Cisco WAN :: 2811 - Eigrp Timers For DMVPN Over MPLS Cloud
Feb 8, 2011
We have about 200 spokes (2811 routers), each one connected to two hubs(7206VXR with NPE-G2) via a separate DMVPN. DMVPN is over MPLS cloud provided by the local operator. On the hubs we get very frequently these type of messages
.Feb 9 16:00:10.402: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.X.X.X (Tunnel3) is down: Interface Goodbye received.Feb 9 16:00:11.658: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.X.X.X (Tunnel3) is up: new adjacency
On the spoke
Feb 9 13:36:48: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.X.X.X (Tunnel0) is down: holding time expiredFeb 9 13:36:51: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.X.X.X (Tunnel0) is up: new adjacency
I think the default eigrp hello and holding timers (5,15) are not suitable since these are wan links.
View 1 Replies
ADVERTISEMENT
Sep 7, 2011
What are my best options to secure branch office connection to HQ over Provider MPLS cloud. Our existing Setup
<<HeadQuarter>> :: DataCenter hosting Email, ERP, Intranet, Voice Services 10mb link to Service Provider over MPLS CloudMPLS is terminated on a 3825 Router running advance Services
<<BrancOffice>>::Total 10 In Country Branch Offices2mb Link to Service Provider over MPLS CloudTotal users in each branch : 20 MPLS is terminated on a 2811 Router running advance Services
View 1 Replies
View Related
Sep 11, 2012
I need to confirm internet access from remote network through MPLS cloud to another site. Let me explain. We have a MPLS network with Wind stream as listed in the visio drawing; site 1 has internet access through the Time-Warner cloud for all users. Site2 has internet access through the Wind stream MPLS router. Site three has no internet access, and only has LAN access layer2 through Windstream routers to Site1 for networks 192.168.0.0/24, 10.1.1.x/24. My question is can we give everyone at Site 3 internet access through the MPLS network down into Site 1 using the Time-Warner ISP cloud.
I placed routes on the Site 3 3750 stack IP route 192.168.50.x 255.255.255.0 to the interface of the MPLS router at site3, then at site 1 we have IP route 192.168.50.x 255.255.255.0 to the MPLS interface, and able to ping all anything on the 192.168.50.0 network. I added the IP route 0.0.0.0 0.0.0.0 192.168.50.x the MPLS router interface, we do not have internet access at Site 3 using Site 1 network.
I confirmed at Site 1 from the Cisco 3750 switch we can ping 4.2.2.2 = Google. How to confirm this will work and what’s required to complete this connection to give everyone at site 3 internet access through Site 1 Time-Warner.
View 5 Replies
View Related
Jan 10, 2011
Imagine you have 5 sites, one router each site (2851 as CE) connected to MPLS network. All sites have max 3xT1.Requirement:In case CE router or circuit to MPLS fails in any of those sites, I need to provide backup circuit to reach MPLS network.
Proposal:Bring one Internet circuit to each of those sites and create DMVPN to every site.
Question:Let's say Site1-MPLS circuit goes donwn.
Then all traffic from Site1-MPLS should flow thru the IPSec tunnel to all other MPLS sites. Am I right that the traffic coming from Site1-MPLS will ingress via the 2851 CE routers, correct? Is this the typical design? How to accomplish this, I'd like to setup a lab to simulate it.
View 2 Replies
View Related
May 3, 2013
One of the customers has deployed Cisco 7609S in their infrastructure for Branch/RO connectivity. When we tried to configure per-tunnel QoS with DMVPN for MPLS connected sites, we came to know that Cat 6500 and Cisco 7600 series routers don't support this feature.
Now, we are looking for suitable replacement of Cisco 7609S. I found a document for configuring above feature on Cisco ASR 1000 series routers, but it has many restrictions always.
We are now looking for
(a) suitable platform in the league of Cisco 7609S which support above feature.
(b) suitable technology replacement of DMVPN with minimum restrictions.
View 1 Replies
View Related
Nov 6, 2012
We have several DMVPN-connected sites that are connected to our 2821 ISR pair.They're all configured as eigrp stub connected summary. Yesterday, a few of the sites went inaccessible, but the VPN tunnels were still up and running. Upon further investigation, we noticed that the remote sites stopped receiving routing updates from our 2821's. As a quick fix, we added static routes to bring the sites back up.Later that night, we removed the static routes and cleared the eigrp neighbors, hoping it would fix the problem. When it didn't, we cleared them two more times.Suddenly, the router lost all downstream adjacencies. While we were adding statics to at least bring the sites back up, all of the adjacencies came back.
View 2 Replies
View Related
Nov 15, 2011
I configured a 2811 series router for dmvpn. My two tunnels are up but one of the tunnel is flapping with this message.
View 4 Replies
View Related
Nov 20, 2010
I´m trying to config a wccp web-proxy in a ISR 2811 at branch network. I have an Iron Port at Head-Quarter.
The idea is that the users at branch network, transparently forward http traffic to Iron Port at Central-Office and from them go to Internet.
The communication between sites is over DMVPN. I have two GRE tunnels running OSPF.
The Iron Port is configured as wccp v2 transparent redirection with forwarding method L2 or GRE an retunr method as L2 or GRE.
I receive packets on the branch router "Here I Am" but it get a message on debug:
Nov 21 19:26:07.067 GMT-2: WCCP-EVNT:D10: Here_I_Am packet from 172.16.10.10 w/bad fwd method L2, received indirectly via Tunnel1Nov 21 19:26:07.067 GMT-2: WCCP-EVNT:D10: Here_I_Am packet from 172.16.10.10 with incompatible capabilites
Nov 21 19:46:07.035 GMT-2: WCCP-PKT:D10: Sending I_See_You packet to 172.16.10.10 w/ rcv_id 0000004F
View 1 Replies
View Related
Aug 30, 2011
setting up IPsec for a DMVPN between a 2811 and 2951s in a test lab. I have enabled IPsec on the hub (2811) but I am unable to do so on either of the 2951s. After researching, it seems that I may have the incorrect IOS for this, but I am at a loss which IOS I should be using. Currently the 2951s are on "c2951-universalk9-mz.SPA.151-2.T2.bin" and the only crypto options are(config)#crypto ?
ca Certification authority
key Long term key operations
pki Public Key components
while on the 2811 I get:
WIN-T(config)#crypto ?
ca Certification authority
call Configure Crypto Call Admission Control
ctcp Configure cTCP encapsulation
dynamic-map Specify a dynamic crypto map template
engine Enter a crypto engine configurable menu
gdoi Configure GDOI policy
[code]...
These are all hand me downs?
View 2 Replies
View Related
May 15, 2013
We are facing network heavy and slow performance at one of our remote site, we are using Cisco2800 series router with same IOS on either of the sites.Our WAN network is running on BGP with EIGRP configured and tunnels were configured on either of the sites. As part of the testing I have removed the tunnel to see the performance was ok from Head office to remote branch and the WAN network is getting heavy and slow down when we put the tunnel back in hub and spoke.
quick info
Cisco 2800 Series router
IOS: (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE
View 1 Replies
View Related
Mar 2, 2012
i have 2 routers 2811 interconnected together ,1 of these router running in circuit with 2 Mbps over Internet the 2nd one use MPLS Circuit with a bandwidth of 4Mbps,how configure the routing to route over the MPLS while IPSec act as standby
View 1 Replies
View Related
Jan 5, 2012
To check if this is enough to built point-point MPLS between 2811 abd 3745Maybe some other technology should to be used for point-to-point connection?Basically, there should be transparent connection between routers.Also, it's possible to use ISP routers as MPLS endpoints for MPLS, so seems just etherenet connection required
View 7 Replies
View Related
Apr 30, 2012
I've studied and labeled out MPLS and MPLS VPNs several times. The situation I'm presented with is a little different from most of the case studies I've seen in my MPLS books. I've attached a diagram.
We have a IPsec site to site tunnel from our main HQ router to a Cisco ASA 5510 in the core network in the colo. This allows our HQ office to reach the private sub nets in our core without using a Cisco VPN client. The problem we are running into is that this seems to be putting undue strain on the Cisco 2811. I feel like the 2811 should be able to handle it but doing any kind of upload or download through the tunnel spikes the CPU/Interrupts and makes the router CLI basically stop responding until the traffic transfer is stopped or completed. During this time, certain Cisco SCCP phones on our Broad works platform cycle while the SIP phones on the same platform are OK. We are trying to alleviate the load on the 2811 by setting up a VRF from the HQ network to the private VRF used in the Core for private sub net communication. The problem I'm having is the the HQ also has some public traffic that I do not want to include in the VRFs and would like to have it travel through the P2P circuit we have and access the internet or other public devices through the core public IP Internet routing table.
The flow would be this:
-going to a public address use the public internet routing table
-going to private address in the 10.x.x.x or 172.x.x.x - use VRF to core Private network.
This is a little different of a set up from most of the VRF VPN examples I've seen. Most of those the CE devices is completely private. This is not the case at our HQ.
View 6 Replies
View Related
Jul 11, 2012
I have P router (7206VXR) and I need to export netflow from its MPLS interfaces to the netflow software.
View 2 Replies
View Related
Jan 18, 2012
We have two L3 3750 switches running HSRP and routing for various Vlans on our corporate network. Rapid PVST is running across our entire WAN. We are introducing a third party solution for remote communications over MPLS. When interconnecting this equipment to our core network, we have experienced less than desirable failover times of 32 seconds and recovery times of 60 seconds. The vendors engineers are telling is that the interoperability between IEEE spanning tree and Rapid PVST is the culprit.
They are suggesting two scenarios - either converting our corporate network to MST (which I prefer not to do but provides us the fastest fail/recovery times) or adjust the timers on our Rapid PVST forwarding timer to 4 seconds. What would the implications be to change these timers on our network, and if I choose to do this, do I only do it at the core (on the two devices that would become root bridge)? I have been doing some reading that says to not mess with the timers, but nowhere do I see reasons why.
View 2 Replies
View Related
Mar 26, 2012
I have a Cisco 2960S stack and I'd like to tune the timers so that packet loss is minimal if a switch fails.
View 9 Replies
View Related
Mar 14, 2011
my website by hiding behind cloud computing. the address is they have is: 173-203-243--138.static.cloud-ips.com They constantly add web abuse postings on my website.
View 4 Replies
View Related
Dec 20, 2012
I am running a zyxel nsa-325 series Network Storage device with 6 TBs of HD space. This NAS has a Linux kernel and 512mg of DDRIII ram. It is also running a Polkast personal cloud application that enables access to all the files through a simple UI rather than having to use FTP server login credentials (which I have also set-up).My home office is set up with Frontier as the ISP and they provide a locked down router/modem that you are not "supposed" to replace. It is made by speedstream and does not allow editing of the dns server or anything else that would be considered needed.I have set it up as the primary router with an ip range of 192.168.0.1 with a subnet of 250.250.250.0..I have several devices (printers, PC's etc plugged into this device via lan.Wireless broadcast and access is disabled...
My primary router is a Sapido 5000 series Gigabit router.I have this router broadcasting a wirelessB/G/N siganl for mobile devices to connect to. The NAS that I opened the thread with is plugged into this router via lan (Cat7).The Ip range of this router is set at 192.168.1.1 with a subnet of 250.250.250.0.All devices on the sapido router have access to the internet, as well as the services of the first router (networked printers, and speedstream router login for admin if needed).I can access the Zyxel NAS (192.168.1.104) from the PCs (192.168.0.2) connected to the speedstream, as well as the mobile devices and laptops (192.168.1.110-150) connected to the sapido.I have installed polkast which is an application that runs in the background on the NAS. It allows web access to all of the files (work docs, multi-media, ebooks, iso files, batch files for utilities etc. from a cell phone, tablet, pc, laptop, any device I want. I should be able to access the files from the web and also on the local WLAN to allow file transfers from the NAS to the device in seconds..When I am on the WLAN I can copy/stream a video file that is approximately 1GB in seconds. However, When I am on 3g 4g or at another location I do not have access. Polkast has simply said that I have an incorrect network configuration. I have confirmed that allk the Polkast side settings are fine and their user support has also confirmed that everything is as it should be. So they insist that the problem lies with my 2 routers. Their suggestion was to go back to using 1 router (HeeHee). I can RDP into any computer on my network from anywhere in the world. So the configurations seem fine. I also have FTP access to the NAS so I believe the ports are all forwarded correctly.
View 12 Replies
View Related
Jun 28, 2012
How do I get past this slow connect cloud b.s.? Now it's stopping me from logging into my router all together. I keep getting a message "we've encountered an unexpected error" blah blah blah. I can't get past it. I've already rebooted my router.
View 9 Replies
View Related
Feb 9, 2013
This issue seems to happen about once every week or so. I get the router settings all configured and I'm able to access it from Cloud Connect and from the APP on my smartphone. After about a week, it's no longer accessible from cloudconnect, I can access it from my smartphone, but it shows that there are no devices connected (when they are actually connected). The screen for cloudconnect will come up after I sign in, but it just has the circling dots in the center of the screen saying "waiting" and it will do this until I close out explorer. The only way I've found to resolve this is to reset the router and set everything from scratch.
View 4 Replies
View Related
Jul 22, 2012
Keep having trouble with login onto my router (EA4500)Every now and then it will work but more often than not when I try to access it using either myrouter.local or 192.168.1.1, I keep getting an unexpected error message in the middle of the screen and it will go no further. Or I get no error and just a blue background with no icons or anything.
I tried going back in the firmware to what it was when I bought the device which is non-cloud (Ver.2.0.37.131047), but when I did that, I was logging into the router perfectly but had no internet access at all even tho all the gateway and dns details were present on the status page for the internet.
I've put it back to the cloud firmware (Ver.2.1.38.138880) and i'm back to these login problems again so I tried as per request with a cisco advisor in live chat to totally reset the router using the reset button at the back. Oh that caused problems getting things back online as every time I tried to access the interface I got a 502 error. I managed to get back online using the cisco disc that came with the router but now I'm back to square 1 with these access problems to the router.
I just can't see what is wrong here, it was fine prior to it updating itself to the cloud software, but it has been problem galore ever since.I am running Ubuntu Linux and have tried both firefox and chrome browsers which doesn't seem to matter.I have tried my sons laptop running vista which gets the same problem.I have tried disconnecting everything else on my network apart from my PC (the linux one) which is ethernet cabled direct to the router.The cloud app for my HTC does work but has very limited settings and runs extremely slow.
Might be worth mentioning that this morning when I tried accessing from google chrome, in the error box also popped up the following message, 'error_get_networks', this is the first time I saw this message so don't know if its of any relevance. I do have set in the settings that my DHCP server starts at 192.168.1.201 and most of the computers in my house have a static IP address so I don't believe anything is clashing to cause any errors.
View 8 Replies
View Related
Nov 27, 2012
One of my client has BSNL leased line with LAN IP POOL we configured those on ASA 5510 nad Internet working fine but from cloud we are not getting any response for ping requiest please find running configuration below:
ciscoasa(config)# sh run
: Saved
:
ASA Version 8.2(1)
[Code]....
View 4 Replies
View Related
Mar 4, 2013
I am interested in running the EA6500 without all the Cloud Connect software etc. Is this possible? Is there a basic way to set this up without that requirement?
View 1 Replies
View Related
Nov 24, 2011
There use to be Cisco 851 routers, but lately these routers are replaced with Cisco 861-K9 routers, and these 861 routers doesn't support DMVPN, instead 851 use to be.
Is there any license file we can upload in 861 router for DMVPN capability, if yes may i know the SKU # for that. We have some customers having 6-7 locations and they are planning to have 2 more locations, we implement already DMVPN in there network, if we go with the 87X or 88X router there price is almost double the price of 861.
View 1 Replies
View Related
Jun 26, 2012
My EA4500 router now automatically goes to Cisco Connect Cloud, and I can no longer access my router directly through my browser. I do not want to use Cisco Connect Cloud, for security reasons, so how can I disable the automatic access to the cloud? Use of the Cisco Connect Cloud should be optional, and not mandatory. If the cloud is the only way I will be allowed to make changes in my router, I may just have to return it to the store. Can this "feature" be turned off?
View 9 Replies
View Related
Oct 20, 2012
I recently purchased a EA4500 for my home network. After hours of searching, I couldn't find any evidence to how I can install a USB printer without the obvious Cisco Cloud Connect. I don't need any software or account to access my router over the net nor any of the features CCC provides (at least as of yet). I'm quite comfortable with using the web interface and easily managed to adjust the router for everything I need except the printer part. I certainly have things to print so I have to connect my printer to the router as it is clearly mentioned on its box that I can access my printer through it. As a last resort I tried to install the software on the CD that came with it to get a link for some "Cisco VUSB" software which I think is the solution but it keeps saying my modem is not connected to the net. It clearly isn't because I don't have an internet connection at home. What I have is a 3G connection which I use for communicating and downloads I need. So why do I need an internet connection on the router for anything and how do I install my printer?
View 3 Replies
View Related
Sep 20, 2012
I bought an EA3500 because I found that I did not need the more expensivbe router. The problem that I have now is when I sign in to Cisco Connect Cloud both the old and the new router show up. I would like to remove the old router from the list. The old router shows as:CiscoA3518 [offline]
View 6 Replies
View Related
Jul 7, 2012
I know that Cisco Cloud Connect was released fairly recently. I also know that the e4200v2 was supposed to be a supported router from last generation for Cisco Cloud Connect. However, when I go to the upgrade firmware option on my router settings, it says that I have the most up to date firmware.
How do I get CIsco Cloud Connect setup on my e4200v2? Would I simply follow the manual install instructions for the ea4500 with the firmware for the ea4500?
I'm hoping that the updated firmware will fix an issue I'm having with getting a Seagate Expansion hard drive detected for the media server portion since I know a closely related hard drive was in the list of functioning external hard drives for the Cisco Connect Cloud firmware.
View 6 Replies
View Related
Jun 14, 2012
I have a requirement to monitor all traffic going from the internal LAN to the cloud. The LAN is a layer 2 VLAN which spans multiple Cisco 4507 switched and other smaller switches.
The VLAN has an IP address which the hosts use as the default gateway.
The exit port is on a Cisco 3600X switch connecrted to 4507 #1 via a 10G fiber link. 4507 #1 connects the rest of the LAN. Those switches interconnect via 10G fiber and 1G copper links.
Currently the monitor host is connected to a 1G copper port, configured as a monitor port, on one of the backside 4507s The switch manager says he has the switches configured so that I can see all traffic on the VLAN.
View 1 Replies
View Related
Oct 10, 2011
I have an ASA 5505 that during preak usage, likes to lose it's connection to the cloud for 50 seconds. The device is alive and kicking, can route between different interfaces, but it's connection to the cloud dies. This happens every 45 minutes or so during our peak internet usage.
the nastyness of the config, I was having issues getting PPTP pass-thru to cooperate, and never cleaned up after myself.
Result of the command: "show run"
: Saved
:
ASA Version 8.2(1)
!
hostname THEMAN-ASA
[Code]....
View 1 Replies
View Related
Feb 26, 2013
We are currently looking to upgrade (re-design) our wireless network at our college. Any experience going from a local, controller-based wireless network to a cloud-based controller? If so, what have you found the pros and cons to be?
If you thought about going to a “cloud solution”, what stopped you?
We are currently running wireless at our 3 primary campus locations, and looking to add it to our 3 satellite locations. We use 4402 WLCs at our primary locations with a mix of 1140 and 1240 APs.
View 5 Replies
View Related
Oct 30, 2012
Is it possible to force a reboot of the EA4500 through the Cisco app for the Cloud?
View 2 Replies
View Related
Feb 4, 2013
Do i need to reset the router after the install all seems good the new firmware installed with no issues.
View 2 Replies
View Related
