Cisco VPN :: LAN-to-LAN VPN Between 877w And Sonic-Wall / No Traffic
Jun 1, 2011
I haven't worked with Cisco devices before (yepp, another one of those) but I am getting there. I have replaced my silly Draytek router now with a Cisco877 and it works perfectly fine. But the whole networking side of things such as NAT / ROUTE / ACLs is a BIT black magic.
Basically my problem is that I cannot get proper traffic through the tunnel
From any station behind the Cisco (Site2) I can ping the local IP of the Sonic, but none of the other stations. From behind the Sonic I can ping any station behind the Cisco but unable to connect on any port (RDP for example)
Bear in mind that a lot of settings are from forums, google and the sorts because as I mentioned, before I got this one I have limited experience with Cisco .. Everything configured is working fine, the internet connection, the incoming pptp VPN to the Cisco etc., just not the IPSec VPN.
View 1 Replies
ADVERTISEMENT
Dec 18, 2011
I'm decommissioning my SonicWall PRO 3060 and upgrading to an ASA5550 (we're increasing our WAN link speed to 1Gig and need the 5550). In any case, I want to copy over the configuration from the PRO to the ASA. I have everything documented and I've started doing the changeover, but in looking at some other network diagrams on the net I'm seeing router symbols between the LAN switches and the ASA and I'm beginning to worry that I might need routers to do this which, of course, would increase cost quite a bit.
So my question is this: If I have a core switch carved into multiple VLANs and I connect each VLAN to a port on the ASA, will I be able to route and filter traffic from VLAN to VLAN through the ASA? If so how, in general, is this accomplished (I'm betting ACLs). I think that the ASA will be able to do this easily, but I just want to be sure before I get too far into the configuration of this unit,.
ASA
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
GigE0/0 GigE0/1 GigE0/2 GigE0/3 GigE1/0 GigE1/1 GigE1/2 GigE1/3
| | | | | | | |
| | | | | | | |
WAN BackupWAN VLAN400 VLAN500 VLAN600 VLAN700
View 4 Replies
View Related
Feb 12, 2012
I have a side gig that I do some work for and they've had a Sonicwall TZ200 device in their branch office and also in their data center that has a site to site VPN connection between the two devices. About a month ago the bandwidth throughput got severly decreased. They went from getting about 28Mbps/27Mbps to now ~3Mbps/12Mbps.
I've spent days troubleshooting with Sonicwall which could be a whole dedicated thread on it's own but I digress. I even had the ISP come out and test the line and when they hooked up their own laptop it got the speeds it should be getting. I've rebuilt the config on the sonicwall from scratch which was a major pain in the ass because I'm not a firewall guy by any means. After firmware updates and pulling my hair out I've decided to dump the tz200, to what I don't know. I need two devices, one for the data center and one for the branch office. I'm pretty sure something in the config is causing this and after being escalated to the highest level at sonicwall and them sending me a replacement unit which I rebuilt the config on and also tried to import the old settings with no luck. I very well could have done something or made a change to cause this but I'm at a loss and willing to try another product.
I get spammed from Barracuda all the time, do they have quality devices? Something with a web interface would be great since I'm not a firewall guru by any means and had set up a bunch of address objects with NATs and all that.
View 19 Replies
View Related
Apr 29, 2013
Have a Sonicwall with multiple VLANS on LAN interface going to the SG-300 in Layer 3 mode.Trunk Port has VLAN 1 untagged and PVID and other VLANS (20,30,40) tagged.Setting a port to Access for particular VLAN (40) does not pull DHCP from Sonicwall.Sonicwall support says DHCP request is coming from VLAN1 and something wrong in switch setup.Setting 2 ports to VLAN 40 allows communication between the two.Also, replacing SG300 with a Netgear L2 works.Seems like an issue with the trunk, no?
View 2 Replies
View Related
Aug 27, 2009
I'm trying to establish a vpn tunnel with a sonic firewall. We've checked both ends for differences and they are the same. PFS has been disabled on both ends. I'm seeing this in the logs.
%ASA-3-713119: Group = x.x.x.x, IP = x.x.x.x, PHASE 1 COMPLETED
%ASA-5-713068: Group = x.x.x.x, IP = x.x.x.x, Received non-routine Notify message: No proposal chosen (14)
[Code].....
View 4 Replies
View Related
Nov 15, 2011
I have CAT5 cables run throughout my house to a few different jacks. They plug into my modem downstairs. I want to hook up my desktop internet through one of the wall jacks upstairs. The wall jack has CAT5 cable run to it but only accepts telephone wire sized jacks. How do I connect to the internet with this setup?
View 14 Replies
View Related
Dec 27, 2010
I'm wiring the house with CAT6 solid cable. Can I use CAT5e wall sockets?
Are there actually any differences between CAT5e rated sockets and CAT6 rated sockets, aside from the latter being vastly overpriced?
View 8 Replies
View Related
Nov 23, 2011
I was under the impression that the AIR-CAP3502I-E-K9 is a ceiling mount AP only. Is any one using these as wall monuted AP's?
View 5 Replies
View Related
Dec 14, 2011
SO I am not a computer wiz... but I have this outlet in my upstairs wall which has a phone and Cat5e Jack. I would like to set up my wireless router up there but where does the modem go? there is no jack for the cable.
View 1 Replies
View Related
Mar 8, 2013
I have done similar with cat5e in the past, but only operating at 100mb/s. The gigabit stuff I have done so far has had the power in a separate stud cavity.My structured wiring project will be installed in one stud cavity in the soon to be new home office. Not exactly using a structured wiring cabinet, but rather using a 7u wall mount relay rack bracket. The cabling will be entering using 2 separate header penetrations. One existing just inside on the right side of the stud cavity carries 110V 12/2 romex to a stud attached box / recepticle. The other side gets the new penetration, a minimum of 12" away. That's the one that the ethernet cable will pass through. The cable runs will run through the wall and through a brush plate, and then to the patch panel.
The Cat6 cable is UTP, and is marked for in wall use. This is the stuff with the spline if that matters.The romex, by code MUST be attached to the stud, and it is, the cat6 on the other hand is allowed to be loose in the wall. I do not plan on having enough slack in the wall for the cat6 to ever get closer than 8" from the romex, and no closer than 10" from the electrical box.Is that separation sufficient to avoid inductive noise on the ethernet cables? Like I said, I have done similar with Cat5e and no problems ever, but only attached to 10/100 networks. I can change stud cavities, but would rather stick with the one so that my ethernet, and power both can enter the rack cleanly.
View 3 Replies
View Related
Apr 30, 2012
the internet is so poor I usually lose the signal, since it has to go through walls and a bunch of trees. My question is can I use the phone jacks in the wall to set up a second router or something to increase it. Or what is the best way to increase the power and strength. What do I need and how do I do it. My fathers router is under verizon vios. I plan on getting and xbox 360 with live capability and need good internet for that
View 2 Replies
View Related
Jan 4, 2011
I'm wiring up the house with CAT6 (I've never done this before). Someone told me to use 'T568B' termination. Every configuration I see on net looks different, and I'm getting confused.
The jacks have double colour coding for each wire as pictured here:I take it 'A' is for T568A, and 'B' is for T568B?So this is how I should arrange the wires for T568B:
View 3 Replies
View Related
Jun 16, 2011
Configuring QoS on my cisco877W for VoIP below is the current config. [code]
View 3 Replies
View Related
Apr 26, 2012
I am looking for a wall mount bracket reference, for these 2 models of antennas :
- AIR-ANT5160V-R
- AIR-ANT2506
Something like that :I was not able to find any reference in cisco product list.
View 9 Replies
View Related
Nov 13, 2011
WE've been using the Asoka pluglink adapters we received from at&t and they worked very well to where we can move them anywhere in the house. Now they've just stopped working all together. We didn't change anything to where they stopped working. But the weirdest part: they just started working again yesterday and now are not. I did not influence any of these changes and I'm not sure where the problem is. I've tried swapping out the adapters cause we have three and we only use two at a time. Our current setup is a linksys wrt54g with ddwrt which is what we plug one of the adapters to and the other is in my room cause we are out of range for wireless. When testing the network it says we join an unidentified network but have no internet access.
View 4 Replies
View Related
Jan 20, 2012
I mounted the router to the wall with the 2 screw holes and screws. Now I want to take it off from the wall, but it is stuck
View 4 Replies
View Related
Dec 16, 2011
Cisco 877W. I configured it for PPPoE. But once I plug in the ADSL line, the dialer interface will get IP Address. But after like 2 minutes the PPP link will go off and I will get this log message: "Interface Vi1 unbound from profile Di1".
View 2 Replies
View Related
Jan 24, 2012
I am using a company called Zen for adsl, I have 8 IP from XXX.XXX.XXX.248 to - XXX.XXX.XXX.255, Gateway is 254, Address 249-250-251-252-253 I would like to appear at the 4 sockets at back of router, and 252,253 will be used for a server...I understand I should be using Routed IP , but I cannot get it to work, I can ping out to google from the server, but the server is not live to the world. [code]
View 8 Replies
View Related
Nov 7, 2011
I had the Cisco 877W Router working in my old company. The old company was closed and I bring all of network equirments to new company.I am trying to setup this router to new company but lost menu, console cable and software CD.
View 2 Replies
View Related
Jan 22, 2013
I have a Cisco 877W in place with an ADSL connection, which is working fine. However I cannot get it to hand out a DHCP address. If I associate with the AP over wireless then set a static IP I have full connectivity, similarly if I connect over Eth0 and set a static IP I have full connectivity. So it does just seem to be DHCP. Below shows my config... Any thoughts on the issue? Is it access-list related?I have checked with Wireshark and I see the DHCP request being sent out, but I don't see a DHCP offer being returned
View 4 Replies
View Related
Feb 26, 2007
how to configure WPA2 /AES on 877W. Also how to enable IPS on the router. My ios is 12.4.11T1
View 7 Replies
View Related
Sep 9, 2011
I am running an 877W in the home that for the most part works fine, however after being connected for a variable amount of time I partially loose my DSL connection. Line sync stays up, but the traffic is lost.
A shut/no sut of the atm or dialer interfaces does not resolve the issue, only a reload or power down/up will fix the prob short term till it happens again.
Am currently running advipservicesk9-mz.151-3.T1, but have also rolled back to advipservicesk9-mz.124-24.T5 which has the same issue. Have tried a 857W with the same results. So ruling out IOS and hardware, its pointing to a config issue. It has also only been an issue since changing from ADSL1 to ADSL2+.
interface ATM0
no ip address
no shutdown
no atm ilmi-keepalive
exit
[code]....
I've tries some changes mentioned here and from other sites, but no success yet...
View 14 Replies
View Related
Dec 20, 2011
I have a working easyvpn setup. We need to change the HQ ip address (current it is i.e 85.146.110.101). This is ACL is applied to Fastethenet conecting to ISP:
interface FastEthernet4
description $FW_OUTSIDE$$ETH-WAN$
ip address dhcp
ip access-group 101 in
ip inspect SDM_LOW out
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto ipsec client ezvpn Acom
As soon as I apply again the ACL to interface Fastethernet 4, access to internet is lost. If I put original ACL 101 (with ip address 85.146.110.101) it works fine.
So I am wodering what wrong with may ACL? Should I make the change via SDM not CLI (to be honest I did not know/use SDM before today)?
View 3 Replies
View Related
Feb 21, 2013
I've an 877W with four V LANS, All bridged (group) onto a BVI which is bonded to ATM etc for ADSL:
c870-advipservicesk9-mz.124-15.T5.bin"
1 is the backbone, and for the switch, and has DHCP running and working with no problems - x.y.1.z . Multicast is enabled so that various multimedia bits of kit can find each other.
2 is the "primary" WiFi, which has android devices as they cannot handle SSID not being broadcast or devices that can only do wep.(WiFi radio) it has DHCP, x.y.2.z which works fine. Multicast is enabled so that various multimedia bits of kit can find each other.
3 is a secondary WiFi for the kids, "hidden" ssid. They are fire walled so that bugs can't infect any other windows PC DHCP x.y.3.z.
4 Is a secondary WiFi for our laptops, "hidden" ssid .
For some reason, DHCP is not working on 4. it was working until the good lady of the house quizzed why her net was not working... I've concentrated on vlan4, as there are no "local" access-lists definitions to stop anything. I've enabled debug ip dhcp server, and can see requests serviced on Vlan2, but not on 4, I've enabled/re enabled encryption/ shields on Vlan4, but still can't see dhcp requests arriving and do not see them being stopped somewhere. I can see that the station authenticates OK, but if I connect the same laptop to v lan 02, requests pour in and are answered, proving it's maybe not a Microsoft problem.
Let me just say, I'm more or less self taught with the the net, no real mentoring, so 'think' I have the general idea of the different layers, access-lists etc. so this config is probably not ideal, but it works.
version 12.4
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
[code]....
View 5 Replies
View Related
Mar 14, 2011
what's the best antenna arrangement for wall mounting the WAP4410N?I see pictures of the antennas for desk mount but nothing for a wall or ceiling mount.Should I just fiddle with them and see what works best?
View 3 Replies
View Related
Feb 20, 2012
How to mount the E4200 on a wall. Any smart ways to do it?
View 9 Replies
View Related
Sep 13, 2011
I'm thinking to buy a E2500 router for my house. Is it possible to wall mount it?
View 7 Replies
View Related
Nov 18, 2012
While i was looking around in my stuff in the office i have found a Cisco 877W ADSL router .. so i have decided to use it instead of the one i am using now which is provided by the ISP that's made by Huawei.Anyway i have a good knowledge about basic cisco router configuration but i had never configured ADSL Cisco router, so i looked around on Cisco website, and i was lucky to get this two linksCisco DSL Router Configuration and Troubleshooting Guide - Step-by-Step Configuration of PPPoA with a Dynamic IP Address - Cisco Systems[CODE]
View 7 Replies
View Related
Apr 26, 2012
Looking to setup a backup router for our disaster recovery plan. We currently have a Cisco 877W that was setup by our ISP. I can log into the device with Telnet and a console cable, but I am not good using IOS commands, so I would like to use CCA. Unfortunatley, I cannot access the router using the software. I assume something is disabled in the config. Like HTTP or something.
View 1 Replies
View Related
Jan 6, 2011
A client of mine is using a Cisco 877w wireless router, they have one IP phone connected to one of the RJ45 ports on the back of the router and their main desktop is also plugged directly into the router - this all functions perfectly.However, the router is in a private house and as such it provides connectivity for all other wireless devices such as iPhones, Ipads and Xbox Live etc. The problem is that the router only allows 5 devices to be connected at any one time and when a sixth attempts to connect to the router the first device (the IP phone) is diconnected automatically.
So my client can be using the IP phone for an important call and his son walks in with Iphone and Xbox, friends etc etc and the IP phone is immediatley disonnected from the router. I beleive that the router should allow more than 5 devices to connect and would hope there is a way of stopping the IP phone constantly being disconnected.I have already paid for "Cisco Engineers" to attend this site but they cannot get it working.
View 4 Replies
View Related
Nov 23, 2011
I would like to configure an 877w I just bought. It's connecting to a UK ADSL2+ link.I'm a penetration tester and I want to put the Cisco router in front of my existing firewall which has an IPS on it, so that it doesn't get in the way of port scans and vulnerability scans. My ISP has issued me with 14 usable addresses a/240 subnet and basically I want to be able to use the route with just the public IP addresses. I have configured Cisco routers before, but never with this type of configuration. It's always been single public IP address NAT'd through to one or two internal LAN's.
It will be nice if I could assign the wireless and fast ethernet ports to the same VLAN using the public addresses. I don't want to use DHCP I'm quite happy statically assigning IP addresses to the computers wireless and LAN interfaces. I am reasonably certain this is possible because not sure how to do it and a little busy at the moment carrying out penetration tests.
View 7 Replies
View Related
Apr 12, 2012
I have a Cisco 877w (configuration shown below) and i am trying to use a Photo Transfer App on my iPhone4s and iPad3 which allows transfer of photos and videos between the devices using WiFi, the only thing is i cannot get my devices to communicate with each other and i suspect that this is to do with the configuration of my router as the app works perfectly using bluetooth but obviously a lot slower. I cannot even ping the devices from my pc which is also on the same WiFi network. How i should tweak my config?
View 2 Replies
View Related
Nov 7, 2011
I'm having a business DSL-connection which requires a modem from the provider (It cannot be replaced by another modem/router)I want to know if it is possible to place the Cisco 877W-G-E-K9 behind the modem and set it up as an VPN-server.The internet connection wil be established in the modem/router of our provider.
View 20 Replies
View Related
