Cisco WAN :: 2800 / Route Out Redundant Internet Connection?

Dec 26, 2012

We have a six node MPLS network, all nodes route to our main office for a variety of services (email, core, fire shares, Internet, etc). Therefore, the link to our main office is crucial. In the event that the MPLS link to/from our main office becomes unavailable, we would like to establish a secondary route into our main office via virtual private network. Our main office and two branch offices have redundant broadband internet connectionsWe currently have Cisco 1921 routers as our branch routers and a Cisco 2800 as our “core” router at the main office. We also have two SonicWall TZ-200 series firewalls at the two branch locations and a SonicWall NSA-2400 at our main office. The VPN connection seems to work okay.How would I configure my branch routers to advertise and route traffic out the VPN connection in the event that the MPLS leg to/from our main office is down?

View 3 Replies


ADVERTISEMENT

Cisco Switching/Routing :: 2800 Route Filtering

Apr 3, 2012

I have a router with two interfaces what i need to filter the HTTP traffic from one interface and the rest of the traffic through the other on my cisco router 2800.

View 3 Replies View Related

Cisco Firewall :: 2800 Routers / ASA 5510 Cannot Ping Via Route Inside?

Mar 3, 2013

I recently added a business cable modem to relieve some of the congestion I was getting on my T1 for our MPLS network.  There was an ASA 5510 collecting dust in a closet here and I thought it would be the perfect device for firewalling the traffic coming in from the Cable modem, and handling the routing of our internal MPLS traffic as well.  Internet setup was cake.  The test laptop I have using the ASA as it's gateway has great internet service but it cannot ping across either of our MPLS networks.  I have one MPLS with AT&T and one MPLS with EarthLink.  My hope was to use the cable modem as the Default route for all unspecified internet traffic and route our internal MPLS traffic to the cisco 2800 routers that are currently in place for the MPLS.  I can ping across the MPLS when I telnet to the ASA, but I cannot ping across the MPLS from the client that is connected to the ASA.
 
Here's the topology I'm working with
 
Internet
|
Cable Modem
|
ASA 5510 10.52.120.23

[Code].....

View 8 Replies View Related

How To Route Internet Connection

Apr 16, 2012

My office connection have low ping to a game server that i play and i'm thinking on how to route my home internet connection to it.Home ~230msOffice ~120msThe ping from my home to the office firewall and router is pretty low since it's in the same area but going out to international connection made it jump really high when i'm at home.[CODE]

View 1 Replies View Related

VPNs - Route Internet Through Local Connection?

Jul 12, 2012

I have to connect through VPN for work so that I can RDP into my remote development machine, but their internet speed is painfully slow. Is there any way I can route my general internet browsing traffic through my local connection, while still maintaining the VPN connection to my remote box?

View 1 Replies View Related

3305 / Internet Connection Drops From 22 / 10 To 7 / 4 Through Route?

Dec 16, 2010

Sothe Internet connection that we have in the office is 22 Mbps down and 10 Mbps up. So, when I connect my computer directly to the cable modem, I get exactly that! But, when I connect the router and connect to the router, the connection drops to 7 down and 4 up. Why?

We have an Adtran NetVanta ...Replace the router? Or, get a different LAN module for the back of the NetVanta?

View 7 Replies View Related

Cisco WAN :: 2811 - Redundant ISPs Connection On Router

Aug 8, 2012

I have two ISP need to connect them on my router.
 
The Router that I have is 2811 where it contains two Fa ports only, so I put an access switch between the two ISPs and the Fa0/0 then configured the Interface Fa0/0 with two IPs ISP1 and ISP2 as a secondary.
 
The problem that I faced that when ISP1 become down the another secondary IP (ISP2) stay down and the internal users have no access to the internet.

View 1 Replies View Related

Cisco Application :: How To Make A Redundant Connection To A CSS11501

Feb 20, 2012

I require to connect a "css11501" two core switches to provide redundancy to the load balancing service and would like to verify this possible (Does the spanning-tree protocol officer for load balancing?)

View 2 Replies View Related

Cisco WAN :: 2800 - Allowing Vpn Connection Out To Extranet

Aug 25, 2011

We have a cisco 2800 router and are now required to allow users to be able to connect to another company's extranet. Having tried this it wont allow this connection so I have added this to the access-list 101

access-list 101 remark SDM_ACL Category=0
access-list 101 permit ip any host 192.168.0.246
access-list 101 permit ip any host 192.168.0.247

[Code].....
 
I dont think the gre is being allowed back in. I have attached a cut down copy of the config. I have just general experience of cisco routers and not cisco qualified.

View 2 Replies View Related

Cisco VPN :: 2800 Remote Site For Customer Which Only Have 3G Connection

Feb 11, 2012

We have a new remote site for customer which only have 3G connection and to add more pain to that they have dynamic IP address.the easist possible solution was EZY VPN.....client has 2800 router with 3G and at our end we have ASA.....the issue is that , that always server (clients nehind) asa initiate connection to the remote site ie to 3G.....the rule of thumb is that whenever client(ie EZY VPN) will initiate conection the tunnel will establish.

View 1 Replies View Related

Cisco WAN :: 877 / 2800 - Use Static ADSL As Backup Connection

May 3, 2011

We have a few WAN connecting sites to ISP using BGP. we are looking at getting backup link for 1 site.

We have decide to use an IP WAN ADS L link. we will have 877 and 2800 for each link. from understanding, we have a static routing on IPWAN service. means when both BGP WAN and IP WAN connected to the ISP. ISP will use ADSL as primary ignore the BGP link. so other sites will see a BGP route coming from ISP via the ADSL link for this location.
 
So we have find a manuel solution, leave ADSL unplugged of power but setup same LAN ip address and connect the cable towards the core switch. when WAN link fail, switch on ADSL. So the static route will advertise to the rest of sites. 
 
just want to know is there any auto solution can disable the ADSL link/ ppp link when the 2800/WAN route is up. and enable the ADSL port when the WAN is down. not sure if HSRP/backup interface/tracking will work? and how?
 
site office switch - > 2800  - >  ISP  - > ADSL ->  ISP 
(need this link to be backup and protocol down, so the ISP will not able to connect to this link and advertise as next hop)

View 5 Replies View Related

Cisco WAN :: 2800 Load Balance Internet Multiple ISPs

Jan 9, 2010

what you're doing to load balanace internet traffic?  I'm interested in load balancing internet traffic (outbound -AND- INBOUND) using multiple (at least 2) ISPs.  Some of the methods I have used in the past have certain weaknesses.. basic DNS load balancer (relies on multiple IP addresses per host), OER/PFR (ability to control INbound is limited unless complex configuration and coopearation with ISPs)...  This is kind of a broad open ended question.. It seems like something that would be a common issue and am wondering what other are doing with the capabilities 2800, 2900, 3800, 3900 series routers..

View 6 Replies View Related

Cisco VPN :: ASA 5505 VPN Connection Unable To Add Route

Feb 12, 2012

I'm trying to get IPSec VPN working onto a new Cisco ASA5505. Pretty standard configuration.Setup:

* Cisco VPN client on Windows 7 (v5.0.07.0290 x64 on Laptop1 and v5.0.07.0440 x64 on Laptop2)
* PPPoE/NAT and internal DHCP on the ASA were configured with the Startup Wizard in ASDM
 
NATting is working fine - internal PCs get an IP address in the 192.168.2.0/24 range and can all access the Internet.I wanted to be able to connect from anywhere to the ASA in order to reach one of the internal servers. Should be pretty basic.First I tried with the built-in ASDM IPSec Wizard, instructions found here.VPN clients can connect to the ASA, are connected (until they're manually disconnected), but cannot reach the internal network nor the Internet. Note VPN client can connect fine to a different VPN site (not administered by myself). [code]

Unfortunately I'm getting the same "AddRoute failed to add a route with metric of 0: code 160" error message.I'm very confused as this should be a pretty standard setup. I tried to follow the instructions on the Cisco site to the letter...The only "differences" in my setup are an internal network of 192.168.2.0 (with ASA IP address 192.168.2.254) and PPPoE with DHCP instead of no PPPoE at all.

View 5 Replies View Related

Cisco Firewall :: 5510 Trace-route / Antispoofing On Not Default Route

Jun 24, 2011

I've enabled antispoof on all interfaces on asa 5510.If you start a traceroute to a network on the default route, everything works, since replies comes to an interface with route 0.0.0.0/0 defined.If you start a tracer route to a network that is NOT on the default route (let's assume coporate MPLS), you only get response from first carrier router, the other are discarded because of anti spoof violation.
 
I have ICMP inspection and icmp-error inspection enabled.

View 1 Replies View Related

Cisco Switching/Routing :: Using ASA-5510 To Route VLAN WLAN Connection

May 28, 2012

I am a complete newbie to Cisco equipment. So far I've been able to figure out how to do most of what I needed by using the ASDM but I have run into something that is a little more complicated that just opening a port. We currently have a connection to our remote site. This site has a T1 internet connection. Our connection is a site to site VPN with an ASA-5510 on this end and a ASA-5505 on the other.
 
We are upgrading this connection to a 75mbit hybrid microwave/fiber link. The provider is going to hand it off to us as an untagged VLAN. We made the decision to route all of the remote site's internet access through this location as to avoid having to split off part of the bandwidth of this link to dedicate to internet access.........

View 23 Replies View Related

Cisco :: Route Two Network In Two Different Location Over The Internet?

Oct 7, 2012

i would like to know that how can I route two network in two different location over the internet?

View 15 Replies View Related

Cisco WAN :: 857 - How To Route Traffic Over Remote Location Internet

Nov 18, 2011

I have a customer which has a main location office and a remote one. Recently we interconnect their facilities using a local ISP service called Virtual Connectivity, which basically is a private network which can be accessed over aDSL or any other data circuit. They are using Cisco 888 routers to interconnect both sites.At the main site the customer also has an Internet circuit (with a Cisco 857 router)and he wants to remove the Internet circtuit from the remote site and provide them access over their main location Internet circuit.At the primary offices, we installed Cisco 2811 router as a gateway to route the Internet and remote network traffic over the required data circuit. Everything is working fine, but we can not access Internet from the remote location over the circuit installed a the main site. I understand this is a routing issue, since the traffic hits the main office network it does not knows how to reach the Internet. I am assuming this routing must be set into the main office Cisco 888 router (installed by the ISP to interconnect to their private cloud) in order to properly route it over the Internet circuit.Since I already have access over the Internet router and the gateway router at the main site, but not into the ISP router, is there any other way I can make this configurtion over the routers I already have access?

View 3 Replies View Related

Cisco VPN ::1841 To Route From Internet Router To Internal LAN Through ASA

Jan 16, 2012

I used the GRE tunnel site to site VPN with 2 cisco 1841 routers. Behind one of the router R1, I used cisco ASA 5510, now my vpn is connect between two routers, but from R2 other site cannot access to LAN behind the firewall. From R1, also cannot route to local network, from local network can access to R1, I think cause of NAT . So how to configure to route internal network from R1 & R2 with VPN.

View 5 Replies View Related

Cisco WAN :: 1941 / K9 / How To Route Internet Traffic Through MPLS

Nov 22, 2011

I am working for a company based in Sydney Australia, the company recently open an office in London UK, therefore we are going to get leased lined based on MPLS.We were advised that Customer Edge router will be CISCO1941/K9. We want to our UK client to access our web-based applications via MPLS network instead of internet. The UK office is using BT Business ADSL with 5 Static IP address (please note the modem IP address is actually dynamic), we are going to get a Cisco 857/K9 router which will be used for the entry for the UK client to access the MPLS network. My question will be how do I configure the Cisco 857 router to allow one of the public ip to access the MPLS network. It appears that there are two options, and I am not sure if this is going to work or which one is working better. I have attached two diagrams for clarification of my case.
 
Option 1 Cisco WAN interface get Dynamic IP (PPPoA) from BT LAN Interface (4 Port) get the assigned 5 Static IP addresses One of the five IPs (217.xx.xx.169) will be assigned to the FE1 (Cisco 1941), any traffic to 217.xx.xx.169 will be routed to the WAN interface of Cisco 1941 to access Sydney service (located in Sydney LAN, mostly http and https traffic) One of the five IPs to 217.xx.xx.170 will be assigned to the WAN interface of Sonicwall Firewall Router which also serve as Internet Access Gateway for LAN users, All trafiic destined for Sydney LAN will be using FE0 (Cisco 1941) as gateway
 
Option 2Cisco WAN interface get Dynamic IP (PPPoA) from BT LAN Interface (4 Port) will get 192.168.0.1, Cisco 857 router will be the default gateway for LAN users, using one to many NAT, also one to one NAT, One of the five IPs (217.xx.xx.169) will be forwarded to the FE0 (Cisco 1941), any traffic to 217.xx.xx.169 will be routed to the WAN interface of Cisco 1941 to access Sydney service (located in Sydney LAN, mostly http and https traffic)

View 4 Replies View Related

Cisco VPN :: ASA5505 Firewall - Route Internet Via External?

Feb 6, 2013

I would hereby like to inform if it is possible to configure the Cisco ASA5505 firewall to route internet via an external VPN, while a laptop and smartphone connect to the firewall via Cisco AnyConnect VPN.
 
The configuration would result into: Laptop on public internet -> Cisco ASA5505 VPN -> External VPN (Unix server) -> internet.

View 4 Replies View Related

Cisco WAN :: ASA 5505 Inside Network Route To Internet

Nov 8, 2011

i have asa 5505 , so i wanna my inside network to access to the internet. my internet gateway is 155.155.155.1
  
: Saved
:
ASA Version 8.2(1)
!
interface Vlan1

[Code]....

View 3 Replies View Related

Cisco Wireless :: Can't Route To Internal Network Or Internet Through WAP4410n

Jul 31, 2011

I purchased a WAP4410n for our small office to provide wireless access to our internal network to laptop users. I have configured the device as simplistically as is possible, but although I can get my laptop to connect to the AP (verified by managing the device wirelessly as well as by pinging the IP address) I can not get to any other IP address on my internal network nor the internet.I gave the device a static IP address - 192.168.1.50 subnet 255.255.255.0 with a default gateway of 192.168.1.254 which is my 2811 router. I set up a WPA-secured SSID.
 
A second problem I have is that if I set up my laptop wireless card to get its' IP settings form a DHCP server, it picks up a 169.xx.xx.xx ip address - it is as if the AP is not passing my DHCP broadcast / response through.

View 6 Replies View Related

Cisco Firewall :: Testing 5515x At Home - No Internet Route

Apr 15, 2013

im new to cisco asa and the model is 5515x with license plus.  below is my config at home,
 
ciscoasa#
ciscoasa# sh run
: Saved

[Code]......

View 1 Replies View Related

Can Route Internet From Usb Telstra 4g Wireless Broadband Stick?

Feb 11, 2013

i have a telstra 4g wireless broadband stick. I was wondering ifi bought a TP-Link TL-WR841ND 300M Wireless N Router 2 Detachable Antennas would i be able to plug the stick into my computer and plug my computer into the router and make the router emit the broadband usb sticks interet?

View 2 Replies View Related

Cisco Infrastructure :: Route Internet Traffic To Different Gateway Using 3560G Switch

May 24, 2011

My issue: I have installed a firewall within my network.  Currently all my clients default gateway defaults to GW:192.168.1.1. I would like all my internet traffic to route to the firewall ip 192.168.1.30.  My Primary switch ip is 192.168.1.10, which is a 3560G running 12.2(25)SEE2 IPBASE-M.
 
My main problem is, I do not have access to the gateway, so I am trying to route internet traffic from within my switch to the firewall.  I have already tried Route-Map, but seems this version of the OS does not support. I have already tried Policy-Map, but same as above. I have also tried IP ROUT command, but it did not work either.
 
And remember, I would like to perform the routing from the switch, because I do not have access to the default gateway which is a router to perform forward internet traffic to the firewall.

View 4 Replies View Related

Cisco Routers :: Configure SR520 To Route Internet VLAN To Firewall

Jan 20, 2012

My operations manager says "Could you go on-site and configure a new clients new internet connection?" I make the arrangements and go on-site. As I'm working with the providers tech he says "Do you have a sub-interface confgured for a dot1q VLAN id of 1057?", I say "What?". Anyway my firewall is not capable of dot1q VLAN, so he says "Do you have a Cisco router that can provide the trunking?", I say "Yes, I tink so but not with me". The question is can I use an SR520 between my firewall and the provider demarc to route the VLAN he is talking about? My initial discovery says yes but I am not quite sure of the details on how to achieve this on the SR520.

View 2 Replies View Related

Cisco Switching/Routing :: 5510 How To Configure A Backup Route To Internet

Jul 24, 2012

how to configure a backup route to the internet.  My client has 2 ISP and basically they want to use 1 ISP and in case the ISP fails, use the other one as backup route to the internet.
 
The problem I’m facing is that each ISP is plugged to a dedicated ASA 5510, so 1 ISP in one firewall and 1 in the other.  Both ASA are plugged to an internal network in a dedicated VLAN with a L3 switch and that L3 switch manages the internal network.
 
My question is, how can I tell my switch to use ASA1 to go out to the internet and in case the ASA 1 OR THE LINK TO INTERNET used by ASA 1 fails, use ASA 2?  It would be great if I can send traffic to the internet thru both connections at the same time.  Also, I know the ASA has High Availability configuration, but that applies only if both licenses in the devices are the same and I have a mismatch with the SVPN license, and also I don't know if with my current topology I can use the High Availability model, so I think I can’t use that option and the solution must be applied in the L3 switch, but I don’t know how to tell it to use ASA1 and if failure of the device or the outside interface plugged to ISP 1, then use ASA2.  Besides, I would like to know how to optimize this config to do the switch between internet connections seamless to the users if possible (there are VoIP calls on this floor, so I don't want to drop the calls). 

View 5 Replies View Related

Cisco Switching/Routing :: 2911 Couldn't Access Internet With Route Specified

Dec 19, 2011

I couldn't access internet with route specified i know the problem with the route or nat.i have 2911 router [code]

i could ping from lan Ip's to ISP1 and ISP2 gateway IPS. but when i ping to any site llike example gmail.com packet s not moving out to the ISP1 or ISP2 interfaces. [code]

View 10 Replies View Related

TP-Link 150Mbps Wireless :: WR741ND Does Not Route Between Local LAN And The Internet

Dec 1, 2012

Region : Argentina
Model : TL-WR741ND
Hardware Version : V4
Firmware Version : 3.13.12
ISP : Triple C

I'm trying to set up my new WR741ND router to replace the old WR541G with excctly the same cabling,ISP account etc.
All seem to be working i.e. I get the PPPoE connection against the ISP and cat ping by name to Internet addresses from THE ROUTER.Also I get DHCP handing out addresses both to my desktop connection by Ethernet cable and to my laptop via Wifi.And the computers may ping the router and also connect its admin GUI.However,the computers stop at the router and can't go further.All they can go is to the router as if it doesn't route between LAN and WAN.With the 541 router everything works and as I said it has the same setup (very basic,no static routes or anything too smart).

View 4 Replies View Related

Cisco WAN :: 6509 Filtering Out Default Route From Full Internet Routing Table

Sep 12, 2011

I have a question about filtering incoming bgp route updates from an internet provider. This provider sends the full internet routing table and default route and on an incoming prefix-filter on the customer switch (C6509-sup720) the default route is only accepted.What happens on the 6509 switch when the BGP peer flaps?Does it need to process all the internet routing updates, and if yes probably it cannot handle all these updates?What happens with the CEF table, will the switch install the routes first?

View 4 Replies View Related

Linksys Wireless Router :: WRTP54G Route Table - Broken Internet Access

May 2, 2011

I know that WRTP54G is a voip device, but it is router as well and my problem is related to routing part.I cannot access public internet servers with IP in subnet 2.0.0.0 / 8 and 1.0.0.0 / 8. In the 2.0.0.0 / 8 subnet are some akamai cdn servers (yes, the fbcdn .After some time I've found, that routing table in wrtp54g contains also entries:
 
1.0.0.0                 0.0.0.0                 255.0.0.0                 LAN&Wireless2.0.0.0                 0.0.0.0                 255.0.0.0                 LAN&Wireless

which cannot be deleted. It looks like someone wanted to filter dark space when the router was developed.Is there any way, to get rid of it? I've restored to factory defaults, no change. Firmware version is 3.1.27.ETSI

View 9 Replies View Related

Cisco Switching/Routing :: 3560 - HSRP Setup / S2 Active And Route Traffic From Internet To Client?

Jan 14, 2012

i have a strange issue with an HSRP Setup. I  have two (S1+S2) 3560 as Core/Distribution Layer. Inter-vlan routing are  enabled on both Switches. S1 and S2 are connected with an ether channel  over four fibre ports. S3 -S5 are the (L2) access layer.
 
Gi0/1 on S1 and S2 are L3 ports, connect to a Linux Firewall.

HSRP is enabled, S1 is the active router and the STP root bridge.
 
But, my monitoring via cacti show me, that the Gi0/1 on S2 is active, too! But it should not be active? Only if S1 fails, should S2 the active switch.A client from the access ports on S3 - 5 gets traffic from the Internet via Gi0/1 from S2. Gi0/1 on S1 is active too, but will send mostly traffic to the Internet. Why is S2 active and why route it traffic from the Internet to the client?

View 15 Replies View Related

Cisco Firewall :: Redundant Interfaces In ASA 8.0?

Aug 3, 2009

In ASA 8.0,I have following queries related to redundant interfaces
 
a)While configuring redundant interface can the redundant interface again be divided into logical interface like red1.1 , red1.2 ?

b)Is Redundant interface supported in the Multiple context mode

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved