Cisco VPN :: L2L With ASA And C2900 Always Stopping To Ping Each Other
Feb 23, 2012
We have a vpn L2L with an ASA and C2900 and always stopping to ping each other but the vpn still UP and can each the others devices behind the peers.
Everytime we have to issue on router "clear cry isa peer" or on asa "clear ipsec peer" to start to ping each other but after seconds it's stopping to ping again.Is there something to fix it permanently? We did some debug crypto on asa but no information was logged.
View 1 Replies
ADVERTISEMENT
Jan 15, 2011
We want to upgrade the IOS from 15.0(1) to 15.1 for some reason. Here is the output of my router's "show ver":
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.0(1)M4, RELEASE SOFTWARE (fc1)
Technical Support: [URL]
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 28-Oct-10 18:32 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE
[code]....
We have enabled the technology package license "uc" in the previous version, would it be loss after the upgrade?
View 5 Replies
View Related
Nov 11, 2011
Previously posted as C2900 - inward NAT partial success...
Running C2900-UNIVERSALK8-M, Version 15.0(1)M3 RELEASE SOFTWARE (fc2)
I have several sets of inward NAT defined (51001-51007, 52001-52007. 53001-53007),all to various internal addresses. When I attempted to add another set, the new onesdo not work and get a "timeout" error.
When I tried port 51008, it gets a timeout. When I changed 51008 to 51010, the 51010 now gets a timeout, and 51008 now gets "connection refused" (which I expect).The original sets all work, the new ones (added at the end of the lists) do not.When I am on any of the internal machines, the target (192.168.1.21) works fine.When I am "in the router", I can connect via the ssh command, so I know that therouter can talk to 192.168.1.21 on port 22 as expected.
View 1 Replies
View Related
Mar 20, 2013
I'm configuring a new 2911 running c2900-universalk9-mz.SPA.151-4.M4. In the config by default is "line 2" its not a vty, aux or console line and I can't remove it.
View 1 Replies
View Related
Jan 19, 2012
I have 1 x C2900 router with 3 x ADSL WIC and UC500. I setup 3 x ADSL to access internet and UC500 is connected with 3 telephone lines (plugged into FXO ports). I have 2 x GE on my 2900. 1st GE is connected to switch and 2nd GE is connected to UC500.
I want to setup that traffic from UC500 (SIP) is going through 1 dedicated ADSL line and data (from computers & servers) is going through remaining 2 interfaces only. How I can set it up.
I would also like to know how I can load balance internet connection going through 2 dedicated data ADSL lines.
View 4 Replies
View Related
Jun 2, 2013
We are facing a strange issue with GRE tunnel. We are using this tunnel from a branch office to Hub office. All other tunnels terminated on Hub router are working fine. Issue with this tunnel is that whenever WAN connection goes down Line protocol on tunnel interface some times comes up and sometimes not (therefore we have to reset the tunnel interface and it comes up). IOS used on this router : c2900-universalk9-mz.SPA.152-1.T2
View 5 Replies
View Related
May 22, 2013
I have a mixed WAN environment with both eBGP and EIGRP routes. The BGP routes should always take precedence, when they exist. If no BGP routes exist I want the router to fail over to using the EIGRP routes. So far, this works fine.
The problem is, when the BGP route again becomes available (and the associated entry appears in the "sh ip bgp ... received-routes" output) the router is NOT relinquishing the EIGRP route. It remains in effect, showing as a "D" route int the route table even though there is a better ("B") route available. If I bounce EIGRP or the interface associated with it, the EIGRP route disappears and the BGP route reasserts itself, and everything will run correctly until the next time the BGP route disappears due to maintenance, line failure, etc.
My router is (C2900-UNIVERSALK9-M), Version 15.3(1)T
Here's the associated config
interface Tunnel101
description VPN backup WAN interface
bandwidth 7168
ip address 192.168.75.1 255.255.255.0
[code].....
View 7 Replies
View Related
Mar 15, 2011
I tried to update my ACS 5.1 appliance. I applied patch 5.1.0.44.3 and made an big mistake: I booted the server due to the fact that it was not reachable after one hour after appplying the patch. Now the server shows following message, when I try to apply other patches: Can not process requested software update operation since this ACS Instance currently has a software update inprogress.
My question: Is it possible to stop the upfate process and apply the other updates or is it possible to revert this update to go back to the previous patch level. For information: the appliance shows only the patches 5.1.0.44.1 and 5.1.44.0.2 installed.
View 3 Replies
View Related
Aug 29, 2012
There is nice c2900PortNumberOfLearnedAddresses table in C2900-MIB, but it's outdated and not supported by modern switches.Is there similar table for modern switches? Most interested in Catalyst 2960 and 3750.
View 2 Replies
View Related
Oct 20, 2012
Imagine I am designing a small network with a C2900 router running OSPF and in the future BGP with service provider. Please see attached diagram.The router is connected to (2) C3750 Layer 3 distribution switches. Then one C3560 layer 2 switch to serve future IP phone users and desktops.
Question:
a)If I connect the router interface to the (2) 3750 switches, if I make the router interface fa0/0 and fa0/1 as a trunk to accomodate VLAN 200 and other future VLANs, don't I have a problem with overlapping networks between router interface fa0/0 and fa0/1?
b)Alternatively, I could make the Router1 fa0/0 and fa0/1 configured with IP addresses and advertised in OSPF. Then the SW1 fa0/24 and and SW2 fa0/24 I could make as 'no switchport and create a routed interface port' with IP addresses, also running OSPF. Question is, from a scalable design perspectie, would you create 2 management networks and use those when assigning the IP addresses for Router1 fa0/1 and fa0/2? Because again Router1 fa0/1 and fa0/2 obviously need to be placed on different networks to avoid overlapping. So my question is more about proper network planning design to make this scalable to accomodate future VLANs in the future.Using trunks between the Router1 and SW1 option:
Router1
int fa0/0
description connection to SW1
no ip add
int fa0/0.200
[code]....
View 3 Replies
View Related
Oct 3, 2012
I am getting these unwanted entries on my syslog server.03/10/2012 12:57:48 172.21.113.20 Error 23898: Interface FastEthernet0/1, changed state to downI tried to stop them with no snmp trap link-status but it hasn;t worked.[CODE]
View 4 Replies
View Related
Mar 19, 2013
I am having 2911 router running with C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(4)M5, RELEASE SOFTWARE (fc1)IOS and i have configured the following commands for eigrp
-router eigrp 100
-network 10.20.0.0
-no auto-summary
It takes all 3 commands but when i check through show run command i am not seeing no auto-summary command.
View 5 Replies
View Related
May 31, 2012
I am seeing SNMP coldstart traps that either are delayed by many hours or are false (e.g. right after receiving the coldstart trap a query to sysUptime shows the nodes been up for days).I seen this twice this week in a new network environment for me for two different C2900s running C2900-UNIVERSALK9-M Version 15.0(1)M3 Assuming the coldstart traps are coming from the actual source nodes, I am curious what could be going on here.
1) One guess I have is possibly the system clock changed could cause the SNMP agent to send a false cold start trap. Then my guess is in the device log I should see a system time change syslog message.
2) I recall hearing once that syslog and possible traps messages are held in configurable buffer who default value is 1 and if not sent are held and then suffer a delayed sent. Is it true for both traps and syslog ? In the past I assumed this was simply the logging history buffer and applicable to syslog traps only. My assumption in the past was that last trap or last syslog message is sometimes held on reload and sent immediately after restart regardless of device connectivity to the management target.
I always assumed coldstart traps are never delayed for any reason and that they were pretty accurate substitutes for system reload syslog messages. Does anyknow know any reason for false or delayed coldstart traps on a C2900 with IOS 15.0(1) ?
View 1 Replies
View Related
Jul 22, 2011
I am having a huge problem since yesterday. I was using my wireless connection like always and it has randomly started to stop working for brief periods of time. It's like a continuous cycle where the internet works smoothly and fast (like always) for 30 secs at a time, then it goes into 15 secs where nothing works.
View 9 Replies
View Related
Aug 6, 2012
First, I'm running Windows7 64 bit. So whenever I download a decently sized file; my download will start and get good speed for a few minutes, then it will drop off and stop and my connection to the internet will be lost for a short time while the connection resets. This happens if I'm using a program like Steam to download a game, torrenting something, sometimes on my Xbox 360 when it needs to update itself or a game, occasionally on a large app or album off of iTunes or patching an online game. However, I have no issue watching YouTube videos or playing an online game while also having TeamSpeak running in the backround to chat. I don't lose connection when browsing the internet at all and recently I was able to stream a live event without issue but I only tried that once (I don't have Netflix or anything similar).It usally isn't a big issue because my download will pick up where it left off most of the time but its a pain in the butt to have to add on an extra hour to a download sometimes for this.
View 4 Replies
View Related
Apr 25, 2012
I haven't been able to get a decent answer to no matter how much googling etc I do. We have a problem in our flat where any time someone downloads something everyone else in the flat loses access to the internet until that person finishes their download or stops it. We are all accessing the internet through the same router, 3 of us wirelessly and 1 wired. The computers which are for some reason blocked by the other person downloading can't even access the router to do a reset or work out whats happening. [URL] gives our download speed as 14.80Mbps which isn't great but okay for good old NZ.Why would it be that 1 person downloading is preventing the others from accessing the net, do some downloads somehow take full control of all the available bandwidth ?.And is there any way to make it so that it doesn't happen, like make it so no computer can use all the bandwidth at a time ?, ie my flatmate can download his whatever but I can still send emails etc at the same time.
View 3 Replies
View Related
Jan 1, 2013
I am working on LMS 3.2 . Tried to stop the daemon service with " net stop crmdmgtd ". It stuck on stopping state since few hours now. I can still open the application. How to terminate the previous command and restart the daemon service.
View 1 Replies
View Related
Jun 16, 2011
we need config on WS-C3560G-24TS-S inter vlan communication stopping as per attached document.
View 1 Replies
View Related
Jan 16, 2013
I am experiencing strange problem about slowing down the internet speed after downloading is stopped in between. I then have reboot the desktop to regain the speed.
My networking as below:
DSL Modem
Dlink DIR-655 Router
Desktop A (Wired Network)
Desktop B (Wired Network)
Laptop (Wireless Network)
If I am downloading a file (1gb) on Desktop A and for some reason I have to stop it, then internet connection is desktop A , desktop B and laptop is almost killed. To get the speed back, I need to reboot Desktop A. All computers are on Windows 7.
If completely download the file, the internet speed is good on all the computers. Before downloading the speed is: After stopping the download the speed is :
View 2 Replies
View Related
Feb 26, 2013
I have a RV082 router that is currently in prod. I have a Dell Powerconnect 5424 switch that I'd like to use in place of the unmanaged switches I am currently using.I have the switch configured with it's IP, subnet, gateway, etc. I can plug devices into it and communicate with no problems. However, when I attempt to plug in the router, nothign will communicate to or from the switch. The devices I plugged in will not talk to each outer, ping the switch, or the router. Also cannot ping to the switch from a device plugged into the router. If I unplug the router, comm opens back up.
View 1 Replies
View Related
Feb 25, 2013
I have a RV082 router that is currently in prod. I have a Dell Powerconnect 5424 switch that I'd like to use in place of the unmanaged switches I am currently using.
I have the switch configured with it's IP, subnet, gateway, etc. I can plug devices into it and communicate with no problems. However, when I attempt to plug in the router, nothign will communicate to or from the switch. The devices I plugged in will not talk to each outer, ping the switch, or the router. Also cannot ping to the switch from a device plugged into the router. If I unplug the router, comm opens back up.
View 1 Replies
View Related
Jun 13, 2011
I am having an issue with an ASA 5510, running 8.4(1) code, causing outbound mail to remain in the SMTP server queue (Exchange 2007). This only happens with some remote mail servers. The connection usually ends with the remote server eventually sending a TCP reset.
I've taken multiple inside and outside packet traces.Other trace's contain either X's preceding various sections of the stream content or all X's in the content. The X's only appear when inspection is enabled.
Disabling inspection is the only thing that seems to allow mail to flow. I find this curious because I'm running this same ESMTP policy on other ASA's. However, they are on 8.3 code.
Most everything I find when searching on this subject says to disable ESMTP inspection. [code]
View 4 Replies
View Related
Nov 11, 2012
The other day I set up a firewall on my Cisco 1841 router, it all seems to work fine except for a few small problems. 2 wireless devices an iPhone and an Android tablet are having some problems with 1 or 2 apps. iPhone 6.0.1 Facebook app and the App store will not load Android tablet ICS BBC iPlayer and Google play app store wont load or play content. Both devices with their issue were working fine until the new firewall was installed. I’ve tried opening ports and adding ACLs but nothing seems to work. I’ve included my start up config. All other PCs, laptops, smartphones and iPads work fine.
Building configuration...
Current configuration : 5551 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
[code].....
View 3 Replies
View Related
Nov 26, 2012
The other day I set up a firewall on my Cisco 1841 router, it all seems to work fine except for a few small problems. 2 wireless devices an iPhone and an Android tablet are having some problems with 1 or 2 apps. iPhone 6.0.1Facebook app and the App store will not load Android tablet ICS BBC iPlayer and Google play app store wont load or play content. Both devices with their issue were working fine until the new firewall was installed. I’ve tried opening ports and adding ACLs but nothing seems to work. I’ve included my start up config. All other PCs, laptops, smartphones and iPads work fine.
View 3 Replies
View Related
Mar 31, 2012
I have a new 3560G to set up a small network for a remote site. I configured the vlan and an SVI as the gateway. The switch is also the DHCP server for the LAN. I configured Gi0/2 as L3 port, connecting to the nearest neighbor. My network runs EIGRP so i advertised the routes into the EIGRP process. The switch forms EIGRP neighbors and learns all routes in the enterprise network. The problems I'm having now are: 1. The switch learns all routes in my enterprise LAN and can ping devices in the enterprise LAN, but I can’t ping any interface on the switch from the enterprise LAN. 2.
View 5 Replies
View Related
Dec 12, 2011
I set this up and I can ping all the gateways but never the hosts. I was hoping I could make these links between 6500's a mix of L2 and L3. Check it out. They are connected in a linear fashion R1--->R2--->R3. I can ping from R1 to R3's SVI4 gateway but I can never ping a host on that SVI4. I was hoping that I could use the port-channels between 6500's as routed links or as trunk links depending on the type of traffic....thought it would ease the migration. I suppose I could always get rid of the port-channels and just make separate L2 and L3 links between the 6500's.
View 3 Replies
View Related
Jan 18, 2013
From My Router that connects to Cable modem i am unable to ping website 4.2.2.2I am able to ping all other websites fines.Same website i can ping from my pc and all other switches fine.Router has only 1 ACL thats for NAT.
View 25 Replies
View Related
Aug 15, 2011
When I ping an address from my windows machine, it succeeds, but when I ping to the same IP on my MAC OS X machine, it fails.
1. Why?
2. How to get successful ping on my MAC machine?
View 1 Replies
View Related
Jan 26, 2012
I installed window server 2003 in a old Pentium III server as a standalone test server. Now I want to use it as a print server and connected it to the domain. I can ping workstations and other servers from that test svr. But i cannot ping that test server from the work stations.
View 2 Replies
View Related
Mar 1, 2013
I had both a Westell 7500 and a Linksys Router working fine and had my 360 setup as an extender for Windows Media Center so I could stream TV, Music, Movies, etc from my desktop to the 360. Then I switched my modem/router out with a Zyxel PH5001Z
So now today I noticed that I can no longer find my desktop through the XBox. I have adjusted my firewall settings on the modem itself, even completely disabling it. UPnP is enabled for the 360 and the device is showing under my device table. At first I wasn't able to ping any network devices but after creating an ICMPv4 Firewall rule it worked fine. I've confirmed the XBox IP Address through Network Map, the Device Table on the modem and through Network Settings on the XBox. I've diabled my modem firewall as well as Windows Firewall, completely and I still can't ping my XBox or set it up as an Extender.
I have the XBox connected wirelessly using WPA2-Personal and it's operating in 802.11g/n mode.
View 19 Replies
View Related
Feb 29, 2012
I have a strange issue on my ASA 5510 (8.4). I can't ping or connect to the VPN clients but the VPN clients can ping/connect to any inside resources. I have checked all the NAT extemtion entries.
View 3 Replies
View Related
Sep 29, 2011
Been racking my brains out for hours now, my remote access VPN via Cisco VPN Client is UP i can ping the RA VPN DG but cant get no further than that relevant config below i can ping 192.168.250.1 and it replies with the public ip address, but i cant ping any 192.168.101.* addresses.
View 1 Replies
View Related
Jul 27, 2011
Ok, I have a ASA 8.4 firewall that I have been working on so long. It was a hassle to configure the object group and nat for 8.4. So, I put two host in both side of ASA to test pinging but I can not ping the outside or the DMZ. I attached my nat config.
View 1 Replies
View Related
