I've got VPN connection from Cisco 877 to ASA 5520 and on the Cisco 877 I've got SIP device which doesn't has to go through VPN. I assume that for the best audio quality I should bypass the VPN and connect directly to the SIP servers, but how to configure it??
View 3 RepliesSince several weeks ago we are triyng to solve a disconnection problem related to servers benind an ASA 5520 behind this ASA there are:
-subnet with public ip addres
-sunbet with prive ip address, the server on this subnet are acccesible via NAT.the problem is worst when some ousite our network and behind a nat device (like a adsl modem/router) tries to connect to those servers wich are using natted ip behind the ASA.I tried from my home to connect to this ASA5520 using annyconnect and get reset tcp packets. Are there some aditional configuration to make the ASA work properly?. We have other firewalls like PIX or software firewall (ASG), they work with no problem. Only the ASA 5520 has this issue.
We are planning to split the Private servers from the DMZ Servers and configure an additional Interface and segment for this purpose.
Private Servers Segment: 192.168.4.0/24 (there is no DHCP all servers' IPs are statically configured)
DMZ Segment: 192.168.3.0/24 (This is a future deployment)
LAN Segment: 172.17.0.0/16
Both, Private Servers and DMZ Servers are in a collocation as well as the ASA5520. There are multiple Branch offices that uses subnets within the 172.17.0.0/16 Network and they are connected to the ASA5520 via Metro-E.
I do not know if this is possible but what I want to do is this:
In order to avoid the change of internal DNS records I want to mask the DMZ servers with a Private Server IP when a Private server or LAN host wants to access it like this:
The FTP server in the DMZ has the IP address: 192.168.3.100. But when a PC from the LAN wants to reach the FTP server it should points to its old IP: 192.168.4.100. This way the PC sends a packet to the ftp.corporate.net (192.168.4.100) the ASA recieves the packet and translate it to the (192.168.3.100) and send it out through the DMZ Interface.
Also if the Private Servers wants to reach the same FTP the ASA will act like a proxy-ARP and send the paquet to the DMZ by means of the translation of the IP.
I have a small network in my garage, it's basically made up of a bunch of test servers. Those and a win xp machine are all hooked up to a switch, and the win xp machine also has a wireless usb stick that is connected to my wireless router, and is being used to share internet to the rest of the machines. The test servers along with the NIC card on my win xp machine sit on a different subnet, however.When I remote into the win xp machine from my house, i can run a second remote desktop in the first session, into any of my servers. I want to do work on them, but its very laggy.
Is there a way I can setup a port either on the win xp machine or my wireless router so that i can remote directly into one of the servers? so if the win xp machine has a wireless ip address of 192.16.13.102, and one of the servers on the 2nd subnet has an internal ip of 192.2.2.4, can i have it so i can make, for instance, 192.16.13.102:6333 forward to 192.2.2.4? If not, is there any other way i can directly remote into one of the servers, by passing the first remote desktop into win xp? What settings would have to be the same across the line?
My Data Center has one single core switch where is connected several servers, one port is the link to the router wan and other port is the link to the FW, my boss wants to install 2 nexus in order to replace the single switch. All my network has only one address, for example 192.168.10.0/24 if I connect two nexus 7010 in VPC and Domain, each nexus is going to has 2 modules with 48 port 10/100/1000 rj45 and i wan to connect servers directly to each nexus, with this figure i'm going to have a group of servers connected in two different nexus, Do they can have the same network 192.168.10.0/24 considering that the nexus are in the same vdc and vlan and have only one gateway for both groups? If the answer is positive, which nexus would be the gate way for that address, the primary or secondary? Or i must have a different address for both group of servers, i mean for example 192.168.10.0/24 and 192.168.12.0/24?thus each nexus would be the gateway for that new address?
To have two nexus connected by VPC in a Domain mean that one computer connected to one nexus can share the same address or vlan with other computer connected to the other nexus????
I just want to connect two computers over the internet as if they are in the same network. This doesnt have to be VPN I dont care about security I just want to get them connected as if they are on the same network. Is there anyway to set this up in my linksys router? Can I use windows VPN? What is the easiest way to get this accomplished? Can you somehow connect two routers through internet like one is 192.168.1.1 and one is 192.168.2.1?Like I said I dont really care how it is done I just need it done. Any easiest way to connect two computers through internet so that they are on the same network.
View 11 Replies View RelatedWhat I learned was it was bad to connect directly to the modem because you are left open to the internet. Currently my friend just got the internet and I told them to buy a router but they did not, and just have it directly connected to the modem. Is this fine, because they only have one computer, and it works fine for now, but wouldn't this be prone for attack?
View 3 Replies View RelatedI've been trying to connect my laptop directly to my Arris modem with an ethernet cable to get on the internet, but for some reason every time I do I have "limited access" and can't get on the internet. I can only seem to get my laptop on the internet while the wireless router is connected to the modem and then either connecting wirelessly or by connecting my laptop to the wireless router with an ethernet cable.I want to connect to the internet without my wireless router, because someone was hacking our router and was apparently doing illegal downloads. We got a cease and desist letter that said our internet will be terminated if it happens again, so I want to connect to the internet without any wireless connections being set up.
View 3 Replies View RelatedI have a problem, my netbook eMD355 is not connecting directly to our wifi. I tried to restore the system but still it doesn't connect. My windows here is WINDOWS 7 ultimate.
View 1 Replies View RelatedIs this a good idea to connect access layer directly to core layer with fiber and omit the distribution layer?
View 2 Replies View RelatedI want to buy a wireless router to which I can connect my USB internet device directly, so I don't have to turn on my PC all the time if I just want to use my moble phone or iPOD or other family members wanting to connect to internet.
View 1 Replies View RelatedI would like my dcs-930l ip camera to be directly connected to my d-link dsl-321b modem (which has only one rj45 port to connect to), so that I can either access the cam via the internet (watching livestream through webinterface, that would be option 1) or so that the cam sends an email with a picture as soon as the motion sensors activate - that would be option 2 (by the way: the modem / cam get internet access through german telekom / t-online).
I have tried to get option 1 as well as option 2 to work, but I failed... I would be happy if either option 1 or 2 would work for me - I don't really care which one. In both cases, the problem seems to be that the dcs-930l cam cannot access the internet (but the cam itself works - I can view the livestream through the local network).
We can´t reach DMZ servers from other DMZ servers?If I make a ping from DMZ server to another, sometimes only recieve one ping, sometimes 4, sometimes 0.How can I allow the traffic between DMZ servers??
(ASA 5520 Version 8.4)
I I use a Linksys E3000 router. Sometimes when I look at the network map I see a device called "Unknown." It appears as though the two notebooks sometime are going through this device to access the Linksys E3000. (I've checked when both notebooks are on and I can determine what devices are connecting directly to the router and what devices are going through this unknown device.) Is there any way to determine what this unknown device is?
View 5 Replies View RelatedI am having some challenges on my DMZ network.My servers and Cisco Switches in the DMZ are picking the mac address of the Firewall(Cisco ASA).I have put some static arp entries on the Firewall and switches but the servers and users on the DMZ are still receiving the mac address of the Firewall.How can i stop the Firewall from changing the mac addresses of the devices on the network.My ASA is a 5520 and i have 2960Switches.
View 4 Replies View Relatedi don't know any thing about connecting clients to servers & it's methods & requirements
View 7 Replies View RelatedI have installed quite recently a cisco ASA 5520 replacing a linux based firewall I have only 2 zones ..one is internal netowrk and other external the internal network has web servers, dns and mail server all having public IPs Every thing is OK but i have seen that if I try to ping an external server for example [URL] i cannot ping says
[sylvan@kmdns1 ~]$ ping www.yahoo.com
PING eu-fp.wa1.b.yahoo.com (87.248.112.181) 56(84) bytes of data.
--- eu-fp.wa1.b.yahoo.com ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5010ms
but I can ping from systems which are outside my firewall perfectly with the linux firewall i had before i could ping perfectly to yahoo from any of my internal servers?
there are more than 15 servers which include xen,esx,vmware,also san etc..which are connected to L3 core switch directly. And vlans are created for each.....xen,iscsi,vmware,xen,server. wanted to know is there any other technology other than directly connecting servers to core switch and assigning vlans that can be used in place?
View 4 Replies View Relatedlaptop is not connecting to internet? what can i do?
View 2 Replies View RelatedWe have 2 nexus 5K installed in our data centre recently and we are connecting new three servers to nexus switches. Each server has 2 10GB ports . 1 port of serverA is connected 5K1 and other port is connected 5K2 ( sameway other 2 server connected to Neuxs 5K1 and 5K2 Switches).So do we need to create each VPC with Portchannel (like VPC 1,2 and 3 ) for each server connection?
View 11 Replies View RelatedWe are using CISCO Catalyst 6500 switches as collapsed core/distribution switches (2 layer architecture). I want to connect approximatly 10 application servers to the network. Can I connect the servers directly to the catalyst 6500 switches using WS-X6148E-GE-TX line cards? The other option is to use access switchs and then connect the servers to the catalyst 6500 through access switch(Catalyst 3750).
View 6 Replies View Relatedwindows server 2003,ISA server 2000 Networking :: Connecting ubuntu desktop?
View 1 Replies View RelatedFinal results are that if I hard ware connect my computer to my PS3 I can acces Media Servers.When connected through the router though my computer acknowledges the PS3, it cannot connect to Media Servers.I have the Linksys BEFSR41 v4.3.
View 3 Replies View RelatedI'm using the Cisco ASA 5520 on GNS3 .. Everything is working fine, except for one thing. The CCP .. I tried the CCP with a router and it worked, but it can't see the firewall.
I have already enabled the HTTP server using "HTTP server enable" and created account using "username admin privilege 15 password admin" also enabled SSH and Telnet on the ASA
"ssh 0 0 INSIDE"
"telnet 0 0 INSIDE"
When I use the CMD to telnet to the ASA, it works just fine .. Also, when I connected a router to the ASA I could SSH to it, as well as using the PuTTy . Is there a way to troubleshoot? Or even a document that illustrates how to configure the ASA for CCP? Better a document for configuring the ASA from scratch .
I have setup an AnyConnect Connection Profile on my ASA 5520.
We have some remote support software which the helpdesk use to connect to PC's remotley and torubleshoot.
I cannot connect to this software using the assigned IP address of the client even though it works fine with our old Nortel VPN.
If I hit the IP address the packet gets all the way to the ASA and seems to disappear.
I have setup an IP v4 access list on the connection profile which allows any/any access b ut still no joy.
Connecting ASA 5520 to two Catalyst 3560G layer 3 switches. What's the best practice to connect the asa-5520 at the edge, to the core of my network? What I'm looking to do is connect two routed gigabit ports (gi0/2 and gi03) to two seperate layer 3 routed ports on catalyst 3560G. I'm wondering how to do it, or if there's any type of failover method? I'm running EIGRP in the network and the link to the first core switch has a /30 point to point connection. Everything works fine, I'm just not sure how to connect the second switch to the firewall. Should I use the a different /30 for the point to point connection to csw02 gi0/48? (See attachment) How would this affect traffic flowing through this interface? Would I have to duplicate rules I have on my inside (gi0/2) interface? Is there a way to make the inside2 interface standby some how? I want to know the best way to set this up, so in the event csw01 goes down I don't loose internet. Will EIGRP work it's magic and only use 1 path to the ASA? Should I even be using routed interfaces on the ASA and just use trunked mode?Running ASA 8.4?
View 1 Replies View RelatedI have ASA 5520 running ver 8.3.(2)8 and configured for AnyConnect VPN. While testing for iPads and iPhones we noticed that on connecting it disconnects few times before finally connecting. These are the messages logged in the ASA.I don't see authenticatio as an issue. Results are better with wifi compared to 3G. [Code]
View 1 Replies View RelatedI have a multiple Offices in my location , all my external users are connecting my site using Cisco Client to site VPN and accessing my 2 sites , All users are able to access my 2nd office servers which are in 10.10.0.x pool , I have a different vlan in that same location with 10.10.35.x series and users are not able to access this pool servers , I am not much familiar with Routing . i am using ASA 5520 firewall .
View 11 Replies View RelatedI Have exented vlan 120,121 from DC-1 to DC-2,the DC-1 and DC-2 are connected using L2 Trunk over fiber terminated on Cisco 6513 on both site ,the distance around 40 Km ,on the DC-2 i just assigned server-1 TO VLAN 120 while server-2 in vlan 121 ,but these servers unable to communicate neither with DC-1 Servers or betwen them locally on DC-2 ,pls note that the servers at dc-2 rely on DC-1 for routing.
View 7 Replies View Relatedi'm trying to connect 5 servers together to create a private network.Each server has a network of it's own and i'm trying to make all 5 servers communicate with each other to share and search data simultaneously..
View 16 Replies View RelatedMy desktop gateway computer slowly started having problems connecting to the internet via the hard ethernet connection to the router(Netgear). Wireless devices connected OK (although often slow). I assumed it was the router so I bought a new one (Linksys), but it's having the same problem. New router I can connect to with my laptop but not with the desktop. Latest errors during setup are Local Area Connection does not have a valid IP configuration and the default gate way is not available.
I restore to factory defaults? I'm running Windows 7 Home Premium on the desktop.
from the main line (internet port), i distribute to 1st 4 ports router (Bluelink R33N) which is 2 connected to the computer + 1 connect to another router (Dlink).. but the 2nd router (DLink) is not working with the internet line.. Tried to connect direct from main server to Dlink, and it's working well, but when use 2 routers in single line, just didnt work.
View 5 Replies View RelatedWhy isn't it possible to make following configuration:
View 9 Replies View Related