Cisco VPN :: 3925 - DMVPN Headend Connection Speed
Feb 19, 2012
We are in the process of determining and going to subscribe the speed/bandwidth required from Telco for our DMVPN HUB Headend.
Apparently we are going to have max of 30 remote sites(spokes)
Our design is basically just 1 single headend(hub) and spokes.
1x ISR 3925 (HUB)
30x ISR 2911 (SPOKES)
Spokes subscribed speed is either 512kbps or 1Mbps depending on sites.
How we can determine the optimal speed/bandwidth to subscribe on our HUB.
View 1 Replies
ADVERTISEMENT
Jan 31, 2011
How can I configure an ASA 5505 NEM client to allow access to the Internet when the tunnel to the headend is down? I am planning on deploying back to back ASA 5505s in network extension mode but I do not want to block Internet access on the client side if the tunnel to the server should go down.
View 4 Replies
View Related
Aug 13, 2012
I just upgraded my internet plan over the phone from 10mbps to 20mbps + WiFi. Now my connection speed is slower then it was before.
View 2 Replies
View Related
Jul 25, 2012
I need 3925 router that support BGP as well as IPSEC VPN. is this correct part number i ordered? CISCO3925-SEC/K9. Its always hard to understand Cisco licensing, specially new one. will above package will have router wth ipbasek9+seck9?
View 4 Replies
View Related
May 24, 2011
I have a new 3925 ISR G2 router with the universal IOS, 256kb flash in CF0, 1gb flash in CF1. When the router boots it prompts to enter initial config. Whether I say yes or no, enter the appropriate info, "write memory", and reload it comes up with a blank config. I've checked the config-register (2142), copied the start up-config to nvram:, flash0:, and flash1: but nothing works.
View 2 Replies
View Related
Nov 24, 2011
There use to be Cisco 851 routers, but lately these routers are replaced with Cisco 861-K9 routers, and these 861 routers doesn't support DMVPN, instead 851 use to be.
Is there any license file we can upload in 861 router for DMVPN capability, if yes may i know the SKU # for that. We have some customers having 6-7 locations and they are planning to have 2 more locations, we implement already DMVPN in there network, if we go with the 87X or 88X router there price is almost double the price of 861.
View 1 Replies
View Related
Apr 19, 2013
I have one router 3925 equipment DIRECTLY connected to the Router that needs to be accessed by telnet port 23.
Please find the attached config details.
View 6 Replies
View Related
Jul 6, 2011
I have spend half day to look up this question in cisco official web site, but get nothing . Any infomation about vpn performance of 3925 router?Produce : cisco 3925 ( Cisco 3925 Security Bundle w/SEC license PAK )Question is , how much ipsec vpn tunnels can be carried as a vpn server of this bundle ? if more licenses may be bought, how much most tunnels can be held?
View 5 Replies
View Related
Nov 6, 2012
I have a Cisco 3925 router running IOS 15.2 I am trying to configure IP SLA on it. The configuration is supposed to be what is pasted below. but the CLI is rejecting the commands.Its taking oly the "ip sla responder" command after that if I enter "ip sla 1083180034" command it says invalid input. [code]
View 5 Replies
View Related
Feb 26, 2011
how to setup natting on a 3925 router.
View 1 Replies
View Related
Nov 13, 2011
I have a question regarding the 3925 router. In the past on my old 3660's, in order to add a new line to an ACL, I would have to remove the entire ACL and readd it when adding new ACL lines to the list. Is this required on the 3925's, or is it like the ASA 5520's where you can just add an ACL any 'ol time without having to remove/add the entire ACL list?
View 2 Replies
View Related
Jan 25, 2012
we are configuring a ras on 3925 router with e1 controller. when we connect the e1 controller to pbx we got on pbx a no frame alarm (detailed error is that we have nfas but we do not have cas). what could be the error? do the router need dsp to have a framed e1?
View 1 Replies
View Related
Sep 5, 2012
I have a problem with my routers (cisco 1941)I'm running a DMVPN network (Hub and spoke)All the hubs are connected to the 2 hubs. With 4 tunnels. (each hub has 2 interfaces to the spokes. the spokes only have one interface to the hubs, so I splitted them and so I now have 4 dmvpn tunnels). one of the interfaces on a hub malfuntioned and because of that the customers had problems with logging in and sending packets. I made this kind of structure because of when one of the tunnels failed the spoke could use the 3 others... BUT, what happened here was that the spoke still tried to use all 4 of the tunnels and because of that I had 25% package loss!So this didn't work. Now I read about IP SLA, but I was wondering of this could work? (I cannot test it on spare routers, and I don't want to implement it and risking a total network failure...) and how to configure it. Should I make 4 different sla processes which I should all 4 track? And when I make the ip routes, how should I make or configure it so that 1 of the tunnels/interfaces fails that the spoke would addapt the routes?
View 1 Replies
View Related
Sep 11, 2012
I have a setup with two Cisco 877's – 1 for the hub and 1 for the spoke. The hub has a static WAN IP and the spoke has a dynamic WAN IP. The two sites are tunneled with DMVPN and cert auth for connections via Cisco VPN Client (terminating on hub router). All routes between the two sites work fine – I can see through both ends via LAN IPs and tunnel IPs. I can connect externally through Cisco VPN Client and RDP into PC's on the spoke end via local IPs.
My issue is: I want a port forward on the hub router, pointing to the IP (172.16.1.X) of a device on the spoke end. So using the WAN IP of the hub router, I can reach a host on the spoke side. At this point I cannot get this to work and feel it's related to a NATing issue. Here is my current config for both sites:
HUB Router:
!crypto pki server vpn-ca database level names issuer-name CN=*** CA,OU=*** Services,O=*** lifetime crl 336 lifetime certificate 7305 lifetime ca-certificate 7305 lifetime enrollment-request 1000 database url nvram!
crypto pki trustpoint vpn-server enrollment url http://172.16.0.1:80 usage ike serial-number none fqdn none ip-address ***WAN IP*** revocation-check crl rsakeypair vpn-server 2048 auto-enroll 70 regenerate!
crypto pki trustpoint vpn-ca revocation-check crl rsakeypair vpn-ca!
[code]....
View 1 Replies
View Related
Nov 25, 2012
I have a DMVPN network with 2 hubs (2821's). This setup is used for VoIP applications over the Internet for teleworkers. At the main hub site I used to have only 1 Internet feed which was DSL with a static IP. Now I have 2 WAN feeds for this site - 1 FTTB w/ PPPoE & the DSL with static IP. Since this site also hosts a PRI, I want all voice communications to go through the FTTB link instead of the DSL for obvious reasons, but keep the DSL as DMVPN Hub for all NHRP lookups as this link has a static IP address & is very stable. We originally put the PRI router as a DMVPN spoke which connected through the FTTB link, with another router acting as the DMVPN hub on the DSL link. This was obviously a waste of machinery. I want to combine both routers into one. So I tried something like this (don't laugh):
Gi0/0 to FTTB (Dialer1 connects to Internet)
Gi0/1 to DSL (Public IP towards 877 demarc)
Tun0 attaches to Dialer1 public IP and connects to other spokes, no VRF
Tun1 attaches to Gi0/1 public IP and acts as DMVPN hub (ip nhrp map multicast dynamic) under VRF "Hub"
EIGRP AS 1 is set up twice, once under router eigrp 1, and the other using router eigrp 2 using an address-family under the Hub VRF.This kinda works but obviously Tun0 & Tun1 do not speak to each other. I also had to remove the ip nhrp map instruction that pointed to Hub1 on Tun0, as this was causing a weird condition in the router where it was repeatedly trying to connect a tunnel to itself, and crash the router because the NHRP process would go haywire. So my users must rely on the Hub2 to get a NHRP lookup for the PRI site. If Hub2 goes down, everything works in the network except for tunnel connections to the FTTB link. I'd rather not have to configure 2 tunnels on each spoke router unless I really have to.
View 2 Replies
View Related
Oct 8, 2012
This is my first attempt at configuring an 1801 and I am getting extreamly low bandwidth.Tests show up/down speeds on around 100kbps. I can't see any reason with the possible exception of the show dsl capacity values which never seem to change. How to point out my config error.
View 3 Replies
View Related
Nov 27, 2012
How do i check my LAN connection speed- is the same as the speedtest t I run from the internet ?
View 1 Replies
View Related
Dec 12, 2012
I have a cable modem connected to a wireless router hard-wired to two separate ps3's. I am looking to get the optimum connection speeds out of my ps3. i have been told to use a switch instead of my router. i also want wireless in my house as well. modem switch (ps3 ps3 router)? if i connect my modem directly to one ps3 my ps3 will not find an ip address will this problem remain if i go through the switch or will it find an ip address? will this optimize my connection? will my connection be better if when not in use i unplug the thernet cable going to the wireless router from the switch? is there any other way to optimise my connection speed on my ps3?
View 3 Replies
View Related
Oct 19, 2011
I have a home wireless network with a PC and a Mac.The PC surfs the net very nicely.The Mac, however, has trouble. It frequently gets stuck loading web pages and is noticeably slower than the PC. This has never been a problem before on a previous home network.The problem persists with all the types of wireless security (and with none at all) but does not occur when the Mac is attached to the router by cable.I've tried changing the DNS settings on the Mac to match those of the ISP.I disabled WPS. None of this has worked at all.The router and Mac both have the latest software versions.
View 3 Replies
View Related
Feb 4, 2012
I've got a HP netbook with an Atheros AR9285 wireless card that will only connect to my router at 75 Mbps. It doesn't matter if its right next to the router or a room away. The router is an E4200 running on mixed mode, auto channel, 2.4 Ghz, but the netbook is usually the only device connected. Or could it be a router configuration (its new)?
View 9 Replies
View Related
Nov 30, 2012
i said in the title i have forgot my password for my cisco3925 rourtor and how to reset my password
View 3 Replies
View Related
Dec 20, 2010
checked all the recovery doc, however, there is no one specific for 3900 series router
View 2 Replies
View Related
Dec 20, 2012
I have cisco router 3925 and i add install HWIC-4ESW, as i sew on cisco documents you can hot swap the hwic without reload the router but i it's not working at all. How to do it ?
View 1 Replies
View Related
Mar 10, 2013
I am trying to set up a redundant OSPF setup and I am seeing behavior I don't quite understand. At the main office I have two routers, a 3825 connected via full DS3 to the MPLS cloud, and a 3925 connected to the Internet for VPN backup.There are nine branches, but I am only going to talk about three. The three branches all connect together as well as having their own MPLS connections to the cloud. They are all 2821 routers with a 4.5 Mbps multilink interface into the cloud (three T1's). One of the branches has a backup IPSec/GRE Internet connection that I want any of them to be able to use in case of an MPLS problem (which there have been many lately, sometimes involving all of them going down at the same time). The connection into MPLS uses Inter-area OSPF with the provider. The Tunnel connection is also using IA OSPF (the main office is area 0 and this cluster of branches are all on area 100).
OSPF seems to be behaving oddly. At the main office, on the 3825 with the "backup" shut off, if I do "show ip route 10.51.0.0" it shows this output: [code]If the metric before was 24, why would it put in a route with a metric of 53 now? What's worse is that the branches all think they should connect over the MPLS and the main office sends everything over the VPN. It works, but I don't really want asymetric routing! I have included some configs as well... those which I consider relevant. I am including a diagram that has more on it than is relevant, but what I referenced is here (and yes, spanning-tree has been properly configured on the red fiber connections with the connection between FEC2960 and Hl2960 blocking, but try to ignore the LAN stuff because this is in a transitional phase right now anyway).
View 8 Replies
View Related
Apr 12, 2012
I want to connect my clients from the Windows WS to a VPN Tunnel using 3925 router w/o Cisco VPN client. Is there the way to use native IPSec client on Windows XP or Windows 7?
View 1 Replies
View Related
Mar 14, 2012
I need to install an ATM module in a 3925 router. I would like to know if this card is that I have to buy with the transceiver(SFP)?
Will use a fiber cable LC LC singlemode fiber optic.
Module: NM-1A-OC3-POM
Transceiver :SFP-OC3-IR1
View 4 Replies
View Related
Apr 9, 2013
Monitoring H.323? I've got a 3925 running15.1(3)T with 9 PRI's. Because of our volume, syslogging is not the desired solution. We want something that we can potentially graph over an 8 hour period, so while the RTMT is accurate, either it won't store the data for 8 hours, or we aren't using it correctly (plus, mgmt may want access to the stats/graphs, and we're not keen on granting them access). So far, we've used: [code] None of these seem to accurately portray utilization. cdsp Active Channels seems to get the closest, so perhaps I have to tweak it a little bit, but so far, nothing accurate.
View 3 Replies
View Related
Feb 18, 2011
I have a network architecture like the one HERE but with alot more spokes (32). Would my cisco 3925 be able to support so many crypto maps?
View 2 Replies
View Related
May 8, 2011
Recently fitted 2 3925 routers on a WAN Mulitlink (2 * 2Mb) which has been working reasonably well but have noticed CRC's and intremitteny up/downs on E1 links. This could be due to issues with Microwave links but on checking nothing stands out on these - no errors or traps form radios.
Anyway taing a closer look at E1 lines and had some questions:-
Microwave radios E1 circuits are set to UNFRAMED, router interfaces set to NO-CRC4, didnt think this was the same?
E1 card are VWIC3-2MFT-T1/E1 and also noticed the following:-
no network-clock-participate wic 0(same for 1 and 2), my card are in slot 0 and 1.
I see no slips etc on E1 controllers .
View 2 Replies
View Related
Feb 5, 2012
I was wondering if the NM-1HSSI is supported on the cisco 3925. documentation seems to include only till 3800 series but can't find if it's supported or is there an alternative option for 3925.
View 6 Replies
View Related
Feb 1, 2013
I have a new Cisco 3925 router. I have 2 network segments 10.0.1.X with net mask 255.255.255.0 and 10.0.2.x woith netmask 255.255.255.0. I have an internet gateway router at 10.0.1.21. I have set GBethernet 0/0 to 10.0.1.1 / 255.255.255.0 and GBethernet 0/1 to 10.0.2.1 / 255.255.255.0. I have set a static route 0.0.0.0 / 0.0.0.0 to 10.0.1.21 for gateway of last resort.
When I setup a workstation on the 10.0.2.X segment at 10.0.2.100 wirh a gateway of 10.0.2.1, I can ping 10.0.2.1 and 10.0.1.1 but can not ping anything else on the 10.0.1.X network or on the internet. When I am connected to the console port on the router I can ping 10.0.1.1 and 10.0.2.1 and 10.0.1.21 and any address in the internet but I can not ping 10.0.2.100.
When I am on a network connected to the 10.0.1.x network af 10.0.1.100 I can ping 10.0.1.1 and 10.0.2.1 and 10.0.1.21 and anywhere on the internet but can not ping 10.0.2.100 or any other address on the 10.0.2.x network other than 10.0.2.1. What Do I need to do on the 3925 to get to all address on each segment and to get to the 10.0.1.21 gateway from the 10.0.2.x addresses?
View 5 Replies
View Related
Feb 11, 2011
I am using a Cisco 3925 router and attempting to install an EHWIC card with no luck. The card I am trying to install is EHWIC-D-8ESG.
I have powered down the router, inserted the card into the proper slot and my router doesn't seem to recognize the new card. Is there a command I need to enter to enable the card?
View 4 Replies
View Related
Oct 20, 2012
What the maximum concurrent users you can have on a Cisco 3925 for :-
1) Site to Site VPN using IPSEC tunnels
2) GRE tunnel sIf I have 90 users on a single GRE tunnel with 50mb Internet pipe using fat clients will this work ?
View 3 Replies
View Related
