Cisco Switching/Routing :: AP1242G Forwarding Traffic From One Subnet To Another
Feb 20, 2012
I’ve configured a small WLAN for a school that wants to have wireless network access for their staff as well as for guests doing presentations. They want the staff to have access to everything on the 192.168.1.0 /24 network as well as the Internet. They want the guests to only have access to the Internet. I have attached a picture which shows how the network has been configured with 4 Cisco AP1242G AP’s attached to a Cisco SF302-08MP PoE switch and then to a Symantec Security Gateway to the Internet.
I can authenticate wirelessly to the STAFF SSID and ping anything on the 192.168.1.0 /24 network and access the Internet.I can authenticate wirelessly to the GUEST SSID and ping anything on the 172.16.1.0 /24 network, but not anything on the 192.168.1.0 /24 network (which is what we want). However, when on the GUEST network you can’t access the Internet. I added a default route to the Cisco 302-08MP switch to 192.168.1.1 (Symantec firewall) thinking that would forward the traffic from 172.16.1.0 /24 to the Symantec firewall out to the Internet, but that isn’t working.How would I go about getting the traffic from 172.16.1.0 /24 to hit the Symantec firewall and the Internet, without hitting anything else on 192.168.1.0 /24? Do I need to put the Symantec firewall in a different subnet like 192.168.2.0 /24? Am I missing anything else?I’ve worked with Extreme Networks & HP / 3Com CLI in the past, but never with Cisco and never with web based management
View 1 Replies
ADVERTISEMENT
May 23, 2013
we are using 7609 router. it forwarding traffic to wards my firewall which was not allowd in my router. when ever im checking for routes in router using show ip route x.x.x.x its showing SUBNET IS NOT IN TABLE, but in workmy firewall dropped connection i can able to see that networks.
View 2 Replies
View Related
Jan 24, 2012
I have catalyst 6500s with two VS-S720-10Gs, one is in Active and one is in Hot state. Both Sup cards have two 10G uplink ports. How does the traffic forwarding works in this case on the uplink ports? Do these uplink ports actively forward traffic or it is only the uplinks ports on Active that forward traffic? I see CDP neighbors on both Active and Hot SUPs uplinks ports - it indicates that packets are flowing on both cards.
I want all uplink ports on both SUPs to actively forward traffic. Does it work? What is the config for this?
View 1 Replies
View Related
Sep 25, 2012
I have an issue with some traffic routing:
Machine A | Machine B (Win 2008 R2) | Machine C
Start: 192.168.5.9 > 192.168.5.5 (NIC 1) - 10.14.137.130 (NIC 2) > 10.14.137.128So the question is how do i get traffic from Machine A to Machine C. I've tried various 'Route ADD' cmds but no luck so far. So was hoping someone out there could shed some light for me?Machine B is a AD/DNS and can talk to the entire 10.14.137.x range but has no forwarders set up in DNS. And does not act as a AD/DNS server for the 10.14.137.x range. It fills these roles only for the 192.1668.5.x range.
View 3 Replies
View Related
Apr 7, 2013
I am trying to open up port 32400 on my 881w Cisco router but I have not had any success I need to configure manual port-forward to enable my Plex Media server.
View 1 Replies
View Related
Oct 11, 2011
I recently purchased an SG300-28P. I have 2 VLANS/subnets that are successfully routing between them.Machines on both sides can ping each other just fine, but none of the usual Windows/NetBIOS browsing is possible. I've recently learned that NetBIOS is not usually forwarded between subnets. How would I enable NetBIOS packet forwarding between my subnets?
Reading the manual, it seems like enabling UDP Relay might be the answer but I've been unable to get it to work (same with DHCP relay).
View 8 Replies
View Related
May 24, 2012
Got a shiny new SG 200 26P which seems to work fine operationally.owever, when I am trying to access the web interface from a different IP subnet, the web brower just times out.If I put my PC on the same IP subnet, it works just fine. From the other subnet, I can ping the switch fine. The default gateway is set on the switch, and from the web interface I can ping and dns resolve other hosts and on the internet. I've tried to create a management profile to 'allow all from everywhere' basically, but still no luck.I'm completely stumped. I've tried to reset to firmware defaults, and I'm now runinng the latest firmware. I woudl suppose that the switch would allow itself to be managed via the web interface from all subnets by default. Any thoughts? The fact that the switch can ping internet hosts makes be believe it's own default gateway and IP are all ok and working.. (and I can ping it from anywhere in my network).
View 4 Replies
View Related
Jul 16, 2012
Getting a lot of the following errors on our 5508 form the same subnet: 10.20.0.1 255.255.248.0 . I tried researching and not getting much.
broffu_SocketReceive: Jul 17 10:11:10.068: %DATAPLANE-3-DP_MSG: broffu_fp_dapi_cmd.c:2891 FP0.09:(7089389)[cmdAddIpv4:2921]failed to find ipv4 10.20.6.58
[code]....
View 2 Replies
View Related
Apr 14, 2011
Are these good access points to play around with and even for CCNA:Wireless?
View 3 Replies
View Related
Dec 2, 2012
We connected to locations to the RV042 by setting up 2 Gateway - to - Gateway VPNs - both locations can communicate with the RV042 and devices within the local LAN of the RV042 - however at the moment it is not possible to send traffic from 1st VPN Location to the 2nd VPN location
View 1 Replies
View Related
Feb 9, 2012
I have Catalyst C3750G switch
with configured route to subnet 192.168.201.0/24
ip routing
ip route 192.168.201.0 255.255.255.0 192.168.160.13
192.168.160.13 is accessible
[Code].....
View 5 Replies
View Related
Feb 14, 2012
we have some devices on the network which cannot be secured and we need to isolate from the rest of the subnet.Our switches are Cisco 2960.Is it possible to via an ACL local a specifric port down to only allow traffic from specific MAC addresses? I've had a go at this myself but not been able to make any progress. The traffic type is TCP/IP.
View 10 Replies
View Related
Jan 14, 2013
We have two switches; a WS-C3550-48 and a WS-C3548-XL connected via fiber uplink ports. Both switches are on the same subnet 192.168.1.0 /24. I would like to change the subnet of the second switch, WS-C3548-XL, to be on 192.168.2.0 /24. Would it be possible to assign 192.168.2.x IP addresses to both uplink ports to achive this?
Or would I need to create a separate VLAN and assign both GigabitEthernet0/1 uplink ports to this VLAN?
View 5 Replies
View Related
Feb 5, 2013
I have an issue with the device in subject. I need that some server, listed as service on CSS, can contact a content VIP on the same subnet. To allow that traffic I configured grouping on CSS (group 1) with vip address and an ACL that allow traffic from subnet 10.1.1.0/24 toward same subnet 10.1.1.0/24 and I have bound this ACL with sourcegroup 1. The nat and portmap works but never at first attempt, instead since second attempts it works. Seem like a CSS require to much time to create nat entry.
View 4 Replies
View Related
Oct 7, 2012
I have a customer who has an ASA 5505 that is handling the routing for their internal network. They are running out of available IP addresses on their subnet 192.168.1.0/24. They have dumb switches that don't suppport multiple vlans or trunking & they are only able to connect to one switchport on the ASA. He doesn't not want to purchase any new equipment or rearrange their existing equipment at this time. The customer would like to statically assign IP addesses for 192.168.1.x & 192.168.2.x and have the ASA hand out DHCP addresses for 192.168.3.x addresses. The customer suggested configuring a super subnet. A 192.168.0.0/22 address scheme would provide an ip range 192.168.0.0 - 192.168.3.255 on a single VLAN. I know this is an unconventional way to setup an internal network & I will definitely advise the customer that this should only be considered as a temporary solution until they get more appropriate network equipment.
View 3 Replies
View Related
Mar 15, 2013
I have forgot this technology name, but, I remember it can achive on between Nexus 7000s in two location, and also between two catalyst 6500.Can I ask if it can be done between one nexus and one catalyst 6500?
View 8 Replies
View Related
Dec 13, 2011
We have 10 ADSL lines and 5 of them goes in the load balancer (One gateway) and the rests are used as default gateways for internet access. We use ADSL routers as access points for internet, but those routers should be part of our network and should be given an address in order for them to act as default gateways for internet access. I'm facing a real prob with the ADSL routers Linksys WAG54G2 because they doesn't support a subnet mask 255.255.0.0 Any recommendation for an ADSL router model that support a netmask 255.255.0.0 ?
My cisco 2811 router interface configuration ip address: 172.20.0.1 255.255.254.0.Load balancer output lan ip address: 172.20.0.5.My ADSL routers will be in the following range : 172.20.0.6 - 172.20.0.10
View 1 Replies
View Related
Jan 25, 2012
I recently bought SG-300 28P to create the VLAN. My network hs 3 subnet 192.168.1.0, 192.168.2.0 and 192.168.3.0.My main net work is 192.168.1.0. I want to divide it to VLAN to eliminate the boardcast storm; especially from the domain 192.168.3.0
But I want all the devices from 192.168.1.0 to access other subnet.
View 4 Replies
View Related
Jun 28, 2012
I need to configure the C3560-24TS, QoS control by IP or subnet.i tried to study books and videos many times but still feel i am not well known about QOs...
View 1 Replies
View Related
Nov 27, 2012
how to know if my bgp neighbour advertised my network from his side or not ???
here is my config :
Gateway7600#sh ip bgp
BGP table version is 8, local router ID is 192.168.40.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
[code]....
View 5 Replies
View Related
Aug 6, 2012
It is said that the switching fabric of WS-C3750X-24T-E is 160Gbps.Could any body tell me what is switching fabric, any relevance or difference from forwarding rate?,Is there any document to know how will the switch reach the 160Gbps full switching fabric performance?
View 5 Replies
View Related
Jun 20, 2012
I am trying to modify the OSPF admin distance for a specific subnet under version 5.1(5) of the Nexus 7K, but this command does not appear to be available.
View 1 Replies
View Related
Feb 13, 2013
I have some questions about how to configure my Cisco 1941 with a routed subnet from my ISP to forward them to 1 or more servers in my LAN.1 Routed subnet /29 from my ISP (over a fiber connection).In my LAN I have (at the moment) 3 servers, and about 15 clients.I would like to use the first ip address from the routed subnet for internet traffic from all the clients in the LAN.I would like to use the second ip address from the routed subnet for server1 so that server1 accept some allowed connections and that server1 connects to the internet with the second ip address from the routed subnet
I would like to use the thirth ip address from the routed subnet for server2 so that server2 accept some allowed connections and that server2 connects to the internet with the thirth ip address from the routed subnet.I would like to use the fourth ip address from the routed subnet for server3 so that server3 accept some allowed connections and that server3 connects to the internet with the fourth ip address from the routed subnet.[code]
View 13 Replies
View Related
Sep 6, 2012
Have our public IP address space masked on /24 at our Internet Router. The router portion of 3845 connects to Internet, while the internal switch connects to my internal network and seeds it with the public address space. The switch had a port configured no switchport (L3) with an ip address with /24 (ie 67.63.145.1 /24) this connects to internal IPS/IDS then to Firewall which NATs to internal, then packet shaper, web filter etc etc etc. I need to test my ISP speed so I need to "break in" to the link between the switch and the IPS/IDS. I figured I could configure another port on the switch on the 3845 but my problem is the port to my network is routed and is masked on entire /24. I tried to configure a port on VLAN 1 and give myself an available address in the L3 address space and this did not work (figured it would not but gave it a try)
Any way to get two ports configured to use the same subnet while one is a L3 routed port and the other is just part of that layer 3 routed network?
View 1 Replies
View Related
Mar 11, 2012
I have a Nexus 7K router, has 2 ospf process, ospf 1 and ospf2. OSPF1 has several subnets in 10.1.0.0/16 subnet range , OSPF2 has several subnets in 10.2.0.0/16 subnet range. I want to summary OSPF 1 subnets to 10.1.0.0/16 then redistribute to OSPF2.but OSPF 2 didn't receive 10.1.0.0/16. Below is the config
ip prefix-list all seq 10 permit 0.0.0.0/0 le 32
route-map all permit 10
match ip address prefix-list all
router ospf 1
router-id 10.10.3.9
[code]....
View 2 Replies
View Related
May 13, 2012
I need to make some changes on our network. We currently have two sites 150 miles apart we join both by way of fiber and on each side we have Cisco 3750 stack switches, configure trunking for all V lans on one port in site one then through the the long haul fiber to site two with site one using 10.1.1.30 and site two using 10.1.1.40 as their default gateway, with static routing all V lan sub nets to the other sites default gateway life is good.
My question - seeing how we have sites using the same sub net 10.1.1.x to trunk all data to each site through switches; we need to now change the network and add each site to the MPLS network, site one switch 1 IP address 10.1.1.30 going to MPLS router one with FA0/0/0 using IP 10.1.1.31, site two having switch 1 IP address 10.1.1.40 going to MPLS router one with FA0/0/0 using 10.1.1.41. I need to know will this work.
We have the same sub net in each site 10.1.1.x to the MPLS routers then the external router interface connecting each site to local switches, will this cause any problems by using the same local sub net for each site?
View 1 Replies
View Related
Mar 28, 2013
I recently installed a couple of Cisco Aironet 3600 Series Wireless Access Points at a remote site. While I was at the site everything seemed OK, The clients were able to get connected to the access points, the guest network worked fine, I could SSH into the access points, and I could ping them. The problem is when I went back to my home site I tried to SSH into the access points through an ASA IPSec VPN Tunnel and it couldn’t find it. When I try to ping the access points they “time out”. I can ping and connect all other addresses (via RDP, HTTP, etc..) on the same subnet which should rule out an access list problem. A couple of notes to be aware of:
The WAP’s have the Autonomous IOS installed (Version 15.2(2)JB) The WAP’s are connected to Dell PowerConnect 5724 (Not by choice.. We are a Cisco shop, these were already there and have plans this year to replace)
I can ping and SSH with Putty to the WAP’s from the local subnet I cannot ping or SSH from a remote subnet to the WAP’s. I can access all other IP’s and Computers from a remote subnet.
View 12 Replies
View Related
Feb 16, 2012
I am facing problem with ACE configuration. I want to redirect 443 traffic to my Proxy Server. But I am not able to do this. I want to redirect only subnet 192.168.80.0/24..Then only it is working but I dont have to have this policy to be applied on all the users only one subnet I want to have under HTTPS policy.
how can I apply the policy only on specific subnet so that port 443 traffic can be redirect and rest of all subnets can go direclty to Internet.
View 8 Replies
View Related
Aug 12, 2012
I am having touble with a NAT concept. What I have is a 3rd party software VPN product that basically tunnels encapsulated traffic to/from a server sitting inside the network. Right now this traffic utiluizes a physical interface on the ASA5510, but I need the interface for another project.
What I have is this:
Internet<----->ASA<-->router<-->4507(layer3)
| |
| |-Vlan1
[Code]......
View 1 Replies
View Related
Mar 26, 2013
Does this Router Support SIP Forwarding?
View 1 Replies
View Related
Dec 1, 2011
I have my Cisco 881 router up and running, routing all traffic on my small network. I am wanting to utilize port forwarding to enable FTP (forward port 21). All docs I have found say you need to be running Configuration Professional (not Express) to do this.
View 1 Replies
View Related
Nov 28, 2011
I have an problem with my new Cisco 876 Router. I configured port forwarding to access internal network devices from the internet . This works good from external but with my old Fritz box I was able to connect to this internal devices from the same internal network with the dyndns address.
So here is a short review for this:
DYNDNS Address port tcp 80 - > 192.168.0.80 tcp port 80
from ex tern it works but with source address example 192.168.0.20 to destination DYNDNS address tcp 80 (maps to 192.168.0.80 tcp 80 ) it doesn't work. Is there any trick in the config of cisco to let this scenario work?
View 4 Replies
View Related
Aug 11, 2012
I need to configure the port forwarding on Cisco 887 to forward port 22 on Public IP to a LAN IP port 2200. I don't know anything on Cisco router at all, beside telnet to the cisco and quit . Any step by step command.
View 9 Replies
View Related
