i have the topology :=========want to mention that im using port address translation on the router & not sure if it is making a conflict .
here is the config below :
why the cache is not working ?i mean that i tried going to internet with source ips of the subnet 10.20.30 , but i seems went to internet without any precedence of cahce server
[code]...
I am having a problem with PBR done on a 7604-S router - It seems like it is not done in harware. I have an Iperf client and an Iperf server, and would like to test the performance of 7600 router for PBR, supervisor is RSP720-3C-G and used interface card is 7600-ES20-GE3C ESM20G.
I have read numerous discussions about PBR that is supposed to happen in hardware when you use it with matching access-list and set ip next-hop.Although, when I start the iperf, the 7600 cpu is hitting the 80-90 % boundary, and transfer bandwidth can't go over 120-130 Mbit/s.The IP Policy is applied on an interface part of vrf ONE maybe this is casing the problem... ?
The diagram and configuration follows:
Configuration:
c7604#sh run
boot system flash disk0:c7600rsp72043-advipservicesk9-mz.122-33.SRE2.bin
!
ip vrf one
[Code]...
i have 2 cisco 7604 distrubution routers .Both routers are running 310 hsrp groups.
Sundenly there is hsrp flapping which causes high CPU.
What is the limitation of HSRP group on cisco 7604 router .Below is the show ver from the router
----------------- show version ------------------
Cisco IOS Software, c7600rsp72043_rp Software (c7600rsp72043_rp-ADVIPSERVICES-M), Version 12.2(33)SRC2, RELEASE SOFTWARE (fc2)
[Code]......
i read alot about password recovery , but when i apply it to cisco 7604 it fails ?i went to rommon mode and typed# confreg 0x2142 then i typed reset when the router startup it request a password form me ,i can enter the user mode , and when i type sh ver command i note that the config resgitser is 0x2102 , not 0x2142 !!!!
i could enter the privilage mode !!!! and seems no thing changed ! does this router has a specific password recovery procedure ? which differes than the classic procedure?
I was called into a company today to look at their Cisco 7604 router as it had stopped working. The supervisor has all it LED in orange state, there was no blinking of the lights at power on they went straight to orange. Tried removing all cards, having only supervisor card in, etc but always the orange lights.
View 2 Replies View RelatedI want to see net flow data.I have configured this command on the c6500.but I can to see data only below...How can I configration ip cache flow on the C6500? what is the problem?
int gi4/31
ip add x.x.x.x
ip route-cache flow
c6500# show ip cache flow
Displaying software-switched flow entries on the MSFC in Module 5:
[code].....
We have a 3750x switch with some issues on the arp. Our servers become unreachable for some time, buy when I clear the arp cache, I am able to ping the server again. I have tried adjusting the arp timeout but I don't think doing so would be the permanent solution.
View 9 Replies View RelatedExample config
int g2/24
service-policy output test
#and/OR
int g2/24.10
encap dot1q 10
ip address 10.1.1.1 255.255.255.0
service-policy output test
I am facing issue with http login after IOS upgrade on 3750 switches. I upgrade IOS from c3750-ipbase-mz.122-35.SE5.bin to c3750-ipbase-mz.122-53.SE2. bin Any other command I have to run.
View 1 Replies View RelatedExtended IP access list VLAN20
10 permit tcp any any established
11 permit icmp any any
20 permit tcp any 192.168.20.0 0.0.0.255 eq 80
30 permit tcp any 192.168.20.0 0.0.0.255 eq 443
40 deny ip any any log
[code].....
Above is the network diagram and access list for VLAN 20 and VLAN 30, applied on incoming direction of each valn.But still able to access other port which is not on access list, tried changing the direction with no luck.Inter vlan routing is enabled on CoreSwitch default router is 192.168.10.10
I have a 1130 cisco access point,we are using this for wireless cisco IP phone connectivity to the network.Earlier access point was woring fine and we were able to make calls through IP phone.But we have relocated to new place.Now the access point is not working and we are not able to make the calls on the wireless IP phone as the access point is not working.But the access is in the netwrok and we are able to ping the IP address of the Access point.
We are contonuously getting the below loggs on Access point and the access point is getting power from the ethernet port of the switch not through the external powerr adaptor.
error message:
: %CDP_PD-2-POWER_LOW: All radios disabled - NEGOTIATED WS-C
4507R (0012.7fb6.6e6c).
how to make this work.
I have to do ipconfig /flushdns from my Laptop to access my PC, on my local network, for some reason when the Laptop is booted up.After that all works like it should. I made a batch file to do that command during Windows start up. Is there any reason why I have to do this or is it just something quirky with Windows?Both computers have Windows 7 Pro 64 bit. Both use the same DNS servers.
View 8 Replies View RelatedI have a Cisco 1941 router configured using Cisco Configuration Professional... SSH management works from the LAN IP 10.0.1.254 and 10.0.2.254 Also, SSH management works from the LAN using the external domain name which resolves to the public IP address.
The problem i have is if I try SSH from the internet to the public IP.. nothing happens.
cisco1941#show config
Using 18498 out of 262136 bytes
!
! Last configuration change at 13:57:49 PCTime Tue Feb 14 2012 by admin
[Code].....
Not sure why the N7K M1 card doesn't take this command. It works on other N7K at different site. [code]
View 1 Replies View RelatedI had a strange issue with one of my customer..Cisco WS-C3750X-48P Access switch was not reachable and after reload it started working.I would like to know the root cause of the issue. There were no logs and no errors in interfaces.Even Cpu utilization was not high. We have enabled arp inspection and dhcp snooping in the switch..Hope this will not make any issue..Also we have dot1x enabled on port..
View 5 Replies View Relatedthis is my confguration on cisco 881 . but i am not ablle to access internet from lan.
!version 15.1
no service pad
service timestamps debug datetime msec
[Code].....
We have recently leased an internet connection in our office which comes from the service provider as radio link and BW is 2M. I have clients more than 60 that will share the connection and access internet. I have configured a Cisco 2600 router as below:
Building configuration...
Current configuration : 988 bytes
!
version 12.2
no service single-slot-reload-enable
no service timestamps debug uptime
no service timestamps log uptime
[code].....
So far I have read regard NAT it degrades performance as it need to translate every data packet comes from the source and goes to internet. So a question comes in my mind is there any other way how I can share this connection among users with private ip address? Or NAT is the only method to share internet connection among users with private ip addresses?
I have a Cisco 3620 router and I am trying to get internet access. My isp is comcast. All modem lights seem to be operational. But I do not have internet access. I can ping anything other then the router and I am on a home network.
View 47 Replies View RelatedI have a Cisoc 2610 connected to my network, 1 Ethernet port and a WIC-2T card. I have ther serial connection to the main router and the ethernet going to the switch. I can ping all device throught the network...but the 2610 can't ping any outside address (no internet connection). I have the internet connection going through my 3745 (which the 2610 is connected to via serial cable). I put a default route into the 2610 but still no luck.
Here are the running configs:
2610:
version 12.3
service timestamps debug uptime
service timestamps log uptime
[Code].....
I have installed the six new WAP with model Cisco AIR-SAP2602I-E-K9, and we have two SSID for the new WAPs. When the users are connected to this WAP they can able to access the intranet but not able to access the internet. What could be the problem? I have checked and verify that they can able ping to the IP address of google from the CMD but when try from internet explorer they are fail (both with www.google.com & with IP address of google).
View 2 Replies View RelatedI'm currently undergoing CCNa academy so I got a "job" from my boss to configure Cisco 871 router. Unfortunately we just finished first semester at academy so there are some things that I'm still having hard time to understand. I managed to configure router so it connect to internet or to be exact it has internet access through another adsl modem that is in bridge mode. url...The problem is that users are not able to use internet when connected to this router. I'm able to access router through telnet ( ip 192.168.13.10) but that's it.192.168.13.0 255.255.255.128 is network that we use at work. 192.168.13.5 is IP address that is assigned to zyxel adsl modem ( If I'm correct, we could have used any address here since we are connecting this directly to router ? ) Zyxel adsl modem is connected to FA4 port on Cisco router. LAN cable is connected to FA0 port and from there it goes to switch ( it's some asus switch with 50 ports). [code]
If I ping google dns from router e.g. ping 8.8.8.8 it works. If I ping url... it doesn't work. Also I'm able to access router via 192.168.13.10 but if I use router as default gateway then I'm not able to access the internet.
i have one SF300-24p switch where i setup some Vlans and echolife hg8245 ONT router to access internet. the diagram is the following
VLAN1 (Subnet of users) -----> Switch SF300-24p
VLAN2 (Subnet of users) -----> Switch SF300-24p
VLAN3 (HG8245) -----> Switch SF300-24p
VLAN4 (Servers) -----> Switch SF300-24p
i want to control access to internet on VLAN1 and VLAN2 (access on VLAN3), while providing access to VLAN4.My problem is in connecting to internet, i can't find a way to "route back traffic to VLANs 1 and 2 since HG8245 don't seem to provide proper static routing ON LAN interface. Maybe without resorting to changing the HG8245 router ?
We have cisco 3550 switch i have configured 3 vlans in this switch vlans are not able to accessing internet
View 7 Replies View RelatedWe have a Cisco 3750 stack connecting to the MPLS router, able to ping 8.8.8.8 - [URL], the internal users on their own Vlan can ping the default gateway the 3750 switch but no further, trace route from the PC/Servers stops at the 3750 stack.We have the switch configured to ip route 0.0.0.0 0.0.0.0 to the public interface in the MPLS router, from the switch I'm able to ping the internet.
View 17 Replies View Relatedi have router 1841 have 2 interface.i make routing between vlan by subinterface in router and in switch trunk but vlan 5 cannot access internet
View 3 Replies View RelatedI have 5 SVIs configured for VLAN Interfaces 121-125 for my vSphere environment.
All VMs can ping IPs on all the VLANs (VMs on VLAN 124 can ping VMs on VLAN121)
All VMs, except those on VLAN 124, can access the Internet or even ping my router IP.
If I change one of the VLAN 124 VMs to use a different VLAN, and update the addressing appropriately, it can access the Internet.
The problem is exhibited with Windows and Linux VMs. So, I believe something in my switch setup is the problem with VLAN 124 in particular.
If i do a show vlan brief, VLAN 124 is listed.
If I do a show ip int brief, VLAN 124 is listed as upup. I also tried to shut o shut the VLAN 124 interface.
Only one specific VLAN has connectivity problems?
My topology is Catalyst 3560 to home router to Internet.
Here is my IOS image: c3560-ipservicesk9-mz.122-55.SE6.bin
Here is my show run output:
3560_02#sh run
Building configuration...
[Code].....
I am using a Cisco SG-300 28 port switch in layer 3 mode as my default gateway for all my devices. I have two vlans on the switch, vlan 1 and vlan 4. Both are pulling valid IP addresses in their scope from the DHCP server, and both have valid DNS settings. I set a static route to the Internet on the switch to our firewall (192.168.5.254). All devices connected to vlan 1 are able to access the Internet, however all devices connected to vlan 4 cannot get past the switch. A tracert from one of these devices shows it hits the switch as the gateway, but gets no further. [code]
View 4 Replies View RelatedI am trying to setup VLAN's in the company I work for and I am almost there but missing the part when the internet works.I have an SG300 as a L3 Router IP 192.168.0.93.I have created VLAN20 and VLAN40 Assigned VLAN20 192.168.2.1 and VLAN40 192.168.4.1
The static routes have been created and a default router going to the Sonicwall firewall at 192.168.0.1.Port 24 is configured as Untagged VLAN1, Untagged VLAN20 and VLAN40 in trunk mode and going to the Sonicwall NSA 2400. [code]
Working to move all 192.168.0.x network off of VLAN1 and move it a management switch.I have DHCP helper on pointing to the DHCP server.Both VLAN's once the DHCP server is configured to Gateway 192.168.0.93 can get an IP from the correct subnet either 192.168.2.x or 192.168.4.x
All PC's are getting a GW IP of 192.168.2.1 pr 192.168.4.1.All test PC's on both VLAN's can ping each other and any server with the correct GW.When I try to ping google.com or open a web page and try google.com it times out.
Need to Have both ISP to access internet/servers configure a Cisco 2911 router, It has two ISP one as primary 216.140.140.0, and secondary for backup as 216.150.150.0. I need to be able to access both the ISP's using the same interface Gi0/1. Since we have servers that have to have specific IP both when accessed and when accessing the internet so I used static Nat for the servers and Dynamic for all others. I did the following configuration but it does not work as i want it, if i unplug the Primary ISP from the unmanaged switch the secondary cant access the Internet or network.The secondary only works when the primary and secondary are both connected and have an equal cost Administrative distance, hence it is not available when the primary is down . Even though I can use a sub-interface instead of a secondary Ip address (which worked when I used it) I need to use the same interface using a unmanaged switch to which the outside interface of the router is connected and the two ISP's. Below is my configuration.
interface GigabitEthernet0/0
ip address 10.0.0.254 255.255.255.0
ip nat inside
[Code].....
I have a 2960-S running the lastest software for testing on my bench:
[code]
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 24 WS-C2960-24-S 15.0(1)SE2 C2960-LANLITEK9-M
[/code]
I have set up VLAN 2 on 192.168.2.0/24 with the switch as the DHCP server. The switch is connected to an RV082 router which is at 192.168.1.65/27. Once I figure out what I doing I'll eventually shift that to 192.168.1.0/24 or something similar. So I have my switch acting as the DHCP server for VLAN 2 but I can't figure out how to get it to access the internet.
I found this example to set up the DHCP server:
[code]
###################################
this works to get vlan 2 to serve ips
conf t
[Code].....
The RV082 doesn't support trunks AFIK and I'm pretty much a newb at this stuff. TIA. I guess I should get a real router and I most likely will but I'd like to get this working if possible before taking the next plunge.
I want to set up my LAN to have internet access via my 2801 router.The 2801 router is connected to my home ADSL router.Now do I just configure a 0.0.0.0 'gateway of last resort' on the 2801 router pointing to the interface leading to the ADSL router ?Therefore, all traffic from my PCs that is internet bound will head out to the ADSL router and onto the internet.
View 3 Replies View RelatedAt the core of my network I have two Nexus 5548's with the routing/L3 daughter installed. They have a default route that points to my ASA 5520 for Internet access. I have configured a VLAN that I do not want to have access to the Internet. What is the best way of preventing this access? ACL on the Nexus or Firewall rules on the ASA?
View 1 Replies View Relatedthe cisco 2921 Router has a default ip hhtp access class command found in it. Just i changed the default IP to the new ip i will use.The Router is accessable from the LAN only but not from the internet configured the Public ip . I think this is due to the standard access list 23 . how will i access the Router from the Internet using the Public IP.
View 6 Replies View Related
