Cisco :: Tracked Route Being Removed When VPN User Connects
Oct 10, 2011
I have a Cisco ASA 5505 with eth0/0 as outside and eth0/1-eth0/7 as inside.On the outside interface I have to IPS's. One cable and one dsl.My main connection goes out over my cable ISP.I have 2 static routes on the outside interface.One with metric 128 for my cable ISP.One with metric 254 for my dsl IPS.I'm tracking my cable ISP with a ping to their default gateway (only available on my cable ISP)Failover from cable to dsl works perfect when my cable IPS goes down and fails back when it's back online.My problem however is when a VPN user connects from the outside using the Any connect client.Every time, about 5-10 minutes later, my tracked route get's removed (message: 622001) and added back 15-30 seconds later.This of course drops the VPN user. It doesn't happen again if the VPN user logs back in after that. [Code]
View 1 Replies
ADVERTISEMENT
May 6, 2013
I have a route-map on a 6500 thats is very definitely no longer required. 2 attempts to remove it have been a disaster.
[Code]...
The route-map and access-list ae not being used at all. Anyny tips for how I can get this removed - for info the process is mush easier on 7206 VXRs.
View 7 Replies
View Related
Apr 20, 2009
We are using an ASA 5510 and remote access (SSL VPN) using the AnyConnect client.
Is it possible to display a user message when a user connects using the AnyConnect client, matching a specific dynamic access policy? Can the message be displayed when the action is "Continue" rather than "Terminate"? I can't seem to get this to work and wondered if there was a LUA function to do this.
We have a DAP which gives a restricted ACL when the user's anti-virus is out of date, and I wanted to notify the user to update their anti-virus and reconnect.
View 4 Replies
View Related
Mar 25, 2013
I have Cisco 1252 APs in my network and also a WLC with software 7.0.98.0 and a WCS system. In certain areas I have an SSID with 2 or more APs configured as part of the group. Some users are connecting to the SSID on the weaker AP when there is a much stronger signal available from a different AP.I have looked into this issue before and have been told it's a porblem with the client's Wireless NIC or the drivers. The issue is I'm using the most updates drivers on some users and it makes no difference. Although it may be a problem with my clients I need to fix this on Cisco's AP side. What are my options? I believe MAC filtering is only per SSID so that would defeat the purpose, can I filter by specific AP and still allow the user to connect to the SSID? Or should I seperate the APs from the 1 SSID and create multiple SSIDs so the user can select the stronger network?
View 4 Replies
View Related
Jun 3, 2013
Actually i have a design from my customer who have ( Cisco core switch 3750 (allports fiber ports) which is connected to L2 switches , these switches carry servers and end users .the only routing protocol on the access switches is static route ,
My question how can i route the traffic from the server to the end user , as the the server is not direct connect to the core switch.
View 6 Replies
View Related
May 3, 2006
why pppoe support has been dropped from 12.4 for the 1841's? (1801's 12.4 still supports pppoe)
View 6 Replies
View Related
Sep 23, 2012
we have noted the automatically removing of the only "nat (inside,any)" line, during the upgrade of ASA 5540 from 8.4(3) to 8.4(4) 1: why ?
View 1 Replies
View Related
Apr 10, 2011
I saw a USB sign at the down right down corner of my Remote Desktop Connection and I thought it was my usb storage device and I safely removed it only to find out that it was my network connection hardware. now I can't connect to remote desktop again. what can I do? I am using windows XP
View 1 Replies
View Related
Jan 18, 2011
EMC replication between two NS-120 devices is much slower then the WAN link should preform at. In fact doing a simply CIFS transfer off between same EMC hardware over same network results in much better preformance on par with expectations. EMC engineers believe the issue is due to the TCP Sack option being removed somewhere in the network layer between the two units resulting in data flow issues.
Site 1: EMC NS-120 connected to 1GB interfaces on Cisco 3750 switches. Traffic crosses IPSec Site-To-Site Tunnel over WAN link (20MB Internet connection) between Cisco ASA 5510 - 5540.
Site 2: EMC NS-120 connected to 10GB interfaces on Dell PowerConnect 8024 Switches
From what I understand TCP Sack option should be passed by default on all current Cisco switches / ASA equipment. Is that a correct assumption. For the most part we have not modified the standard features on any of the switches or firewalls. Would it potentially be removed in the IPSec Tunnel?
View 1 Replies
View Related
Nov 30, 2012
I was updating my Graphics driver (Nvidia Geforce GT 440) today and it asked me to update the other NVIDA things as well that I have. Apparently one was an Nvidia Nforce ethernet driver or something... So pretty much I chose yes. "Installed the Nvidia Network Forceware" thing it said. All of a sudden, my icon down at the bottom right went to a yellow caution sign (Limited/no Connectivity)... Thats where I'm stuck. I tried some of the following:Uninstalled that Nvidia Network Forceware thingWent to Device manager and played a little with it from other forums. (This is how I got my "Caution sign" back...at first it wasn't even showing my local network connection.)System Restored about 7 times...Nothing is working and I really don't know what to do about this situation.[CODE]
View 1 Replies
View Related
Nov 11, 2012
I'm facing a problem where certain port on my swtich keep grant and remove poe.
Nov 12 07:02:43.639: %ILPOWER-5-POWER_GRANTED: Interface Gi1/0/18: Power granted
Nov 12 07:02:44.399: %ILPOWER-5-IEEE_DISCONNECT: Interface Gi1/0/18: PD removed
[Code].....
View 2 Replies
View Related
Mar 12, 2013
I faced a strage issue as one of our router port cable was removed from the router port but the Port status is showing as up /up which made our HSRP state to active active causing an outage , The router we are usign is cisco 3845 and IOS is c3845-adventerprisek9-mz.124-8b.bin
View 4 Replies
View Related
Sep 8, 2012
Mistakenly 'removed' a PC from the network. I followed the instructions on the EasyLink Advisor to add a new computer: open the .exe file that contains all the settings onto the new computer. That didn't work. But even if I removed the computer (by mistake) I don't see why when she goes to log in to the wifi account, she can't just type in the password.how to add a new computer to the wifi WRT160Nv3?
View 1 Replies
View Related
Jun 26, 2012
On previous cameras (eg: the 932L) we could enable the FTP function to send a snapshot image every xx seconds, set a base file name, and set the Overwrite file function. On the 942L, this functionality appears to have been removed from the code. How I can get the 942L to FTP the current image every xx seconds and overwrite the file on the destination? (just like the previous cameras) Perhaps there is a new way and I can't find how to do it?
View 1 Replies
View Related
Sep 2, 2012
I had a problem during setup of a new module N7K-M148GS-11 into a Nexus 7000 10-Slot chassis.The module was powered-dn and removed by platform with the following message: [code]
Do I need to upgrade nx-os? There is a workaround?
View 3 Replies
View Related
May 26, 2013
I have a problem with dscp preservation on a WS-C3750X-48 catalyst; in my little diagram, his name will be SW2, so I have this:SW1 <-> SW2 <-> RT1. some phone connected to SW1 mark with dscp EF (46) the voice traffic.The "mls qos" was enabled on SW1 and SWt. The interlink switch ports has the "mls qos trust dscp" option, the phone port and the router port also.And the problem is I can see the dscp marking on the SW2 when I span the voice vlan on this switch but the dscp was removed ( DSCP set to 0) on the router port ( span on the router port for look )If I made also a packet capture on the router RT1, I see the DSCP was effectively reset to zero.If I disable the "mls qos" on SW2, of course all is fine and the dscp was preserved and forwarded to the router. [code]
View 2 Replies
View Related
May 10, 2012
i have removed the icmp inspection from my default policy-map in my ASA 5520,now i could not able to ping to 4.2.2.2 from my LAN even though i have configured an ICMP Access-list in my asa like ,but I can't ping 4.2.2.2 for testing the Internet connectivity,what shall i do to allow only my self as admin to ping outside?
-icmp permit host 192.168.60.60 echo
-icmp permit host 192.168.60.60 echo-reply
View 1 Replies
View Related
Jun 12, 2013
I have reconfigured the FEX numbers attached to a Nexus 5548 running on NXOS5.2 If I do show running-config the interfaces are not there anymore. But if I do show startup-config the old Fex interfaces still shows up. I did try write erase then saved the running-config and its still there.
View 1 Replies
View Related
May 23, 2013
I am going to be putting an SG200-08 (8 port switch) inside a 2U rack mount chassis. To enhance cooling I thought I would remove the outer case. Are there, or would there be any issues with using the switch with the cover removed?
View 2 Replies
View Related
Jun 24, 2011
I've enabled antispoof on all interfaces on asa 5510.If you start a traceroute to a network on the default route, everything works, since replies comes to an interface with route 0.0.0.0/0 defined.If you start a tracer route to a network that is NOT on the default route (let's assume coporate MPLS), you only get response from first carrier router, the other are discarded because of anti spoof violation.
I have ICMP inspection and icmp-error inspection enabled.
View 1 Replies
View Related
Apr 15, 2013
I have a Dell Studio 17 with a wireless internet problem. The wireless internet just stopped working with a message error "modem has been removed". When I try to plug in to a hard wire connection I can connect, but the 3G network want allow me to go on online without the above error messageand a message asking me to select the service you want to connect too, yet it still tells me that I am connected.
View 1 Replies
View Related
Oct 6, 2011
I've run into this before, but I can't figure it out this time. Running Windows XP SP3 on a Dell Vostro 1510 notebook with a Linksys WRT54G router wireless. Using Dells Network Assistant for management, so I cannot get to Windows wireless connection management directly.I have a connection to the internet with a Security Key. When I bring up a browser (Firefox or IE) I cannot resolve to a web site. There is a Cisco login screen that is forced. It's from a previous wireless connection on a different network at a different location.
View 1 Replies
View Related
Sep 22, 2011
We are running ACS 5.2 patch 6 and want to restrict access for users to be able to add devices to the system.For example, admin person in site A can only add devices into the site A group and cannot see/access other sites groups.
View 1 Replies
View Related
Oct 10, 2011
I want to create a local user in my Cisco ASA 5520 to allow the user to use the ASDM in Read-Only mode. I want the user to view the Dashboard only.
View 1 Replies
View Related
Nov 21, 2012
Is it configurable to allow wifi user to user traffic on WLC 5508?
View 4 Replies
View Related
Apr 29, 2011
A former coworker of mine setup VPN capabilities to our office network shortly before he left. It is no longer working. We can connect to VPN but I'm not able to ping any devices on the remote network or Remote Desktop to any of the server. After 30 minutes, the VPN connection drops. I have attached our ASA 5505 config to assist in troubleshooting.
View 3 Replies
View Related
Jun 13, 2012
We have a few users connecting to another companies Firewall using the Cisco VPN Client, we are pretty sure our PIX (sat at the edge of our network) is causing issues whereby after an unknown amount of time the VPN client will timeout and lose connectivity.I did outputted some level 7 debug to syslog and I cannot see anything that happens during the time he has lost connectivityI can see his RDP packets getting denied to the remote ends private IP address but nothing that shows a denial or a drop of anything from our pix.We are sure its this pix as we used to connect via a different route and a different pix and it never dropped
View 2 Replies
View Related
Feb 14, 2013
I have a 2811 that I can remotely VPN to using Cisco VPN client however I cannot see the internal admin network (10.35.5.0).
Current configuration : 4845 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
[code].....
View 2 Replies
View Related
Jul 11, 2012
This PC is connected to a Press machine in our Production area (Lan only with machine and PLC's) so I disable the LAN to the press then the 3G connection comes up with bps activity. I want to use teamviewer on the PC for remote support but teamviewer is unable to connect like it use to and its a free license. I tried internet explorer and "page cannot be displayed". There are no special proxy settings and DHCP IP. ( Windows XP with admin rights)
Whats confusing is even if the lan is disabled, the 3G connection would only come up now and then, but then I could add. The PC has viruses and very slow at the moment and I have loaded free AVG just to scan and clean some to see if it works. I cannot format the PC or something like that because there is production software and applications on with special settings that runs the R10 000 000 press machine and if the PC stops... trouble :/ I have ordered new PC for the press machine 18 000 Euros but that would take 12 weeks to arrive and if I could get the connection internet working on the machine it would be great.
View 5 Replies
View Related
Sep 23, 2012
Client connects to PIX 501 but cannot see the LAN in Windows Explorer.Devices can be pinged by IP and hostname (netbios name)I can navagate to a server by typing in \servername.Why can I not get a resolution from Cisco techs? [code]
View 1 Replies
View Related
Mar 24, 2013
We recently moved our network over to RV082 router and its working great, well now we want to take advantage of VPN for our sales staff.
I was able to setup the VPN and using a PC at a remote office I can launch the quick connect and it connects right away, RV0 even shows the user connected. However the user cannot ping anything on our network via name or IP, connect to any resources, etc...
My understanding was when the client VPN would connect the user would get an IP from DHCP (this is on our Server 2008 DC) and they would be using that address, but when I run IPCONFIG on the client PC they just have there standard IP from remote office.
View 8 Replies
View Related
Nov 21, 2011
I've got a VPN setup on an ASA 5510, it connects fine and my users, and myself are able to remote desktop, and ping. However, when accessing the servers by hostname I get nothing. When I want to access a fileshare I have to do it by IP. I've got my internal DNS added in the config.
View 3 Replies
View Related
Feb 2, 2011
After trying to configure remote client VPN access to a Cisco 2911 ISR using the CLI I tried to use the Cisco Configuration Professional. However, either way I have the same problem. A client can successfully connect and access servers but just once. When the client disconnects and tries to connect again there is no access to the servers even though the VPN tunnel appears to be up. I've tried multiple versions of the Cisco vpn client SW and all behave the same: 1st connection can access servers, subsequent connections can't. I've also tried a second (different) client after the original connection and still no luck. If I reload the router the client can get the vpn connection and access the servers but if the client disconnects from the vpn and tries again there is no access to the servers.
I've also tried it with and without NAT but it doesn't seem to make any difference.
The config generated using CCP is as follows:
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
[Code].....
View 4 Replies
View Related
