I am setting up a DMVPN between several dozen sites using 2800, 2900 and 3900 series ISRs. The DMVPN Design Guide recommends current 12.4 or 12.4T IOS, but the DG was last updated in July 2008. I cannot seem to find any recommendations newer than this. I'm hoping Cisco or the community can give me an updated recommendation.
View 5 Replies
I have some simple rules on 2 extended lists:ip access-list extended FWINpermit tcp any host 192.36.86.231 eq ftp-data ftp 22 www 443 516 666 671 672 2222permit tcp any host 192.36.86.231 eq 4500 8008 8443permit tcp any host 192.36.86.231 range 5900 5950permit tcp any host 192.36.86.231 range 33434 33550permit tcp any host 192.36.86.241 eq ftp-data ftp 22 www 1935 2195 3306 8888permit tcp any host 192.36.86.241 range 8080 8090permit tcp any host 192.36.86.241 range 33434 33550ip access-list extended FWOUTpermit tcp host 192.36.86.231 any eq ftp-data ftp 22 www 443 516 666 671 672 2222permit tcp host 192.36.86.231 any eq 4500 8008 8443permit tcp host 192.36.86.231 any range 5900 5950,The issue is that 192.36.86.231 can access internet, and 192.36.86.241 can not.Is there a way to troubleshoot 192.36.86.241's connection/packets flow?
View 1 Replies View RelatedAm trying to do a dynamic configuration of a 3900 series router (3925 to be precise).For the software and licenses, under the IOS technology Package Licenses, what's the significant of SL-39-DATA-K9 and SL-39-SECNPE-K9? Are they really necessary for the router?
View 3 Replies View RelatedI am looking for the procedure of the router 3900 series failover. I have got two 3900 series router with the same ISO and other interface cards. What are the main things that I should watch ? Does the standby router takes the same ip of active router if the active router fails ? How should I configure it.
View 1 Replies View RelatedWe are migrating from a Microwave T1 WAN to a Fiber ring WAN which I'll be connecting to our providers Ciena Metro E switches. Eventually we are going to move away from the routers, but the network is a little too complex as well as spanned across a lot of miles. Since I am the only networking personnel here, I would like to first simply migrate to the fiber by simply moving the connection configs off of the T1 interfaces, and onto one of the Gig interfaces on the 7206 and on one of the Fe interfaces on the 3900 (which is actually a 3700 series because the line card on the 3900 is toast). If this works, I will need to purchase Fe line cards for the 7206, because I found out that the virtual interfaces do not support Policy Mapping for our QOS and Multicasting.
View 6 Replies View RelatedCan the 3900 series router be ordered or upgraded to a license with advances enterprise services? I have a few of these routers and I'm looking to get the license upgraded if possible.
View 1 Replies View RelatedI have three Hub routers that I'm wanting to compare DMVPN scalabiltiy capabilities (3825 versus 3945 and 3845). I know it must be there somewhere and I'm just not looking in the right place. But I've read and read and read about DMVPN designs and I'm not finding anything. This is turning into a time killer. What are the DMVPN limitations of these three routers are?
View 6 Replies View RelatedIs there a router (1900-3900 series router) that will support a 100FX fiber connection. We use to use 2800-3800 and 2600-3700 series routers with FX fiber interface now these routers are no longer available and our need for 100Mbps FX is still a requirement.
View 3 Replies View RelatedI configured a 2811 series router for dmvpn. My two tunnels are up but one of the tunnel is flapping with this message.
View 4 Replies View RelatedDoes ASR 1000 Series support DMVPN Hub, and Key Server in GETVPN.
View 2 Replies View RelatedI've been looking into posibilities for extending a DMVPN (already implemented) with very small (1-2 user) remote locations over a single ISP link.I would like to use what is basically the smallest Cisco router that supports DMVPN and EIGRP (stub) - here's a sample configuration:I know that the 881 can accomplish the above without issues (if it has Adv IP Services as licensing).I would like to know if I can use the smaller routers (physically smaller, that is) for a similar configuration. Can the Cisco 819 router.URL provide the same functionality? What about the Cisco 866VAE router URl.
View 1 Replies View RelatedWe are looking at providing an ISR 819 for one of our customers using FTTC & 3G for failover .. However, I cant seem to find any recommended throughput guidence for the device? We could be looking at up to 80Mbps via the ethernet interface and I just dont know if the device will cope?
View 4 Replies View RelatedI would like to perform vulnerability scan on Cisco switch and router.Is there any free vulnerability scan tool recommended for Cisco device ?
View 2 Replies View RelatedI currently have a 50Mbps Internet Connection provided by an ethernet handoff for hosting some webservers. We are looking at adding an additional 10Mbps Internetn connection and route BGP between the two. For the 50Mbps connection, i'm using a Cisco 2951 router. I also have another 2951 router to terminate the 10Mbps connection. Does these router have enough horsepower to fully route BGP?
View 1 Replies View RelatedI am lacking experience in BGP and now I am trying to figure out what should be the ideal and recommended design.
Scenario:
- Having two Internet Service Provider with two ASN
- Having one idenpendant IPv4 public address
- Having two Internet Cisco Router e.g. 2811
- Having two Cisco ASA Firewall e.g. 5510
Are there any recommendations for configuring the VM for the ACS 5.x? What are the required minimum CPU-Cycles to dedicate and also the minimum RAM to dedicate?
View 1 Replies View RelatedMy current network setup has pix 525 firewall and for IDS i have 4215 box.As the utilization is high i am buying new ASA5520 firewall.
My query is
1 My IDS is end of support should i buy an IPS moudle with the asa 5520.is it recommended?
2 Other than firewalling what are the default features supported in asa 5520 like vpn,content filtering etc.
My wifi router recently busted and looking to upgrade. In doing some research, I think I've come to the conclusion of these specs:
-Up to 300 mbps
-10/100/1000 WAN and LAN
-Dual band
-a/b/g/n
Ideally, I'd like to stream my media content from the desktop to my PS3. I don't know if it's a bandwidth issue or my old router, but streaming non-HD movies would buffer like crazy. My RoadRunner connection is about 25 mbps down/1 mbps up. Not sure if the upload bandwidth is the culprit. I know there's not a huge use for 1000M WAN, but I guess I was looking towards the future. Am I overcompensating on the WiFi? My desktop has gigabit port.url...
I am currently at my parents house. They have a internet/phone package with Talk Talk, with the free D-Link DSL-2680 router (which is located at the front of the house). I've run a speed test on this and get almost 6Mbps download on the wired desktop.If I bring my laptop into the room and try it wirelessly I am getting the same sort of speed. However, if I walk 10 meters into the back of the house, I go down to 0.3Mbps.I am wanting my parents to be able to use their iPad in the living room at the back of the house as well as they could use their wired desktop in the front of the house.Is the D-Link DSL-2680 good enough? Do I need a wireless extender/bridge/whatever?
View 1 Replies View Relatedi have an DIR-655 Hardware Version: A4, with Firmware Version: 1.21.Its dated: 2008/11/13.Do i get any improvement updating? And in such case, which FW should i use? It must be rock solid!
View 3 Replies View RelatedI have two 5505's facing each other over 10meg dsl internet links with slow up links, I think that the uplink is around 768K and down is 10meg.Behind each ASA on each end sits a pbx they are using H.323 point to point trunk for connectivity to talk to each other one the g.729 codec. I've read a little on Qos and I'm wondering if GRE over IPSecis the way to configure this setup. I'm needing recomendations. There are is no qos at present configured and its not working well at times. There are only 5 phones at the remote site and 5 computers. The remote end only supports 3 vlans as well. I'm new to ASA.
View 1 Replies View RelatedWe are in the process of building a new DC and would like to know which is the recommended version of code to run on the following:
Firewall Services Module
Cisco ASA5580, 5550, 5520
ACE module
Is there an official Cisco-Page with the always-up-to-date recommended NX-OS-Releases for the Nexus 5000, just as there is URL
If there is no such page: What Release can be recommended?
We got new N596 & N2232 this week, and are using L2-LAN only, no L3,no FCoE- or FC-Ports. The command 'vPC orphan-ports suspend' is the newest feature used, so 5.0(3)N2(1) would be the oldest possible release.
Before I install 5.1(3)N1(1a) and then have to do a distruptive downgrade to 5.0(3)N2(2b), I'd like to be assured that the new one is already recommended as mature enough.
I have implemented ASA 5520 as the main firewall. The outside interface is connected to a cisco router and the router is connected to an ISP. I want to make my security system more secure. Which product is the best as the internet gateway solution. Which licenses are required for this one and what is the,cost for each license. Where can I find the DMZ diagram recommended by cisco ?
View 1 Replies View RelatedI would like to know what tool do you use to create topology diagrams, since I need to create some for my thesisI know about MS Visio and Cisco stencils.Apart from this I have no experience with anything else.I need to draw some tunnels and arrows showing message flow as well as the topology itself.
View 2 Replies View RelatedWhat is the most recommended set up for my routers? I have 5 routers, 1 linksys ea4500 which will be my main, and 4 linksys e2500 as my access points... what i want is that they are all in the same network and only one ssid? Is it possible? what will be my wiring connections? can it be on series or all routers connected to 1 main router?
View 2 Replies View RelatedI have recently acquired an ASUS RT-N16 router. My original plan for it was to install Tomato on it. However, after checking their website i found out that the firmware was not updated in the last 2 years. There seem to be a few updated mods but none of them really seemed mature/stable/well-documented.
I would like to know what other people recommend as open-source firmware for this router. I know the answers will probably be subjective; so i will give a bit of background on my needs:
for now i will only use the Wi-Fi on an Android phone the connection will not be shared with anyone (so QOS is optional)i want a stable (wired) connection on my PC (for online gaming etc.)i want the (wired) download/upload speeds to be as close as possible to those achieved by directly plugging the Ethernet cable to the PC's network card; i have a 100 Mbps connection my ISP uses PPPOE my technical level: i am a software developer and i have good knowledge of bash scripting, but no experience with networking
Also, i know that i could probably just use the stock firmware (and maybe will use it for a while), but i'm interested in trying an open-source version (for more features, flexibility, as a learning exercise etc.)
Wat will be the default memory and hard disk for SM-SRE-710-K9 and wat will be the maximum support for this module.
View 1 Replies View RelatedWe have several of these WS-C2960S-24PS-L running 12.2(55)SE5 C2960S-universalK9-M and need to upgrade to a better.IOS since we have a sitution where CPU would get to 100% but we have only a few ports connected.Also we have several of WS-C3750-48P running 12.2(55) SE6 C3750-IPBASEK9-M.
View 3 Replies View RelatedI am currently trying to setup a GRE tunnel on a cisco 861. As part of a configuration template provide by an outside source I am recommended to use a sub-interface on the router but the recommended configuration does not work.
View 1 Replies View RelatedI have 8 switches (different models) configured in stack:
Switch Ports Model SW Version SW Image------ ----- ----- ---------- ---------- 1 28 WS-C3750G-24TS-1U 12.2(55)SE C3750-IPSERVICESK9-M 2 26 WS-C3750-24P 12.2(55)SE C3750-IPSERVICESK9-M 3 30 WS-C3750X-24P 12.2(55)SE C3750E-UNIVERSALK9-M 4 30 WS-C3750X-24P 12.2(55)SE C3750E-UNIVERSALK9-M* 5 12 WS-C3750G-12S 12.2(55)SE C3750-IPSERVICESK9-M 6 30 WS-C3750E-24PD 12.2(55)SE C3750E-UNIVERSALK9-M 7 30 WS-C3750E-24PD 12.2(55)SE C3750E-UNIVERSALK9-M 8 30 WS-C3750X-24P 12.2(55)SE C3750E-UNIVERSALK9-M
Now I'm have IOS ver. 12.2(55)SE but from time to time I'm experiencing strange system freezing. It means that all systems connected to the stack are working very, very slow. It hapens ones, sometimes twice a month and takes 5 minutes. I didn't find anything strange in logs (neither on switch nor router). I would like to install other IOS version. Could you recomend me the most stable version for this stack (built from these different models) ?And the secound question: - Is it possible to copy SE1 manualy to every switch and reload one by one manualy. Will they join the stack and work fine after reload or maybe there will be a IOS mismatch ?
I have a situation where a customer doesn't have the required power units installed in their 6500 for me to provision a WiSM2.They use a VSS pair with a single Sup720 in each. They have no intention of adding a second Sup to each chassis.
I need to justify why they can't use slot 6 (which has power reserved) if I am to get them to upgrade the PSU's. The documentation I've found says it is supported but not recommended.
Just a general concern for privacy, on my NIC card and gateway stock from HP, as well as performance...where should we draw the line and consider ourselves safe? Being disabled and pretty much not able to work no longer with a life threatning illness, and not much in my bank account, I have not much to worry about this. However I dont want my typical neighborhood kid hacking on my connection either, it tends to slow down your bandwidth.
View 2 Replies View Related
