Cisco Switching/Routing :: Internet Access To Users Using 871 Router
Jan 21, 2013
I'm currently undergoing CCNa academy so I got a "job" from my boss to configure Cisco 871 router. Unfortunately we just finished first semester at academy so there are some things that I'm still having hard time to understand. I managed to configure router so it connect to internet or to be exact it has internet access through another adsl modem that is in bridge mode. url...The problem is that users are not able to use internet when connected to this router. I'm able to access router through telnet ( ip 192.168.13.10) but that's it.192.168.13.0 255.255.255.128 is network that we use at work. 192.168.13.5 is IP address that is assigned to zyxel adsl modem ( If I'm correct, we could have used any address here since we are connecting this directly to router ? ) Zyxel adsl modem is connected to FA4 port on Cisco router. LAN cable is connected to FA0 port and from there it goes to switch ( it's some asus switch with 50 ports). [code]
If I ping google dns from router e.g. ping 8.8.8.8 it works. If I ping url... it doesn't work. Also I'm able to access router via 192.168.13.10 but if I use router as default gateway then I'm not able to access the internet.
View 8 Replies
ADVERTISEMENT
Mar 19, 2013
We have a Cisco 3750 stack connecting to the MPLS router, able to ping 8.8.8.8 - [URL], the internal users on their own Vlan can ping the default gateway the 3750 switch but no further, trace route from the PC/Servers stops at the 3750 stack.We have the switch configured to ip route 0.0.0.0 0.0.0.0 to the public interface in the MPLS router, from the switch I'm able to ping the internet.
View 17 Replies
View Related
Apr 15, 2012
I'm trying to allow 2 users to access as 2955 switch.
-admin privilege 15
-eousers privilege 2
When they both log in they just get to the user exec mode, how can I get them to go to their respective modes? [code]
View 1 Replies
View Related
Jan 30, 2012
I wish to block some url that users have access through my LAN .That's i wish to block icmp,access towards such sites, i wish to block icmp because dns will resolve the domain and they can access through ip address.what i have in place is a cisco 2800 series routers,
View 7 Replies
View Related
Feb 9, 2012
The goal is to add a 2801 router between a DSL modem and a switch and obviously still access the internet. I connected and configured as explained below and the results are:
- I am able to ping internet addresses from the 2801 router
- I am not able to ping internet addresses from userlaptop but I am able to ping LAN gateway (192.168.254.254)
I cannot understand why the internet requests from the user laptopuser are not routed to the internet but the router itself can access the internet.
INTERNET====DSLmodem=====CISCO2801=====unmanagedSwitch=====userlaptop
DSLmodem:
non-bridged mode and does the PPPOe authentication.
WAN interface: Dynamic IP address assigned by ISP
[Code].....
View 14 Replies
View Related
Oct 4, 2012
We have an ethernet port on Cisco router 1800 connected to the ADSL modem. The router does ip nat translation, but users complained it is slow when they access to internet. [code]
View 1 Replies
View Related
Feb 11, 2013
I want to set up my LAN to have internet access via my 2801 router.The 2801 router is connected to my home ADSL router.Now do I just configure a 0.0.0.0 'gateway of last resort' on the 2801 router pointing to the interface leading to the ADSL router ?Therefore, all traffic from my PCs that is internet bound will head out to the ADSL router and onto the internet.
View 3 Replies
View Related
Nov 21, 2012
the cisco 2921 Router has a default ip hhtp access class command found in it. Just i changed the default IP to the new ip i will use.The Router is accessable from the LAN only but not from the internet configured the Public ip . I think this is due to the standard access list 23 . how will i access the Router from the Internet using the Public IP.
View 6 Replies
View Related
May 28, 2011
got myself the Netgear internal PCI wifi adapter today & it works just fine on my Windows XP SP3 desktop.
The only problem I have is the question of restricting access to kids @ home. If it was an external USB adapter, I could have just taken it away but the concern is the device being an internal & always available one. The user configuration on the PC is such that there is 1 main administrator (The actual windows "administrator" account) that no one uses. Apart from that,
- 1 user with admin privileges (me)
- 1 limited account for the kid
- 1 admin privilege account for the kid again (for purposes like installation of games which require an admin account as mandatory)
I would like for the wifi PCI card to work only when I login to my account. There must be someway by which I could disable the device or make the internet inaccesible in the other accounts,, (but pls bear that 1 of the account that the kid uses also has admin privilege)
I tried disabling the device from control panel but in vain.. (tried something like the sys admins do in corporates ..) disabling the usb ports on the PC's in my office..!
View 14 Replies
View Related
May 28, 2011
got myself the Netgear internal PCI wifi adapter today & it works just fine on my Windows XP SP3 desktop.
The only problem I have is the question of restricting complete internet access to kids @ home. If it was an external USB adapter, I could have just taken it away but the concern is the device being an internal & always available one.
The user configuration on the PC is such that there is 1 main administrator (The actual windows "administrator" account) that no one uses. Apart from that,
- 1 user with admin privileges (me)
- 1 limited account for the kid
- 1 admin privilege account for the kid again (for purposes like installation of games which require an admin account as mandatory)
I would like for the wifi PCI card to work only when I login to my user account. There must be someway by which I could disable the device or make the internet inaccessible in the other accounts,, (but pls bear that 1 of the account that the kid uses also has admin privilege)
I tried disabling the device from control panel but in vain.. (tried something like the sys admins do in corporates ..) disabling the usb ports on the PC's in my office..!
View 4 Replies
View Related
Jan 10, 2012
restricting access to internet for roughly 20 users. Right now we are connected using broadbandand using dhcp as assigned by common switch. All pc's are in a common workgroup. recommend me the hardware / software required to restrict this access.
1. Will I require a router as well as a switch ? or should I simply get a new switch ( for more then 20 users ) This would mean static ip for all users.
2. My idea is to create a AD server and use websense on it so that users who require internet access can still open internet sites but will be restricted through websense proxy.
View 1 Replies
View Related
Feb 28, 2013
I have configured and tested an ASA-5505 that will be deployed at a customer's home. The ISP cable modem will connect to the E0 (outside) interface of the ASA. All other interfaces on the ASA are configured for the inside network 192.168.5.0/24. I have created a VPN site-to-site tunnel between this ASA and the UC540 to allow 192.168.5.0/24 subnet access to the internal networks on the UC540.
The user has requested that all the network devices used by the rest of the family will only need to connect to the Internet. They will not need access to the VPN tunnel and they will not need access to the computers on the 192.168.5.0/24 inside network. I was planning on performing the following tasks to get this to work.
View 2 Replies
View Related
May 16, 2012
I am able to successfully connect to my ASA5505 via AnyConnect via a mobile device. Upon doing so, I lose internet connectivity. My access list appear to be correct to I'm sort of at a loss.
[code]....
View 6 Replies
View Related
Oct 6, 2012
I have mobile users using air cards that connect to the network with a VPN product called Net Motion. Our firewall is a ASA 5510. Once connected to the Net Motion VPN server the user will get a DHCP address from our network. In the past we could not get the VPN tunnel to complete since our layer 3 switch (3750G IP services) has 3 egress points and the egress point that we needed the VPN traffic to go out of is not the default gateway. To solve this we had the air card carrier set switch our air cards to static IP addresses and using route statements for the public IP addresses and access lists we got it to work.
The problem with this is that every new air card we provision needs a static IP address. My question is would policy based routing work in this scenario? The problem has been that the VPN tunnel was not able to complete the negotitaion phase as the traffic came into the switch and was trying to go out the default gateway. The VPN client wont get an internal IP address until the VPN tunnel is created.
I would like to get away from using static IP addresses.
View 1 Replies
View Related
Apr 4, 2012
How does one configure the router so that Internet users can access internal company websites? The only thing that appears is the Cisco router login. Also I need to configure Terminal Services and its not on the list under Service.
View 2 Replies
View Related
May 1, 2013
Interestingly enough I've seen about 3-4 posts with the exact same problem and yet not a single one is ever answered.. The task is simple:
"username USER password 5 SOMEPASS role network-admin"
It consistently outputs: "String failed to match token pattern at '^' marker." - always the carat is at the first character in whatever password I input. I've ensured passwords I input meet the conditions of "password strength-check" and I have also disabled this feature and repeated with numerous passwords to no effect.
View 7 Replies
View Related
Jun 7, 2012
I'm trying to decide what switch to use as a core for 500 users. I'm currently looking at either 2 x 3750X stacks or 2 x 4500s with dual SUPs and PSUs, both options will provide the number of switchports required without the need for additonal access layer swiches. Which switch option is best to go for here? All of our services will be located in our data centre which will be connected using 2 1000Mbps MPLS circuits. I wont need any advanced L3 features and we are not likley to scale over 450 users. Also is it ok to use the dual switch stacks or chassis to provide the collapsed core/access layer or is it best to have a dedicated core (using one of the above options with less switchports) and having a dedicated accesss layer using 2960Gs for example. Our structured cabling terminates in a single comms room so we wont need to distribute switches throughout the office.
View 3 Replies
View Related
Nov 14, 2011
this is my confguration on cisco 881 . but i am not ablle to access internet from lan.
!version 15.1
no service pad
service timestamps debug datetime msec
[Code].....
View 1 Replies
View Related
Jul 26, 2012
I have Cisco 2960 switches deployed in my environment along with radius server authentication. Now i need to assign some roles to particular users (shutdown port, description) so what i need to do for this task so not all users have same privileges.
View 1 Replies
View Related
Nov 13, 2012
we recently upgraded from an RVS4000 router which didn't have this issue.
the problem; Internal users from Site A cannot access the external owa address.From Site A i can successfully ping both the external/internal IP addresses/names and they resolve correctly, including pinging the address ('mail.company.com") resolves correctly to the external ip address.
[code]...
View 1 Replies
View Related
Apr 1, 2012
I currently set up two LAN networks. But one of them (Router 2) will be open (no password). Will this create a security compromise? Can the Router 2 Users access information of users of Router 1?
Modem WAN > Router 1 WAN
Router 1 LAN > Router 2 WAN
The router 1 and 2 are broadcasting different networks and SSID.Is there any setting that I need to change, or this configuration is perfectly safe? both of them have DHCP enabled.
View 3 Replies
View Related
Jul 30, 2012
We have recently leased an internet connection in our office which comes from the service provider as radio link and BW is 2M. I have clients more than 60 that will share the connection and access internet. I have configured a Cisco 2600 router as below:
Building configuration...
Current configuration : 988 bytes
!
version 12.2
no service single-slot-reload-enable
no service timestamps debug uptime
no service timestamps log uptime
[code].....
So far I have read regard NAT it degrades performance as it need to translate every data packet comes from the source and goes to internet. So a question comes in my mind is there any other way how I can share this connection among users with private ip address? Or NAT is the only method to share internet connection among users with private ip addresses?
View 2 Replies
View Related
Feb 7, 2012
I have a Cisco 3620 router and I am trying to get internet access. My isp is comcast. All modem lights seem to be operational. But I do not have internet access. I can ping anything other then the router and I am on a home network.
View 47 Replies
View Related
Mar 2, 2012
I have a Cisoc 2610 connected to my network, 1 Ethernet port and a WIC-2T card. I have ther serial connection to the main router and the ethernet going to the switch. I can ping all device throught the network...but the 2610 can't ping any outside address (no internet connection). I have the internet connection going through my 3745 (which the 2610 is connected to via serial cable). I put a default route into the 2610 but still no luck.
Here are the running configs:
2610:
version 12.3
service timestamps debug uptime
service timestamps log uptime
[Code].....
View 11 Replies
View Related
May 14, 2012
is it possible to prevent the users with static IP's to connect the Network?We use Cisco sw 4500 series as an access and distribution switches.Is there any features on the switches that fit my request?
View 3 Replies
View Related
Jun 8, 2013
We have 2 nexus 7010 switches configured with HSRP in the network. For all the vlans core1 is Master and Core2 is standby. In the current setup we have external dhcp server and dhcp relay is configured for all the vlans on Master and standby switch. The setup is running the IOS 5.2
Activity Done: During the Maintainacne activity, we isolated core1 switch in the network by disabling the vpc/keepalive and all the uplinks from access switch. The core2 switch was master for all the vlans.
Issue observed: It has been observed that new users were not getting ip address from the dhcp server. The ethereal capture showed that dhcp server was not getting the dhcp requests from the core2 switch. We disabled the dhcp feature in core2 and enabled again with dhcp relay again configured on vlan interfaces .even after doing this no change was observed in behaviour. Finally we got core1 back in network by enabling all the links.
Observation: The moment VPC link came up between the core switches, users started getting ip's from dhcp. Then we started enabling all the uplinks on core1.Core1 again become master for all the vlans and users continued getting ip’s. Network running fine.
Further Testing
1. For one of the vlan, core 2 switch has been made primary and for new users checked the dhcp functionality and it was working fine. The aim was to identify if anything wrong on core 2 related to dhcp relay
2.Again we changed the priority for this vlan and made core1 master for the same. This time we disabled this vlan on core1 and tried new user with core 2 became master and dhcp functionality worked fine for new user. Actually in this case we have simulated the same behaviour when we observed the issue with only difference of VPC was not available during the issue time as core 1 was isolated form network
Inputs needed.
Is there any known behaviour for dhcp functionality when VPC is unavailable? If we see the test scenario2 (wherein core1 was master for the vlan and we disable this vlan on core 1 and core 2 was able to relay dhcp requests for new users in this vlan.) it was actually same as scenario we observed during issue time..
View 7 Replies
View Related
Feb 25, 2013
I have installed the six new WAP with model Cisco AIR-SAP2602I-E-K9, and we have two SSID for the new WAPs. When the users are connected to this WAP they can able to access the intranet but not able to access the internet. What could be the problem? I have checked and verify that they can able ping to the IP address of google from the CMD but when try from internet explorer they are fail (both with www.google.com & with IP address of google).
View 2 Replies
View Related
Mar 16, 2013
i have one SF300-24p switch where i setup some Vlans and echolife hg8245 ONT router to access internet. the diagram is the following
VLAN1 (Subnet of users) -----> Switch SF300-24p
VLAN2 (Subnet of users) -----> Switch SF300-24p
VLAN3 (HG8245) -----> Switch SF300-24p
VLAN4 (Servers) -----> Switch SF300-24p
i want to control access to internet on VLAN1 and VLAN2 (access on VLAN3), while providing access to VLAN4.My problem is in connecting to internet, i can't find a way to "route back traffic to VLANs 1 and 2 since HG8245 don't seem to provide proper static routing ON LAN interface. Maybe without resorting to changing the HG8245 router ?
View 1 Replies
View Related
Jun 12, 2012
We have cisco 3550 switch i have configured 3 vlans in this switch vlans are not able to accessing internet
View 7 Replies
View Related
Oct 31, 2012
i have router 1841 have 2 interface.i make routing between vlan by subinterface in router and in switch trunk but vlan 5 cannot access internet
View 3 Replies
View Related
Aug 12, 2012
I have 5 SVIs configured for VLAN Interfaces 121-125 for my vSphere environment.
All VMs can ping IPs on all the VLANs (VMs on VLAN 124 can ping VMs on VLAN121)
All VMs, except those on VLAN 124, can access the Internet or even ping my router IP.
If I change one of the VLAN 124 VMs to use a different VLAN, and update the addressing appropriately, it can access the Internet.
The problem is exhibited with Windows and Linux VMs. So, I believe something in my switch setup is the problem with VLAN 124 in particular.
If i do a show vlan brief, VLAN 124 is listed.
If I do a show ip int brief, VLAN 124 is listed as upup. I also tried to shut o shut the VLAN 124 interface.
Only one specific VLAN has connectivity problems?
My topology is Catalyst 3560 to home router to Internet.
Here is my IOS image: c3560-ipservicesk9-mz.122-55.SE6.bin
Here is my show run output:
3560_02#sh run
Building configuration...
[Code].....
View 4 Replies
View Related
Apr 1, 2013
I am using a Cisco SG-300 28 port switch in layer 3 mode as my default gateway for all my devices. I have two vlans on the switch, vlan 1 and vlan 4. Both are pulling valid IP addresses in their scope from the DHCP server, and both have valid DNS settings. I set a static route to the Internet on the switch to our firewall (192.168.5.254). All devices connected to vlan 1 are able to access the Internet, however all devices connected to vlan 4 cannot get past the switch. A tracert from one of these devices shows it hits the switch as the gateway, but gets no further. [code]
View 4 Replies
View Related
Apr 16, 2012
I am trying to setup VLAN's in the company I work for and I am almost there but missing the part when the internet works.I have an SG300 as a L3 Router IP 192.168.0.93.I have created VLAN20 and VLAN40 Assigned VLAN20 192.168.2.1 and VLAN40 192.168.4.1
The static routes have been created and a default router going to the Sonicwall firewall at 192.168.0.1.Port 24 is configured as Untagged VLAN1, Untagged VLAN20 and VLAN40 in trunk mode and going to the Sonicwall NSA 2400. [code]
Working to move all 192.168.0.x network off of VLAN1 and move it a management switch.I have DHCP helper on pointing to the DHCP server.Both VLAN's once the DHCP server is configured to Gateway 192.168.0.93 can get an IP from the correct subnet either 192.168.2.x or 192.168.4.x
All PC's are getting a GW IP of 192.168.2.1 pr 192.168.4.1.All test PC's on both VLAN's can ping each other and any server with the correct GW.When I try to ping google.com or open a web page and try google.com it times out.
View 3 Replies
View Related
