Cisco VPN :: 1841 - Connections In Between HO And Branch Locations

Oct 15, 2011

I have VPN connections in between my HO and branch locations. I am using ASA in HO and 1841 branch locations. One of the location is keep on disconnecting, why this is happening as i can see the configurations are identical to other locations.In 'sh crypto isakmp sa' output i can see multiple entries for this particular location, one with type 'L2L' and others with type 'user'.

View 2 Replies


ADVERTISEMENT

Cisco Firewall :: ASA 5515-X Route With Branch Locations?

Apr 17, 2013

We installed a new ASA 5515 about a month ago for the corporate office we also have 40 branch locations that feedback VOIP, camera, and Citrix to the corp location.  Each of the branch locations have a separate DSL connection with a local provider and all of them are dynamic IP addresses. 
 
The problem I have is that I cannot figure out a access rule to make the voip traffic work 100% of the time what ends up happening is five or six random locations change IP address's every day and I could not figure out how to create a access rule for that so I create a static route with that dynamic IP and then it will change a week or so later.  That's a horrible security risk and a lot of manual work.

View 4 Replies View Related

Cisco VPN :: 1841 / 881 - Setup A VPN To Connect To HO From Branch Office Through Router?

Jan 26, 2013

I have got two 1841 and one 881 cisco router. I can keep any one of this router at HO and remaining at branch office.  I have got a static internet IP at HO but dynamic IP at branch office. I want to setup a VPN to connect to HO from branch office through router. The branch connects through a private IP for internet purpose. Which VPN is the most secure and best for this purpose.

View 1 Replies View Related

Cisco WAN :: 1841 With 2 RFC1483 Connections?

Sep 3, 2011

Hardware: Cisco 1841 with 2 adsl wic's

Software: Advipservices-k9 12.4 25b
Skill: Just started
 
I got 2 RFC1483 bridged connections wich i want to combine in the 1841. What i want is 1 subnet (if possible) route normal internet traffic out on ATM0/0/0 Route 1 server and Voip box out on ATM0/1/0 What is the best way to configure this if it is possible with the hardware.Tried different things allready but no luckPretty much in all configs when i connect 1 line it works fine but when i connect the second one all goes wrong.

View 3 Replies View Related

Cisco WAN :: 1841 Securing E1 Back-to-back Connections

Aug 28, 2012

securing a back-toback connection using E1.The connection is between two cities, using 2x CISCO 1841 router + VWIC-1MFT-E1 interface at each city.
 
The E1 connections has been provided by our local telco, and they are completely private. The customer is a bank, and they asking me if this is a secure connection or not. If possible, we need to guarantee that no body can get access to the bank network even if they brought E1 modem at one of the ends (telco PoP).

View 11 Replies View Related

Cisco :: Locations CAC Reporting?

Jan 31, 2011

Is there any way to get reports on voice utilisation on WAN links so that CAC settings can be proactively managed for each location on our CUCM cluster? Our service provider is advising that this is not possible which means that we rely on customer/staff complaints to recognise where CAC thresholds are being reached. Our preference is to be able to run traffic reports (or the Cisco equivalent) as could be done on our previous (traditional) telephony network and provide additional capacity if and when required BEFORE congestion is reached, thus minimising customer/staff impact.

View 1 Replies View Related

Keep Surveillance On 2 Far Away Locations?

Jan 15, 2011

I need to keep surveillance on two separate remote locations, each on a different continent. They're both indoor locations and have broadband. One of these setups should be fully bidirectional so I can see them and they can see me, while the other location is unidirectional so I can see them but they can't see or hear me. In both of these farflung locations the people there have the computer skills of your average escargot, so it's going to be a complete and utter miracle if they can even figure out how to boot the PC. I would like to provide netbooks to each location and have them automatically launch a fullscreen webcam on bootup. How to get this set up properly so that it works in a foolproof manner.

View 1 Replies View Related

Cisco VPN :: ASA 5510 / Two Branch Communication?

Nov 10, 2011

I have an ASA 5510 configured with two L2L VPNs from the headquarter to two different branches.I m using the ASA “outside” interface which is connected to the internet in order to establish and configure the 2 VPN connections.  Branch 1 could communicate with branch 2 through the ASA?

View 1 Replies View Related

Cisco VPN :: ASA 5510 / Vpn Goes Down Intermittently For One Or More Locations

Mar 22, 2011

We are facing a major issue of VPN tunnel going down very often. I have 7 Site-2-Site VPN connectivity, this works fine for some days and suddently VPN tunnel goes down intermettenly for one or few locations and i need to clear isakmp sa for that speicific tunnel to come up.When tunnel goes down the vpn phase 1 status.....
  
6   IKE Peer: 125.18.0.38
    Type    : L2L             Role    : initiator
    Rekey   : yes             State   : MM_ACTIVE_REKEY
7   IKE Peer: 125.18.0.38
    Type    : L2L             Role    : responder
    Rekey   : no              State   : MM_REKEY_DONE_H2
  
After clearing phase 1 for specific tunnel the VPN tunnel come up.
 
7   IKE Peer: 125.18.0.38    Type    : L2L             Role    : responder    Rekey   : no              State   : MM_ACTIVE
 CINBLR01-SQDR-FIREWALL-00002# sh version
 Cisco Adaptive Security Appliance Software Version 8.0(4)Device Manager Version 6.1(5)
 Compiled on Thu 07-Aug-08 20:53 by buildersSystem image file is "disk0:/asa804-k8.bin"Config file at boot was "startup-config"
 CINBLR01-SQDR-FIREWALL-00002 up 1 day 17 hours
 Hardware:   ASA5510-K8, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHzInternal ATA Compact Flash, 256MBBIOS Flash M50FW080 @ 0xffe00000, 1024KB

[code]....

This platform has an ASA 5510 Security Plus license.

View 7 Replies View Related

VPN Routing To Branch Office?

Apr 11, 2012

I am trying to set our VPN connection to route to our branch office from a VPN Client. So far I did not succeed and at this point I am stuck.At our office we have a VPN Server which enables VPN Clients to connect to our main office with an IP Range of 192.168.104.0 with subnet 255.255.248.0 and a branch office with a IP Range of 192.168.25.0 and a subnet 255.255.255.0Internally on the LAN the routing is done by our firewall, which acts as DHCP and Default gateway. It connects the 2 LANs by a leased line.When I ping an IP address in our branch office from our main office I get a reply.

Now when a VPN client connects it gets a IP Address in the range of the main office from our firewall and the client can connect to all computers in the main office network. However if i try to connect to a computer in the branch office it does not work.I tried a static route in the Routing and remote access Server (which is Windows Server 2003 R2) and I tried adding a static route to the DHCP settings on the firewall. In both cases it does not connect from the VPN Client to the branch office.Searching the internet, since the examples are all based on a setup with a RAS Server on both networks. The LANs are already "integrated"/"physicly connected" trough the routing on our firewall and its leased line.

I also tried settings on the VPN Clients machine. Settings like "Use gateway in remote network" on or off and tried adding static routes. This did not work, since the Default gateway I must use is not on the same range as the home network and returned an error trying that.What I noticed is that the VPN Client gets a route which uses the VPN CLient IP as default gateway. Makign a static route like that will work (I think), but since the IP addresses for the VPN clients are obtained through DHCP and can vary each time, there is no way (i think) to automate adding a route with, for example, a batchfile that I could give to the employees connecting trough VPN because of the variable IP.

View 10 Replies View Related

How To Connect Two Branch Network

Apr 6, 2011

Win Xp ip is 192.168.0.41 one system & wix xp ip is 192.168.1.100 how can i connect to network

View 2 Replies View Related

How To Use 2 Wireless Routers Together In Different Locations

Jan 28, 2012

Has a small home network in 2 buildings with 2 wireless routers. He has fiber from the building where the dsl comes into, running up to his house where a second wireless modem is. Both are broadcasting DHCP but I only want one of them to do this. Ultimately I want his server(2008) to broadcast DHCP, but just one of the modems is fine for now.

View 1 Replies View Related

Connect 2 Routers In Different Locations?

May 1, 2012

I know how to connect 2 routers in 2diffrent states using internet.Also which service is used for that purpuse

View 1 Replies View Related

Cisco WAN :: Branch 867vae-k9 Atm Output Stuck

Mar 14, 2013

we installed two weeks ago a 867VAE-K9 as a border router for a medical practice.It's got two vlan interfaces for inter-vlan routing, only one Gi interface up in trunk mode to the core switch and the ATM for ADSL2+ connection to the local ISP. A cisco wap is on the secon vlan for the patients. There is a voip pbx on a linux machine that registers 5 trunks to an external provider (only one trunk is used right now, and it works fine).(Almost) everything works fine :-) Sometimes (it can be hours or days) the routing to the internet stops. The meds can still use the LAN accessing everything in it with no lag, and the patients can access the isolated SSID on a Cisco wap on the second vlan. They simply cannot surf the internet.
 
- DNS and local routing is fine
- the router is reachable through the Gi interface
- they can send and receive traffic to and from the 867 vlans' IPs
- the ATM, dialer 0 and virtual access are up, line protocol up
- the dialer has got the IP address negotiated from the ISP
- default route is negotiated through ipcp
- the controller vdsl 0 is in showtime! state
- from the outside we can ping the PPP peer, but not the IP of dialer 0
 
The only thing is the queue counter of ATM which shows drops and total output drops. Attenuation is fine, noise margin not so well. The point is that outside traffic to the internet is at low levels and the routing almost always stopped when no one was using the internet (i.e. out of office hours). It already happened 7 times in 16 days. The problem obviously is that voice traffic is impaired by the stuck router, and no med there is able to ssh into the router and re-activate the atm 0 with a shut/no shut.
 
It is not necessary to reload. A fast shut/no shut of the atm0 (no wait between the commands) will make it running again.We're activating the smarnet for this router to update dsl fw and ios image, but I thought I could post here before that.[code] As a brutal workaround till the update/fix, I was thinking about monitoring the reachability of some external systems and use snmp from the lan to shutdown/no shutdown the atm (though I don't even know if that would be possible from snmp on this router).

View 1 Replies View Related

Cisco :: Branch Office Setup With ASA 5505

Apr 23, 2013

I have a problem with a branch office setup, and I can't for the life of me think of what the problem is.I have a remote office setup, using an ASA 5505 that is set up to establish an easy vpn connection to the central network.  The connection at the branch office is a 20/5 cable modem, the central network has a 25/25 fiber connection.
 
The issue I have is this.  Wired clients work fine at this branch office, at least 95% of the time.  I have a lightweight AP there that can come up and join the controllers at the central network, no problem.  I haven't done anything with H-REAP because there are really no resources locally they need that would allow them to do their work, so all traffic is tunneled back to the WLC.
 
Wireless clients can authenticate to the AP, and I can get 15-20ms ping responses from them all day.  Latency never comes close to the 600ms proposed limit with CAPWAP.  Yet, for some reason the performance of the clients is problematic.  Webpages will frequently not load correctly, they experience some freezing, and with one application we use - it refuses to load completely.If we bring these same computers to an AP connected to our central network, on the same SSID, they work flawlessly.
 
Something about this particular location is causing a lot of grief for our users.For what it's worth, we are running WCS 7.0.230.0 and the WLCs are on 7.0.116.0.  The ASA is running a pretty basic configuration, pretty much out of the box with the easy vpn configuration entered.

View 7 Replies View Related

Cisco VPN :: VPN To ASA With Dynamic IP In Branch Office With 5505

May 22, 2012

I'd like to connect through a VPN the HQ office to a Branch using two ASAs.I have a 5520 in the HQ and 5505 in the Branch Office.My problem is in the Branch office where I have a dynamic IP (ADSL).
 
I couldn't find a example this kind of configuration.

View 7 Replies View Related

Cisco VPN :: Setting Up Two Separate 5510 At Two Different Locations

Nov 1, 2011

I'm setting up two separate 5510's at two seperate locations. The client wants two seperate SSL-VPN's; one for the HQ and one for the COLO location. They have a single domain for which I have added a-records to point to the corrosponding ASA's thusly: [code]
 
My questions is this: do i need to buy seperate certificates for each ASA/fqdn/IP combo? I'm using godaddy to buy the certs. If I do need to buy seperate certs, that makes the installation easier, but may waste $$. If I only need to buy one cert, how do I set it up so that both combo's are verified?

View 2 Replies View Related

Cisco Firewall :: 5510 - VPN Tunnel Between Two Locations

May 23, 2011

Firewall ASA5510. I'm planning to get one of ASA5510 for our office in order to secure our network properly, however we have quite specific routing configuration to allow us failover to the remote location (data center) in case of any disaster with our server. I'd like to find out if I can just install firewall between our ISP Ruter and internet and allow traffic to/from Data Centre. In this situation will I have to change routing configuration on Company Router or do I have to do anything with our Company Router

View 1 Replies View Related

Cisco VPN :: ASA 5520 / Failover Between Two Remote Locations?

Dec 5, 2011

I have 2 dual ASA 5520 devices running VPN at two geographically different locations. What is the best way to do failover between the two remote locations?i.e. can Cisco GSS / Cisco CSM/ACE be used and if so how would this work.

View 3 Replies View Related

Cisco Routers :: WRVS4400N - VPN Tunnel Between 2 Locations

Dec 17, 2011

I have establlished VPN tunnle between 2 locations
 
I can ping accros and access server resources on both LANs The problem is that from one location I can not access Internet
 
I can not ping by IP,when I do tracert it just reaches default gateway of this locations from other location(office) no problem

View 1 Replies View Related

Cisco VPN :: 5510 Unable To Ping Any Off Private IPs At HQ From New Branch

Jun 25, 2012

We have had a successful site to site vpn working for several months now. It is an ASA 5510 at HQ to a ASA 5505 at a branch office in another state. We just added a second site to site vpn in another state this time from HQ to a Sonicwall TZ100. After plugging in the Sonicwall to the Qwest modem in bridge mode the tunnel came right up. I was unable to to ping any off the private IPs at HQ from the new branch, but was able to use remote desktop into the servers and workstations at HQ. Also all the computers show up when browsing the network from the new branch.
 
At the first branch we are able to ping both ways and use remote desktop both ways.When using packet tracer in ASDM on the HQ ASA and pinging from one of the IPs in the HQ protected network to an IP in the new branch network NAT-EXEMPT looks good, but when it hits the first NAT it matches on the "dynamic translation to pool 10 (10.1.255.254) [Interface PAT]" (which is the default route for all the vlans to get to the Internet.)The next NAT (subtype - host-limits) looks better and this one going to the IP address of the outside interface of the HQ ASA 5510, but then the third NAT (Subtype - rpf-check) reverts back to the "10 (10.1.255.254) Interface PAT]" and the packet is DROPPED. Also there is no VPN step in Packet Tracer after NAT.[code]
 
Is the problem possibly due to the fact that my 2 new ACLs for "encrypt_acl-30" fall after "access-list global_mpc extended permit tcp any any" in the config and it is running into the implicit deny all?

View 8 Replies View Related

Cisco WAN :: 3845 Branch Router Has Two Type Of Connection

Apr 16, 2011

I have 3 Cisco Routers as following :G.SHDSL Router : Cisco 3845 withISDN and Branch Router : Cisco 2811.How My Network works :Branch Router has two type of connection ( First one : G.SHDSL link work as Main link and the other one ISDN Link work as Backup link )when main link goes down the ISDN link goes up ...( Note : i applied IP SLA with tracking ) ...

My Problem :i want to delete default route from ( G.SHDSL Router )0.0.0.0 0.0.0.0 dialer 3..My network works properly with these configuration but when i delete the default route 0.0.0.0 0.0.0.0 dailer3 , my network goes down ( Failover technique not works)

View 4 Replies View Related

Cisco Routers :: RV042 - VPN Tunnel Between Two Remote Locations

Jun 27, 2012

I have configured a VPN tunnel between two remote locations using static IP addresses on two RV042 routers. The tunnel seems to work but the problem is that when the two hosts attempt to ping each other only one can successfully ping. One PC with IP address 192.168.1.100 can ping across the network but the second PC with IP address 192.168.2.100 cannot. These are laptops seperate from the intranet used to test the tunnel. Someone had suggested NAT may be the issue so I enabled NAT Transverse on the routers but still no luck. The following is the results from a ping test.

PC 1
ping 192.168.2.1
 
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=116ms TTL=63
[Code] ......

View 1 Replies View Related

Cisco Routers :: WRVS4400N VPN Tunnel Between 2 Physical Locations

Dec 7, 2011

I have 2 WRVS4400N's installed in our network, one at each end of a VPN tunnel between 2 physical locations.  I continue to have issues with the VPN to "Stay" connected, even after purchasing another new WRVS4400N 4 months ago.  I can reboot both routers, and the VPN connects with no problem, but hangs up after a few hours / days (no pattern). 
 
I am taking a hard look at the issue now, as about 1 month ago, the newest router "automatically" reset it itself back to factory settings (thus interrupting nearly everything in our network).  After contacting support, we reset the router and re-configured it to our environment.  It is plugged into a surge protected UPS (yep, I thought maybe a power issue caused the problem, but it's not).  Then about 1 week ago, the other/older (9 month old) router lost it's configuration.  again, reset it and all works.  Including the VPN, but the VPN still works as it did before connects for a while, but then drops and generally I need to reboot the router to get it connected again (clicking on the Connect on either router doesn't work until after a reboot).
 
Also, in light of the recent "lost configurations", I turned on logging and now I'm getting TONS of emails of log activity, even when the network is idle (no users, no background jobs running). 
 
after rebooting and no inter activity, I get this kind of log, all night long (to me it generally looks like the VPN connection resets and increments by 1... I'm taking a guess that the increment hits a limit someplace and I lose my VPN).[code]

View 6 Replies View Related

Routers / Switches :: LAN Setup For 3 Different Office Locations?

Jun 28, 2011

I have 3 different office location and I need to set up a LAN so that all three are connected and can share info?

View 1 Replies View Related

Wireless :: How To View Cameras From Two State Locations

May 7, 2011

I setup one location (business retail shopping center) in maryland (using swann dvr/cameras- will switch to qsee) with no internet available.I setup another location (business auto shop) in virginia (using qsee dvr/cameras) with internet through verizon fios.I have internet through cox at home in virginia which I can view cameras remotely only to one location in virginia.

View 2 Replies View Related

Servers :: Share Database Program In 3 Locations?

Jan 26, 2011

We purchased a database program which has 3 licenses attached. This is a small non-profit org. We would all like to be able to use the program from our homes. What is the best way for all to share and update data to the same database? Would we all be able to work on it simultaneously?

View 2 Replies View Related

Can't Explain Network Speed Discrepancy Between Locations

Feb 6, 2013

why one of my two offices experiences significantly slower speeds when accessing the web. I'm a complete technology simpleton, so I haven't been able to figure out a logical reason for it. Here's the scenario:

Office 1..................................................Office 2
==========..........................................===========
Comcast Business.....................................Comcast Business
tests at 33 mbps down..............................tests at 7 mbps down
tests at 6 mbps up....................................tests at 3 mbps up
6 CPUs access Linksys SR216 10/100 switch..6 CPUs access 3Com Office Connect Ethernet Hub
switch accesses Comcast modem.................hub accesses Comcast modem

My laptop, and all other CPUs, perform significantly faster at Office 2.

Is it the difference between the switch at Office 1 v the hub at Office 2? I always thought they were sort of the same thing. I know I've taken some of the cables out of the switch in Office 1 and put them directly into the Comcast Modem and haven't seen any improvement.

Why on earth does my laptop perform so much better at Office 2. I've also moved desktops to Office 2 and they are noticeable faster at that location as well. I'm stumped. We access a major company's web site for account servicing, and it is twice as fast at Office 2...while using the exact same laptop.

View 3 Replies View Related

Routers / Switches :: How To Connect Offsite Locations Together

Jun 21, 2011

I work as a systems administrator for a global company and currently right now all my end users which is roughly 300 all use VPN from there office location to dial back into the server or use terminal server. I would like to know how to connect there locations back to main site without using VPN. What would be the cheapest and or easiest method to complete this.

View 1 Replies View Related

Showing Image Thumbnails In Network Locations?

Dec 2, 2011

I set up a network drive in my computer that links to an FTP directory on my server.... However all the jpg files are showing the default jpg icon. I want to see a thumbnail of the actual image if possible. Im running windows vista and windows 7. Same issue on both. Also, I tried hard to change the network drive .ICO file.... Tried creating a shortcut and doing it that way.. still no luck.

View 1 Replies View Related

N750 Wireless Network Two Sets Of PCs In Different Locations

Jul 24, 2012

I have a small home with two clusters of 2-3 devices which use the Internet - one ground floor, south corner, and the other top floor, north corner. I have a wireless router (Netgear N750) in the ground floor south connected to my cable modem. All devices in the area of the existing router are plugged into it (Cat5 cable). The devices in the top-north corner use wireless to communicate with the down-south router.

Running cable drops is not in scope for me, as we have a finished basement and I would have to blind drill horizontally across 50' of flooring and joists.

Tried running cabling through heat vents using a wireless camera mounted to a cable puller and all I did was discover some areas of my home that appeared to be four-dimensional. Attic not accessible in locations required for cable drops.Tried powerline devices and performance was much worse than wireless - I know that's a major YMMV situation but the Netgear ones I tried had like 5 Mbps connection rates. I also could not connect from other outlets - I have read if you had electrical work installed and have new lines run it can impact powerline performance. That may be the case in my home.

My questions:

A. I have OK to poor signal strength in top-north and top rate is ~ 150 MBps off what is supposed to be 300N router. Would I get better performance if I installed a wireless router in top-north and connected the top-north devices to it? Down-south performance is fine so it's not the cable modem/internet connection.

B. I believe I'd set top-north router up as a wireless client. I've experimented with Tomato and DD-WRT but don't know how to evaluate. Any tradeoffs I should know about?

C. Any networking changes I should consider if I go with such a topology? (MTU, who does DNS, etc). Currently use router as source for DHCP and DNS lookups. Should I limit which router wireless devices may connect with?

View 1 Replies View Related

Cisco WAN :: ASA 5520 / Implement Failover For Branch Office Connectivity?

Aug 1, 2012

We have AT&T Managed MPLS service are our datacenter and our branch office locations.  AT&T has provided the routers and simply give us an ethernet connection.  We also have ethernet connectivity to the internet through our datacenter...with our network being protected by an ASA 5520.Each branch location has a 29xx series router (voice gateway) and switching gear attached to their AT&T MPLS router.  Some of our branches also have 3rd party cable internet service with an ASA 5505 to protect it from the internet. What I'd like to do is better utilize this cable modem/ASA5505 setup.  Right now, if there were an outage, I would be connecting manually to the remote location to change static routes to point to the cable link and to configure a VPN tunnel between the remote and our DC.

View 2 Replies View Related

Cisco VPN :: Possible To Configure Easy VPN On Branch Side Which Has 877 Series Router

Jul 11, 2011

Is it possible to configure Easy VPN on brach side which has 877 series router and ADSL connection for internet such a way that for internet traffic it will use the local ADSL line and for the server in HQ it uses the tunnel.or for internet also it will go thrugth tunnel and uses internet link at the HQ?

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved