Cisco VPN :: 5520 Multiple VLANs A Home Office To Different Locations / Same Subnet
Apr 1, 2013
I have a home office with multiple VLANS/subnets I have many VPNs that connect only a specific subnet to a specific remote offfice. On a 5520, can I create a S2S VPN to different remote offices that have the same IP scheme, but from different home office subnets? For example at my home office let's say I have two independant, distinct VLAN/subnets: 192.168.140.0/24 and 192.168.150.0/24. Can I create an S2S from the 140 subnet to a remote office with a 10.10.10.0 addressing scheme and another S2S from the 150 subnet to a totally different office also with a 10.10.10.0 scheme?
setting up networks with multiple locations and multiple wireless points.For example: My sisters' home has here modem in her main computer room, it has a Belkin router hooked to the modem. Then a line goes from there to my nephew's room where I tried to expand their network by adding another router. I really just wanted an access point, but they don't seem to sell these as much as they used to. Anyway, I had it working, but it was two different networks, NETWORK1 and NETWORK2. So they had to swap networks when moving around the house. what would be the best hardware setup to provide both sides of the house with some Hardwired access as well as wifi access? Right now, we have two routers, a DIR615 (or something like that) and a Cisco E1000, and again hardwire going from the main computer room to my nephew's room.Also, in my house, I have lots of stuff... I have an Actiontec Router from FIOS, feeding a small hub as well as a switch in my main room. Which then feeds a Ps3, Wii, laptop, Denon reciever, and Access Point... and also feeds my Apple TimeCapsule, which also feeds my printer. My wireless devices range from cameras, iphones/ipads, and a wifi unit (I forget what it's called, but it connects my DVR wirelessly to my network, and the DVR itself doesn't have wifi).
my question about my setup is, should everything be on one network... as in let the ActionTec handle most of the duties and use switchers and accesspoints to extend the network. Should everything be on the same wireless network and channels? Like if I used my access point to extend, do I want the same settings as my main wireless router, and would that be the same for the Apple Airport Extreme?Also, does having all these wireless networks going create any kind of hinderance on my performance. For example, the PS3 has some sort of wifi in it... it produces a SSID, but I never connect to it. Should I make sure that's off? And in my main room, should I go with just the AirPort extreme over using it and the Wireless Access point.
The network topology is like this. Router with DHCP_Server on it.
VLAN 10 VLAN 20 VLAN 30
My question is how to configure the router so that all devices on all 3 VLANS can obtain IP from the router. I've tried to enable proxy arp on all interfaces and create sub interfaces and trunk them to their appropriate vlans, but I can't specify the gateway on all trunked sub interfaces because I get a warning that addresses overlap. Then I tried to set access-group on all sub-interfaces and still doesn't work.
do not have fast internet service so we must need to combine two or more different internet providers and get one speed kindly reply do you know any router/modem/switch which can do this for us.
I have 2 dual ASA 5520 devices running VPN at two geographically different locations. What is the best way to do failover between the two remote locations?i.e. can Cisco GSS / Cisco CSM/ACE be used and if so how would this work.
how i can configure a second ssid for guest access in our environment. this is our network setup prior to this request: Internet----Firewall (not ASA)---ce520---C1131AG and CME router is also connecting to the ce520 switch. we only have two vlans: one for voice and two for data.
Presently, there is no vlan configured on the AP because it on broadcasting ont ssid and wireless users gets IP from a windows DHCP server on the LAN. the configuration on the ce520 switch port for the AP and other switches say access vlan is the DATA vlan which automatically becomes the native vlan for all trunk port connecting the AP and other Stiches to the network.
Now with this new requirement, i have made my research and i have configured the AP to broadcast both the production and the guest Vlans. The two vlans are 20-DATA and 60-Guest. I made the DATA vlan on the AP the native vlan since the poe switch is using the DATA vlan as native on the trunk ports. I configured the firewall to serve as DHCP server for the guest ssid and i have added the ip helper-address on the guest vlan interface on all switches while the windows server remains the dhcp server for the production DATA Vlan. I have confirmed that the AP, switches can ping the default gateway of the guest dhcp server which is another interface on the firewall. I can now see and connect to all broadcasted ssids but the problem is I am not getting IP addresses from both the production dhcp server and guest dhcp server when i connected to the ssid one at a time. My AP config is attached below.
Do i need to redesign the whole network to have a native vlan other nthan the data vlan? Does the access point need to be aware of the voice vlan? Do the native Vlan on the AP need to be in Bridge-group 1 or can i leave it in bridge-group 20?
My question is if I can configure 3 ssid, for 3 different VLAN and add the DHCP address from a WAP4410N AP, when you upgrade to the latest version of IOS I can have this functionality?
home router is a wrt160n v3 With my iPad I set up the built in IPSec VPN to my office's cisco gateway. I successfully get the VPN logo. With an RDP app, i can access my work network from multiple public locations from my iPad. At home, on my laptop, I start the cisco client then use the windows rdp, presto i'm in my work network. At home on my iPad I can activate the VPN, but I can not connect with rdp. I spoke with linksys support tonight they had me add port 3389 to port range triggering and disable the firewall on the home router. This didn't solve the problem. To recap: 1) I can connect to my work network with rdp from multiple public locations, but not at home with the iPad 2) I can connect to my work network at home with my laptop with the cisco client ant the windows rdp
We have a brand new Dell Insprion Q15R laptop which works fine apart from the fact that certain websites hang when we try to log on at home using our edimax router and we cant get into them. Other websites work fine. Also we have an old IBM laptop where all websites work fine. Its just the Dell that is playing up on certain sites. However if we go to somebody else's house and log on using their internet connection and router the websites in question work fine on the Dell.
Examples of the websites that we cant access at home and just hang are : argos, easyjet, national rail, expedia
My home network consists of a Linksys WRT54GL router running DD-WRT supplying wired access to my desktop, a bridge to another WRT54GL (also running DD-WRT) to provide a wired connection to a XBOX upstairs, and wireless access to about 5 or 6 different devices including several laptops, an iPad, and an iPod touch. My question is this:
I am adding a 22" TV into my office so I can watch TV while working on my desktop. I only have one cable jack in my office which is currently plugged straight into my cable modem. This means I'll have to use a splitter to give both my TV and modem cable access. How much signal degradation or speed do I stand to lose or should expect to lose?
How to configure dynamic VLANs (IP subnet-based) using Nortel JDM? My company is now using port based VLAN and it wastes a lot of time reconfiguring the port to its VLAN everytime their devices moved from one place to another place. So I think using IP subnet-based VLAN might solve the problem?
I have two ASA 5520 units, both running version 8.3(2) code. Among many other uses, they have an IPSec tunnel between them to link office 1 and office 3 together. Office 2 does exist, and is connected to a different port on the ASA in office 3; there is no IPSec involved with office 3.
I have a RV042 with multiple subnet, 192.168.10.0 and 192.168.9.0. 192.168.10.0 is assigned to the LAN, 192.168.9.0 is created under multiple subnet. Both subnet can access Internet by accessing IP address, but 192.168.9.0 cannot access Internet by using host name. It looks like DNS is not working for the 9.0 network.
I have a situation where a user needs more than one office extend AP in his home. My office extend controller is a 5508 running 7.0.220.0. Are there any issues NATing multiple OE APs to a single address? My initial lab results indicate that each of the AP's associate with the controller and establish a DTLS tunnel. I see the SSIDs get pushed to the AP and then it seems to restart the process never being fully operational. Is there a workaround that will allow me to run mutliple OE APs?
I am designing a network right now that is going to have 356 devices. I need to use vlan separation with subnetting for a number of reasons. The first (and most obvious) is that there are 356 devices that will require an IP. Too many for one subnet. The second is that a good portion of the devices that I am using are a litlle to chatty with the broadcast traffic for my comfort. I have two subnets that are going to be specifically alocated to these chatty devices. Our switches are being provided for us by the client for unknown reasons. They are providing us with HP ProCurve E2810 switches which are layer2 switches.
I'm going to move offices into a shared situation with 3 companies. Each company will want its own private network so there's no snooping between companies. I am planning on using VOIP for the phone system (Nextiva cloud based). Is it possible to set up the system so that each company has access to the VOIP system but yet remains sequestered in the their own network for everything else. I was hoping to do this with one data port at each workstation using Cisco SPA-303 phones. The way I understand this, is that the phone plugs in to the data port and you daisy chain the workstation off from each phone. Is this possible to do this while having the system I described? Another wrinkle is that I'd also like all the networks to be access shared printers.
We have AT&T Managed MPLS service are our datacenter and our branch office locations. AT&T has provided the routers and simply give us an ethernet connection. We also have ethernet connectivity to the internet through our datacenter...with our network being protected by an ASA 5520.Each branch location has a 29xx series router (voice gateway) and switching gear attached to their AT&T MPLS router. Some of our branches also have 3rd party cable internet service with an ASA 5505 to protect it from the internet. What I'd like to do is better utilize this cable modem/ASA5505 setup. Right now, if there were an outage, I would be connecting manually to the remote location to change static routes to point to the cable link and to configure a VPN tunnel between the remote and our DC.
I'd like to set each individual LAN port with different address i.e. LAN 1 192.168.1.1 and LAN 2 10.1.1.1 instead of using the multiple subnet feature and having all ports replying for the addresses created.
I have a very high speed connection in my dad's office, and it is over 10 mbps. and the connection in my house is worse ( 256 kbps ). So can I use the office connection in home without any problems from the ISP. just like sharing the connection from the office to home.
I have this strange problem the application Whatsaap connects at my office wifi perfectly but at home it does not connects,I don't know what seems to be the solution.
looking for opinions on a Wireless Access Point/Bridge/Repeater/Router I might buy and setup for a the home workstation, few wireless devices, and future add-ons.
Product; EnGenius ECB9500 Wireless Access Point / Bridge / Repeater / Router with Gigabit & 802.3af PoE, IEEE 802.11b/g/n , Up to 300Mbps , WEP Encryption 64/128bits WPA Personal (WPA-PSK using TKIP or AES)[code].....
I had an SMC router before, and I replaced it with this new D-link DIR-655, The problem I am now having is that I used to visit a web based e-mail /OWA Outlook Web Access, After I VPN to my company, but now with this new D-Link after I VPN, I lost the capability of accessing my OWA to read my e-mail
I've got a remote site which is connected to the headquarters via VPN site to site IP Sec tunnel. When I am in my office I have no problem to reach the remote network, but, when I try to connect to the remote network via VPN client, I can't reach it.in the remote office I've hot a Router 3800 (Cisco IOS Software, 3800 Software (C3845-DVENTERPRISEK9-M), Version 12.4(13c), RELEASE SOFTWARE (fc2)) in the headquarters I've got an ASA 5520 Version 8.0(3) I've chequed access-list, and network objects and it seems everythink ok.
I have recently managed to configure a setup where I have 2 srp527's one at office one at home.Have 1 fixed IP at the office and 1 fixed ip at home.I have configured the srp at work to be a vpn server and have configured the group and 2 user profiles. This allows me to have 2 concurrent sessions over the vpn to my office from desktop and laptop at the same time. Connections fire up perfectly no problems.From the desktop, I connect using vpn client with user profile 1 Once connected, I then connect to my workstation machine at the office using remote desktop.This gets me super fast access to office files and large spreadsheets without downloading the whole file over the vpn and is working perfectly.
If I then additionally connect from the laptop using the vpn client with user profile 2 the remote desktop connection drops.Disconnect the laptop connection, remote desktop comes back.Have isolated this to being 2 connections arriving at the srp at the office from the same external ip. If I connect my laptop to my phone as a hotspot rather than using my home LAN, both connections are made and remote desktop has no interruptions. Is there a way I can overcome this through re-configuration of the srp at the office or is this a limitation with the srp?
How to access remotely over the Internet to office PC from my home PC and get files that I need? Office's ADSL modem's model is BeWan iBox V1.0 and it has a built-in firewall. ADSL connection has a dynamic IP, which I assume should be configured as static (but how?) Should I investigate VPN capabilities as well? I'm not very knowledgeable about these things.
I have two Cisco ASA 5520's running software version 8.2(2) set up in a HA pair. The L2L vpn is set up and works as expected between this site and another. The issue is that every few months, one subnet of the VPN, the same one all the time, stops forwarding/receiving traffic. The device in the remote location is not a Cisco device but I am certain the issue lies with the ASA as when I fail over to the slave device the VPN works again, failing back again however stays with the subnet still not passing traffic. I need to reboot the device before it starts forwarding traffic on the subnet again.
