaving the computer on all the time is not an option, and currently I have only a few days of data, then a big empty chunk, and then what I have collected since I started it back up today.
I have a Cisco 6500 router at my POP site and I have a Cisco 2811 at the tail site. I have to bond 3 city to city T1s to make a 4.5Mg pipe between the 2 ends. How do I configure the routers to make this happen? This is a configuration example for a single T1:
POP end on 6500: interface Serial1/0/1:0 ip address 10.125.1.1 255.255.255.248
Tail site on 2811: interface Serial0/2/0 ip address 10.125.1.6 255.255.255.248
