Cisco WAN :: 1841 - NAT Configuration
Sep 4, 2011
I have a little problem configuring NAT on router 1841, like this is the topology:
WAN (PUBLIC´S ADDRESS) fast0/0 fast0/0/0 PUBLIC´S ADDRESS INSIDE (192.168.1.0/24)
ROUTER ====== X.X.X.X/30============= ROUTER ======== Z.Z.Z.Z/29 ============ SW 3560==============
(ISP) .253 .254 CLIENT . 47 .48
The connection with ISP or Extra net is a metro Ethernet, so the isp gave two ip address to the client: WAN (/30)
LAN (/29) Which be the public addresses to be used by the client if you need to publish any server on the network (like WWW), so they do not have any device that will could do the nat, like an asa or linux server, so the router has to do the Nat, because the SW 3560 does not support this feature.
So... I did the following:
On router 1841:
inter fast 0/0
description WAN
no shut
[ code ]...
I create an interface Blackpool to simulate the LAN connection (192.168.1.0/24)
Inter loopb 0
ip address 192.168.1.254 255.255.255.0
ip nat inside
[ code ] ...
ON SWITCH:
interface vlan 448
description LAN-ME
ip address Z.Z.Z.48 255.255.255.248
no shut
ip route 0.0.0.0 0.0.0.0 Z.Z.Z.47
But if i try to do ping from the ip address 192.168.1.0/24 to any server´s internet the ping fails, but if i do the ping from v LAN 228 the ping is success. I will think that route map could solve the problem.
View 7 Replies
ADVERTISEMENT
Apr 8, 2011
I have 2 cisco 1841 routers the one is connected to my local network and the other is the stub router and it only has 2 fastethernet interfaces. fao/1 connected to the local network and fa0/0 connected to the internet and to the other router. How can i configure NAT on the fa0/0 which is sharing the internet and local network
View 1 Replies
View Related
Dec 12, 2011
I am configuring a 1841 router for use in small out office. I will use the s0/0/0 for main WAN T1 connection. I then wanted to use the ATM0/1/0 WIC-1-ADSL card as a failover. I am using weighted static routes for failover. Fe0/0 is LAN interface. When I go into SDM and look at the ATM interface it says this configuration is unsupported?
1. Can't I just get a DSL modem and connect it to fe0/1 and not use ATM WIC and use below for failover?
2. If I have to use ATM WIC what needs to be configured for it to work with Att aDSL?
View 1 Replies
View Related
Oct 8, 2012
I'm having 1841 Router, its configuration is not getting safed. If I reboot the router all my running-config is like default. But when I check my sh startup all the configuration which I did is displayed. Checked the config-registery too and its 0x2142 changed too 0x2102 still the same problem, when reloading the router all the running config is disappeared.
View 2 Replies
View Related
Feb 23, 2013
my problem in configuring a cisco 1841 as VPN server using SDM, everytime i press Lunch Easy VPN Wizard botton, there were no response at all. my IOS is:
Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(15)T15, RELEASE SOFTWARE (fc3)
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
System image file is "flash:c1841-advipservicesk9-mz.124-15.T15.bin
by the way I took this IOS to other router with the same model(CISCO1841).
View 2 Replies
View Related
Jun 20, 2012
I'm trying to get a PPPoE config working on an 1841. Running c1841-advsecurityk9-mz.124-3i.bin . I tried c1841-advsecurityk9-mz.151-4.M4.bin but it has even less protocol options.
I used a walkthrough but it suggests the following fragment which doesn't work because there is no "protocol ppoe" command available on my system. Perhaps there is a simpler way to do this? I tried c1841-broadband-mz.151-4.M4.bin but it doesn't seem to have ssh available.
vpdn enable
vpdn-group 1
request-dialin
protocol pppoe
exit
[Code]...
View 3 Replies
View Related
Dec 15, 2010
I have the following very simple policy configured on a Cisco 1841.
policy-map Shape-2Mb class class-default shape average 2000000 interface FastEthernet0/1[code]....
I'd just like some clarification on the best ways to monitor this. Looking at the 'sh policy-map int fa0/1' i get this:
FastEthernet0/1 Service-policy output: Shape-2Mb Class-map: class-default (match-any) [code]...
some of the sections don't make much sense to me. What is the output of that command.
View 1 Replies
View Related
Mar 19, 2011
On new 1841 Testing Router, I deleted the flash & did the reload. After reloading, instantly I entered into the Rommon mode. I have a backup of the flash in my TFTP Server, which is connected to the 1841 Router. how can I restore my flash file into my 1841 Router. I can not get myself out of Rommon mode. I also now even can not ping the TFTP Server as well. Do I have to configure in the Rommon mode ?
how to restore the flash image via TFTP Server on my 1841 Router.
View 7 Replies
View Related
Nov 27, 2011
I have a Cisco 1841 router with an HWIC-ADSL module installed. My ADSL connection is PPPoA with a dialer interface and I have been provided 6 ip's from my provider to use on this service. Previously I have connected Fa0/0 on the 1841 straight onto my network and used NAT and ACL's on the 1841, I would now like to change this and have Fa0/0 connected to a Palo Alto firewall and use the Palo Alto to provide NAT, Firewall & site to site VPN functions. What config would I require on the 1841 to allow me to use one of my ISP IP addresses on the Palo Alto to allow it to be a VPN endpoint? Do I need to configure the 1841 in bridge mode?
View 3 Replies
View Related
Aug 5, 2012
I am trying to configure a Cisco 1841 to allow the users to access the internet. This is my first step with ppp. All the rest of the configuration is ok but I don't know how to setup the interfaces Dialer0 and ATM0/0/0.
Need very basic configuration that I can analyze and use on my device?
View 10 Replies
View Related
Jan 24, 2013
I have a Cisco 1841 Router with ADVANCE IPSERVICE IOS .The said router does not safe config, even after saving the config? As soon as the power cycled all the config will be lost? what can be done to correct this ?
View 1 Replies
View Related
May 9, 2012
i have a 1841 cisco router and i recently purchased a 1 port HWIC wan interface card. My problem is that I cannot see the interface in my config file. Is there something i am missing?
View 8 Replies
View Related
Jul 17, 2012
I am position to migrate from CatOS 6509 switch to native IOS 6509 switch. long time ago, there was some site to convert automatically based on copy and paste onto the tool, but i can not find.
Does anybody know how to convert CatOS configuration to Native IOS configuration ? It is not IOS change, but it is configuration convert.
View 1 Replies
View Related
Dec 14, 2012
I have webcams that need port 8081 opened and I did that, everything worked fine until my DIR655 jammed up and power cycling it and the modem 3-4 times DID not make it work: no internet access and it was definitely a DIR655 problem. So, out with the paperclip to do the big reset, causing me to lose my configuration. When "most" of it came back up with my new config (I had screen prints), all was okay EXCEPT the webcams. Addresses and ports were all configured properly, address was fixed too on the client computer rather than use DHCP. I had a DNS relocation service running (DYNDNS) for the WAN side, but that address (My IP) didn't change either. I tried EVERYTHING. Finally, I realized in all my screwing around that I had enabled UPnP in my application, something I hadn't done before, but did this time as a desperation move. UPnP had always been checked off in the router. So.....I REMOVED my port forwarding and virtual server settings (either one worked before), and voila, everything working, Is this a normal occurrence, that if you have UPnP running, that this auto configuration overrides any manual configuration?
View 2 Replies
View Related
Feb 1, 2013
I am putting an pre-labbed DMVPN Hub config onto a production 1841. We had to upgrade the IOS to support protection with NAT so the current IOS we're running is c1841-adventerprisek9-mz.124-25g.bin.I can paste the configuration in fine (via the tunnel interfaces) and the router accepts it however the 'show dmvpn', 'debug dmvpn' and other related commands don't work. I have checked the IOS feature navigator and it definitely shows that DMVPN phase 1 and 2 are supported in this image.
View 5 Replies
View Related
Nov 17, 2012
I have a 1841 router and I can ping the f/0 port from my pc. However when i try to console to it, it is not showing up anything but a blinking cursor. I tried all different baud rates on my teraterm but still not luck. I picked the baud rate disconnected and reconnected everytime and still nothing. Then I tried to telnet to it using teraterm but it would just open a console window and then close.
View 10 Replies
View Related
Apr 28, 2013
a have a router CISCO 1841 and I configured a NAT inside from the router to the firewall like this :ip nat inside source static firewall_adresse public_adresse and its work fine and when a added it I do this command "wr" to save the configuration and I restarted the router many times and it still work fine,but in the last five months this NAT does not exsit twice and I must add it a gain.
View 7 Replies
View Related
Nov 23, 2011
How to enable GUI for a Cisco 1841?
View 4 Replies
View Related
May 9, 2012
We have an MPLS that connects our main office with our 7 branch offices. We have 3Mb coming into the main office and 1.5 into all of the branch offices. I would like to give rdp traffic the highest priority. We have a Cisco 1841 at all branches and a Cisco 2811 at the main office. Do I have to configure QOS on all routers or just the one at the main location?
View 5 Replies
View Related
Jan 12, 2012
I have a cisco 1841 router and want to run BFD i think it needs IOS 12.4T..It has currently 12.4 but no T does the "T" IOS have mroe features?
View 1 Replies
View Related
Nov 23, 2011
How to enable GUI for a Cisco 1841?
View 1 Replies
View Related
Apr 23, 2013
We have a 1841 setup with WAN and LAN subinterfaced(2 WAN connections, 1 internal VLANs) and I am recieving some pretty horrible throughput when traversing the router to the WAN.
I am receiving about 2 MBPS down but around 5 up.Currently there is a ACL on the WAN interface, and as well we are running NAT NVI. It is possible that this might have something to do with it, but I am not sure.
Most of the CPU is going to IP input however I cannot seem to determine the cause. One thing I am thinking is the overload for NVI is using a route-map. Could that cause it to process switch instead of fast/CEF switch?
View 4 Replies
View Related
Mar 25, 2011
i have 6 sites using tandberg visioconference system, each site have a cisco router 1841 configured with ipsec vpn, i have a 4 conference a week and my bandwidth is 2 meg, and when people are working we have a lot of problems and cut in our visio conference.
I have a big problem, i want to make a high level QOS priority to my TANDBERG visio conference system between my sites, the issues is that there is an IPSEC VPN in my cisco routers between those sites and as i know if the traffic is crypted we can not separate the packets or give higher priority to packets over anothers.
can i mark traffic in the lan interface and and make a high priority befors the packets go through the ipsec tunnel?
View 1 Replies
View Related
Jul 16, 2012
We have cisco 1841 router with two ISP . But we facing the problem whenever our secondary ISP Link goes down the Primary has also went down.We have only one default route for primary Link
View 1 Replies
View Related
Mar 6, 2011
OK ran into a little problem with getting this to work. Only group members participate in the encryption process, correct?
I have numerous remotes all coming into one central location. I set up a KS and have currently only 2 of the remote routers set up as GM's, with the intention of the others coming into play as I move forward. Here is basically what I have in my KS and GM's:
KS
crypto isakmp policy 10 encr aes authentication pre-share group 2crypto isakmp key testkey address [code].........
GM's
crypto isakmp policy 10 encr aes authentication pre-share group 2 lifetime [code]....
So I applied the crypto map to the serial interfaces on my routers on either side of the cloud (central-ASR1002 and remote-ISR1841). When I did this, ALL the remotes went down and I'm not sure why. Even the ones that didn't have anything to do with gdoi. Ya, it wasn't good. I thought that only the group members would be affected.
Is it the fact that my acl is encrypting any to any? Surely I don't have to reverse that and have two statements with the same syntax. I'm basically just trying to encrypt all traffic from specific remotes back to the central side. However, I'm trying to do it without taking down the rest of my network .
View 1 Replies
View Related
Sep 14, 2011
I have recently started a new job where the IOS on the 1841 routers is version 12.4. These are from 2006 mainly, probably when the routers were bought.should I upgrade to 15.0? Mainly just to plug security holes that cisco have found?
View 8 Replies
View Related
Jan 24, 2011
I'm setting up an 1841 as a basic router for now and I cant get it to work.
[code]....
View 9 Replies
View Related
Jul 30, 2011
EEM script. I have tried below script on 1841 with 12.4(24)T5 but not working
snmp-server enable traps ipsla
snmp-server enable traps event-manager
ip sla 10
[Code].....
I want to try ping remote ip every 5 mins , if ping fails wait for 3 mins then trigger reload , and router come up again if ping fails reload again.
View 4 Replies
View Related
Jan 31, 2013
Here is the setup :
site 2 site ipsec
pix 515 as the server (static ip)
Cisco 1841 (dhcp client)
ezvpn client works fine for normal users that want to just authenticate with the Cisco vpn client. i have a site 2 site setup from the pix to my house, the connection is "up" on both ends, i see phase2 initiate under the pix logs . try to ping nothing happens, even drop down the byte size and the DF bit (aka ping xxx.xxx.xxx.xxx -l 100 -f ) ping to the next routed interface hop and i get "no translation group found for icmp src outside: xxx.xxx.xxx.xxx <--- my internal network dst inside xxx.xxx.xxx.xxx <---- pix internal network .
Am i missing a NAT rule on the pix or the 1841?
View 3 Replies
View Related
Jan 25, 2013
i've been trying to setup an SSL VPN on my 1841 lab router but with no luck. i tried both clientless (anyconnect 2.5) and using a vpn client (anyconnect 3.0).
i'm using a win 7 PC with IP 172.16.1.50 directly connected to 1841 FE0/1 port. tried disabling PC FW, used both IE and FF and delete cookes but to no avail. below are my config and some show and debug output.
SSL_VPN_GW#show webvpn gateway
Gateway Name Admin Operation
------------ ----- ---------
SSL_VPN_GW up up
SSL_VPN_GW#show webvpn context(code)
View 1 Replies
View Related
Dec 13, 2011
Here is my current situation, I have 3 Internet connections as below, at the moment they are terminate into the ASA.
ADSL Modem 1 (routed mode) ADSL Modem 2 (routed mode) Mid band Ethernet Tail (10m/10m)
ASA 5510 LAN Switch
I want to change it to the following, in order to use PBR on the router. ADSL Modem 1 (/29 Ip block) ADSL Modem 2 (/29 ip block) Mid band Ethernet Tail (10m/10m) (/28 block)
Router ASA 5510 LAN Switch
I need your opinion on the following points
1. What is the best suited router considering i have 2 adsl connections and i will need 3 WAN + 1 LAN ports in total.
2. Where should I run the NAT ? on ASA or the router. (I do have around 20 L2L IPSEC VPN tunnel on the ASA). In the new setup I would like to use ADSL 1 for the internet browsing and use ADSL 2 and Ethernet Tail for incoming service (+some outgoing to specific destinations or based on specific services)
3. I have an old 1841 with 2 Ethernet ports, am i better off buying 2 x ADSL2+ cards and use them with expansion slots?
4. Both adsl connections are PPPOA based, Can I put both adsl modems into bridge mode and create pppoa connections on 1841? (I will still have to buy a HWIC 2 ports Ethernet card).
5. Should i go for any of the above options or am i better of buying a new router?
View 4 Replies
View Related
Jul 15, 2012
I have a cisco 1841 router which isn't able to boot properly from its IOS. it always prompt me on ROMMN.
Here it is:
System Bootstrap, Version 12.4(13r)T8, RELEASE SOFTWARE (fc1)
Technical Support: [URL]
Copyright (c) 2008 by cisco Systems, Inc.
PLD version 0x10
[Code]....
View 3 Replies
View Related
Jul 5, 2012
I have an 1841 running Advanced Security IOS (12.4(25) I think, have to check when I get home) that I'm using to learn about CBAC and IOS' firewall functionality. Its external interface is connected to my Windstream DSL modem in bridge mode, and the router is doing the PPPoE authentication. It's also doing NAT for my internal network, and is acting as a firewall using CBAC inspect statements and ACLs.
Everything is working at at least a baseline level: the DSL authenticates and connects, and machines on the inside can browse the web. The problem is that browsing to some sites is slow or times out. Not all sites, just some. Latency seems to be okay when doing pings. The problem seems to happen with https connections, but again, not all of them. Gmail works fine (I have it set to always use https), while my bank and credit card sites either time out or take minutes to load.
I have an "inspect https" line in my config, and have allowed https through my outbound ACL.
I'm looking for next steps for troubleshooting this. I've check CPU utilization and it's very low; not sure what else it could be. I only have a few inspect statements, for the common stuff: tcp, udp, icmp, pop3, imap, dns, tftp, ftp, and ntp.
View 4 Replies
View Related
