I have voice Bandwidth on Cisco Router 7200 and catalyst 3750.Now i want to sell some BW ( 15MB ) to any cleint. How to do that .We have Ethernet connectivity with my cleint.How i restrict client to 15MB. Will i have to form any VLAn or just port limit with bandwidth and which is better way?
View 8 Replies
recently i removed the squid cache from the 7200 router so that i could apply the Qos on the router my topology is simple i have 7200 with two working interfaces
GI0/1====>LAN
Gi0/3====>to isp and working bgp
have 550 Mega BW from isp . at the rush hour , the quality of browsing becomes worse .i just need a Qos to apply it on the 7200 router so that the priority for my traffic as follow:
1- browsing has the highest priority
2-youtube has the 2nd priority after browsing
3-download & other applications have the 3nd priority.
I am having a weird issue with my Cisco 7200 router. From the router i am able to ping and reach out to the internet but from the client i am able to reach out to the internet but unable to ping I am not sure where is the issue but when i traceroute to it my packets are dropped at my routers interface. All my pings from the client time out. I checked the Access list to make sure ICMP is not blocked. Following is my running conf
ip audit notify log
ip audit po max-events 100
ip ssh break-string ~
ipv6 unicast-routing
no ftp-server write-enable
[code]....
I am experiecing issues with HSRP.I have two 7200 core routers connected via one portchannel layer 2 and i set up the HSRP.The switch 01 is the master and 02 is the bkp.the problem is, the bkp router can´t see the master and there are a lot of loggs with active-speak and can´t see the master. the configuration are ok, i just check and recheck but there are no mistakes. [code] the configurations are ok, but the router can´t see each other, just in the vlan 500 the other vlans are ok.
View 7 Replies View Relatedi want to ask , how to match youtube in my qos, i want to give youtube the best priority in the rush hour. currently im using an acl that match the ips of youtube but i think its not sufficeitt :
View 5 Replies View Relatedrouter 7200 (12.2(33)SRE1)
two interfaces with traffic going through, placed in a Data-VRF
Another physical interface and loopback interface in the global routing-table.
ip flow ingress on all physical interfaces configured
It was running for at least a year: I was getting netflow packets on my analyzer from the box. Since a couple of weeks I get no netflow-packets anymore.debug ip flow export tells me "IPFLOW: Sending export pak to ... port 2055"
But the packet is not leaving the box. By setting up an ip sla monitor udp-echo I simulated some traffic (udp/2055) which is leaving the box.
[code]...
What is the installation time for the Network Processor engine is:
NPE-G2=7200 series NPE-G2 engine with 3 GE/FE/E ports ,Do you reckon it can be done in two hours?
I have too much output drops in my cisco 7206 VxR NPE G1 router. I'm doing dot1Q on this interface and is connected to switch , i changed the router and IOS but still the error is same . What can be the reason . The interface on switch and router are 1000/Full and i changed the cable also . The traffic only comes about max70Mbps and it is really confusing. [code]
View 9 Replies View RelatedWe have a network of 30 VLANS and currently all the vlans have access to everything. We are using Cisco 6509 switch for Layer3 routing.I would like to prevent some VLANs accessing the server VLANs. How can i resrict access to the server VLANs? Do i need to implement access-lists on the 6500 switch? or do i need to create VLANS on the firewall so that all traffic i filtered?
View 3 Replies View RelatedOn a small Bording School we have the students living in several small houses, each equipped with an AP.Each Ap serve 4 Vlans.I want to restrict the switch for these AP, in a way to keep the students from removing the AP and connecting their own equipment.I tried using the secure port feature on the SG300, but that had the result of allowing the AP but denying all the users connected to the AP.The switch is a SG300-28P placed in L3 mode.
View 3 Replies View RelatedI need to only allow 5 Mac Addresses on a range of ports on a 2955 switch. If I do the following it only changes the first port in the range:
interface range fastEthernet 0/5 - 10
no spanning-tree portfastswitchport port-securityswitchport port-security maximum 5switchport port-security violation restrictswitchport port-security mac-address 00:1D:24:25:F7:AA
[Code].....
I´m facing to one issue with VACL. i have a network lan with 10.40.X.X/16 . in this network i have a Production v LAN 10 with 10.40.10.X/24 and i have created one vlan103 for Guest´ user as 10.40.103.X/24
My goals is to restrict the v LAN 103 to reach or access the v LAN 10, better to restrict Guest user access to the production v LAN. So i try to put this script with VACL method, but does n´t work.
Extended IP access list Restriction-Guest
10 permit ip 10.40.103.0 0.0.0.255 any
vlan access-map Guest 10
action drop match ip address Restriction-Guest
vlan filter Guest vlan-list 10
After that i still able to ping or access to the v LAN 10 form v LAN 103.
I have a Cisco 887M router which I wish to restrict the devices allowed to be connected/allocated an IP address to two, and *only* two.
I can't, for the life of me, find out how to allow these two devices to connect to ANY port - I can configure a MAC restriction on a single port, but I don't know how to make it so that I can allow JUST these two devices to connect to any port in the 4 port switch/VLAN (VLAN 1 is used because the mongrel who set this up was lazy). I know the MAC addresses I want to allow
How I can do this? I *can* restrict any given port to the two MAC addresses - but if I try to add the MAC addresses to another port, they get removed from the initial one. I need to be able to have them connect to ANY port and work, but allow NOTHING else to work.
For those wondering, this is to counter a user who is utilising company resources for purposes not approved - and costing us quite a bit of money in the process.
We have a network of 30 VLANS and currently all the vlans have access to everything. We are using Cisco 6509 switch for Layer3 routing.I would like to prevent some VLANs accessing the server VLANs. How can I restrict access to the server VLANs?Do i need to implement access-lists on the 6500 switch? or do i need to create VLANS on the firewall so that all traffic i filtered ?
View 9 Replies View RelatedI have made some test and i noticed that qos input policy does not classify the icmp packet based on their dscp.The "match dscp ef" or "match precedence 5" is not working only the "match protocol icmp" shows hits.
We need to classify the different icmp packets based on dscp ( TOS ) for measurement purpose.CISCO 7200, 12.4.25d and 12.4.20T have a same behavior.
I have BSNL Broadband with speed 512 kbps. My old modem gives me speed 0.54 mb . i have checked it on speedtest.net .But my new WAG120N gives me less speed 0.15mb .Why this so happen?i checked all settings
View 1 Replies View RelatedIf client gateway = 192.168.64.9 then next-hop = 192.168.64.8 else use default-route 0.0.0.0
I know it's possible to do a route-map match ip-address ACL list. But is it possible to match on gateway?
Some info about hardware and config:
6509-E in VSS (IOS 12.2(17r)SX5) withVS-S720-10G supervisor.
All routes are static, IP for 192.168.64.9 is on SVI vlan.
What are the rough figures that a NPE-G2 is able to hold for the BGP routing table?
378475 network entries using 51472600 bytes of memory 378482 path entries using 21194992 bytes of memory 63008/63003 BGP path/bestpath attribute entries using 8065024 bytes of memory BGP using 82975730 total bytes of memory
Are these 3 memories different memory allocated or are they are a sub-set of each other? If a NPE-G2 has 1GB RAM, does it mean that the routing table limit is depending on the RAM availability?
I am wondering how to restrict access to certain applications; software and hardware via a router.
View 2 Replies View RelatedHaving an issue with my WLC 5500 and client connectivity. This just started today. Clients will connect for a short period of time and then drop off. WLC appears fine with the exception of a bunch of trap errors. I've rebooted the WLC but this did not clear the issue.
View 3 Replies View RelatedWe're attempting to SSH from a Cisco 2960S to an SRX240, and are having some issues. The error we're seeing on the switch is: ops-switch1#ssh -l root 10.10.10.1. Any way to work around this on either the server or client side?
View 1 Replies View RelatedI need to configure public and private wireless access using an ASA 5505 and an Aironet AIR-AP1041N-A-K9. I need to be able to do this via ASDM and http if at all possible. I simply do not have the time to learn hundreds of lines of arcane CLI code. The Aironet connects to the ASA successfully, and receives an IP. I can then connect to the AP wirelessly, but do not receive an IP. I have setup a second SSIDVLAN on the AP, and can't connect to it at all.
View 4 Replies View RelatedAfter changing the VTP mode to from client to transparent, I noticed the output of 'show run' now displays the vlans. I don't have any spare 2970s to check this with at the moment. Output of 'show run' looks like this now with vlans info, this was not shown before changing the VTP mode.
vlan 2
name 16.6.16.0/27
!
[Code]......
I'm trying to have a standard equipment for our POP deployment. Basically this edge router will connect to our customers and pass data and or voice traffic, capable of BGP and good enough to accomodate up to 4 clients.
We have on hand a 3845 Router, and ME3600X. The 3845 is EOS and replacement is 3945. The ME3600X is a fixed configuration so would you recommend a 3945 or a much higher model like a 7300.
I can ping [URL], from the router but not from a client attached to the router dhcp interface(10.1.3.1). When I turn on ip routing I cannot ping at all. Here is the config I have now that can ping the internet from the router.
sh runBuilding configuration... Current configuration : 1191 bytes!! No configuration change since last restart!version 12.3no service timestamps debug uptimeservice timestamps log datetime msecno service password-encryption!hostname
[code]....
We have dlink dir320 router and cisco 877W.
The goal is to make a 877W to work as a wireless client of dlink dir320 and brigde the LAN&WLAN so than the LAN clients of 877W could take DHCP from Dlink 320 directly.
Here's the config of 877w:
!
bridge irb
!
dot11 ssid DLINK_SSID
[Code].....
We are finding the price for ASA 5505 to high and our clients are having problem securing budgets for these devices. We don't want to move to different vendors and we have a team of people we already know Cisco well.I have seen Cisco router 877 which have the ipadvance ios, is this the same as the ASA5505.We would like to offer our clients an alternative to ASA5505, but something which can do the same as a edge device but also protect the client from malicious attacks and has CLI.
View 1 Replies View RelatedMy current production network is setup using VTP in Client mode, and I am looking to enable VTP Transparent so I can enable the extended VLANs. My main question would be, would enabling VTP Transparent on my 6509 affect all of the access switches it is connected to? And if so, would changing all of the access switches to VTP Transparent allow them to regain connectivity quickly with little downtime? Or is there another way that I should be handling this situation to enable the extended VLANs?
View 2 Replies View RelatedWe are moving a small network of 3560 and 3750X switches from VTP Server and Client to VTP Transparent. I noticed the vlan database is stored differently depending on the VTP mode.
Is there any chance of losing vlan database on a given switch when moving from Server or Client to Transparent?
We had core(4503), distribution(3750), and access switches(2960) in our environment. Currently we configured the clock manually in each switch, but a reboot of the switch resets the clock also. We are planning to make a single switch as a NTP servers and others are clients to synchronise the correct time even after a reboot of the access switches.
View 6 Replies View RelatedHow to configure hsrp in my client location.They have 1 no of router and 2 no of 3750 switch.they need to configure Hsrp in switch.
View 5 Replies View RelatedI have a small home network currently using a cisco 841 which is working great. Host a web site and Exchange plus all 10 computers access the net using Verizon FIOS all works. I can even VPN in to my newtwork remotely.I can only VPN using the Cisco client. I would like to use the Native Windows Client and Ipads and Iphones. I believe they use PPTP and the Cisco client is using IPSEC.Which Cisco router can I get that would support all the above?
View 14 Replies View RelatedWhich smaller POE switch is capable of powering a 9971 IP phone with a cam and a think client attached?
View 3 Replies View Related
