Cisco WAN :: 2811 - NAT Configuration Confirmation
May 2, 2013
I have a 2811 router that I need to confirm NAT configurations as expected. I have 2 deviced on the internal LAN that need to access remote resources without PAT. All the other devices are for a guest network with PAT. My interface Fa0/0 is connected to local network (1.1.1.1/23). Fa0/1 is connected to ISP (10.10.10.178/30). Addressable range from ISP of 10.10.10.192/28 (10.10.10.193-10.10.10.206). Internal machine 1.1.1.2 & 1.1.1.3 must connect to a remote server through internet on spacific port numbers.
My windows messenger wants confirmation on password. Everytime I try it takes me to my old live.ca account to confirm instead of my fairly new hotmail account.
Region : UnitedKingdom Model : TL-WDR4300 Hardware Version : not clear Firmware Version : ISP : BT
I am thinking of buying a TL-WDR3600, but just need to know the answer to the question below.Can anyone confirm if the TL-WDR3600 supports NAT Loopback functionality?
I have faced configuration of multiple nat/pat problem.Point is when I paste into router another nat pool or nat with route-map or just static nat they doesn't work I mean only one of them works.So, I have several connection hardware cisco 2811 latest ios 15.1
1. internet 2. Local host that must be translated into global local ip addresses be routed 3. vpn local hosts that must be translated into local global addres
I have several Cisco 2811 ISR Routers that are functioning as CallManager MGCP voice gateways. These routers have prtial PRI's attached to them which I realize are not supported by Cisco CallManager using MGCP. The problem is that whenever the router gets rebooted, the configuration under Controller T1 ends up with the improper PRI Timeslots command and I have to go in and manually change it. Solution: I have developed smal text files for each router that contains all of the commends needed to get the chnage accomplished (you have to shut down things and remove lines elsewhere to be able to change the PRI Timeslots) and I just telnet to the router and cut and paste the commands into the router.However, I would like to store those files on the router in such a way that I could telenet to the router and then either somehow display the file and then copy/paste it in or possible have a file that could be run to make the changes. That way I could do the job quickly fram anyplace I could telnet to the router and not have to have the text files on the local machine.
does cisco 2811 support?if no, can i make it work for BGP?also, i want to know the configuration of bGP for twoo ISPs for link failover.it will be google if u tell me step by step approach for configuring it
i trying to set up a terminal server, 2811 with an HWIC-16A und two octo cables. [code] connect and sometimes not. It seems the connection is established but i don't get a prompt von the target device.The target devices are cisco 2811 and cisco catalysts 3560.
have remote routers boot and load a config from the flash card. It seems this is possible if the Flash Class is A, according to the Cisco web site using the
boot config flash:<Config file>
where <Config file> is the file on the flash.
Although this can be applied on 2811 routers, they fail to load the file on the flash card. I've since found that this router type has a Class C flash. So the question is, can either:
Is there a similar process for other classes of Flash cards, specifically Class C?
or
The router flash be set as a Class A to support this functionality,
The preferred resolution for this would be the first as there are many remote routers installed a diverse and difficult locations to visit, should a format/rebuild of the flash fail for some reason.
don't ask to list the output of a show boot or show bootvar, neither of these commands work. The Startup/Running config lists the boot config line.
I have a Cisco 2811 Router. I have two VLANS on the router. The first one of course is VLAN 1 and the second one is one that I created from reading everything from this forum.. it is called VLAN 531
On VLAN one I have an IP address of 10.8.1.1 and on VLAN 531 I have an IP Address of 172.16.1.1, now what I can do is this... I can.. from a workstation on the 10.8.0.0 segment, ping 172.16.1.1 and one server on that segment that has an IP address of 172.16.1.50, which is fine, but what I really want to be able to do is ping our email server which is on a 10.21.0.0 segment and I cannot. Any commands on what I would need to do to make this work as I would like the 172.16.0.0 segment to ping any other part of my LAN of my choosing.
We have CISCO2811 model with VWIC2-2MFT-T1/E1 module working good over the E1 line. Since it's getting hard to find new model of CISCO2811 we decided to connect new branches with CISCO2911/K9 model (according to migration doc)
My question is can we use 2811's old config file with the 2911 model directly?
I have a laptop with a single physical NIC which I have used the advanced management tools to create two virtual NICs (say vlan 10 and vlan 20) and both are on the same subnet (say 192.168.4.x). One NIC is for normal TCP/IP traffic and one is for broadcast/multicast traffic (I have some custom software that requires this to be the case and works fine on an older laptops with built-in physical NIC and PCMCIA XIRCOM NIC). The dual NIC laptop communicates with a dual NIC server via a Cisco 2811 router (which has a 16 port switch module at the back) and has vlans set up so.
What I want is for the single NIC laptop (with two virtual NICs) to be able to also communicate with the server. Basically, one NIC is for normal traffic and one is for multicast/broadcast traffic. All three machines need to be able to talk to each other using the NIC for normal traffic and both laptops must be able to receive broadcasts from the server. What is the best way to configure the router to handle the trunking/tagging? Most configuration documentation I read has two complete subnets for the two virtual NICs. Note that all three machines use static IPs and are part of a workgroup so no DNS and domain servers etc.
I am having trouble setting up a EHWIC-VA-DSL-A= card on my cisco 2811 running the following the following:c2800nm-adventerprosek9-mz.151-4.M2.bin and C2800NM_RM2.srec.124-13r.T11
My hardware supplier tells me its the right adsl card (have 1 existing working card not the same) but the card will not detect on the system to be configured.is this the right card? am I missing something?
I am using multiple cisco 2811, 3745 routers and 2950,3550 switches if I need to copy running configuration I have to go to each device and say copy run tftp: <address> Is here any way that automatically by schedule one a week or a month configuration copy from all devices to tftp server?
I am position to migrate from CatOS 6509 switch to native IOS 6509 switch. long time ago, there was some site to convert automatically based on copy and paste onto the tool, but i can not find.
Does anybody know how to convert CatOS configuration to Native IOS configuration ? It is not IOS change, but it is configuration convert.
I have webcams that need port 8081 opened and I did that, everything worked fine until my DIR655 jammed up and power cycling it and the modem 3-4 times DID not make it work: no internet access and it was definitely a DIR655 problem. So, out with the paperclip to do the big reset, causing me to lose my configuration. When "most" of it came back up with my new config (I had screen prints), all was okay EXCEPT the webcams. Addresses and ports were all configured properly, address was fixed too on the client computer rather than use DHCP. I had a DNS relocation service running (DYNDNS) for the WAN side, but that address (My IP) didn't change either. I tried EVERYTHING. Finally, I realized in all my screwing around that I had enabled UPnP in my application, something I hadn't done before, but did this time as a desperation move. UPnP had always been checked off in the router. So.....I REMOVED my port forwarding and virtual server settings (either one worked before), and voila, everything working, Is this a normal occurrence, that if you have UPnP running, that this auto configuration overrides any manual configuration?
My setup is ISP-2811-PIX 515E-LAN. Right now, I am doing a PAT for IPSEC tunnels to terminate on the PIX. Do you recommend I use the 2811 instead of PIX for VPN or keep things the way it is? Trying to determine the best box to use.
I want to upgrade LMS 3.2 to 4.1. But when I look to "Special Notes and Exceptions for Devices Supported" document ,It seems that 2811 have 2 SysID.
Why there are two IDs for the same hardware and under which ID will my 2811 routers be classified into inventory database. This information is important since customer want to have support of 2811 in CiscoView of LMS 4.1 (around 200 devices).
Looking to implement CoPP in our 2811 ISR. We currently have the base 256mb of DRAM in there. Will this bring our router to its knees? I've priced a RAM upgrade.
i have a branch router that connects to mpls WAN. Also has a second interface that is used for dmvpn failover in case WAN goes down.We want to use this second interface also as the primary internet circuit for the branch. I changed the default route to the next hop address on the other side of the second interface and expected this to work.But i was told i need to set up NAT for this to work, and set up an ACL for NAT to use. how to set up NAT?
I have a 2811 that I can remotely VPN to using Cisco VPN client however I cannot see the internal admin network (10.35.5.0).
Current configuration : 4845 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption
I have a particular site that is causing me trouble, this site is connected in a back to back configuration using 2811 at CO and 2621XM at CPE. The CO end is also the CO for 3 other sites so has a total of 4 wics installed (WIC-1SHDSL-v2), these other sites also have 2621XMs for the CPE.
The problem i am getting is when one site in particular transfers large files to/from client machines, the CPU on the 2811 jumps to 99%:
CPU utilization for five seconds: 99%/98%; one minute: 26%;
We have a cisco 2811 router with 2 ADSL interfaces. One dialer interface is used for internet and another dialer interface is used for VPN.
The dialer interface that is used for internet purpose is "Dialer 1" and the VPN is "Dialer 2".
The route looks like this: ip route 0.0.0.0 0.0.0.0 dialer 1
Basically, I am able to the ping the external IP address associated with the Dialer 1 interface, however, I cannot ping the external IP address associated with Dialer 2.
I have a Cisco 2811 with an additional HWIC-4ESW card. [code] I need to NAT anything heading out of the WAN port. [code] I can ping anything connected to my other private networks from my 10.0.24.0 network but nothing on the Internet. [code]
I just bought an additional router for my network and I'm in the process of setting it up.I have however hit a snag with enabling ssh on the device. It is a cisco router 2811 running IOS 15.0 (refer below to my attempts)
I want the below mentioned IOS image for backup purpose. But I am not finding it in cisco.com or anywhere in the in internet. where can I get this version of image other than my router.
I have a 2811 ISR configured to provide the following services to my network: Internet access to LAN usersCisco Call Manager ExpressSite-to-stie VPN to 3rd party networksVPN server to provide VPN access to remote usersSecurity Zone configurationsStatic NAT configurations.Now I recently just got the ASA5510 device and I am not sure how to go about with the setup, whether to put the ASA in between the internet and the ISR (Internet - ASA - ISR - LAN), or put the ISR in between the internet and the ASA (Internet - ISR - ASA - LAN)? While i know I can move most of the config unto the ASA, i know that the CME cannot be moved, hence I would like to do the setup such that users on the network still have access to CME.
I've setup a NTP service by using Cisco 2811 routers. This works fine at the moment, but in the end there are some questions left.
1. I'm using two 2811 Routers, one for primary, which is resceiving the time from PUBLIC NTP 1, and one for backup, which is resceiving the time from PUBLIC NTP 2. Is it possible to compare these to times an check if the match? And if not, generate an alarm via e.g. SNMP
2. Is it possible to check via SNMP, if the routers are reaching PUBLIC NTP 1 and PUBLIC NTP 2 for sync?
I have a site that is connected to the internet via T1 into 2811 runing C2800NM-ADVENTERPRISEK9-M), Version 12.4(11)X. I have noticed that when i do a port scan on the outside nat pool i see well know ports in the closed state .ie...7,21,22,23,25,99,100,80,443. These pools for end users to access internet. Does this pose a security risk? What can i change to provide end user access to web but not let these well know ports open?
I have a Cisco 2811 router with two HWIC-ADSL cards configured for dsl connection. I have two lines from the same ISP and i am load balancing between them. I have created a couple of SLA's to check the state of the connections and add to the routing table the two default routes if both are up or any one of them is up.My problem is that when i try to download big files (especially antivirus updates) the download at some point stops (especially the antivirus exits with an error of unreachability). If i shut down one line everything works fine.Could i use something (configuration-wise) to prevent this problem from happening?????Is there any way i can combine the two lines? They are simple ADSL connctions with static ip's.
