we are using 7609 router. it forwarding traffic to wards my firewall which was not allowd in my router. when ever im checking for routes in router using show ip route x.x.x.x its showing SUBNET IS NOT IN TABLE, but in workmy firewall dropped connection i can able to see that networks.
View 2 Repliesi want to to ask about redirecting in MLS 7600 .assume the user a has an ip x.x.x.xand that user requested url...i want to to redirect his request to url...the users that have to pay the monthly bills , i want to give thim an ips and redirect all the http requests from this to a special local webpage .is is applicable to to it on router cisco 7600 ??or is it applicable on router 7206 npeg2 ? also i have siwtch 2960g.i dont want to do it by proxy server.
View 4 Replies View RelatedI’ve configured a small WLAN for a school that wants to have wireless network access for their staff as well as for guests doing presentations. They want the staff to have access to everything on the 192.168.1.0 /24 network as well as the Internet. They want the guests to only have access to the Internet. I have attached a picture which shows how the network has been configured with 4 Cisco AP1242G AP’s attached to a Cisco SF302-08MP PoE switch and then to a Symantec Security Gateway to the Internet.
I can authenticate wirelessly to the STAFF SSID and ping anything on the 192.168.1.0 /24 network and access the Internet.I can authenticate wirelessly to the GUEST SSID and ping anything on the 172.16.1.0 /24 network, but not anything on the 192.168.1.0 /24 network (which is what we want). However, when on the GUEST network you can’t access the Internet. I added a default route to the Cisco 302-08MP switch to 192.168.1.1 (Symantec firewall) thinking that would forward the traffic from 172.16.1.0 /24 to the Symantec firewall out to the Internet, but that isn’t working.How would I go about getting the traffic from 172.16.1.0 /24 to hit the Symantec firewall and the Internet, without hitting anything else on 192.168.1.0 /24? Do I need to put the Symantec firewall in a different subnet like 192.168.2.0 /24? Am I missing anything else?I’ve worked with Extreme Networks & HP / 3Com CLI in the past, but never with Cisco and never with web based management
I have catalyst 6500s with two VS-S720-10Gs, one is in Active and one is in Hot state. Both Sup cards have two 10G uplink ports. How does the traffic forwarding works in this case on the uplink ports? Do these uplink ports actively forward traffic or it is only the uplinks ports on Active that forward traffic? I see CDP neighbors on both Active and Hot SUPs uplinks ports - it indicates that packets are flowing on both cards.
I want all uplink ports on both SUPs to actively forward traffic. Does it work? What is the config for this?
I am a soon to be network admin and have never set up a network to an existing network. Steps you need to add a new location to a company's network. For example if they are using 8 Building with 7600 Routers and 6500 and you need another building and they are using MPLS or Private Network, or Internet.
View 4 Replies View RelatedWhen mutiple Policy based routing configured on 7600 routers, did the router performace degraded with the number of policy based routing rules?Also, did 7600 running 12.x use per-flow based routing or per packet based routing?
View 1 Replies View RelatedI want to ask about cisco 7600 model is it a switch or router or layer3 switch or Multilayer switch ?
here is the sh version :
===================================
Gateway7600#sh version
Cisco IOS Software, c7600s3223_rp Software (c7600s3223_rp-ADVENTERPRISEK9-M), Version 15.2(1)S, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Sun 27-Nov-11 15:27 by prod_rel_team
[code]....
today i installed new router 7600 , but im facing some thing the cpu is increasing and it reached 50 % and still increasing as the bw dissipated is increasing .im applying ip policy which set next hop for many internet source my question is , how to know the cu percentage which is used by this ip policy , also , how to know the percentage by access-list ??
View 4 Replies View RelatedI just upgraded from an old Dlink D624 to a Linksys E1200. It seems to be working OK.
I have 2 problems and 1 question.
Question. The Dlink required that I enter the MAC for all devices, wireless and hardwired, to access in protected mode.
The E1200 doesn't seem to want or display any hardwired devices. Does that mean that any hardwired device gets unfettered access to the internet?
Problem #1. I entered real names when I setup any wireless devices. They do not appear anywhere, and especially not in the permitted MAC list.
Problem #2. I have a wireless printer (HP 3000) connected. It works OK on WIFI from the PC, but now not from my HP Touchpad, which doesn't see the printer. Does WIFI printing go through the router first?
I have Cisco 7609 router and we have observed that router is rebooted due to the following error ;SLOT 3: Apr 13 16:06:26.621: %CARDMGR-2-ESF_DEV_ERROR: An error has occurred on Egress ESF Engine: Control Store Parity Error SLOT 3: Apr 13,Slot -3 we have SIP-400 card. We would like to know if there is any MIB which can monitir such reboots.
View 1 Replies View RelatedI am trying to bridge the traffic(including different vlan traffic) from rtrA to rtrB using "bridge-group" functionality.I achived the same using a 7200 using the below configuration. [code] When I tried the same using 7600 router ping failed between rtrA and rtrB. Then from the documents it seems "bridge irb" is not supported in 7600.Is there any other way we can achieve the same fuctionality ( eg: using switchport also fine) ?
View 3 Replies View Relatedi try newest ios 15.1(3)S0a and 12.2(33)SRE
in both case some times i obtain lowing traffic on interface and highest cpu - to 100%
after clear cef linicard i obtain growing traffic and cpu 0%
#sh proc cpu s
CPU utilization for five seconds: 87%/83%; one minute: 91%; five minutes: 96%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
7 1711512 87883 19474 4.06% 0.84% 0.89% 0 Check heaps
[Code].....
I´m looking for an IOS on a 7609 SUP720/MSF3 that supports the NAT-PT feature (IPv4 to IPv6 translation). I searched on the Cisco Feature Navigator but the tool didn´t show up any IOS for the 760x platforms. I only got the feature "NAT-PT: Support for Overload (PAT)" with IOS 15.xS train.
View 2 Replies View Relatedi have cisco 7600 router , here is show run : Gateway7600#sh run Building configuration...
Current configuration : 4787 bytes
!
! Last configuration change at 09:08:04 UTC Sat Apr 20 2013 by xxxx
!
version 15.2
service timestamps debug datetime msec
[Code]....
I have Cisco 7606 and wanted to test whether Cisco can drop frames due to invalid v lan ether type . i have configured the ports as
interface GigabitEthernet5/1
no ip address
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet5/2
no ip address
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
I have configured port also with encapsulation trunk dot1q ether type 88a8. i injected traffic with v lan ether type 0x8100. I expected to see drop traffic , however traffic passed in port to port.
I have problems in my Cisco network until I connected some Moxa devices.This Moxa are models EDS-316 and EDS-208
My principal trouble is the traffic UDP. Suddently the network don't permit the traffic UDP in VLAN where are connected Moxa devices.
During an hour the Moxa can send TCP traffic, but can't send UDP. If a Moxa device is unplugged from network, all devices connected to him can work offile from principal network, but if I plugg again the Moxa is like disable.
After one hour (more or less) the system restart all functions and work fine.I catch the logs from TXerrorsInPorts and all the ports where is connected a Moxa have errors all time.
I don't know which is the problem, but I think that problem is in negotiation from Moxa to Cisco.This is the configuration from a port where is connected a Moxa: [code]
on 7600 SUP720 3B.I have port channel and there are two ports on that port channel. is it possible to apply this command? does it work?
View 1 Replies View RelatedIs it possible to configure MST on ASR and have rapid-pvst on 7600? can they interoperate? ASR sees no BPDUs and both are root bridges.
View 2 Replies View RelatedI have a 7600 with ws-sup750 and when it boots it displays these errors:
Cisco IOS Software, s72033_sp Software (s72033_sp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXH2a, RELEASE SOFTWARE (fc2)Technical Support: [URL]
Firmware compiled 07-Apr-08 22:12 by integ Build [100]
00:00:05: %C6K_PLATFORM-0-UNKNOWN_CHASSIS: The chassis type is not known.(0x6003)
[Code]....
Then it got stuck in rommon, i tried using a 7200 pcmcia card (I downloaded the 7600 IOS there) but if i do from rommon boot disk0:
it complaints with :open: file "c7200-atafslib-m" not found so, it doesn't boot.
Anything I can do to be able to boot this device ?
Probably this is a trivial question but I have not found any response to it. What I would like is to set my cisco 877W rotuer up in order to act as a DNS server which forwards DNS queries following these simple rules:
1.- If the name is within my local domain *.ib forward them to my local DNS 172.21.238.229 and .230, and
2.- Else forward them to the chosen public domains (i.e. 8.8.8.8 and 8.8.4.4).
I have a Cisco 881 router in my office and I would like to do port forward for port 5060, and 10000 - 20000 to my PABX(192.168.1.61).After I did some research from internet, understand that we need to NAT by using following command to do port forward for port 5060.
ip nat inside source static udp 192.168.1.61 5060 XXX.XXX.XXX.XXX(WAN IP) 5060 extendable.However, now I'm facing an issue to perform port forward for a huge range of ports like 10000 to 20000.It is impossible to ask me add one by one?
we have three separated network segments going to one Cisco 3750 switch all is L2 .. from this switch is 100 mbit uplink.we need to apply some Qos mechanism not to saturate line by traffic from one network.. Configuration from various reason CANNOT be done on switch where 100Mbit line is terminated.. so all must be done on SW1,2,3..Correct me if iam wrond but as switches doesnt see traffic from other network iam affraid only think we can do is limit bandwidth on links going into SW1,2,3 to 33 Mbit.I found commad srr-queue bandwidth limit.But links going to SWs are 1Gbit so if i force bandwidth to 10% (minimum what command allows) its 100 Mbit..If I force speed on those links to 100Mbit and than apply srr-queue bandwidth limit to 30% doest it work.??. Will srr-queue bandwidth limit speed to 30Mbit?? Or srr-queue bandwidth limit is calculated from maxim speed of interface?
View 1 Replies View RelatedI am a little stuck trying to troubleshoot unusually high cpu on 7600 Platform.This has been going on for many hours and not been causing a problem, but this doesn't seem replicated in our network and I am concerned about the cause.I have attached some output below, and disabled netflow on interfaces to free some switching CPU. How to track the cause of this? We only have routing protocols and 5 static routes to Null 0, so I cant see how this can be a route loop, but willing to stand corrected. Routes are learned from BGP with OSPF/MPLS internally on the network. This switch also connects to access switches on RIP and EIGRP.
No change has been made to this device when this problem started to occur so I am suspecting something about the traffic has changed or there is a rougue user? [code]
i have a 7206 router to be used as a gateway for internet router 7206 inerfaces are connected directly to cisco switch 2960g note that 7600 work only at 1 gega , and cant be used for 10 or 10 . im looking forward to use router 7600 instaed of 7206 i copied the config of 7206 and pased in 7600 but some commands which are under interfaces command was not accepted here is the config which as not accepted in 7600 router
%%%%%%%%%%%%%%%%%%%%%%%%
duplex auto
speed auto
media-type rj45
negotiation auto
%%%%%%%%%%%%%%%%%%%%%%%%
note that the 4 lines above was not accpted in 7600. does these commands will affect the new config ?i just want to ask before im trying to apply this config to production network?
Actually i have 7600 router and all trafic passes through Gi0/1(Routed port) interface to 6500 series switch. I need to create a vlan on this router eg. vlan 10 Any how it is possible assign a vlan to routed port and traffic of wan interfaces and the vlan traffic passed together.
View 2 Replies View RelatedES20+ QoS. As I understand for these cards QoS is MQC; i.e. similar to that of normal WAN cards
1- If i have 7600 with ES+ card only then I dont need to configure global command "mls qos" and the concept of trust boundries "mls qos trust dscp" will not exist , correct ?
2- For below output, why "show mls qos queuing" is giving an O/P similar to that of WS-X6xxx LAN modules.Also why it is WRR when scheduling is not configured.I expected that command will not work with this module as it is similar to WAN modules.
I have run into a problem testing static route failovers using ECMP. I have an edge device (SUT) that has 2 NIC interfaces to an internal Loopback. Each NIC is a unique Gi port on an 7609 VLAN tagged with unique IP subnets. The 7600 is configured to route the loopback via the 2 NIC. I am using CEF in the network for other traffic performance testing. Using an external sniffer we can verify that when a ping is initiated externall to the SUT loopback a specific path is selected by the router.
Ping host ------Network-----7609 Gi1/21 (172.16.110.9)-----------SUT Nic1 (172.16.110.10)
| |
| -------Loopback 137.168.68.114/32
| |
7609 Gi2/21 (172.16.110.73)------------SUT Nic2 (172.16.110.74)
[code]....
Now, when the selected path is taken out of server (pulling cable for example), the 7609 is not clearing the routing table to indicate that particular path is down and failing over to the secondary path. Other things I have noticed is the show ip cef still shows both peers as well as the arp table but the interface shows down (show interface gi1/21 for example). I am running 15.1. My understanding is that since the ports are directly connected to the router, the ports should be detected as down and any association of the IP for the down port should removed. This should trigger the static route to update the static route for the end destination to use the second path and traffic should continue.
ROM: System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)BOOTLDR: Cisco IOS Software, c7600s72033_rp Software (c7600s72033_rp-ADVENTERPRISEK9-M), Version 15.1(1)S1, RELEASE SOFTWARE (fc1)
how to know if my bgp neighbour advertised my network from his side or not ???
here is my config :
Gateway7600#sh ip bgp
BGP table version is 8, local router ID is 192.168.40.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
[code]....
I just setup my homelab today, after having Cat5e installed so I can run my servers and network equiptment over wired network as well as setting up a wireless system. I got everything setup and its going great I can access everything from my office now including a E4200 Linksys router that I setup to do RiP (was only choice pretty much, or NAT), and my 891 Cisco Router which is my internet connection.
I use to have the linksys setup to do port forwarding but now I need to figure out how to do it on the cisco 891 router via command line.
Below is my current configuration. I need to be able to access my server which is behind my router by Remote Desktop. I also have a web server, and the kids also play minecraft, and have a server setup so I need to be able to forward their port as well.
[URL]
Ths is from the link above, would I just do like that but then put in my IPs and is that my Private IP I use this or my public facing. Also he has "interface Dialer1 6881" again after the port in the second and third row. I dont really understand what they have there. I understand basic access list and such though I am extremely rusty.
!
ip nat inside source list 102 interface Dialer1 overload
ip nat inside source static tcp 10.0.0.2 6881 interface Dialer1 6881
[Code].....
Does one can use a Vacl to monitor network traffic on a nexus 3064 much like you can on the 6500s? If so, any performance tradeoffs or caveats to be aware of ?
View 2 Replies View RelatedI am attempting to block all FTP traffic on port 21 from the servers in my network, and only allow FTP from one server to go out.
I have created the following ACL
access-list 101 Permit ip any any
access-list 101 Permit 21 1.1.1.1 0.0.0.0 any
access-list 101 Deny 21 any any
and have applied it to my truck VPN that goes up to my firewall
int Vlanxxx
ip access-group 101 out
But when i test ftp is still allowed by all servers.
We are facing one issue at the Customer site as Cisco 7600 series Router's having issue for reflection of traffic flow through netfluke as using by Customer to get bandwidth utilization report for our WAN links.Recently we have brought this 7606S router into production and moved some of our WAN links to this router and We are not getting proper bandwidth utilization report in netfluke after configuring netflow in this device.
HTAINCHN21XXXCR001#sh ver
Cisco IOS Software, c7600s72033_rp Software (c7600s72033_rp-IPSERVICES-M), Version 12.2(33)SRB5, RELEASE SOFTWARE (fc2)
HTAINCHN21XXXCR001#sh run int gi1/12
[code]....
I am trying to open up port 32400 on my 881w Cisco router but I have not had any success I need to configure manual port-forward to enable my Plex Media server.
View 1 Replies View Related