Cisco Switching/Routing :: ASR 1001 - License Required To Create IPSec Tunnel?

Oct 26, 2011

what license do I need to create a IPSEC tunnel? I have an ASR 1001, running? [code]

View 2 Replies


ADVERTISEMENT

Cisco Switching/Routing :: 4510E License Required For BGP?

May 3, 2012

I have a 2 X 4510E switch with dual sup-7E running as the core switches of my company. we would like to enable BGP on these switches, according to cisco released datasheet IPBase license does NOT support BGP. When i typed question mark, BGP commands did show up. I just wonder does BGP really works on this image/license or we need to upgrade to ent license?

View 1 Replies View Related

Cisco :: How To Create Ipsec Tunnel

May 4, 2011

how to create ip sec tunnel using these parameters. customer ip where tunnel has to be connected 1.1.1.1

ISAKMP Parameters: (Phase I)
Encryption: AES-256 or 3DES
Authentication Mode: Pre-shared key

[Code]......

View 4 Replies View Related

Cisco VPN :: Can 881 Router Create L2TP / IPsec Tunnel Via NAT

Feb 23, 2011

Successfull in setting up an L2TP/IPsec tunnel through NAT-T against a Windows 2008/ R2 RRAS server? I am using an 881 router and the layout is someting like this:Client -> 881 -> NAT -> internet -> Windows 2008 RRAS.The tunnel goes form the 881 to the Windows server (not from the client...).

View 4 Replies View Related

Cisco VPN :: VPN 3000 Setting Two Concentrators At Different Sites To Create Ipsec Tunnel

May 20, 2011

I'm currently setting up two VPN 3000 Concentrators at two different sites to create a IPsec LAN-to-LAN Tunnel. I have gone through all the basic configuration guides on the CISCO site, but a LAN-to-LAN session is never created. I have enabled the logs on the Concentrator and it displays no errors at all - it appears the Concentrator is not even trying to establish a IPsec LAN-to-LAN Tunnel.After running through the standard setup provided by CISCO, is there anything I need to do to make the Concentrator try to create a Tunnel, or should this be automatic once all settings are in place?

View 2 Replies View Related

Cisco Switching/Routing :: 1941 / IPSec Tunnel Up No Traffic?

Mar 7, 2013

I have an IPSec tunnel configured on my Cisco 1941. The other device is an ZyXEL router.I can see the tunnel is up but there is no traffic.This comes out the show crypto ipsec sa

interface: Dialer1
Crypto map tag: CMAP_AVW, local addr 10.10.10.89
   protected vrf: (none)
   local  ident (addr/mask/prot/port): (192.168.200.0/255.255.255.0/0/0)
   remote ident (addr/mask/prot/port): (192.168.150.0/255.255.255.0/0/0)
   current_peer 20.20.20.161 port 500

[code]....

View 3 Replies View Related

Cisco WAN :: Technology Package License For ASR 1001?

May 29, 2012

How can i find the list of features supported in ASR for various license
 
1) IP Base
2) Advance IP Services
3) Advanced Enterprise Services.

View 1 Replies View Related

Cisco Switching/Routing :: Apply A QOS For Traffic LAN In ASR 1001?

Jan 31, 2013

i want to apply a QOS for my trafic LAN, in my ASR 1001 , the LAN is connected with ge0/0/0 interface and it configured with the service instance to bridge vlan 1 ( i do that for OTV ) i put  service policy in "service instance 1" to marking data with ef31  but i noticed that the class "plateform_datacenter" match the trafic and  the ACL associate to this class not mach any trafic trafic !
 
tha policy-map march trafic for Datacenter  :
 sh policy-map interface gigabitEthernet 0/0/0 service instance 1
GigabitEthernet0/0/0: EFP 1
Service-policy input: MARKING-OTV
Class-map: Platforme_DC (match-any) 

[code].....

View 9 Replies View Related

Cisco Switching/Routing :: ASR 1001 - Trace Route / HSRP / VRF

Mar 24, 2013

when i make a trace route on an ASR 1001 router to 172.23.30.7 I get the following output:
 
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.99.192 0 msec
    192.168.99.191 1 msec
    192.168.99.192 0 msec
  2 172.23.30.243 1 msec 1 msec 1 msec
  3 172.23.30.7 1 msec 1 msec 1 msec
 
Is there a loop between 192.168.99.191 and .192 (this are two routers with hsrp .190) or is this normal behavior when using trace route on an asr 1001?

View 2 Replies View Related

Cisco Switching/Routing :: ASR 1001 - IKE Phase 2 SA Expires Immediately

Dec 11, 2012

I am migration an IPsec site to site VPN config to a new ASR1001 router «facing» a Linux box (ipsec-tools + racoon). As the Debian Linux does not offer VTI, I am using a crypto map.
 
The working config is given below with the corresponding logs on the Linux side.
 
When I try to apply this previously working config to the ASR1001, I get the following error :
 
000855: *Dec 12 18:28:21.859 UTC: %ACE-3-TRANSERR: IOSXE-ESP(14): IKEA trans 0x1350; opcode 0x60; param 0x2EE; error 0x5; retry cnt 0
 
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: initiate new phase 1 negotiation: 194.214.196.2[500]<=>130.120.124.8[500]
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: begin Identity Protection mode.
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: CISCO-UNITY
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: DPD
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt(code)

View 8 Replies View Related

Cisco Switching/Routing :: Deploy OTV Using ASR 1001 Between 2 Data-centers?

Apr 9, 2013

deploy OTV using ASR 1001 between 2 data-centers? We want to acquire HSRP localization there, but at this moment I can only see lots docs are saying how to do this on N7K, not ASR. I saw it has a FHRP filtering enabled by default when the OTV configuration is done, and also see there is a access-list created by default call otv_filter_fhrp, Im just wondering besides this IP ACL there should be MAC ACL applied?

View 3 Replies View Related

Cisco Switching/Routing :: ASR 1001 False Environmental Alert

Dec 18, 2011

I have a few new ASR 1001s throwing false environmental alerts.According to the logs, the inlet temp is in excess of 100 degrees C.When I telnet to the routers, they're well within tolerance (30-32C),Running 15.1(1)S and bug toolkit shows no related issues or caveats.

View 1 Replies View Related

Cisco Switching/Routing :: ASR 1001 - Adding Redundant Power Supply?

Dec 23, 2012

I was wondering if I am able to add a redundant power supply to an asr 1001 router that is in production without losing connectivity or causing any diruption to the Users  - is it hotswappable?

View 1 Replies View Related

Cisco Switching/Routing :: ASR 1001 - Configure CoPP / Unwanted Traffic?

Oct 30, 2012

I'm configuring CoPP for an ASR 1001 router with consolidated IOS XE Version: 03.07.01.S.  And I'm trying to use 'DROP' command under policy map to drop.un wanted traffic. But the drop command is not listed.

[code]...

View 6 Replies View Related

Cisco WAN :: ASA5510 Routing Through IPSEC Tunnel

May 20, 2013

I have an ASA5510 configuration that I'd like to add to.In this configuration there is a site to site IPSEC VPN tunnel to a remote location.It is tunneling a particular subnet for me and everything is working.In the remote subnet, there is an ASA 5525-x connected on the outside interface. Let's say for argument's sake, the outside IP is 210.0.0.1.On the Inside interface, i've configured 10.240.32.0/24 network.The only static route I have configured on the 5510 is the default gateway that goes to the ISP.I assumed that I have to add: route Outside 10.240.32.0 255.255.255.0 210.0.0.1 1.I did this, but i'm not able to reach the destination 10.240.32.0/24 network. I can't see anything hitting the 5525-x and the only thing I see on the 5510 is the building outbound ICMP and the teardown for the ICMP.

View 6 Replies View Related

Cisco WAN :: 1941 Router - Enable IPSec Virtual Tunnel Interface With Tunnel Mode IPv4

Sep 23, 2012

I'm in process of purchasing a new Cisco routers for our branches that will be used primary to enable IPSec virtual tunnel interfce with "tunnel mode ipsec ipv4". does the default IOS IP Base supports this feature? or i need to purchase DATA license or SECURITY license?

View 4 Replies View Related

Cisco Firewall :: ASA Trial License 5500 Required

Feb 24, 2011

Is there a Security Plus trial license available for the ASA 5500 series? I currently have one sitting around that I would like to use for testing, but it only has the base license.

View 2 Replies View Related

Cisco Routers :: Set A VPN IpSec Tunnel GW To GW Tunnel Between RV110W

Oct 17, 2012

I am using a Cisco RV110W (Firmware 1.2.09) in a branch and I would like to create a VPN Tunnel to another site that has a Cisco RV042 (firmware v4.2.1.02)
 
What would be the correct Configuration? the current configuration I am using is
 
in the RV042 i am using
 
Check Enable 
Local Group Setup
Local Security Gateway Type : IP Only
IP Address : RV042 Pulbic IP address

[Code].....

View 3 Replies View Related

Cisco Wireless :: AIR-LAP-1141 / Is License Required To Upgrade From LWAP To Autonomous

Jul 7, 2011

I have a customer who accedentally got a AIR-LAP-1141.  He needs it to be autonomous.  If I convert from LWAP to Autonomous, will there be a licensing issue?

View 1 Replies View Related

Cisco Firewall :: Is It Required For 3des License Upgrade For ASA 5510 To Reboot

Oct 1, 2012

Is it required for the 3des license upgrade for the asa5510 to reboot for the further configuration of site2site tunnels.

View 1 Replies View Related

Cisco VPN :: 3020 - License Required To Deploy VPN Solutions For Remote Users?

Apr 9, 2012

Currently we have a CISCO 3020 VPN Concentrator to terminate Lan-to-Lan tunnels and have our mobile workers connect via CISCO VPN client (300 users-employees and contractors-). Since this device is coming to an EOL this year  we purchased a CISCO 5520 (below are the current licenses on it)
 
The licensing seems rather complicated, therefore this is my question:
 
- What VPN solution do you recommend for our users and contractors? it is my understanding the CISCO VPN client does not work with ASA 5500 series devices
 
- Is there a license needed to deploy VPN solutions for our remote users(employees/contractors)?

View 3 Replies View Related

Cisco VPN :: IPsec On 2951 Required

Jan 10, 2010

setting up IPsec for a DMVPN between a 2811 and 2951s in a test lab.  I have enabled IPsec on the hub (2811) but I am unable to do so on either of the 2951s.  After researching, it seems that I may have the incorrect IOS for this, but I am at a loss which IOS I should be using. Currently the 2951s are on "c2951-universalk9-mz.SPA.151-2.T2.bin" and the only crypto options.

View 9 Replies View Related

Cisco Switching/Routing :: 7600 SIP-400 MIB Required

Apr 14, 2010

I have Cisco 7609 router and we have observed that router is rebooted due to the following error ;SLOT 3: Apr 13 16:06:26.621: %CARDMGR-2-ESF_DEV_ERROR: An error has occurred on Egress ESF Engine: Control Store Parity Error SLOT 3: Apr 13,Slot -3 we have SIP-400 card. We would like to know if there is any MIB which can monitir such reboots.

View 1 Replies View Related

Cisco Switching/Routing :: 10Ge Interface Can Be Set Down To 1Ge If Required

Nov 17, 2011

How to confirm if a 10Ge interface can be set down to 1Ge if required ?

View 4 Replies View Related

Cisco Switching/Routing :: Required Power For WS-SVC-NAM3-6G-K9?

Oct 1, 2012

What is required power in Watts for this card in Catalyst 6500? Or the "show power" ouput with this card included?

View 2 Replies View Related

Cisco Switching/Routing :: 3560G Upgrade Required

Feb 20, 2013

I have a  WS-C3560G-24TS-S running  12.2(50)SE5 with IPBASE. I have been told that the functionality i seek (multicasting) is only available in the IPSERVICES version of the software. I was reading up on upgrading and saw that i needed to do a show license and get the UID and Serial number and get a license that is tied to my box. But the show license command doesnt work wtih my box. i then found something that said that the 3560's were special in that way. Im not sure how to get this box upgraded. I have a different 3560 running the IPSERVICES elsewhere in my organization. Can i take the IOS Version and  update my switch to that?

View 3 Replies View Related

Cisco Routers :: RSV 4000 - Additional License For IPsec VPN?

Jan 4, 2012

RSV 4000 bundle with IPSECVPN.  Any additional license for IPSECVPN ?

View 2 Replies View Related

Cisco VPN :: 5510 - How To Create ASA / VPN Tunnel

Jun 11, 2013

We currently run dual ASA 5510's in A/S config on our main campus. We would like to create a VPN tunnel to a branch campus. Trying to decide between a 5505/5510/5512x, We would like to extend many of the capabilities of our network to the branch campus which will be 20-50 users on a 50mb/10mb internet connection.
 
Domain login
System Center workstation management
Cisco WCS
Shoretel voip
(Cisco NAC?)
 
Several different VLANs for wireless guest, student traffic, staff traffic, voip traffic, etc. Which device would be best and should we get the security plus license with it?

View 4 Replies View Related

Cisco VPN :: Create VTI Tunnel From 877 Router To ASA?

May 13, 2012

I woulke like to know is it possible to create a VTI tunnel from my 877 router to my ASA, rather than creating a cryptomap on the router ?

View 1 Replies View Related

Cisco Firewall :: Is ASA 5510 Firewall Required Any Subscription Or License

Nov 15, 2012

I am quite new to firewall, in my company one asa 5510 firewall is there.I configured inside, outside, dns, dhcp and nating.I need to config bandwidth limit (1Mbps) for inside port and I restruct like facebook, youtube and pornsites..And I heard that some subscription is required, really is it required?

View 1 Replies View Related

Cisco Switching/Routing :: 4900M Management Configuration Required

Dec 8, 2011

I am just going to deploy some new 4900Ms for a customer. Want to know if configuring management for 4900 (everything like NTP, AAA, SNMP , DNS ) is doable through management interface in management VRF and there are no caveats to be aware of.

View 1 Replies View Related

Cisco Switching/Routing :: Catalyst 2960S Stack Required

Dec 1, 2010

I have a new problem with Catalyst 2960S. We have four switch in a stack and now I get the message:
 
“%PLATFORM_RPC-3-MSG_THROTTLED: RPC Msg Dropped by throttle mechanism: type 37, class 14, max_msg 32, total throttled 73968 (hostname1-2)”
 
Traceback= 13A686C 160862C 160E0B4 15E2088 184FD48 18467B8
 
sh switch de
Switch/Stack Mac Address : 68bd.abc9.0000
H/W   Current
[Code]....

View 36 Replies View Related

Cisco Switching/Routing :: IOS Level Support Required For WS-X6748-GE-TX?

Nov 21, 2012

currenly running a C6509E, with a WS-SUP720-3B running IOS level S72033-adventerprisek9_wan-MZ.122-22.SXH3.  I want to install a WS-X6748-GE-TX blade and would like NOT to have to upgrade IOS at this time.  Future migrations are planned.  Can this be done? 

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved