I am setting up my 2nd 1811 router for NAT and VPN. The 1st 1811 works great, completed a few months ago. On this 2nd 1811, I decided to just copy the working startup-config from the good, 1st router to this 2nd, and then change IPs and from there. I did not do the setup wizard, but just erased the startup-config, reloaded, gave temp IP on local LAN and copied good startup-config from TFTP server.
Question: on this 2nd 1811, I show this:
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip subnet-zero
I do not have this on the 1st, and I cannot get rid of it. Is this due to IOS versions?
I need some help in configuration of Cisco IOS VPN. Basically, we have 2 Cisco 1811 routers in our company. Router 1 - Production router (IP 192.168.x.254)Router 2 - VPN router (IP 192.168.x.251). All machines/servers inside our network has been configured with a default gateway of 192.168.x.254. Hence, all internet traffic will go through the production router.
Now, we want to deploy a new router (i.e. Router 2) which will be solely used for VPN purpose (such as DMVPN, IPsec site to site, VPN client configuration etc). I have configured Router 2 with Cisco VPN client and can connect to this using VPN client application from my home PC. However, once I connect to it, I am not able to ping anything inside this network other than Router 2 IP (192.168.x.251).
Is there anything else that I would need to put into the configuration so that I can ping everything inside the network?
I'm trying to configure cisco 1811 with dual isp internet connections. Everything is working fine till i get to setting up port forwards.The port forwards for 2nd ISP do not work while connection to 1st isp is active. If if shutdown the connection to isp1 the port forwards work fine.
here's relevant section of the config
Code: track 123 ip sla 1 reachability delay down 15 up 10 ! track 456 ip sla 2 reachability delay down 15 up 10
[code]....
I can access the 192.168.2.131 web server using the ISP1 ip but not ISP2 ip If i shutdown ISP1 interface the server becomes accessible through ISP2.Also while ISP1 is active I can't remote desktop to 192.168.1.210There are no acls, firewall zones or anything else.
I have two 1811's connected in a lab using a ipsec vpn tunnel (using a switch to simulate an internet connection between them).I am trying to configure one of the routers as a ZBPF just to allow a remote windows login (DC on the firewalled side, workstations on the other side).I'm trying to verify that the zbpf is working, but it doesn't seem to stop anything. I had match icmp added to the class-map, but took it out to test if icmp would fail. It didn't. Basically, I don't think the firewall is working at all. Any thoughts on how I can configure this so that the policies will work between zone-pairs?
Here's an quick drawing:
Here are the configurations:
Local router: hostname sdc-1811-LocalLab ! boot-start-marker boot-end-marker ! no aaa new-model ! resource policy
We have installed Cisco Prime 4.1 and we have discovered all the devices of our network. Although all devices appear as known both in Monitor and in Inventory, some of them are not being monitored correctly.For example, in the Known_Device_List Report, I have a device named 'Switch1' with IP 'x.x.x.' but in the monitoring, it shown by the name 'Switch2' with the same IP 'x.x.x.x'.
It seems that the DFM database doesn't get correctly this device from DCR, but in the LMS 4.1 version there is no option to delete this device from the DFM. I already tried to rediscovery devices throught CLI by the dmctl -s DFM invoke ICF_TopologyManager::ICF-TopologyManager discoverAll command, but with no success.
CISCO881W-GN-E-K9 vs. C881W-GN-E-K9. What's the difference between these routers?
For example, the CISCO881G-K9 has a 3.5G ExpressCard Modem and the C881G has an embedded one with GPS and 3.7G in most versions. The C881G is, for all I know, the newer one. But for the two mentioned above, I can't find any differences at all. The C881 is listed in the Teleworking section of the data sheet. But there is no information whatsoever about any feature or license differences.
I have two computers at my apartment getting two VERY different speeds from my wireless connection. I'm thinking it might be the hardware im using, but I want some expert opinions before I go out and buy anything else. [code] Getting 5 bars of connection and 14.5 -21 Mbps..Both computers on the same desk when tests were run.
Is the ACLs matching logic between a Cisco router and a Cisco firewall (PIX/ASA) the same ? If not, What are the logic differences? I understand that in a router, once a match is found the statements below the match are ignored, I wonder if this applies to firewall.
which differences exist between 7.0 and 7.2 firmwares? I have to decide/choose which of them to run, before continuing to configure my WLAN infrastructure.
My customer is having Cisco 4507R switch with IOS version 122.31-SG1 which deosnt supports NAC - L2 IEEE 802.1x but supports NAC - L2 IP.What is the difference between these features and which features is required for proper authentication and posture assesment.
So I have a server running Linux and am looking to add VPN functionality to my home network. I have OpenSSH running and it works great for tunneling and remote file transfers but doesn't quite get the job done.I would like to be able to map a network drive in Windows to my Linux box and understand a VPN could accomplish this, problem is I really don't know anything about Virtual Private Networking! I was hoping someone could explain to me the differences between SSH / VPNs and point me in the right direction towards configuring OpenVPN on my Linux box.
We are looking at doing some switch replacement. These switches will be in for ~7 years.We need POE for a VOIP phone system, and 10gb uplinks back to the core. We want to have the ability to go POE+ in the future.
We were quoted from our vendor for:WS-C3850-48P-S with 2x715w Power supplies. It looks like the data sheet says that to get POE+ you need 2x1100w or 1x1100w & 1x715w. Do we need to step up to the WS-C3850-48PF-S?
I am working for a customer on an enterprise site containing many 6509's. We have built a test environment and upgraded a chassis from sup720 running 12.2(18)SXF15 to VS-S2T-10Gb running 12.2(50)SY on the management card. I have noticed and so has the customer that there are many commands missing or added and they want an expalnation of these. I can do some of them easily, change syntax etc but for instance it has added a table-map, 50 vlans with a large MTU and large COPP policy.
What are these ?? and also is there a quick way resource etc to find out why the commands have been added/removed, for instance-mls ip cef load-sharing full is missing--
What is the difference between WIRELESS LAN LWAPP and WIRELESS LAN LWAP RECOVERY images? I believe the RECOVERY is used in the upgade process - but what is the other used for?
Aside from the obvious differences between these two NAS`s (processor speed, max users, max groups etc) what are the actual real world differences in functionality between the two?
I`m also wondering what the `turbo` bit refers to?Any pros/cons of each??
We replaced a 3560 with a new 2960S and I'm only able to configure a single ip sla where before we had three ip sla entries on the 3560. Obviously, one is a L2 switch and the other a L3 switch. This is an expected difference between switches, correct?
We are looking to replace some aging 3560 switches with 100Mb/s interfaces. They service IP phones and workstations.
For having IP phones directly connected to access switches that are also servicing workstations, we don't need L3 routing except in the core, so the question is what would we lose if we used 2960S switches for access switches.
I understand from having spoken with Cisco TAC that a limited subset of QoS is available on the 2960S platform. Does that includes the priority queue that is enabled when you turn on mls qos on a L3 switch?
I am trying to decipher the differences between the two models of the 1921 router. One has an IP Base IOS and the other has a Security IOS. I have an ASA so I don't think I need all the Security IOS bells and whistles on an internal router. Although, does the IP Base IOS allow for trunking and sub interfaces? I definitely need that and on CDW's website it says that the 1921-Sec/K9 w/ Security IOS includes 802.1Q and that spec is not listed on the 1921/K9 IP Base IOS model.
I need raise a especial configuration to 34 APs LWAPP associated to WLC 5508 with IOS 7.0.220
This is the Scenario:We have 34 APs LWAPP with 2 SSID (Corporative & Guest), with 2 DHCP different. The Guest SSID receive IP to DHCP from WLC while SSID Corporative receive IP from Microsoft DHCP. The AP On Site are Local and the Foreign AP are configured like H-REAP (H-REAP Local switching and Learn Client IP Address are marked)
Here is the thing, I need configure a new WLAN (Pruebas) for add to 34 APs (Local and Foreign) but this new WLAN must be receive IP from a New Microsoft DHCP
Firstly I configured a new Physical interface and linked to New WLAN (Pruebas) however i don't know how configure the AP and the DHCP because I want that the AP deliver IP addresses depending the Locality.The last because the SuperScope from DHCP is divided in various subnets and because the IP from the AP will be in another VLAN
I thing to buy one of these two products linksys wag120n and the links wag160n and i want to know which the main differences between of these two products.
What is the difference between version 1 and version 2 of the 310N? I cannot find any information provided by Linksys or on this forum that describes what the difference is.
I understand that my questions seems to be rather strange cos supervisors is rather old (Sup1A especially). But i am interested in understanding what puprpose were in production SUP32. I cant find out enough differencies between Sup1A with MSFC2 and Sup32 to understand what reasons lead to deploying new sup in none fabric supervisor series.
Both supervisors have same perfomance - 15Mpps and have limitation on backplane bandwith of 32 Gbps (cos both use swithing bus), both supervisors equipped with MSFC2 and etc. Differencies i found:
SUP 32 have 10Gbe ports support (but this seems to be doubtful enhancement - with it perfomance GE ports seems to be more appropriate technology isnt it?) SUP1A equipped with PFC, SUP32 with PFC3BSUP32 deploys CEF (what is benefit of CEF if perfomance same?)
Basically, he has an office he's supporting on a contract basis, they have a cable modem uplink. They move very large (100MB or so) EXCEL files to/from a server "somewhere out there"...The place has 19 users on cable modem (presumably commercial level). They're having "severe latency due to all the users". They're also using VOIP (not sure what product, shouldn't really matter)this doesn't pass the sniff test to me- I have 70+ users on 4 T1s and don't have the problems they claim to be having. Suspect they should be doing some packet sniffing to see who's camping on Youtube, but this is not an option....They're adding in a second cable modem line and want to bind both together. I immediately figured they should do QOS, dedicate the mission-critical traffic to 1 line and let it bleed over onto the other and take precedence if necessary. They have a Cisco 1811 router. I haven't messed with those before, but what I am seeing is they are a "fixed-configuration router". Obviously there has to be SOME config changeable- if for nothing other than IP assignment to interface and such. So what does Cisco mean by "fixed-config"? Is this basically a dumbed-down Linksys router?
i have cisco router 1811 , i make port forwarding for my mail server , so from outside i can access to the mail server via my mobile but inside lan i cannot because i use my global ip address at my mobile config .
I have some problems with making stable VPN between SRP512W and ISR1811.Configuration:
- IKE policy - 3DES/SHA1 group2(1024bits) - crypto map on ISR1811
One of the main issues I've noted appears when SRP loose it's IP connectivity to remote router, even if this connectivity interruption lasts for only couple of seconds. When the IP connectivity is restored SRP is unable to re-establish the IPSec session. There is connect/disconnect option in SRP menu (Status -> VPN Status -> Connect/Disconnect) and automatic VPN disable (VPN -> Site-to-Site VPN -> IKE policy -> Enable Dead Peer Detection) yet I couldn't found any option for nor automatic mechanism for VPN reconnection when the IP connectivity is reestablished. This issue lead to interruption of Site-to-Site VPN service when there is some short outages within the ISP network.
Another issue is building GRE tunnels between the same devices. Can you verify my configuration? Belive it or not - I spent more than 4-5 hours and couldn't do it.Should I make some additional settings/configurations ?
i have two branch offices A & B both connected by a vpn. i am planning to add another isp on both the locations and have it just for the vpn. i.e have the second isp do just vpn and all other traffic go through the older ISP.. what are my options ? am not planning to add any extra hardware and also am not planning on acheiving any fail-over or load-balancing because i know ASA 5510 does not do load-balancing.
