Cisco VPN :: WRVS4400N To Change ISP And Making Changes In Firewall
May 12, 2011
We have a customer that recently changed IT Vedors and came to us. We needed to change the ISP and need to make changes in their Firewall. I went out on site and wasn't able to get into the Routers and I contacted the previos company but they wouldn't release that information. So we had to reset the devices and set everything back up. Everything works great except before they had an IPSEC VPN Tunnel between the 2 buildings. Both Buildings have WRVS4400N Routers and I have setup a VPN IPSEC Tunnel on both sides. I have named them the same and the summary says that both are up. But when I try to go from one side to the other I am unable to Ping or resolve anything. I called Cisco but they said they are out of warranty. Cisco directed me here.
I've got an issue with a CSS 11501 where, if *any* change is made to a global keepalive (active), the device reboots. The code is 08.10.2.05. I'm unable to search the TAC archive or I would've gone there first.
We're running three networks (inside, outside and dmz). Inside is 10.0.1.0/24, dmz is 10.0.2.0/24, outside is a static ip allocated by our ISP. We'd like to configure the following:All traffic from the outside to [static provider ip] on port 80 should go to 10.0.2.200 port 8080.
Within a workgroup environment we have four large drives, statically assigned and all accessbile via VPN. Our FW is a Cisco ASA-5505. Where within the ASA-5505 GUI can one of these drives be made inaccessible via VPN ?
I have a customer with an ASA5505 where it will not reply to SNMP polls from any source, i have followed the configuration guide [URL].at and tested another ASA in our internal network and i have that working fine on our LAN, here is the snmp and logging sections of the show-run on the ASA, it there anything obvious im missing to make the SNMP work on this device?
snmp-server host outside 203.XX.75.122 community XXXX snmp-server host outside 203.XX.84.196 community XXXX snmp-server host outside 203.XX.86.82 community XXXX snmp-server host outside 82.XX.244.3 community XXX
Ok, so what I want to do is make a router/firewall/proxy (maybe add webserver/FTP as well). Just to start off I want to say that I have moderate knowledge of Linux, enough to administer it from the CL. I have setup routers before but it was years ago and I've forgotten some of the details involved. What I do is a base LAMP install, with DNS, Samba, DHCP server, OpenSSH and then Webmin for easier administration. I've also installed EHCP (easy hosting control panel) in the past but have not at this point.
So, what I want to know is how do I setup the NIC's in the etc/network/interfaces file. Let's say that eth0 connects to the modem and eth1 & 2 are internal adapters. Currently my network is running a Linksys WRT54GL with DD-WRT and the router is set to DHCP for the WAN connection and DHCP is running on the internal network as well. The modem is at 192.168.254.254 and is giving the router an address of 192.168.254.1 my internal network is 192.168.1.1 (192.168.1.0/24). I would like to setup my internal router address to 192.168.1.1 so I guess I need to set it to static in my interfaces config and then set my eth0 to dhcp. Does this sound correct?
So if I do the above my only question is how do I setup the routing tables after that? I always get messed up when I need to make the switch from my Linksys router to my Linux box. I'm not worried about firewall rules at first I can change those once I have the router up and running. I just don't know if I need to make some kind of bridge to bridge the eth0 and eth1 (external NIC and internal NIC).
I've been trying to get my WRVS4400N connected to my ASA5505 on the internet through a Cox connection, but it isn't working. I cannot get the ASA to be the DHCP server for the wireless router. I've configured the wireless router as a gateway and pointed the DHCP server to the ASA but no addresses are being passed through to the wireless router. I've included a copy of my config.
I'm attempting to configure remote management (and, sometime soon, SNMP) for a newly-deployed WRVS4400N v.2.At the Basic Settings page, I enabled Remote Management, and left the port # at the default. Remotely I entered the public (static) IP for the router in the address bar of IE8 similar to this: 67.203.???.??:8080. IE8's response is, "The webpage cannot be displayed." I'm using a public wi-fi access point, and don't know how the local router is configured, so it's possible that the local router has a blocking rule in the firewall.I'll try again using another remote router that I manage.
I'm trying to establish a VPN tunnel between our main office running a Cisco ASA 5505 [8.3(2)] and a remote user using a Cisco Small Business WRVS4400N firmware version V2.0.1.3.
The Cisco ASA 5505 is already configured to allow incoming IPSec VPN connections via the Cisco VPN Client.
Is this possible, and if so, how would I go about doing so? The remote user has a static IP address as well as the main office.
I'm trying to establish a VPN tunnel between our main office running a Cisco ASA 5505 [8.3(2)] and a remote user using a Cisco Small Business WRVS4400N firmware version V2.0.1.3.
The Cisco ASA 5505 is already configured to allow incoming IPSec VPN connections via the Cisco VPN Client. Is this possible, and if so, how would I go about doing so? The remote user has a static IP address as well as the main office.
I cannot connect via VPN PPTP (normal setup in windows xp), I have managed to connect over VPN direct connected to internet, through the router (WRVS4400n) if I turn off the firewall. But I cannot connect with the firewall enabled,One more thing, the device is on and I have enabled the passthrough (and 'Multicast Passthrough' in firewall basic settings) for all available options where one of the options is PPTP.
i bought a computer the old one works fine but it is slow. am using ethernet dsl cable. it connects through lan connections. the new one connects local only and will not let me get on internetwhen i try to go on the internet it brings up a connection through broadband and askes for a user name and password. the other computer doesn't and i have no username or password through the dsl.
i want to make my minecraft and gmod servers permanent so i got stupid and built a low powered server out of an old athlon media pc i had laying around. anyways my current setup i have going is my main router is in the basement and i have a dd-wrt d-link repeater in my room. ok so i gave the repeater a static ip of 192.168.1.56, and gave my server a static ip of 192.168.69.25 (i made the ip of the repeater 192.168.69.1) i forwarded all the necessary ports to the static ip of the repeater then to the static ip of the server. but my servers wont work. on minecraft it says "end of stream" but if i look at the active server log on the server it says "myipaddress has lost connection" and on gmod i just cant connect or see my server at all.
You have to make 4 subnets for 4 VLANs, the router interface assigned to each VLAN is the LAST usable host on the subnet.so unless I'm really bad at networking the graph should be:
Is this correct? I'm not sure whether the default gateway should be 192.168.0.255 (as would with normal subnets) or as I wrote down 192.168.0.126, this is the first time i've ever gotten assignments including VLANs and I havn't really gotten a solid explanation.
I am trying to get the ACS 5.3 to work with NCS but cannot make it work correctly. url...But this does not show how the ACS referencing AD groups would work when determining which custom attributes to use.
On the ACS 5.3 i have set up the following .The ad is working and in Users and identity stores/External identity stores/Active Directory then my AD test works fine.I have set up the Users and Identity stores/Identity Groups with appropriate ip s.I have configured the Network Device Groups/Network Devices and AAA Clients with the ip address and Authenication optionsA.In Policy Elements/Authorisation and Permissions/device administration/shell profiles.I have creeated a shell profile called network shell pro which das a common tasks of def priv = 0 and max priv = 15
Now i can get into the NCS but i do not see any of the administration buttons on NCS - so this means the custom attributes are not working.i shouldnt need a user for this on the ACS as its using AD.
I'm trying to connect our ASUS VIJ series laptop to a dlink DIR-615 wireless router. The router connection page asks us to: "Please enter the PIN from your wireless device and click the below "Connect" button". How to find the PIN number for the laptop? The laptop uses a wireless g connection. The laptop can find the dlink router's signal on the wireless profiles & has been connected wirelessly in the past to a router (a plug & play type) without a problem.
I have a computer hooked up to the internet with a cable modem via usb cable. The ethernet part of the modem is hooked up to my xbox 360.
I don't have a wireless router or a wireless internet connection but I do have a Belkin USB Wireless Adapter and I read on the web that you can turn your computer into a wireless hotspot if your computer has a wireless card with antennae or a usb wireless adapter.
Example, I have a Nintendo USB Wireless Adapter. All I do is stick it into my computer's USB port and it becomes a hotspot that I use to connect to my Nintendo DS to the internet wirelessly. So I basically thought that my Belkin adapter would be able to do the same thing only with whatever other devices I try, not my DS.
i have to make a wireless network for 48 apartments, thats in 4 floors and the area surface is 400 x 400 meters i want to go with netgear maybe buy 1 router and 2 access points?
The command that is given returns an error at the letter a in archive. The command I used was: archive download-sw /overwrite /reload tftp:// obviously with my tftp server info and file name at the end. I logged in with privileged EXEC mode as directed, but archive is not listed when I type ? to get a list of commands. I need to have this AP up and running by Monday.
I have a working easyvpn setup. We need to change the HQ ip address (current it is i.e 85.146.110.101). This is ACL is applied to Fastethenet conecting to ISP:
interface FastEthernet4 description $FW_OUTSIDE$$ETH-WAN$ ip address dhcp ip access-group 101 in ip inspect SDM_LOW out ip nat outside ip virtual-reassembly duplex auto speed auto crypto ipsec client ezvpn Acom
As soon as I apply again the ACL to interface Fastethernet 4, access to internet is lost. If I put original ACL 101 (with ip address 85.146.110.101) it works fine.
So I am wodering what wrong with may ACL? Should I make the change via SDM not CLI (to be honest I did not know/use SDM before today)?
I'm running XP and have Bell-Aliant modem SIEMENS Gigaset SE567 running to DI-624 router. It has been working for years but after the internet was down in the area for most of the day, it has failed to reset. I've done the usual un-plug/wait/replug routine a few times but cannot connect. I can connect directly through the SIEMENS but when I introduce the DI-624 back into the mix, I'm not able to connect to the internet. How do I make it happen. I'm not tech savvy so go slow.
I am wanting to make my desktop wireless I have a D LINK dual band wireless router now. My laptop is wireless and works fine my desk top is hardwired to router. Thinking of moving my moden and router to TV and making my desktop wireless and hardwireing my media server I think it called ( still yet to be bought still doing home work on which one to get and how to hook up ) Thinking less signal loss be hardwired to media server. I now have AT&T DSL 1.5 MB upgrading to 6.0 MB to stream netflicks . Do you think 6 MB will steam OK? Should I Go with just a USB adapter or go to PCI internal Adapter? In reading some of the other post seems hit or miss on adapter seeing and working with routher. Is there a brand or type of adapte I should look at? as I said Desktop will now be wireless media hardwire dose this sound like the way to go about doing this? Any media server that seems to work better than others . not doing x box or Wii not a gamer just want to stream Netflix without buffering and as good a picture as Poss.
I just a new motherboard yesterday an ASUS P7P55D. Running windows 7 and using ethernet, the internet would cut out after a few minutes and come back again by itself and cut off again. After turning on xbox live i realised that my computer is causing problems for the router and cutting off the connections.
I want to make the contents of my pc's hard drive available via my network (ie for use on the laptop), not just the media player library but the actual directories and files themselves. is this possible without a vpn? assuming so, how do I make it happen, and is there any way to secure this access further than just network access? Any easy-to-use and secure vpn.
I made a new connection with a password. And I have deleted the old connection on the "Manage wireless connections" But the old connection still appears on the Wireless connections. I don't want my neighbors to connect to the old one since it has no password, and I can't figure out how to delete it.
I installed a wireless adapter on my pc and since then when I play a game online or watch something online there will be times when the sound will be weird and noisy for a slight second along with the slowed visual. Also I noticed that it awakes the wireless printer from sleep mode. Could it the wireless adapter be interfering with the wireless printer? I tried to adjust wireless antenna but it didn't do anything.
Maybe this was listed in the release notes for the product and I missed it, but can this item support Etherchannel in a 2801 router? I installed the module into the router and the router recognizes the module. I can configure the ports as access or trunk ports, but I am unable to configure the channel-protocol or the channel-group for the Etherchannel. The IOS on the router is 15.1 M with the upgraded Bootloader version 12.3.
