I would like to ask if there are dual WAN router models on ISR G2. The client doesn't want the RV042G. Any model from the 890 series up to the 2900 series ISR G2 routers? The connection from the ISP is via Ethernet. If a serial connection would be used then we can just add an HWIC-2T for this matter.
View 10 Replies
Is it possible to configure the RV042G so that one WAN port is connected to an ISP with a static IP and the other to an ISP with a dynamic IP. Then, I would like to setup a VPN tunnel and use the static IP for that and have all the other internet traffic go through the dynamic IP.
I know I could set it up with the static IP as the primary and the dynamic as the backup. Then, if I lost connectivity on the static IP, I would still have internet access, only the VPN tunnel would be down.
We are connecting to a Cisco DPC3825 cable modem supplied by our ISP. It has been configured to act as a switch only. They have supplied us with 2 static IP addresses.
When each WAN port is connected individually, everything is fine. I see the IP addresses on the respective WAN port, and it is working fine.
When I connect both WAN ports to the modem at the same time, I see a large amount of traffic between the WAN ports, as indicated by the port LEDs, and the RV042G becomes completely non-responsive through its web interface.
How do I get the RV042G working with both WAN ports connected?
I bought a RV042G router some days ago to manage 2 adsl lines at my home. Everything works correctly except one thing : i can't configure the bandwidth management. When i go to "Bandwidth Management" menu, then "Bandwidth Management Type" then i choose rate control or priority and i a had some rules to priorize http protocol for example, then i click on save button. After a few seconds of internet usage i loss connectivity to the router and internet and 192.168.1.1 became unreachable to ping. I had to unplung the power cord to restart the router, the same problem still occurs until i remove all the rules ! Some times i even had to do a factory reset because my adsl modems are unreachable behind the router (unable to ping the gateway).
View 4 Replies View RelatedI would like to make a design with 4 Nexus 5596UP. 2 of them equipped with Layer 3 Expansion Module so they can serve as core layer and the other 2 Nexus used as Layer 2 for aggregation server layer.The 2 Nexus in the core layer will run HSRP and will peer with ISP via BGP for Internet connection The 2 Nexus in the aggregation layer will be configured as layer 2 device and have FEX and switches connected to them.What I am ensure of is how the vpc and port-channel configuration should look like between the 4 nexus. What I was thinking is to run vpc between the 2 Nexus in the aggregation layer and between the 2 Nexus in the core layer. Than I was thinking of connecting each Nexus in the aggragtion layer to both Nexus in the core layer using port-channel and vice-versa.
View 3 Replies View RelatedWill 2811 Router with 4 switch port module, How to do dual ISP configuration on this router.
View 10 Replies View RelatedI've 3 interfaces on router:
Gb0/0-ISP01 with DHCP client
Gb0/1-ISP02 Static IP 192.168.2.x/24
Fa0/0 - LAN 192.168.1.1/24
I want to know, how to configure:1. Set the IP of interface Gb0/0 as dhcp client from ISP01 and make it as default route.
2. How to configure the ip nat.....overload?
3. How to use the ip sla to monitor internet connectivity to 8.8.8.8 for ISP01, if it fails, to go to ISP02.
Basically I have a simple LAN of 30 users and 2 servers that sit on a private address range (192.168.1.1 - 254). I have a Cisco 1921 router with 2 Gigabit Ethnet interfaces and have installed a 2 port Ethernet module to expand interfaces,I have Two Internet providers that provide me an Optic connection to a converter and then a CAT 5 cable. On both of these connections have private public assigned IP addresses.I have a email server and webserver on the LAN (192.168.2 and 192.168.1.3) and with to port forward various ports to these servers - 25, 80, 443 3389, and 2222.
In my external DNS I have two MX records for the mail server (mail.globalhomegroup.com) that point to 2 A records - one record for the publicly assigned IP address of one ISP and another IP address for the other ISP. Ideally what i would like is for mail to be delivered to the first ISP Ip address - the one with the lower MX weighting and then if that line goes down, through the IP address of the second MX record - the backup ISP we are using.
So I guess I am port forwarding to the inetrnal server IP addresses via one of the two external interfaces.At the same time I need to allow internal users to access HTTP, HTTPS etc.So I have managed somehow to configure the external interfaces of the routers to connect to the ISPs and have managed to assign IP info to intenral LAN interface. I can telnet to the router from the Internet via Dialer0 or Dialer1. Other than that I am totally stuck - I have tried to configure and debug NAT etc but cant see wood for the trees now. Basically the port forwarding is not working and i am not sure if the config I have done is in anyway correct.
I am working on a network which has two ISP connections (Active/Active) terminating on router (ASR1000). From the LAN side (6500 switch) all the traffic need to be route on ISP1 but some of the specific subnets like 10.250.0.0/16 need to be route on ISP2 connection.
I am planning to use PBR and NAT with route maps. any documents or refrences are provided.
(access switches)---------(core switch)----------(routers)----------------(ISP1)
----------------------(ISP2)
At home I have a Cisco 877 router, I also have Optus Cable internet and Telstra Business Direct DSL. I have configured the ATM interface for the Telstra DSL connection through the onboard DSL interface. I have also configured Fast Ethernet port 0 as a vlan2 port, which is configured for use with the Optus Cable internet (this is connected through an Optus Netgear CG3000 router). The Nethgear has DHCP enabled (192.168.0.xxx range), as does my Cisco 877 (10.0.0.xxx range).Firstly, the Telstra Business DSL is due to be connected tomorrow between 9am and 1pm, so it is not physically connected as yet.From my laptop connected to fa3 and using Console connection, I can ping all of the 192.168.0.xxx addresses that exist, as well as my own laptop and a VoIP phone I have connected to fa2 (laptop is 10.0.0.100, VoIP phone is 10.0.0.101 both DHCP assigned, not MAC Reserved either).I can use internet explorer on my laptop to connect to the Netgear router, but no other internet pages. I also cannot connect to my Fuji-Xerox printer at 192.168.0.20 through the web browser, yet I can ping it from the router.I don't have a huge experience with Cisco as yet, and everything I have learnt has been basically self tought. I am looking into doing my CCNA, once I achieve enough funds Now, what I am trying to achieve ideally is, to combine both the Cable and DSL services to in effect double my speed? if this isnt available, a load-balancing type of scenario would also be good. Both DSL plans have a 500gb download limit, but the reason I needed the Telstra DSL is the VoIP phones I am using won't connect through Optus (Optus have locked nearly everything out), and Optus will not give me a STATIC IP address with the Cable, whereas I have on on the Telstra DSL, I would like to Remote Desktop into my main PC eventually.
The IOS on my router is: C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(6)T7
The Optus Cable Modem IP is 192.168.0.1, the Cisco 877 router IP is 10.0.0.1
The current config (complete, with username & passwords ### out) is below: (Bear in mind there's probably many things thats not needed.Once I get the router working, I will configure my 2960 switch and have all devices connected through this. All devices on my network do not need to stay in the 192 range, they can be 10.0.0.xxx. The DHCP could be disabled on the Netgear (Cable Modem) if that's required as well.
!version 12.4no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname N3813163R!boot-start-markerboot-end-marker!logging message-counter sysloglogging buffered 51200 warnings!no aaa new-modelclock timezone aest 10!crypto pki trustpoint TP-self-signed-116689578enrollment selfsignedsubject-name cn=IOS-Self-Signed-Certificate-116689578revocation-check nonersakeypair TP-self-signed-116689578!!crypto pki certificate chain TP-self-signed-116689578certificate self-signed 01 3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 30312E30 2C060355 04031325 494F532D 53656C66
[code]....
I have recently implimented an RV016 device into our network. We have a bonded T1 service with Paetec/Windstream (5 static IPs) and also a cable connection with Comcast (no static IP). The T1 has been our primary connection, and our MX and A records all use this IP address. I have the rules set and using a one-to-one NAT setup with our 5 IPs. Everything is working great with the T1 in place and email is flowing with no problems, however when I connect the cable into the WAN2 port and try to send email, its using that outbound connection, rather then the T1 and our spam filter is blocking it. So the email is rejected and we get this message below.
---------------------------------------------------------------------------
Delivery has failed to these recipients or groups:
xxxx@gmail.com (xxxx@gmail.com)Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.
The following organization rejected your message: (our smtp spam relay)
-------------------------------------------------------------------------
The reason for being rejected is just because it doesn't recongnize the IP address/gateway it is coming from.
My question is, how do I define that all email is sent out through our T1 connections IP address in the router?I see options for Advanced Routing or Bandwidth Management, but not sure what one I need to configure as I am not too familiar with these settings. I have Intelligent Balancer(Auto Mode) enabled as well by default.
The reason for adding the second internet connection is strictly for load balencing and getting some more bandwidth in our location.
I have to upgrade a Nexus 7010 with dual Sup engines from 4.2(4) to 5.2 and am hoping it could be an ISSU. We are fine with an outage window.To upgrade from 4.2(4) to 5.2(5) I'll have to do a multi hop upgrade from 4.2(4) - 4.2(6) - 5.2(5) and each hop would take 40-60 minutes.do I spend 40-60 minutes for each hop, or just do a disruptive upgrade straight from 4.2(4) to 5.2(5)? Like I said, we are fine with an outage window.
View 2 Replies View RelatedI have two Nexus 5596UP that will be connected together via VPC-Peerlink. From there I want to connect both 5596UP's to a 6509-VSS via VPC.The Nexus 5596UP's will be essentially layer 2 switches, all routing will be done the 6509-VSS's.
View 2 Replies View Relatedwe are trying to configure 1841 with dual Internet connection with failover using track.
View 4 Replies View Related1. We now have SupA & SupB in the chassis, due to some mistake we have same IOS version but different feature set on them, although we configured redundancy mode sso, in the "show redundancy" we see Operating Redundancy Mode = rpr due to Software mismat, we now need to fix them as same feature set image, if I use "copy sup-bootdisk0:/xxxx slavesup-bootdisk0:/xxx", then write memory, does this cause any service/network interuption?
Available system uptime = 1 year, 1 week, 4 days, 9 hours, 21 minutes
Switchovers system experienced = 2
Standby failures = 0
Last switchover reason = active unit removed
[code]....
2. We did a failover test with this status, found that if we triggered supervisor failover, all modules will reload thus the services if interupped. How about after we make the Operating Redundancy Mode as sso, will this behaviour shows again? Or a stateful failover will happens, then modules no need reload?
3. We are using OSPF as our L3 routing protocol, after reference to the configuration, nsf should be enabled, we want to ask in the OSPF-domain nsf should be configured in all OSPF-enabled router or only 6500 which have dual-sup?
4. We also found that the interfaces(3 * Gig & 2 * TenG) in Standby supervisor cannot be use even enabled & configured, is it because we are running rpr mode now or will be the same even change to sso? Before customer have some older supervisor in 6500 non-e chassis, and they can use the standby supervisor interfaces as traffic forwarding, they use rpr-plus mode before, how about in sso mode?
One of the two supervisors in an IOS 6509-E did not come back up after a power outage. The failed supervisor in slot 5 was replaced and it booted successfully. However, the supervisor in slot 5 only booted up to a "Cold" state. I did notice the Hw version of the replacement module in slot 5 is 4.9 while the Hw version in the supervisor module in slot 6 is 4.8. What command do I need to issue to bring the supervisor module in slot 5 from "Cold" to "Hot"? [code]
View 4 Replies View RelatedI am looking to implement VSS using our two 6500 series switches. The "Recovery Actions" when there is a Dual-Active situation says that the active chassis that detects a dual-active condition shuts down all of its non-VSL interfaces (except interfaces configured to be excluded from shutdown) to remove itself from the network, and waits in recovery mode until the VSL links have recovered. Does this mean that the Active chassis gets totally isolated thus triggering the modules on the Standby chassis to be active ?
View 1 Replies View RelatedWe have CORE switch model : Cisco WS-C4510R-E with dual SUP 5 - 2 10GE. [code] Now We want to upgrade this IOS to the upgraded version.
View 3 Replies View RelatedCurrently our Cisco 3750 have one interface (port 1) that connected to our provider (Internap) with the IP 66.150.7.68 assigned. Now we want to upgrade to dual handoff L3 protocol. Below is the network configuration from Internap.
>>>> We have assigned the below /30s for each of the interfaces and will statically route the 66.150.7.0/25 down both interfaces.
>>>>
>>>>
>>>> 63.251.162.20/30
>>>> 63.251.162.21 - border1.sef003 - Internap side
>>>> 63.251.162.22 - your side
>>>>
>>>> 63.251.162.184/30
>>>> 63.251.162.185 - border2.sef003 - Internap side
>>>> 63.251.162.186 - your side
tell what command lines do I need to input on my Cisco switch for port 1 and 2 in order for the dual handoff to work correctly?
Doing a bug scrub on our dual core, dual Sup 720 6500s tonight. We are going from s72033-advipservicesk9_wan-mz.122-33.SXI4a.bin to SXI9. I want to get a second set of eyes on my script since I have not done this for about 1 1/2 years. Following this doc:[URL]
Script:
Backup
sh ver
remote command switch show version
[Code].....
I would just like to confirm whether dual stack hsrp is possible or not on 3750X both stack and non-stack.
The following is that I have to take care of this on the stack?
[Catalyst 3750 Software Configuration Guide, Release 12.2(55)SE]
[URL]
%FHRP group not consistent with already configured groups on the switch stack
I have 2 3750 switch stacks which I would like to have redundant trunks between them. This will provide two physical connections traveling through different geographical locations for redundancy in the event that a cable is severed. I couldn't find anything in regards to setup/config. Does it matter if I go stack1/switch1 to stack2/switch1 and stack1/switch2 to stack2/switch2 or should they cross to opposite switches like a stack cable? I don't think that should be necessary, but couldn't find any documentation. Should there be an issue with loops?
View 4 Replies View RelatedIn IOS verson 12.X there was a Bidirectional Forwarding Detection configuration however in IOS 15.0 this isn't available at least not with the same syntax. Is this feature not available in 15.0?
In 12.X this was the syntax of the command:switch virtual domain <number>.
I am interesting if 3560x supports ePAgP. I have VSS which is formed by two 4500x switches. Can I use 3560x, which is connected two both VSS members via 10Gb optics for Dual Active detection ?
View 2 Replies View RelatedI am trying to interconnect a pair of Nexus 5548 at adjacent sites, using 2 2960-S switches at each site, the reason being that the Multimode Fiber between the sites will only support 100mb and I need this up while I finish having SMF laid.
I have attached a diagram, just debating whether to use etherchannel or vPC - would like to hear some opinions...
Assume the interconnect between the 5548's needs to be 802.1q trunk
We are running a Cisco 887VA router for our internet access but of course the port connected to the internal network only supports 100Mbit/s. There are a few 100Mbit/s ports on the router; I was wondering whether it was possible to use more than one port to provide aggregation to get higher speed such as two ports providing 200Mbit/s? We are running Gigabit internal.
View 4 Replies View RelatedI have 2 x 6513 each with dual supervisor 720, and need to recover the enable password, is there a better method than removing one supervisor, disabling redundancy and performing password recovery on the single active supervisor module , before re-inserting the second supervisor and re-enabling SSO/RPR on the still active module.
View 2 Replies View Relatedcurrently nexus 2000 and nexus 7000 does not support dual connection. you can not connect to 1 nexus 2000 to 2 nexus 7000 chasis. But for the nexus 5000, you can. what is the problem to to support this feature on Nexus 7000s? 5000s and 7000s run same software.
View 1 Replies View RelatedI need to configure a 4507 chassis with two SUP 7 installed. I havenot done SUP redundancy comnfiguration and i was owndering
View 9 Replies View RelatedWe are planning to have attach topology with nexus 5548 using vpc. Let me know if this i possible. I want to configure dual NIC linux server using LACP active mode to connect to two 5548 in VPC for redudancy as well as use of full access layer bandwidth. On nexus this will be access port in single port channel in single VPC link.
View 1 Replies View RelatedWe have a problem of igh CPU Utilization in Cisco 4510R-with dual SUP V-10G modules.
Cisco 4510R switch is the CORE switch and have 30 no's of VLans. It was running PVST/PVST+ previously. But Now we have migrated to MST. But after upgradation the CPU utilization reached alomst 98%.
In a site we currently have 1 BT provided ADSL link which is currently terminated using their device which I believe is some kind of 2wire device, which is extremely slow due to distance from the Exchange (4Mbps)...We have a growing number of users here and want to install a second ADSL line from BT to give them increased performance.
We have a Cisco 2800 sat not doing much so I was wondering if I could use this to load balance the link? I know BT do not support MPPP so therefore the maximum any user can get will be the speed of a single link (4Mbps)...But basically how can this be done..
Can I leave the two BT routers in place and place the Cisco 2800 behind them, or do I need to purchase two ADSL modules for the 2800 and terminate the connection there?Also once done, what do I need to do regarding actually setting up the load balancing? I have seen this:
[URL]
But am unsure as to how relevant it is? I am not sure I understand what the ACL's are being used for? I just want all users on the LAN to load balance out...
Also I am unsure of this statement:You potentially need to add policy-based routing for specific traffic to ensure that it always uses one ISP connection. Examples of traffic that require this behavior include IPSec VPN clients, VoIP handsets, and any other traffic that use only one of the ISP-connection options to prefer the same IP address, higher speed, or lower latency on the connection.I do not understand why a established session such as a VPN client, would ever traverse the second ISP connection anyway?
We have some 4510R+E with dual sup 7e that have experienced problems recently. One of the sup 7e's crashed with a "critical software exception":
#show verCisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.01.01.SG RELEASE SOFTWARE (fc1)
<snip>
ROM: 15.0(1r)SG1
<snip> Last reload reason: Critical software exception, check bootflash:crashinfo_iosd
So I thought I'd upgrade to IOS-XE 3.2.0SG to hopefully resolve the issue. I was reading the software release notes and it says:
If you are upgrading to 3.2.0SG, you must upgrade your ROMMON to 15.0(1r)SG2.If they have dual supervisors, first upgrade your software to 3.2.0SG, then upgrade your ROMMON to15.0(1r)SG2 to avoid the resets uplinks issue (CSCtj54375).
And from the ROMMON release notes it says:
Download the cat4500+e-promupgrade-150_1r_SG2 program from Cisco.com, and place it on a TFTPserver in a directory that is accessible from the switch that is upgraded.The cat4500+e-promupgrade-150_1r_SG2 program is available on Cisco.com at the same location from which Catalyst 4500 system images are downloaded.
So I have several questions:
The only promupgrade file I can find is cat4500-e-ios-promupgrade-150-1r-SG2 (which doesn't appear to be the same as cat4500+e-promupgrade-150_1r_SG2 ). Where the correct file is?Since I have dual supervisors, it says I should upgrade the software, then the ROMMON. If I can do that (run the new software with the old ROMMON) why am I bothering to upgrade the ROMMON in the first place? (update, ok, I see the new ROMMON gives me enhanced crash info and will allow future upgrades without bringing down both supervisors at the same time).When these were ordered/installed, the licenses were all mixed up (I wasn't involved with that ). So the MDFs have dual sup 7e with ipbase and the IDFs have single sup 7e with enterprise services. Obviously, we want the enterprise services in the MDF so we can run OSPF and the ipbase in the IDF. But, OSPF seems to be running just fine in the MDF on ipbase. Are the licenses not enforced on these platforms? The release notes for 3.2.0 say ipbase doesn't support OSPF. So if I upgrade the MDF switches, will OSPF suddenly stop working?
The IP Base image does not support enhanced routing features such as Nonstop Forwarding (NSF) , BGP, Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), Intermediate System-to-Intermediate System (IS-IS), Virtual Routing Forwarding (VRF-lite) and policy-based routing (PBR).
