Cisco Switching/Routing :: 891W / Basic WAN Setup (IP And DNS)?
Feb 9, 2012
I am trying to configure the FE8 (WAN port) to connect to the Internet. We're swtiching ISP'ssoon so this router was set up at my office and has since been deployed at the client site. So far it is just plugged in and powered, with a console cable attached but no LAN cabling since this router will replace an existing one using the same addressing (except the WAN settings of course). So for now I am just focused on working on the WAN side since I have the ISP's cable modem attached . I had intiially used CP Express to config the wan port with an IP and mask and the various port forwarding options I intend to use. Now, connected via console cable, I tried pinging the IP of the wan port, which works. Beyond that, can't ping anyting (8.8.8.8 - a Google IP), also can't resovle any DNS names which makes sense with no apparent connectivity. Likely my config is just imcomplete. Nowhere in sh run do I see a Default Gateway, yet this ISP did specify one so I assume I need to enter it. Not sure what's the right way - I get confusing results on searches telling me either to use ip default-gateway or ip default-network. I want to think that it's as simple as entering in the IP but so far I've learned with the IOS that you never do anythign without knowing all the possible implications, which I don't. Also while I am at it, I don't know what I should have for DNS entries. This router will not be a DNS server for any internal systems that function will be managed by the two Windows 2008 R2 DNS machines. The ISP has also provided two IP's for their DNS servers. I thought it would be a simple matter of just adding two entrires via ip name-server command, which I did. So now I have four entries, first the two internal servers (inaccessible currently due to no LAN cabing to this router), and the two ISP servers. Can't ping those either, but again there's no default gateway.
View 39 Replies
ADVERTISEMENT
Nov 6, 2011
I'm new to using Cisco Config Professional Express but a lot of things are just "off" with this utility. But my problem for this post is specifically the 891W's internal access point, or initial access to it.
My situation is that I have some 891W's. It's my first time working with them, as well as with CCP Express (2.5). After isolating the router and my PC to their own network, using the IP my PC got via DHCP frmo the router I opened a web broswer and connected to the router. The initiial configuration wizard came up and I went through the various screens. One of those screens had basic config info for the internal wireless AP which I provided. Somewhere in that screen it asked for a Hostname for the AP, and a password. It doesn't askfor a username though. To ensure I wouldn't run into confision, I made sure to set every password I ever get asked to configure as the same thing so the AP's password was also the same.
However after I finish with the wizard, the java-based CCP Express begins prompting me for first the main router credentials which I provide and it gets the router config, then it prompts mefor the username/password for the Access Point. First of all, the initial config wizard had never asked me for the username for the access point, only the hostname, and the password. I had assumed it was just going to use the main router username, or perhaps a blank username.
In any case, nothing I type ever works. I've used cisco/cisco, or a blank username with my new password, or the same username as the main router with the password ---- nothing. This is now the 4th time I have completely Reset the router to factory defaults and while I am learning the use of CCP Express through repetition, I'd also like to get this thing configured and out the door so my customer can use it.
View 3 Replies
View Related
Apr 13, 2010
I' ve three 4900M switches equipped with the WS-X4920-GB-RJ45 module and the WS-X4908-10GE module. Now I'm started to setup these switches in our lab environment for the first time. They behave a little bit strange in comparison with the C3750 series which I used before and which I will replace by these powerful machines.
I tried to setup these switches to be managed through the management port. I configured IP address, default route in the management vrf, set the source-interface for tftp,ssh,ftp and tacacs to use the management port. Ping using the manangement port was successful. After finishing theses steps I configured the TACACS and AAA settings accordingly the informations I found on CCO. I tested the settings with "test aaa group authentication" command- without success. On my Cisco ACS no request was received and the switch told me he could't reach the tacacs server. Other switches in the same IP subnet are working without failure, so firewall or server should not be the problem.
View 5 Replies
View Related
Feb 26, 2012
I have a client that that is installing a new network. They have requested the use of an CISCO891W-AGN-A-K9 mostly to be consistent with upgrades perfomed at other sites. I agree with the use of this router, so that's OK. The issue is that they have requested that I use the integrated PoE available on this model. I'm also OK with this as it will make a much neater installation. However, I can't seem to find much information on how to get the integrated PoE. I need clarification as to whether I can get a kit to upgrade this router. I generally purchase from sites like newegg or cdw (I'm an independent contractor) and I can't seem to find one with it. I have found some information on 800-IL-PM-4 and 800-ILPM-4 (who could confuse those ). Are they the same or different? Which one is the correct one and does it include the AC power adapter and can if be retro'ed into a router without the PoE?
View 2 Replies
View Related
Mar 22, 2012
I believe I have the steps done at the IOS to config the WAN port for SSH, but I still can't connect to it. I have "logging console 7" on so I am able to see that the router is dropping my TCP session requests. I figure this is just the built-in zone-based firewall at work.
Is there a very straightforward process, via the IOS, to allow SSH inbound on the WAN port? I'm not very familiar with the IOS other than basics so while I know how to do things like "transport input ssh" and "login local" and such on the vty 0 4 line, I have no idea whatsoever on what I should do with the firewall stuff. I believce the WAN interface is already a member of the outside zone though so I imagine one just has to somehow include ssh (preferably on a non-standard port) in the exceptions on the firewall somehow.
I have been poking around for a step-by-step IOS guide for this but only find info on configuring SSH itself but not how to open the firewall to allow the connection for it through.
View 11 Replies
View Related
Sep 24, 2012
I am trying to allow RDP through my 891w.I have tried a few different yjing to no avail. [code]
View 23 Replies
View Related
Feb 21, 2013
I have an 891w as my edge device for my home office. I have a VLAN for family use (wired and wireless) that routes out to the internet just fine. I have a second VLAN assigned to a VPN tunnel that backhauls traffic to my corporate network (wired and wireless) and all of the traffic gets to the corporate network fine when I am on that VLAN.
However, while I am on the VPN VLAN, no traffic gets to the internet. I believe it is because I have the gateway of last resort (0.0.0.0) set to the WAN IP address provided by my ISP, so DNS is resolving against corporate, but because there is no specific route, it is trying to dump the traffic back out the WAN without traversing the VPN tunnel.
View 4 Replies
View Related
May 27, 2012
I'm working with some 891W's that have the internal 800-series AP. I have this router set up initially using Cisco Config Express, then, using Cisco Config Professional 2.5 I set up the firewall and other featuress that CCE doesn't do. Overall this is a very simple router, meant to be a small business Internet gateway device but is currently in my lab.
The intended WLAN setup is very simple. One SSID, with broadcast enabled, using WPA2-Personal. Auth: open Encryption is both TKIP and AES-CCM.
However no matter what I do I cannot get thhis thing to broadcast . In the past I had sometimes run into issues where if I had more than one AP running independently it would cause a channel conflict and one or both would cancel each other's radio, so I disabled all other AP's in my vicinity.
Also I've had issues in the past where f I enabled both TKIP and AES, sometimes clients can't find the AP as a result. My solution had been to disable one of them leaving just the other - no change here however.
Via the IOS, ssid config shows mbssid guest-mode which I believce is default.
Interestingly, if I do the following:
ap# Config t
ap(config)# dot11 ssid <myssid>
ap(config - ssid)#guest-mode
end
I end up with both "guest-mode" and "mbssid guest-mode" in the sh run for the AP, and voila, my AP broadcasts the SSID. However clients end up joining without any security at all, no prompts for pre-shared key or anything.
View 7 Replies
View Related
Jan 26, 2012
I have an 891W router that requires a firmware update to fix a bug wth the internal AP where all you get when accessing it via the CP Express ("Launch Wireless Application", which is just opening another web browser to your AP) is an Enter button. This issue seems to be common so I found a thread, though for the 881W (but same process) where the fix is to update the AP's firmware.
So I downloaded ap801-rcvk9w8-tar.124-21a.JY.tar from cisco.com, set it up in my tftp server, and at the console ran the following from the router:
Router#service-module wlan-ap 0 session <enter>
This brings me to the AP.
I then type in:
InternalAP#archive download-sw /force-reload /overwrite tftp://192.168.0.71/filename.tar <enter>
It seems to go through the process of re-imaging the fw but the end result now after it is done is that I cannot access the ap at all and the hostname has been screwed up. So now when I go to the AP (via Router#service-module wlan-ap 0 session <enter>), this is what I see:
AP6400.f177.d0ee>
If I type "enable", I get no username prompt but I do get a password prompt, however my pw no longer works. Also the IP address of the AP (192.168.0.2=) is no longe rpingable.
I did save the log of the console session for the (failed??) firmware upgrade process - the only odd thing I recall was that it seemed like it was trying to enter part of the update process commands but instead the router was interpreting them as a DNS lookup or something. Kind of stupid process it seems but anyway I am quite lost. Don't know what it'ssuch a challenge to update firmware.
View 9 Replies
View Related
Oct 12, 2012
I have had trouble to verify the support wireless speed and band that CISCO891W-AGN-A-K9 supports. I saw on a vendor website that it supports a max wireless transmission speed of 54Mbps but this seems low for what is supposed to be the current model wireless router which is supports 802.11n. What the maximum supported wireless speed and whether 5Ghz is supported? Plus I am thinking about purchasing it for my home wireless network (upgrading from an 871W).
View 1 Replies
View Related
Jan 6, 2013
I have an 891w that started acting up recently. Radio dot11 0 is reporting its a b radio. When it is actually an n 2.4 radio. Of course that radio is not allowing any clients to connect to it at this time. I have tried updating the firmware to the latest, tried a hardware reset but still a nogo.
sh interface output.
Dot11Radio0 is up, line protocol is down
Hardware is 802.11B Radio, address is 0000.0000.0000 (bia 0000.0000.0000)
MTU 1500 bytes, BW 11000 Kbit/sec, DLY 1000 usec,
[Code].....
View 6 Replies
View Related
Mar 15, 2011
I have an 891W that I initially configured using CCP Express (2.5). So it has a WAN IP set, and through CCP Express I had enabled via the checkboxes the various default settings for security. This includes zone-based firewall. I then added a number of NAT entries in the setup wizard.
What never occured to me at the time was that I should have added entries that allow for remote access. So it seems I've locked myself out of accessing the router via the WAN interface even though I know it's IP. I'm sure it's just a matter of adding port exceptions for SSH and/or whatever port(s) CCP uses.
So I"m wondering what the proces woudl be. In the IOS while showing the running config., I see pages and pages of class-map stuff which at present I don't know enough about to risk editing anything directly. But maybe I don't have to? What would be the best way to, for example, enable SSH access through the firewall? I already have transport input ssh set on the interface itself so I believe it's ready to allow the connection, just that I can't get to it via WAN int. so I assume it's the firewall.
View 3 Replies
View Related
Mar 12, 2013
I start configuring Cisco 2821 router for multicast . First short description and attached sheme explanation. Let we say I have small network with 100 users. One router and Cisco switch 3560. Two VLAN’s, one for data another for multicast. Data from internet works fine but now I want to connect multicast servers (or source of more multicast streams) from another subnet. Router have three interfaces.I expect there should be no problems with multicast configuration, but unfortunately it is not like I expect. What I did ?
First step: enable multicast routing
Second step: on both interfaces (Fe 0/1 and Fe 0/2) - ip pim sparse-mode
Third step: configure switch that users are connected to access port in VLAN 222 (temporary to see if multicast work)
When I start VLC on computer nothing happend. If I try to connect computer on same subnet where is source of multicast streams it works fine.What I am doing wrong ? Is there anything about routing ? All subnets are directly connected. RP is not needed if I have one router or ?
View 11 Replies
View Related
Jul 19, 2012
We currently have 7 Cisco 3524-XL switches (10-12+ yrs old) which are 10/100. We purchased a handful of Cisco 3750X switches to replace them going with the whole stackwise and redundant power supplies. Our current configuration on the old 3524 switches is that they have hardset all the ports on them to 100MB/FULL since devices would auto-neg to 100/Half. Since we're going from 10/100 to 10/100/1000 switches, I want things to auto-neg as I have heard in the past and experienced that things work better when it auto-neg to gigabit. My upper management is afraid since the old switches wouldn't auto-neg correctly that we should hard set all the ports on the new switches, which would be a nightmare since some ports would be hard set to 100/FULL others to 1000/FULL, etc.. We've tested just about all of our devices at auto with the switches and they've all auto-neg to the correct speed. In short, is Auto-Negotiation the way to go with the newer switches or is it still better practice to hard set your ports?
View 3 Replies
View Related
Sep 23, 2012
Cisco IOS 12.4 Basic check to see if the command "ip nat pool" is available?We have 12.2 basic and I know it is in the 12.4 Advanced and 15.1 Basic versions (too large of a jump in version for management). Our budget is very limited so I am hoping that 12.4 Basic has this command.
View 2 Replies
View Related
Jan 1, 2013
First time user of cisco hardware and we just purchased the 4900m catalyst switch. My question is very general. I am simply hoping to network 3 servers together and I do not wish to do any fancy or advanced configuration. Can I simply use the web management interface for network administration and setup? I just downloaded the Catalyst 4500 Series Switch Cisco IOS software configuration guide and they talk about Cisco View network management system, is this my answer or is this what most people use for basic configuration and administration?
View 3 Replies
View Related
Dec 13, 2011
attached diagram and following is the basic configuration on L3 and L2 switch. Is this configuration sufficient for simple routing?
L3SWITCH:
switch 1 priority 15
switch 2 priority 10
[Code].....
View 6 Replies
View Related
Nov 27, 2012
basic configuration for setting up cisco ASA 5510 for NAT and DMZ.
View 9 Replies
View Related
Oct 14, 2012
I am trying to setup netflow with on 6509 and SolarWinds NetFlow Traffic Analyzer v3.10.0
The problem I have is that after configuring the basic settings of NetFlow on both side I can't see all the traffic I expected to capture in NetFlow.
The details of my problem.
I want to monitor the traffic on VLAN 20.
In the general configuration of the switch I have entered the following
ip flow-export source vlan 10
ip flow-export version 9
ip flow-export destination 132.5.200.123 8080
Where vlan 10 is the management vlan. Vlan10 can ping 132.5.200.123 no problem.
On VLAN20 interface I configured this
ip flow egress
ip flow ingress
ip route-cache flow
When I go to SolarWinds Netflow Traffic Analyzer I can see maybe 1 or 2 packets flows, like nothing of the data. If I do a capture of the traffic on VLAN 20 I can see there is loads of IP traffic on that VLAN but why is netflow not capturing the statistics of those flows and reporting it to NetFlow ?
command "ip flow-export source vlan 10" ?
View 4 Replies
View Related
Jul 23, 2011
How to set up more than 40 pc's with out internet connection using linksys switch.
View 3 Replies
View Related
Jul 31, 2012
My daughter is on an Army Base in the South Pacific. They have Dial up internet on their home telephone not DSL. They have high speed wireless at the base community center/coffee shop. I will be going there in 9 days to install the dir-615. She has a Dell Desktop with Vista Basic SP1, laptop with XP, IPAD2 and a NOOK Tablet. The dir-615 HVE1 with firmware 5.00na on the bottom sticker. She said she was able to go to web address, login, change the user name and password, started on the wireless configuration and she paniced. My question is basically this. by using a cat5 cable from the desktop to the dir-615 with dialup internet connected can the router be setup using the automatic method as opposed to manual. Our first priority is to be able transfer files to the 2 tablets without being connected to the internet like a switch and secondly If possible go on to the internet from a Tablet or the Laptop. I assume the second option would reuire internet sharing option when setting up the network and performance would be ugly.
Can get I get this router to work this way with just dialup to set it up
View 5 Replies
View Related
Jan 14, 2008
I have been trying to change my password and all the settings on my WRT54G V8 router today because I forgot the password, and I can't seem to navigate the Basic Setup page. I can log in (most of the time) after resetting the router, but whenever I try to click on a different tab (like "Wireless", or "Security") it comes up with the page saying "This Page Cannot Be Displayed." I'd like to be able to put a password on it (which I have successfully done before on this router) because I live in a college dorm and would like to keep my internet from being bogged down by other people using it.
View 9 Replies
View Related
Apr 13, 2013
I am trying simulate the next lab on GNS3 but the ping don't work between hosts on the same VLAN.
View 2 Replies
View Related
Dec 25, 2012
I have 2 sub net directly connected to a ASR 1002. This is the configuration
interface GigabitEthernet0/0/0
ip address 193.145.14.114 255.255.255.252
negotiation auto
[Code] ....
The interface gi0/0/0 is connected directly to 193.147.14.113/30 in another router. And the Gi0/1/1 is connected to my internal infra structure. From my router I can ping 193.145.14.113 . So. I configure my PC with default-gateway 193.147.107.3 (ASR).
From my PC
I can ping 193.147.107.3 (gi 0/1/1)
I can ping 193.145.14.114 (gi 0/0/0)
But I can not ping 193.145.14.113 (the other point connected to gi0/0/0)
Why???? It is a IP inside of a sub net directly connected to the ASR. Why the ASR is not doing routing? ip routing is enable.
View 2 Replies
View Related
May 21, 2013
I have a Cisco SG 300-20 as the core switch, layer 3. It is 192.168.4.6 on VLAN1 and 192.168.5.1 for VLAN2 (VOIP). All the ports are set in trunk mode. DHCP relay is setup on this switch.
The phones connected into a layer 2, Catalyst 2960-S switch. All ports are set in trunk mode. Default gateway on it is set to 192.168.5.1.
DHCP for both VLANs is provided by a Windows Server 2008 R2 server (the relay IP 192.168.4.15).
There is also an ASA 5510 in the mix which is 192.168.4.1. It has a route added to it for the 192.168.5.0 network to go to the SG 300 (192.168.5.1).
Just the two switches can ping each other on the 192.168.5.x network when I "add vlan 2" to the trunk port that is connected between the SG 300 and the 2960. The phones don't get DHCP on the 2960 switch. And I cannot ping 192.168.5.x from the ASA or anything else on the 192.168.4.x network.
After a bit of reading on intra-vlan routing for the SG 300 switch, I am thinking the SG 300 has to be the "center" of things so I need to make it 192.168.4.1 to be the gateway for both VLANs and change the ASA to 192.168.4.2 for VLAN1, etc. And I really can't do asymmetric routing with this switch.
View 1 Replies
View Related
Jan 19, 2013
I have a power conncet 6224 with routing enabled with several VLANs setup.VLAN Database: 6,8,10,90-254VLAN 6 is our management vlan10 is for our core network services (DNS, Domain, Exchange etc)90-254 are isolated vlans.What I need to accomplish is to prevent vlans 90-254 from communicating with each other and only allow communication to VLAN 10 and the internet. All internet firewall work will be handled by our Sonicwall. [code]
View 1 Replies
View Related
May 14, 2013
I'm trying to set up per vlan routing on a 3560G switch but it's not performing as I would expect. I've got a server on the 109 vlan with a 10.1.9.100 address and a default gateway of 10.1.9.1 this address is an HSRP gateway and currently resides on 10.1.9.7. When I traceroute through to my user PC on the internal network it receives a response from 10.1.9.7 However, it is then denied by an ACL on the internal firewall which has been applied to interface Eth0/0. It should arrive at the firewall on Eth0/2.109 as it has the 10.1.9.4 address.
My goal here is to route traffic on the 101 vlan to a seperate interface on the internal firewall from 109 vlan traffic. I'm either doing something wrong or these routing commands aren't designed to work in the way I'm expecting (I couldn't find any documentation on the ip route command where it is followed by different gateways for different vlans)
interface GigabitEthernet0/12
description Internal-FW Eth0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 109
switchport mode trunk(Code )
View 1 Replies
View Related
Nov 15, 2011
I've got working PAT, but absolutely not sure how to perform additional task.
ip cef
no ip bootp server
no ipv6 cef
interface FastEthernet8
ip address 192.168.1.141 255.255.255.0
duplex auto
speed auto
[Code] ........
View 22 Replies
View Related
May 3, 2012
I have the rv042 vpn router which is the main gateway for our internet, connected to the vpn is one server for a software and then another computer is connected for a web server software, well i need to get these setup like so
Setup firewall rules that will block all inbound Internet access to the web server except port 443Setup firewall rules that will block all communication between the two internal networks, except ports 7000 and 1702These must be on two different internal networks
View 2 Replies
View Related
Sep 10, 2012
How to setup dynamic dns for Cisco 2621xm ? What IOS support Dynamic Dns?
View 3 Replies
View Related
Apr 19, 2013
How to you setup ip routing on a Nexus 5500 I want to do vlan routing between an Nexus 5500 and Catalyst 3750. Nothing clever just have the 2 switches talk and vlans route between the two.
View 3 Replies
View Related
Jun 13, 2012
How to setup redundancy on a 2800 series Router so that whenever it fails it will be routed through the MPLS router
View 5 Replies
View Related
May 12, 2013
I've been handed a requirement to try and get a multicast server working on my setup. Trouble is, I don't know if I can with the feature set I have on my switches. What is desired is that a multicast server (stand alone, but network connected, obviously) be accessible by everyone on the local network (multiple V LAN's, multiple SVI's) in the building.
All users will be connected to the one switch stack, although some will want to be wireless (which is one of the separate V LAN's) - I don't care if the wireless requirement goes by the wayside - they can sod off. :-) The main purpose will be multicast, high quality video.
I have a single switch stack consisting of two (soon to be 3) WS-C3750X-48P switches running the IP BASE feature set.
Question - can I do this on IP BASE, or do I need to upgrade to IP SERVICES?
If I can do it on IP BASE, does anyone have any links/pointers to setup this properly? Currently installed IOS is 12.2(58)SE2.
View 3 Replies
View Related
