Cisco Switching/Routing :: Can Use 857W As Simple Bridge?
Dec 1, 2012
I need to replace an ADSL modem and have a spare 857W. Can I use this to act as a simple bridge between the ADSL PPPoA connection and the FW WAN port?
[ CISCO 857W ]
ISP - PPPoA - BRIDGE - FW WAN
I have a block of Public IP's so the PPPoA Dialer 0 connection would get x.x.x.185/29 I would like to bridge this directly to the FW WAN port and set that to x.x.x.185/29 with a gateway of x.x.x.186/32.Currently I am using it in router mode with no NAT or FW and am losing a Public IP as I need to set the FW WAN as x.x.x.186 with a GW of x.x.x.185 I am setting BVI 1 as x.x.x.185/29 and Dialer0 as IP Unnumbered BVI 1.
I have a spare Cisco 857w that I am playing around with to learn.I managed to reset it to default, upgrade the ios to 12.4 However for the llife of me I cannot ping this device.
my trouble is I have a cisco 857w and I have never configured a wireless config for a cisco router before. Ok so i have had a go through the web interface (i know, last resort) and still no joy
Basically what im looking for is to have a visible (broadcast ssid) network with a password (WEP/WPA/WPA2, not picky) and it to be joined to the same vlan as the ethernet ports (VLAN 1).
I have an issue with a Cisco 857w. When I connect on via SDM I get a message saying "SDM has detected enabled debugs on the router. Because debugs degrade the performance of the router and of SDM, it is recommended that they be disabled". I've connected onto the router via telnet and ran the show debug command which indicates that dot11 debugging is on and when I run the command no debugging all it turns it off. I then do a copy run start and reboot the router and it comes back on. how I permanently disable it?
I'm trying to view the logs from a Cisco 857W router to a workstation running the Kiwi Syslog server. what I've done is the following:
Config term
Logging on
Logging source-interface BVI1
Logging Facility Local7 (or any other facility you want to allocate for this router.)
Logging [IP Address or Hostname of machine running Kiwi Syslog Server]
End
I see noting on the syslog server. Although I can see the log information on the router Also is there a command to stop the logging from generating or is this on by default.
I have a room cut off from the wired network by concrete walls (there are windows and it's a very short distance). There is a device in that room with a wired network adapter than needs access to the network. We'd like to use a pair of WAP4410N devices to get that room on our wired network over a simple "wireless bridge."
Would the following work?
Connect one WAP4410N normally with WPA2 Personal encryption and connect it to our wired network. Enable repeating of its signal.Set up the "remote" WAP4410N in the "cut off" room. Give it the same SSID and Encryption settings. Enable "Wireless Client Repeater" mode and uncheck the box labeled "Allow wireless station to associate". . . then use its RJ45 network port to connect to the wired device in the room. My biggest concern is the part in bold. Will the network port on the "remote" repeater function like that? So that any devices (or a switch) plugged into it will then be "forwarded along the bridge" to the main/local AP and then onto our network?
I'm just getting started with cisco kit so you will have to bare with me.I have a cisco 1841.i have a very wierd issue of routing...i cannot ping and browse through this.
A few days ago this was working properly, but I must have changed some things that adjusted some settings because I am unable to ping between 2 devices that are on the same switch, in the same network, in the same VLAN. I am able to ping to the VLAN interface on the switch.
This is my configuration (Catalyst 3560 Layer 3 switch):
ALGSWI01#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/3, Gi0/4, Gi0/7, Gi0/9
For a simple ether channel to work between 2 switches I have configured ports 1 and 2 on both cisco 2960 switches with the channel-group option like this:
interface FastEthernet0/1 channel-group 1 mode on ! interface FastEthernet0/2 channel-group 1 mode on
I thought the port-channel 1 would get automatically created but it didn't, should it? And under the port-channel interface should I set this as a trunk or do I do this on the 2 fa interfaces on each switch?
I am attempting to upgrade from a Cisco3945 to a ASR1002. On my Cisco3945, I have interface associated with VLANs. It appears that with the new IOSX, VLAN configuration has changed. Any config to setup a simple VLAN?
i have a simple router on a stick config which is providing dhcp to a customer SSID. however i don't want employees to stay on it and eat the band width since its open. the lease is set to an hour, is there anyway that i could set it so that once your lease expired it can't be renewed for 4 about 8 hours? I am using a cisco 2600 router in this setup.
I need to set up a L2 llink between my LAN and this 1921 router. I though IRB would do it but its not working yet. Here is the topology- I dont want to see another hop on this 1921 rtr so I hope I can just trunk it or something with IRB. Not working.
I have 3750 core/distribution switches with routing enabled in two offices connected with copper link and L3 port channel interfaces. NewOffice#2 has moved about 5 miles farther away from office#1 and I have to deploy new core/distribution switch connect it to old core#2 via F.O and move all access switches with it. Old core will stay in old #2 offices as a bridge between office#1 and new office#2 Office#1core<->copper (Ethernet) <->oldoffice#2core<->f.o. <->new office#2core How I should configure port channels ports on oldoffice#2 core to act as bridge between office#1 core/dist and newoffice#2 core/dist without changing anything else (ip, etc) on whole network
I have 3 VLANs here that need to be on the same network segment. They are going to be used by our Wi-Fi network (with Aironet APs), bound to 3 different SSIDs (as Aironet APs doesnt allow multiple SSID per VLAN), each one with a different authentication method and server.Is there a way to bridge those VLANs together with a Catalyst 3750 switch? I tryed configuring an IP address on one of the VLAN interfaces, then configuring a bridge with the vlan-bridge protocol (Catalyst 3750 doesnt have the "ieee" bridge protocol type) and put all 3 VLAN interfaces on the same bridge-group, but it didnt work (even with "bridge x route ip").I also tryed configuring IRB bridging, with the 3 VLAN interfaces on the same bridge-group and an IP address on the BVI interface (the way I used to do with old 2600 routers). Same result.(actually, I didint test to see if the interfaces are actually being "bridged", but I see neither of them can reach the router)
I have two separate offices in the same building that I'm trying to connect. They are physically far apart so I cannot connect them wirelessly. I have had an ethernet cable run from the main office to the second office and physically connected it to a WET200. I can see the WET200 on my router in the main office. In the second office, I want clients to be able to come in and connect wirelessly to the WET200 which will then connect them to my router and internet connection. The WET200 is the correct device for this?
In preparing for an upcoming upgrade of our serverswitches (N7K and N55K), I've run into a wellknown issue with ISSU and Bridge Assurance, where ISSU is not supported when, among other, BA is enabled.
My topology is quite simple (see attatched jpg). A pair of N7K's as distributionlayer switches running in vPC mode with BA between them. The N55K's are dualhomed across the two N7K's through vPC, but each N55K operate indvidually, that is vPC is not running between them. The jpg shows a simplified topology, but I have several N55K's attached.
During the deployment of this network, we enabled BA downstream towards the N55K. In hindsight, maybe I could have excluded this option, but currently it's in operation and is also hindering me in doing ISSU on my N55K's. Now, the easy solution would be to simply revert to normal span-type mode and since the N55K is running LaCP upstream towards the N7K's, we've managed to stay clear of STP's shortcomings, so I believe I'm good even without BA.
Unfortunately, I don't have sufficient equipment at my disposal to set up a lab and test the impact of disabling BA between the N7Ks and N55Ks in a running enviroment. And since our server/application enviroment is somewhat fragile (that's putting it mildly), I'm trying to come up with an educated guess as to what impact to expect, if I concurrently (or as close as a manual intervention can get) re-configure the two ends of the channel to use span-type normal. I would expect the upstream port on the N55K (channel-port) to temporarily be suspended and having to go through the usual rstp cycle on both ends before coming operational again.
We have a 6513 with about 8 switches in it. I installed a Intel Pro PT NIC in a Dell PE2850 and setup the Team setting which created a bridge in the network connections.
10 minutes later, every server connected on that 'blade' went down and rebooted.
This happened once before to another tech here (I didn't know at the time it would do this but after he saw it he pointed it out)
I`m trying to get a simple VRF and routing setup going.The "routers" are Cisco C3750G-12S-E.What I want to do is separate the management network form all else.The public network is illustrated with private IP ranges, these are really public ranges.
I think the best way to solve this will be using VRF for management, and regular routing for public network, right? Putting the management network in it`s own VRF.
The goal is to make a 877W to work as a wireless client of dlink dir320 and brigde the LAN&WLAN so than the LAN clients of 877W could take DHCP from Dlink 320 directly.
I config vlans 21-23 on 3750 A and B switches.I config B switch to be Root Bridge for all vlansspanning-tree vlan 1,21-23, priority 4096 sh span tree on B switch 3750B# sh spanning-tree.
We have an environment where users create a lot of bridge loops. We have tried to send E-mails about it and educate the users but it is almost a lost cause at this point. The loops are created when users don’t pay attention and they plug a patch cable coming off of an access port up to ANOTHER access port by mistake.
All of our access ports are from 3750 stacked switches. The way we tried to deal with this in the beginning was with BPDUGuard and ERRDiable (BPDUGuard) auto recovery. We turned BPDUGuard on globally and left BPDUGuard auto recovery at the default value (I believe it was 30 seconds). so a loop would be detected and after 30 seconds, the switch would try to enable the port and if the loop still existed, close the port for 30 more seconds. Then we started having problems with printers getting "fried". Their NICs would die out and the control board would need to be replaced. After a lot of troubleshooting and testing, it was determined that allowing the ports to come out of ERRDisabled state would flood the network and the packets would generate in the millions per second range and fry the NIC of these printer.
The fix for this and saving the printers was terrible. We removed ERRDisable auto recovery and just let the ports that are looped stay in an ERRRDisabled state. We wait for the user to figure out the loop and try to use the port and then put in a work order. Then we physically visit the site and verify the port was shut (ERRDisabled) from a loop and we bounce the port (shut/no shut) and everything is resolved. I did lab tests with a switch looped and a printer on the switch and watched it fry. We have had no printers fry after we removed the auto recovery protocol at every location. Only the locations where loops existed and auto recovery protocol running were printers going bad. What I found during my lab tests was that each time the port was auto-recovered (yes, for that millisecond while it checks if a loop still exists), more packets were re-generated and eventually enough was re-broadcastthat printers would go down. We never had a problem with computer NICs. I guess the cheaper printer NICs couldn’t handle the broadcast storms created by this. I tried playing with the auto recovery timers and even the highest setting would eventually re-create these storms.
So my question is what best practices are others using? Should we get rid of BPDUGuard and just try to let spanning-tree handle these bridge loops? Is there something else I can try? I’m not CCNA by any means, just trying to do what I can in my environment. Manually visiting sites when loops occur is becoming more and more my job, though and I have plenty of other things to be doing.
I have two 6509s both with single FWSMs running in transparent mode with bridged Inside and Outside VLANs.I have my Core A set to STP priority of 8192 and Core B set to 16,384 to make Core A the root for all VLANs.Problem I have is when I look at spanning-tree on Core A for Inside VLAN 324 it states to get to the Root go via PO100 (Cost of 9) and that the Root also has a Priority of 8192, but as the designated Root has a lower MAC address it's pointing to the etherchannel. PO100 is L2 Etherchannel between the Cores.Moving accross PO100 to Core B and running the show spanning-tree command I can see that to get to the Root Bridge I need to go via PO272. PO272 is the internal Etherchannel to get to the FWSM on the Core B Switch. This shows a cost of 6 to get to the Root and a mac address of the Root Bridge which resides on Core A (Outside VLAN 124)To give some perspectibe,theoutside VLAN of the pair has it's STP ROOT on the Core A switch as intended?
I have an Extremely Old switch that I need to connect to my network. Because it is so old I don't want it to become the Root Switch.
what is the command to change the priority. (Honestly I don't remember if it has to be a lower number 1 or a higher number ). Always get that mixed up. I've read about root guard, but I would like to prevent it manually. (It is a small network after all)It is a Cisco 2950.
config to setup PPPoE on the cisco 831 router to be used with a modem in bridge mode. I have tired other peoples configs found on the web but, not all the commands were available on the IOS version thats on the router. Also note that I bought this as a used router and I dont have a service contract so I am unable to download an updated IOS. The router ver is 12.3(7)T9 and the IOS is c831-k9o3sy6-mz.123-7.T9.bin. Running config below is last tried still could not connect or get ip address from isp. [code]
I have a site that is very dense, but not high throughput. I have 4x48 port switches all 3560 and 1 2851 router. The switches are pretty much full to the brim but the site is never completly lit, they just like to move around a lot. However i wanted to provide this site with as much redundnace as possible. So my first thought was to build redundant pathing with the switches so that they could loose a switch and not have a single point of failure. So therefore I built a ring. SW1 to SW2, SW2 to SW3, SW3 to SW4, SW4 to SW1. To make this even more redundant against port hardware failure, i used two uplinks for each and built an etherchannel. is it good practice to use Etherchannel and Spanning Tree together?So i now have a good redundant LAN switching topology. I have multiple VLANs at the site so I am using Rapid-PVST. I did not set priorities on the switches as I don't think that is really truly necessary, but correct me if I am wrong!Ok so next step is to make sure that my WAN connection for all of these switches is redundant. I have a 2851 router, with 1 of the built in interfaces dedicated to our ethernet hand-off WAN connection (MPLS in this case using BGP routing). The other would be used as an uplink. I also got an additional card for the Router so that i can have redudant local LAN connections. I then built up some IRB bridges so that I could uplink the Router to SW1 and SW3. Is it good practice to use IRB Bridging on a Router to provide redundancy?So at this site i have the first part running, and it works pretty well but I have had 1 strage issue, which has to do with after a failure and re-convergence of spanning-tree, it seems that DHCP starts failing to work. I actually had to go into each of my switches make a dummy VLAN interface and put on helper-addresses to get them to work. They are not L3 switches (programatically speaking) so they should just forward the broadcast packet onto the router, which DOES have the helper-addresses programmed,Also at another site I have the bridge router setup configured, just without so many switches, and no etherchannel between the switches. This seems to work flawlessly, but the site is very small so performance issues would be difficult to spot since they are just thin-clients coming back to a Citrix server over a single T1.
Looks like cisco 857w does not support pptp client in my IOS version, only l2tp is supported. Does there is some IOS version I can upgrade/downgrade to configure cisco as pptp client?
we have a model CISCO857W-G-E-K9 with IOS version 12.4(15)T17 We're trying to install Cisco Configuration Professional Express 2.7 and in particular the package cisco-config-pro-exp-admin-k9-2_7-en.zip following the install guide we found here
There's no way it works. After we've format the flash leaving inside only the System image file that is "flash:/c850-advsecurityk9-mz.124-15.T17.bin" and the tar image denominated ccpexpressAdmin27.tar every time we launch the command
it finish with an error about impossible to extract filenames longer than 45 characters. So it stopped to uncompress the .tar files and it doesn't work. I can't understand why this happens and it doesn't seems to have a solution.
I have a Cisco 857W router which I have aquired without cost. I want to use the wireless abilities of this router to be the wireless point to get into my home lab while I am studying for my CCNA and beyond.
I have erased it to its factory settings. There is no ADSL connection to it just yet, I might connect in to my internet connection another time. Not just yet.
I dont even know where to begin. I have searched all the internet and there is nothing really anything there to guide me to set it up from the very beginning.
My client has an 857w, but although the site for the SDM express loads, the Internet WAN page always shows as blank. We need access to this to alter the ISP.On IOS 12.4(6)T5
I need developing a acl that can block a computer on the LAN from accessing the internet from midnight to 7am everyday. The router is a 857W, the computer is 192.168.2.33 the internal gw 192.168.2.254 (dialer 1 is 1.2.3.4).acl 101 deny tcp host 192.168.2.33 eq wwwwhat I need to figure out is how to add a time based acl to just this computer.
