Cisco Switching/Routing :: Router 1941 But Can't Do Ipsec
Oct 10, 2012I did have a router cisco 1941 but can not do ipsec with it,i did take a smart net.
View 3 Replies
ADVERTISEMENT
Cisco Switching/Routing :: 1941 / IPSec Tunnel Up No Traffic?
Mar 7, 2013I have an IPSec tunnel configured on my Cisco 1941. The other device is an ZyXEL router.I can see the tunnel is up but there is no traffic.This comes out the show crypto ipsec sa
interface: Dialer1
Crypto map tag: CMAP_AVW, local addr 10.10.10.89
protected vrf: (none)
local ident (addr/mask/prot/port): (192.168.200.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (192.168.150.0/255.255.255.0/0/0)
current_peer 20.20.20.161 port 500
[code]....
Cisco Switching/Routing :: 1941 / K9 Unable To Ping Over Site To Site IPSEC
Jul 12, 2012I am trying to set up a site to site ipsec connection. AT site A, I have Vlan's 652-10.55.216.0/24, Vlan653 -10.55.217.0/24, Vlan 654-10.55.217.0/24 and Vlan655-10.55.219.0/24 and at site B, Vlan650-10.55.214.0/24 and Vlan651-10.55.215.0/24.The problem is that I am unable to get any associations when i do a "sh crypto isakmp sa"/"sh crypto ipsec sa" on either router at each site.I am also unable to ping by pluging in a laptop into the site at each site. Laptop at site A is set to access vlan 655 and laptop at site B is set to acess vlan 651. I can ping all the devices from one end to the other.I have turned on debug crypto isakmp, debug crypto ipsec, debug crypto ipsec errors but dont get anything at all as output.I have attached the sh run for each router Cisco (1941/K9) and switch (Catalyst 3750) at each site.
View 4 Replies View RelatedCisco WAN :: Adding IPSec To 1941 Router?
Jan 17, 2013I need to unlock IPSec to my 1941 router but I'm not sure which license(s) to purchase.
View 1 Replies View RelatedCisco Switching/Routing :: 1941 Router Cannot Get To Internet From PC On LAN
Mar 12, 2012I am having an issue accessing the internet from a PC on the LAN. I have configured the PC with the gateway of the router infront of the ISP to test. I can ping from the router to google or any other internet IP. From the PC I can ping to the GIG0/1 (Inside LAN IP) and the GIG0/0 (Outside WAN IP going to ISP) but I can't ping the Next Hop IP of the ISP or anything past that. If I do a trace route from the PC to the google IP address it hits the GIG0/1 Inside LAN IP Address but fails from there. Here is a cut down snap shot of the router configure
[code]....
Cisco Switching/Routing :: Setting Up VPN For 1941 Router?
Sep 6, 2012im having trouble setting up a vpn for a 1941 router this is what I have setup
crypto isakmp policy 10
encr aes 256
authentication pre-share
crypto isakmp key ########## address 63.247.48.50
[code]....
my whole problem comes about when i need to Nat 192.168.1.0 to 10.12.14.0/24 before it goes through the tunnel.
Cisco Switching/Routing :: 1941 Router Does Not Keep Config When Turned Off?
Aug 22, 2012I have a 1941 integrated services router that will not keep the configs. After several atempts of saving running config to the startup config, then rebooting the device. I am having to reload the configs manually from TFTP because they are gone. I have also tryed the "wr" command to see. Is there a proper way to shutdown this particular type of router?
View 2 Replies View RelatedCisco Switching/Routing :: Router 1941 Security License?
Mar 12, 2013I have a cisco router 1941 and i have uploaded before evaluation license , now i have already bought cisco security license .I have already installed on cisco router , but the problem the router is still using the evaluation license not the new license .
RSP#sh flash:
-#- --length-- -----date/time------ path
1 55088360 Oct 10 2012 06:04:10 +00:00 c1900-universalk9-mz.SPA.151-4.M4.bin
2 2903 Feb 4 2013 12:23:32 +00:00 cpconfig-19xx.cfg
[Code].....
Cisco Switching/Routing :: Factory Resetting 1941 Router
Oct 27, 2011What is the procedure to reset a 1941 router to factory defaults? I just recieved my1 1941 router. I connected it up to my Mac using USB. I got loged in using the cisco/cisco login and it said it will only work once and that I should create a new account. So I entered the command as directed on the screen and it gave my an error about the command. I verified it three times and each time it rejected. While I was looking online for an answer the connection timed out and now I can't get back in.
View 1 Replies View RelatedCisco Switching/Routing :: 1941 Router Interface Binding
May 16, 2012Router 1941 is installed with additional 4 Gig-interfaces card; we have 4 ADSL Router with 4 MB connections. I need to connect all the ADSL connection to the router 4 port and combine them into 16 MB, is there any way to combine 4 Gig interfaces?
View 4 Replies View RelatedCisco Switching/Routing :: To Setup NVI On 1941 Router - Configuration
Dec 9, 2012Here is my current config, how to enable and setup NVI on a cisco 1941 router.i think it would fix my issue but i'm unclear on how to implement it to test.
i would like to be able to access an internal server from an outside address.
Cisco Switching/Routing :: Convert 1941 Router To POE With 4 Port Switch
Dec 20, 2011I have a Cisco 1941 K9 Router. I want to add POE functionaltiy to it. Specifically I want a 4 port EHWIC POE switch to power a couple of AP's.
This is what I understand I need; Upgrade/replace the internal power supply with PWR-1941-POE power supply, This is supplied with a fan replacement also (not yet purchased).buy 1 x EHWIC-4ESG (4 port switch)buy 1 x ILPM-4 (inline daughter card / power supply board) I think the real question here is the 4 port switch... there are two types available one is EHWIC-4ESG=the other is EHWIC-4ESG-P=
Is there any difference between these two switch modules? or are they the same and the more expensive "P" version is simply supplied with the ILPM-4 daughter card for POE?
I have recieved via courier today 1 x EHWIC-4ESG, and found a ILPM-4 on ebay for a good price. WIll this provide POE through the switch EHWIC-4ESG?
Cisco Switching/Routing :: 1941 Router GE0/1 Port Burnt And Need To Configure
Aug 29, 2012I Have a Cisco 1941 router which had its GE0/1 port burnt out and we have since plugged in a module with 4 fast ethernet ports. I need to reconfigure the router such that at least one of the Fast ethernet ports can server the purpose of the GE0/1. GE0/0 connects to our Service provider and GE0/1 connected to the inside network.Currently, while connected to one of the ethernet ports, i can telnet into the router on the address 192.168.29.1. when i'm on the router, i can ping our remote site, network address 192.168.24.0 with no problem, but when i use the command "Ping 192.168.24.0 source 192.168.29.1" there is no response.
View 1 Replies View RelatedCisco Switching/Routing :: 4 And 8 Port Switch Module In 1941 Router
May 23, 2013My questions is can a 4 port PoE switch module (EHWIC-4ESG-P) and a 8 port switch module (EHWIC-D-8ESG) be used at the same time in a Cisco 1941 router?
View 1 Replies View RelatedCisco Switching/Routing :: 1941 Series Router Stopped Responding After Restart
Aug 12, 2012I am setting up a Cisco 1941 series router for our department in Denmark. As we quickly relised we had to reset the router to it's defult settings. As we comunicated with the router thorugh HyperTerminal, the router asked me to restart. After we did so the router only sends encrypted messages wich is unreadable. We neither get any respons in the terminal when we try to write commands back to the router.We have tried to use different terminal programs as well as the USB port on the router.
View 4 Replies View RelatedCisco Switching/Routing :: 1941 Port-Security With Router Switch Module
Feb 29, 2012I have a 1941 that I am going to deploy with a HWIC-D-9ESW switch module (I only need 3 switch ports but need the PoE). I am going to hang a 1262 autonomous AP off one of the ports but I need to configure MAC address port-security so that only that AP can pass traffic. I know the switch modules are 'almost' exactly like a switch for commands but I can't seem to enable or configure any port-security settings. Is port-security no available on the switch modules?
View 3 Replies View RelatedCisco Switching/Routing :: Unable To Login Through Console Port On 1941 Router
Mar 12, 2012I have a strange issue that I am having an issue figuring out. I am trying to login to the 1941 router through the console port. When I enter the username and password, which I just set, it fails. I am able to login under a different login but when I try to enter the enable mode the enable password doesn't work, which I just set as well. I can login with the TACACS+ login from a SSH session. Here is the line config:
line con 0
exec-timeout 15 0
logging synchronous
[Code].....
Cisco WAN :: 1941 Router - Enable IPSec Virtual Tunnel Interface With Tunnel Mode IPv4
Sep 23, 2012I'm in process of purchasing a new Cisco routers for our branches that will be used primary to enable IPSec virtual tunnel interfce with "tunnel mode ipsec ipv4". does the default IOS IP Base supports this feature? or i need to purchase DATA license or SECURITY license?
View 4 Replies View RelatedCisco VPN :: 1941 Disappearing IPsec Routes With RRI
Aug 26, 2012I am trying to set up a pair of 1941 routers in a HA configuration to act as L2L VPN gateways. The active router of the pair should distribute routes to the remote destinations using OSPF to internal routers. The VPN part is working fine and the routers are correctly advertising routes to internal hosts, however my problem is that when an IPsec sessions disconnect, the routes disappear and therefore internal hosts cannot reestablish a connection. If the remote end establishes a connection, the routes appear again and connectivity is restored.
My setup is as follows: (ASA) --> (pvpn01 & pvpn02 HA pair) --> (internet) --> (remote peer)
The other router in the pair has exactly the same config except with different interface IPs. The remote end is configured to talk to the HA address
91.216.255.248.The VPN routers are both running IOS version 15.0(1r)M9.
When I initially boot the routers, the route for 192.168.66.0/24 appears in 'show crypto route', and is advertised to neighboring routers. If I ping an address on that network an SA is established and stays active as long as there is traffic flowing. pvpn02#show crypto route
If I then stop traffic flowing over the tunnel and wait until the IPsec SA lifetime is expired, the route is deleted from the system routing table and therefore not distributed by OSPF. The result is that internal hosts cannot reestablish the tunnel as the other routers have no route to the 192.168.66.0/24 network.
Is this a bug, or is there another way to get the RRI routes to persist on the active router?
Cisco WAN :: 1941 - Multiple VRF BGP / GRE / IPsec Failing
May 17, 2011I'm trying to configure a Cisco 1941 to connect to multiple Amazon VPC instances. Each VPC instance brings up 2 x IPsec over GRE tunnels with BGP in to the EC2 cloud and enables flat extension of the corporate LAN. Basically. you can spin up EC2 instances in a private subnet and route to them across the VPC link from the corporate LAN.
The Amazon configuration is templated and not designed to support multiple instances on one customer access gateway - however, I want to overcome this and find a technical solution around bringing up a second physical router. I've got VRF configured and working for the first instance, but when we add a second VRF to the configuration IPsec fails. The second VRF is essentially identical to the first.
We're potentially looking at a licensing issue with IOS 15.x, the version we're running is...
ipbase ipbasek9 Permanent ipbasek9
security securityk9 Permanent securityk9
data None None None
[Code]....
However, the IPsec configuration is complete and all keychains etc. are in place as they should be.
Cisco Security :: 1941 - Unable To IPsec
Oct 10, 2012I did purchase a router 1941 universal k9 but i can not do ipsec on it, i took a smart net for that router in order to have or download ipsec on it.
View 1 Replies View RelatedCisco WAN :: 1941 ADSL Fail Over To 3G HWIC With IPSEC VPN
Jul 23, 2012The setup is a S2S VPN with failover to 3G HWIC in a Cisco 1941 however the IPSEC tunnel needs to remain up through 3G if ADSL fails.The failover works ok, however when plugging ADSL back in, the - "sh crypto session" shows both dialer 0, and dialer 1 with the crypto map session to the other side of the VPN and either side is now not pingable.The NoIP DDNS updater client runs on a server in the network and all IP resolution to host1,host2 works ok (other side of VPN is Cisco 1921 with ADSL HWIC and 3G HWIC). [code]
View 5 Replies View RelatedCisco Switching/Routing :: 1941 / Policy Based Routing With Two Default Routes
Jun 24, 2012I have a 1941 router configured for Policy based routing with two ISPs.Two static default routes configured to point the gateways of respoective ISPs with same metric.But the problem is, packets are going throug the one ISP only while doing traceroute.
N/W connectivity:
ISP1-----> <----------------------> LAN1
| Router |
ISP-------> <----------------------> LAN 2
Below is my configuration :
Current configuration : 5958 bytes
!
! Last configuration change at 05:18:56 UTC Mon Jun 25 2012
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
[code]....
Cisco Switching/Routing :: 1941 / K9 VPN Router MPLS IPVPN Point-to-point
Mar 15, 2012I have 2 cisco 1941/K9 vpn router. I have configured both with LAN ip address given by our vpn provider which is 172.10.10.1 and the other is 172.10.20.1. Both IP addresses are configured to GigabitEthernet port 0/0 on both routers.
1. Is it possible to configure our own set of ip address like 10.71.10.1 and 10.71.50.1 on the GE 0/0 port?
2. Or can we configure our own set of ip addresses (10.71.10.1 and 10.71.50.1) to GigabitEthernet port 0/1 and maintain the other ip addresses on port 0/0?
The first purpose is to have our own set of ip addresses for LAN connection and I will be able to connect or telnet whichever ip address or port is up.
Cisco Switching/Routing :: DHCP For PC At G0/1 From G0/0 For 1941
Mar 12, 2013I have this Cisco 1941 router with two Ethernet ports g0/0 and g0/1. The g0/0 is connected to office LAN with internet access. As my office LAN is DHCP, it will assigned a IP address for g0/0 since this g0/0 is configured as "ip address dhcp". Now my question is that i have a group of 5 pcs, namely PC1, PC2, PC3, PC4 and PC5 that is connected to the switch and one of the ports of this switch is connected to g0/1 of Cisco 1941. Is it possible that let say PC2 and PC3 (both DHCP enabled) could access the internet access from g0/0 and at the same time, the office LAN assigned IP address for PC2 and PC3 automatically?
Office Lan with internet access (DHCP) (Default gateway 10.0.0.1)
|
|
g0/0 (DHCP enable) (DHCP assigned IP address 10.0.0.138)
Cisco router 1941
g0/1
|
|
HP Switch
|
PC1 PC2 PC3 PC4 PC5
Is this operation possible? if possible, how to configure inside the router 1941 to achieve this objective?
Cisco Switching/Routing :: 1941 Cannot Login To CP
Oct 15, 2012I have just set up my Cisco 1941 router to my cable internet connection. I have access to everything, but I cant login successfully into Cisco CP.
I set up a new user with level 15 privileges and a secret password. I go to login via webbrowser and I put in my credentials, but I get rejected. I have tested the username and password via the CLI, and it works fine, I just cant seam to login to Cisco CP.
Cisco Switching/Routing :: 1941 Keeps On Rebooting?
Nov 26, 2012I've got a 1941 router that keeps on rebooting by itself every minute. currently, there's no power issue.
I've detected the show version returned a bus error. Is this an IOS bug?
ROUTER uptime is 1 minute
System returned to ROM by bus error at PC 0x222FE2D4, address 0xD0D0D71 at 14:27:13 SGT Tue Nov 27 2012
[Code].....
Cisco Switching/Routing :: 1941- Ip Next Hop Unreachable
Sep 11, 2012I have a strange behavior and a simple proble . I configured the following static route
ip route 10.84.22.0 255.255.254.0 10.84.23.254
That I advertsied in eBGP :
router bgp 65000
network 10.84.22.0 mask 255.255.254.0
the IP next hop 10.84.23.254 is cascaded on my customer LAN . At nominal time the router advertsed the route in BGP
pjnb1376#sh ip bgp nei 57.213.169.169 ad
Next Hop Metric LocPrf Weight Path
*> 10.84.22.0/23 10.84.23.254 0 32768 i
When the lan interface of the router goes down , the router still advertise the route !!! Even if the IP next hop
10.84.23.254 is not reacheable anymore ....
The box is a Cisco 1941 using
1900-universalk9-mz.SPA.151-4.M1
Cisco Switching/Routing :: 1941 - SSH Not Working From Internet
Feb 12, 2012I have a Cisco 1941 router configured using Cisco Configuration Professional... SSH management works from the LAN IP 10.0.1.254 and 10.0.2.254 Also, SSH management works from the LAN using the external domain name which resolves to the public IP address.
The problem i have is if I try SSH from the internet to the public IP.. nothing happens.
cisco1941#show config
Using 18498 out of 262136 bytes
!
! Last configuration change at 13:57:49 PCTime Tue Feb 14 2012 by admin
[Code].....
Cisco Switching/Routing :: Firmware Update For 1941 ISR
Mar 5, 2013I bought a secondhand small business router (model 1941 Integrated Services Router) for personal use. It runs version IOS 15.0(1)M1 software, which seems to work well, but I'd like to download a firmware update that addresess some of the security flaws in this software. When I tried the download process it told me I need to buy a service contract first? Is this right, or am I doing something wrong?
View 1 Replies View RelatedCisco Switching/Routing :: 1941 Specific Parameters
Aug 9, 2012I’m looking for some specific parameters of Cisco 1941 and not able to find them .
1. Maximum number of DHCP clients2. Maximum number of DHCP pools3. Maximum number of V LANs on trunk port.
Cisco Switching/Routing :: EHWIC4ESG Card Into 1941
Apr 4, 2013Recently my company buy a EHWIC4ESG card and put into the cisco 1941. The reason we buy this card is because the in built two network ports of cisco 1941 are being used up. g0/1 is being connected to the internet and g0/0 is being connected to the office switch (192.168.5.x)
We have two servers (192.168.6.x and 158.55.33.x) that required to be connected to this router 1941 where the router will be configured as VPN for external user to access this server.
The EHWIC4ESG card is put into the router 1941 and after typing the "running-config" command, i could see it create a vlan 1 interface and
interface GigabitEthernet0/1/0
interface GigabitEthernet0/1/1
interface GigabitEthernet0/1/2
interface GigabitEthernet0/1/3
[Code]...
Cisco Switching/Routing :: 1941 - How To Setup PBR To Have Two Host
Feb 22, 2012I have a 1941W that has a connection to my ISP (Gi0/1) and another connection to a remote lab (Gi0/0). Everything is working fine how it is setup. All my traffic from my internal networks can access the Internet and devices on the 192.168.201.0 /24 can access the Internet and the lab 10.89.0.0/16.
Now I want to have two devices (192.168.201.51 & .147) use Gi0/0 when accessing host 63.85.190.67. There is no route to this subnet since it reside in the remote lab. Here is what I have right now. How would I setup a PBR to have those two host use Gi0/0 when accessing 63.85.190.67
interface Vlan192
ip address 192.168.201.1 255.255.255.0
ip nat inside
ip virtual-reassembly (code)