Cisco VPN :: 800 Series Extending A DMVPN With Very Small Remote Locations On Single ISP Link
Sep 11, 2012
I've been looking into posibilities for extending a DMVPN (already implemented) with very small (1-2 user) remote locations over a single ISP link.I would like to use what is basically the smallest Cisco router that supports DMVPN and EIGRP (stub) - here's a sample configuration:I know that the 881 can accomplish the above without issues (if it has Adv IP Services as licensing).I would like to know if I can use the smaller routers (physically smaller, that is) for a similar configuration. Can the Cisco 819 router.URL provide the same functionality? What about the Cisco 866VAE router URl.
View 1 Replies
ADVERTISEMENT
May 31, 2011
I have three Hub routers that I'm wanting to compare DMVPN scalabiltiy capabilities (3825 versus 3945 and 3845). I know it must be there somewhere and I'm just not looking in the right place. But I've read and read and read about DMVPN designs and I'm not finding anything. This is turning into a time killer. What are the DMVPN limitations of these three routers are?
View 6 Replies
View Related
Jan 1, 2013
I am setting up a DMVPN between several dozen sites using 2800, 2900 and 3900 series ISRs. The DMVPN Design Guide recommends current 12.4 or 12.4T IOS, but the DG was last updated in July 2008. I cannot seem to find any recommendations newer than this. I'm hoping Cisco or the community can give me an updated recommendation.
View 5 Replies
View Related
Feb 19, 2012
Nexus infrastructure is pair of N7K switches, with dual homed 5K/2K devices connected, links use vPC. They want to extend vlan's from the 5K/2K side across a L2 path into another DC, this path is only connected into one of the N7K switches, call this 7K switch A.I'm concerned that packets from the 5K/2K side back to the remote DC could get dropped due to the vPC loop dectection process. If a packet from the 5K/2K side traverses the path into the same N7K (7K switch A) as the L2 extension, I dont see a problem. But, if the etherchannel load balance in the 5K sends traffic to the packet to N7K B, in order to get to the L2 path extension to the remote DC the packet gets forwarded across the vPC. My understanding is that this packet will get dropped by N7K A as its local L2 path to the remote DC is up, is this the case?I see a solution is to plug the L2 path into a 2K, but before I suggest this is my understanding of the loop detection process correct?
View 1 Replies
View Related
Nov 15, 2011
I configured a 2811 series router for dmvpn. My two tunnels are up but one of the tunnel is flapping with this message.
View 4 Replies
View Related
Dec 5, 2011
I have 2 dual ASA 5520 devices running VPN at two geographically different locations. What is the best way to do failover between the two remote locations?i.e. can Cisco GSS / Cisco CSM/ACE be used and if so how would this work.
View 3 Replies
View Related
May 12, 2009
Does ASR 1000 Series support DMVPN Hub, and Key Server in GETVPN.
View 2 Replies
View Related
Jun 27, 2012
I have configured a VPN tunnel between two remote locations using static IP addresses on two RV042 routers. The tunnel seems to work but the problem is that when the two hosts attempt to ping each other only one can successfully ping. One PC with IP address 192.168.1.100 can ping across the network but the second PC with IP address 192.168.2.100 cannot. These are laptops seperate from the intranet used to test the tunnel. Someone had suggested NAT may be the issue so I enabled NAT Transverse on the routers but still no luck. The following is the results from a ping test.
PC 1
ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=116ms TTL=63
[Code] ......
View 1 Replies
View Related
Nov 2, 2010
i have major problem with two new Small Business 300 Series switches.Everytime i try to save the running config i get a GUI error message: "Another copy process is active, please try again later."It's also not possible to re-flash the firmware because the GUI stops responding.I have also tried to do this via console access and this produces a "the copy utility is occupied by another user" error message.-> so this is not a browser based problem.My first thought was that the switch (SG 300-28) is faulty so i unpacked the next new one (SF 300)and got the same error messages!Then i had a 2 hour webex support session with the Cisco Small Business Support and they did not found a reason for this behavior.Both switches are working normally, you can configure them, but after a reboot they are back to factory default again There is no possibilty for copy running config to startup config and it's also not possible to flash the firmware.(Web GUI & Console). tell me if this is a fundamental problem of the 300 Series?
View 6 Replies
View Related
Apr 7, 2012
My problem is that I have a Cisco 300 series small business switch with multiple VLANS each one with an IP address and two or three ports assigned to each VLAN. I have an E3200 wireless router that I want to use to use to share internet on the switch. All of the VLANs are reachable from the other VLANs and I've put a static route on the E3200 so that I can reach the VLANs from a machine connected only to the router. But I can't reach machines on the otherside of the router or get to the internet from the switch.
View 3 Replies
View Related
Jan 10, 2013
I have two networks at two sites with a dot1q trunk between the two L3 switches at both sites (no routers involved)
SITE A - Cisco 3750 L3 - VLAN ID 50
10.10.50.0/24
SITE B - Cisco 3750 L3 - VLAN ID 50
10.20.50.0/24
I would like to extend the SITE A VLAN to SITE B so that I can move hosts from SITE A to SITE B without needing to change their IP address but the vlan ID is already in use. Obviously the easy solution is to change the VLAN ID for one or other of the sites but both sites contain hosts that run 24/7. Is there a way to join two VLANs with different IDs together.So for example I create a new VLAN 60 at SITE B and associate it with VLAN 50 at SITE A.
View 4 Replies
View Related
Aug 16, 2012
Extending Range of my wifi with > D655 >> Booster Amplifier?I am looking to extend my WIFI signal to cover 50 Acers.I currently have 35� height tower with Dir-655 in box with 3 big Omni directional Antennas. It works but covers half of 50 Acers and it is slow.I am thinking of buying 802.11b/g/n 2.3W Wifi Booster Amplifier.
View 9 Replies
View Related
Jun 3, 2012
I have setup an asa 5505 with multiple sub nets (plus license) and a vpn tunnel (ipsec) between this and an other asa on a second branch office (multiple vlans) . Now I need to route only two vlans from the first site to reach some of the second branch networks
let's call them: 1 branch
A-172.16.4.0/24
B-172.16.2.0/24
2 branch
C- 10.10.10.0/24
D- 10.20.10.0/24
E- 10.66.10.0/24
the tunnelis ok From A to CDE . but from B to CDE won't come up. pinging is unsuccessful as well as all other traffic. the connection profile is setup to have both A and B as local networks and A and B by the moment share the same access rules configuration.
logs show firewall 1 let pass and build connections, without denies, but remote firewall does not receive a single packet from the source ip from network B.
View 2 Replies
View Related
Oct 19, 2012
Just recently we replaced our HQ Cisco-Pix with Cisco-ASA 5510. where we have many branches connecting to our HQ through site-to-site vpn. Since putting this new ASA5510 at HQ , while we are getting a Remote-Desktop session into our branches clients, and at the time when even a single TIMEOUT occurs on the vpn-link so the remote-desktop session gets completely lost. then we have to re-connect the session.This issue happens as i said above when a single timeout occurs on the vpn link. What is the issue with the ASA5510. because with pix we didn't have this issue, remote-desktops were never getting lost / reset with single timeout
View 1 Replies
View Related
Oct 17, 2012
Just recently we replaced our HQ Cisco-Pix with Cisco-ASA 5510. where we have many branches connecting to our HQ through site-to-site vpn.
Since putting this new ASA5510 at HQ , while we are getting a Remote-Desktop session into our branches clients, and at the time when even a single TIMEOUT occurs on the vpn-link so the remote-desktop session gets completly lost. then we have to re-connect the session.
This issue happens as i said above when a single timeout occurs on the vpn link. What is the issue with the ASA5510. because with pix we didnt have this issue, remote-desktops were never geting lost / reset with single timeout
View 1 Replies
View Related
Mar 30, 2011
We currently use the DIR 655 in our home. I has a great range, and we've never had any problems. Our house is a very tall Victorian, so some areas don't get as strong a signal as others. I'd like to set up a few addition devices to extend the coverage of our network.
I installed a DAP 1522 as a bridge to our entertainment PC. After a while of trying to sort out how to configure it everything is working there. The 1522 is connected to the PC via cable.
I still want to extend the overall wireless range to better cover the lower floors and back porch.
From reading the manual on the 1522 I am a bit confused. I understand how it works as a bridge, connecting devices via cable. Will it also extend the range is set as an Access Point without needing the devices to connect via cable?
View 10 Replies
View Related
Nov 27, 2012
I want from my Cisco 800 Series VPN server so I remote VPN tunnel how can you do that?
View 13 Replies
View Related
Feb 1, 2012
The products from SRP 540 series line (541w etc) will ever support IPv6 features or remote VPN (eg SSL VPN or Cisco QuickVPN)? If yes, is there a time horizon?
View 6 Replies
View Related
Apr 16, 2011
I have a ASA 5510 actve/standby and create one site to site VPN with remote peer ip address xx.xx.xx.xx, Our VPN traffic running on 6 mb internet link for video conferancing traffic.Now client give another link 2 mb internet and client told to us our data traffic runnig on 2 mb link but this data traffic running on the same remote peer IP xx.xx.xx.xx.
Secondly request also they need failover over the ISP link.
how we immplement the same on ASA 5510.
View 0 Replies
View Related
Sep 27, 2011
I have a single WRT54G v5 that has treated me very well over the years. I have too many devices right now and I'd like to throughput of N, but have failed to find one that is measurably faster or as stable than my current equipment. Most recently I tried a D-Link DGL-4500 and regardless of hours of configuration, research and support I was left with slower-than-expected speeds and dropped connectivity about once a day.
I want to be able to stream media to all 3 BoxeeBox's simultaneously while browsing the internet on a few of my devices and I don't want to have to reboot my router daily or even weekly.
So far I have come to a preliminary conclusion that a solid setup for me would be a ZyXEL ZyWALL USG20 and 2 to 3 Ubiquiti UniFi AP's. While the USG20 does intimidate me, I have several solid network admins that have told me they'll set up the network for me and walk me through it.
View 19 Replies
View Related
Jul 3, 2011
I have 2 internet services with separate ISPs. My local telephone exchange is somewhat dated so the maximum speed per ISP/connection is about 1 Gbps. I have streaming radio services, I do quite a bit of file downloading and there multiple devices currently trying to share a single connection. I haven't been able to utilise the second connection because my NAS and print serving is all configured on the first connection and therefore unavailable to users/services on the second connection.My goal is to utilise the available capacity of both connections but at the same time allowing all network resources (file and printer sharing, NAS drives, etc.) to be available jointly to all network clients.
My first router is a Netgear RangeMax ADSL modem/wireless router (DG834PN). This connects directly to one ISP and has the NAS and printers attached. The second router is a Netgear N600 wireless dual band router (WNDR3400) which attaches to a Linksys ADSL 2 Gateway with 4-port switch (AG241 v2) and then to the second ISP.As an aside, I also have a number of Devolo devices for utilising the electrical circuit for networking purposes. I have a dLAN 200 AVmini adapter connected to the RangeMax router with 2 further dLAN 200 AVmini adapters and a dLAN 200 AV wireless N adapter distributed through my house.
View 2 Replies
View Related
Jul 14, 2012
I live in a Townhome complex so inSSIDer displays a lot of wireless activity. I have noticed that many of the routers channels are listed as 6 + 2, 4 + 1, etc., while show only a single channel. I have been able to "temporarily" replicate this by setting the Channel Width on my DIR-655, by setting channel width to auto, and when I am successful it displays a speed of 300, both in my task bar and in inSSIDer. However, that is usually short lived and the channel for my router reverts back to a single channel and the displayed speed drops to 130 or 144. My neighbor's Netgear is rock solid at displaying dual channels. Well, that and besting my signal strength. :-)
I have the router manually to channel 8 because none of the routers, judged by their displayed strength, use it.So, I guess my question is; how do I stop my DIR-655 from dropping back to using a single channel, which I interpret 20MHz, even though it is set on auto?
View 1 Replies
View Related
Nov 25, 2011
I have a standard home network consisting of internet access provided by my cable company which is then disseminated to a variety of wired and wireless devices via a router.
I would like to create a second wireless network that is separate from my current one. This new wireless network would have extra access controls including access restrictions to some web sites using both IP address restrictions and using the OpenDNS DNS servers.
The picture below illustrates the current configuration. The question is: how can I connect ROUTER B to the internet using my current equipment (without buying another IP address from the cable company)?
W
MODEM --> ROUTER A --> ANTENNA <------> COMP 3
1 2 3 4
| |
| |
COMP 1 <---' | W
| ?? <--> ROUTER B --> ANTENNA <---> COMP 4
COMP 2 <-----' 1 2 3 4
W = WAN port
So, in the above picture, COMP 4 is connected via wireless to this second network and cannot access anything on the first network and uses different different DNS servers.
In case it matters, ROUTER A is a Linksys WRT54GL while ROUTER B is a D-Link DI-624.
View 1 Replies
View Related
Jun 4, 2013
I'm working with a customer who has an SGE2000P and a Catalyst 2960 to setup and configure a single mode fiber link. The SGE2000P has an MFELX1 fiber GBIC and the 2960 has a GLC-LH-SMD GBIC. When I have the customer plug in his fiber, there is a power light that comes on on the MFELX1 GBIC. Neither GBICs/switches show that a link or activity is occurring, but the presence of that light makes me think that they are connecting somehow. Are these two switches/GBICs compatible?
View 1 Replies
View Related
Apr 28, 2013
Region : Others
Model : TL-WDR4300
Hardware Version : V1
Firmware Version : 3.13.31 Build 130319 Rel.57876n
ISP : Antel
I have a WDR4300 which works perfect with all devices in my house, but in my personal notebook (samsung 530U4B) wireless transfer speed is very slow in 2.4 GHz mode. 5.0 ghz works fine. I've tried everything, but I can not get good performance. at this moment I have to use a 741nd working with my wdr4300 in wds mode to use 2.4 ghz band properly.
View 6 Replies
View Related
Aug 4, 2012
connecting a Cisco 3945 Router to an Ethernet WAN Link. The service provider has provided a 100M Ethernet Single Mode Fiber handoff to the customer premises with SC Connector. The CPE configuration proposed for this setup is like this. [code]
Since the SFP has LC Connector, i suppose i need to have an SC-LC Cable for connecting the Ethernet link. Do i need anything else, apart from above?
View 1 Replies
View Related
Jan 31, 2011
Is there any way to get reports on voice utilisation on WAN links so that CAC settings can be proactively managed for each location on our CUCM cluster? Our service provider is advising that this is not possible which means that we rely on customer/staff complaints to recognise where CAC thresholds are being reached. Our preference is to be able to run traffic reports (or the Cisco equivalent) as could be done on our previous (traditional) telephony network and provide additional capacity if and when required BEFORE congestion is reached, thus minimising customer/staff impact.
View 1 Replies
View Related
Jan 15, 2011
I need to keep surveillance on two separate remote locations, each on a different continent. They're both indoor locations and have broadband. One of these setups should be fully bidirectional so I can see them and they can see me, while the other location is unidirectional so I can see them but they can't see or hear me. In both of these farflung locations the people there have the computer skills of your average escargot, so it's going to be a complete and utter miracle if they can even figure out how to boot the PC. I would like to provide netbooks to each location and have them automatically launch a fullscreen webcam on bootup. How to get this set up properly so that it works in a foolproof manner.
View 1 Replies
View Related
Mar 22, 2011
We are facing a major issue of VPN tunnel going down very often. I have 7 Site-2-Site VPN connectivity, this works fine for some days and suddently VPN tunnel goes down intermettenly for one or few locations and i need to clear isakmp sa for that speicific tunnel to come up.When tunnel goes down the vpn phase 1 status.....
6 IKE Peer: 125.18.0.38
Type : L2L Role : initiator
Rekey : yes State : MM_ACTIVE_REKEY
7 IKE Peer: 125.18.0.38
Type : L2L Role : responder
Rekey : no State : MM_REKEY_DONE_H2
After clearing phase 1 for specific tunnel the VPN tunnel come up.
7 IKE Peer: 125.18.0.38 Type : L2L Role : responder Rekey : no State : MM_ACTIVE
CINBLR01-SQDR-FIREWALL-00002# sh version
Cisco Adaptive Security Appliance Software Version 8.0(4)Device Manager Version 6.1(5)
Compiled on Thu 07-Aug-08 20:53 by buildersSystem image file is "disk0:/asa804-k8.bin"Config file at boot was "startup-config"
CINBLR01-SQDR-FIREWALL-00002 up 1 day 17 hours
Hardware: ASA5510-K8, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHzInternal ATA Compact Flash, 256MBBIOS Flash M50FW080 @ 0xffe00000, 1024KB
[code]....
This platform has an ASA 5510 Security Plus license.
View 7 Replies
View Related
Jan 28, 2012
Has a small home network in 2 buildings with 2 wireless routers. He has fiber from the building where the dsl comes into, running up to his house where a second wireless modem is. Both are broadcasting DHCP but I only want one of them to do this. Ultimately I want his server(2008) to broadcast DHCP, but just one of the modems is fine for now.
View 1 Replies
View Related
May 1, 2012
I know how to connect 2 routers in 2diffrent states using internet.Also which service is used for that purpuse
View 1 Replies
View Related
Nov 1, 2011
I'm setting up two separate 5510's at two seperate locations. The client wants two seperate SSL-VPN's; one for the HQ and one for the COLO location. They have a single domain for which I have added a-records to point to the corrosponding ASA's thusly: [code]
My questions is this: do i need to buy seperate certificates for each ASA/fqdn/IP combo? I'm using godaddy to buy the certs. If I do need to buy seperate certs, that makes the installation easier, but may waste $$. If I only need to buy one cert, how do I set it up so that both combo's are verified?
View 2 Replies
View Related
Oct 15, 2011
I have VPN connections in between my HO and branch locations. I am using ASA in HO and 1841 branch locations. One of the location is keep on disconnecting, why this is happening as i can see the configurations are identical to other locations.In 'sh crypto isakmp sa' output i can see multiple entries for this particular location, one with type 'L2L' and others with type 'user'.
View 2 Replies
View Related
