Cisco WAN :: 2911 - How To Configure QOS
			Dec 21, 2011
				What specific commands are needed to configure qos on a router?
 
Two sites:
Cisco 2911 (site 1 ) Cisco 2911 (Site 2)
 
Data Vlan
Management Vlan
I want to configure QOS on Site 1 where the Data Vlan traffic is always marked higher than the management Vlan coming from Site 1.
	
	View 1 Replies
  
    
	ADVERTISEMENT
    	
    	
        Dec 27, 2012
        I have one router 2911 with the following image c2900-universalk9-mz.SPA.151-4.M4.bin I have two IPS on this routers and I tried to configure the IP SLA on this and I`m not able to do it and I don´t know why. I can configure almost everything but not the IP SLA command.this is the config:
 
track 10 ip sla 1 reachability
 delay down 10 up 1
!
track 20 ip sla 2 reachability
 delay down 10 up 1
!
[code]....
What I need to do in this case? or why cannot configure the IP SLA?
	View 5 Replies
    View Related
  
    
	
    	
    	
        May 19, 2011
        I've got a 2911 with a primary ethernet link to the ISP, with BGP running over it.  There's also an ADSL module in it, which will connect into the same ISP AS. how do i configure BGP over the ADSL so that it sits there doing nothing until the primary link fails?  Do i need to setup a new instance of BGP with a different AS on the router or can it sit in the same AS as the primary link?
	View 1 Replies
    View Related
  
    
	
    	
    	
        Feb 1, 2012
        Were bringing up a new site shortly and I'm trying to configure Serial0/0/0 which will be connected to an MPLS over 1.5m T1 line.  I am basically doing a simular configuration as other sites where one of the ethernet interfaces is handed off from a fiber optic wan, but a T1 MPLS is connected to a WIC card and this provides a redundant path (though slower) in case of a fiber cut or equipment failure.  This should be pretty straightforward but it appears as if I have no serial interface on this router.  Card is in and everything, it is a VMIC-3-1MFT-T1/E1 in EHWIC 0.
	View 7 Replies
    View Related
  
    
	
    	
    	
        Jun 21, 2011
        Suppose a broadcasted IP packet reaches one of the integrated RJ-45 ports on a 2911 ISR G2, will it be possible to configure the router so that the other integrated RJ-45 ports, ESM/EHWIC modules installed on the router, as well as the MGF also recieve the packet? Technically, the router should act similar to a switch with the SRE behaving similar to a seperate machine connected via the MGF and other external machine connected to the ports of the router to recieve the broadcasted packet.
 
Also,  if SNMP traps were generated from the router,Will it be possible to send the traps from the router via the MGF to the SRE installed on the router?
	View 1 Replies
    View Related
  
    
	
    	
    	
        Sep 19, 2012
        I need to configure two links (active and failover) on router 2911. Do I need DATA LICENSE to configure this with static router and route-map?
	View 4 Replies
    View Related
  
    
	
    	
    	
        Mar 6, 2012
        what will be the work around on this configuration.currently we have a Lease Line connection on serial interfaceISP <=SERIAL=>Router 2911<=ACCESS MODE=>Firewall(DATA DHCP SERVER located here, policy implemented here)<=TRUNK MODE=>CORE Switch(VLAN Assignment is here)<=TRUNK MODE=>ACCESS Switch(DATA and VOICE passess thru each ports)i am thinking to create a DHCP pool on the router to where my firewall should point to and from the DHCP pool it will point the internal network going to public network.
	View 2 Replies
    View Related
  
    
	
    	
    	
        Dec 19, 2011
        We have a Cisco 2911 Router and have configured via BT Infinity Broadband for out going internet access etc. Are there any incoming restrictions ACL settings etc. that will stop us using for ISA VPN, Exchange connections, Intranet, Sharepoint etc. We have reserved 13 Static IP Addresses from the ISP.
	View 1 Replies
    View Related
  
    
	
    	
    	
        Jan 29, 2012
        I have a Cisco 2911 router that I will like to use it for setting up a site to site VPN but the router does not support VPN commands. When I issue crypto isakmp command, it says command no recognized. When I issue ipsec transform-set command, it says command not recognized. The IOS running on my router is c2900-universalk9-mz.SPA.151-2.T1.bin. Also see the output of my show licences features command: [code]
 
what can be done on this router to enable use it for setting up a VPN connection.
	View 6 Replies
    View Related
  
    
	
    	
    	
        Jun 17, 2012
        Any example of how to configure an sm-es2-16-p service module to route over an Cisco 2911?
	View 2 Replies
    View Related
  
    
	
    	
    	
        Jul 25, 2011
        I see that Application protection - blocking peer-to-peer file sharing traffic is a capability of Cisco IOS Firewall. How do i configure my Cisco 2911 ISR to block peer-to-peer file sharing traffic?
	View 1 Replies
    View Related
  
    
	
    	
    	
        Dec 29, 2012
        Is there a way to set up a Site-to-site VPN between RV042 & Cisco 2911? I "googled" this and obtained a document, but it is not regarding Cisco 2911: [URL]
 
Routers are needed to setup it successfully. I have tried on both routers several configuration steps, no success...
	View 3 Replies
    View Related
  
    
	
    	
    	
        Dec 25, 2011
        I am having one router CISCO2911/K9 (Cisco 2911 w/3 GE,4 EHWIC,2 DSP,1 SM,256MB CF,512MB DRAM,IPB). But now my management asking me to upgrade this router as CISCO2911-SEC/K9. 
 
What will be the BOM for this up gradation.
	View 2 Replies
    View Related
  
    
	
    	
    	
        Jan 28, 2011
        I am looking at this doc to use an ASA + 2911 to do Policy Based Routing with multiple ISPs.From the linked doc, under the PBR scenario, what should the IP addresses be for the routers connection to the ISPs?  It isnt labeled.
	View 4 Replies
    View Related
  
    
	
    	
    	
        Oct 13, 2011
        I have a cisco 2911 router that is located in my head office LAN and I use this router to connect to my branch networks. I want to configure IP SLA Monitor on this router to track my WAN Links but it does not support the command IP SLA Monitor. My IOS VERSION is  c2900-universalk9-mz.SPA.151-2.T1.bin. how I can configure IP SLA on my router.
	View 4 Replies
    View Related
  
    
	
    	
    	
        Feb 12, 2013
        I have a router Cisco 2911 with two possible Wan interfaces out and a backup configuration using IP SLA. When the Primary Interface goes down the traffic is automatically rerouted through the Backup Interface, but the problem I have is that when the traffic is going through the Backup Interface (because the Primary is down) if the Backup Interface also goes down, if the Primary goes up, the traffic  is not automatically rerouted to the Primary Interface. And it looks to me like it keeps trying to goes out the Backup Interface and cannot see that the Primary is down. I guess that the pings are going out the backup Interface and as it is down the router doen't receive any anwer to the ping and doesn't change to the Primary.
The main configuration related to the IP SLA is this:
 
!
track 1 ip sla 1 reachability
!
interface GigabitEthernet0/0
description backup Interface
ip address 175.xx.xx.10 255.255.255.252
ip nat outside
[Code]....
	View 8 Replies
    View Related
  
    
	
    	
    	
        Aug 5, 2012
        We have 2911 with   HWIC-4ESW. System image file is "flash0:c2900-universalk9-mz.SPA.152-1.T1.bin"_2911#sh inv NAME: "CISCO2911/K9 chassis", DESCR: "CISCO2911/K9 chassis" PID: CISCO2911/K9      , VID: V05 , SN: FGL16011005
[Code]....
The problem was that HWIC-4ESW no longer pass traffic although showing that the interfaces are up rebooting the router solved the problem. What IOS is more stable and not subject to this problem?
	View 3 Replies
    View Related
  
    
	
    	
    	
        Mar 2, 2012
        Recently i attempted to build a LAN 2 LAN VPN tunnel from an Asa to a 2911 running zone based firewall.  This was a standard IPSec psk tunnel nothing fancy.  I got the tunnel to establish but i could only get traffic to encap on the Asa side and decap on the 2911 side.  I couldn't get return traffic.I followed this doc here for classic IPSec in the last example. URL
And I am sure the Asa is right I built a ton of those but I am new to zfw.  I did not see anything about a NAT exempt rule.  But since everything uses real IPs instead of NAT I wasnt sure and I could not find any info.  Do I need to do NAT exempt?  If so do you use a route map on the end of you NAT overload config line like in the past?
Also I have a zone-pair to "self" and I was not sure if I needed anything there to be able to ping the inside interface of the 2911 when the tunnel is up from the remote end.
	View 7 Replies
    View Related
  
    
	
    	
    	
        Mar 26, 2013
        I have to build HA environment, at the moment we have only one R1 and WAN1 but company wants to buy R2 + WAN2 and have HA between the routers, in case R1 or WAN1 goes down the other router will take over.
 
What would be standard methodology nowadays to do that  - does HSRP will do what I need or it is better do some other way? 
	View 7 Replies
    View Related
  
    
	
    	
    	
        Mar 11, 2013
        What are the max number of T1's that can be bundled on a 2911 router?
	View 0 Replies
    View Related
  
    
	
    	
    	
        Apr 19, 2011
        I need a interface v.35 on 2911 router, but it does not have WIC slot, it has EHWIC. Could some one told me if there are a card with V.35 interface that I can install in this model of router?
	View 2 Replies
    View Related
  
    
	
    	
    	
        Apr 26, 2012
        I have the following setup where the Cisco ME 3400 provided by the ISP.
 
My Cisco 2911 is configured as below:
 
CORE_Router#sh run
Building configuration...
 Current configuration : 6075 bytes
[Code].....
	View 6 Replies
    View Related
  
    
	
    	
    	
        Aug 1, 2012
        I have a problem I am running into... I replaced a 2621 with a 2911. The 2911 has three interfaces and I need to use all of them... Description:
 
gige0/0 dhcp static IP from ISP, public IP, they assign me 4 more usable public IPs gige0/1 broken into four VLANS, 108, 109, 120, 127, ip nat on 109 for them to get to the internet, and a static translation on 127 for the phone system to get to the internet gige0/2 assigned another public IP. A tenent has a linksys router on this interface, they want a public IP. 
 
The problem is that this setup worked, but when we moved to the 2911, some nat translations are failing, and we would like to figure out how to minimize the number of public IPs we use (right now it is three + the static assigned dhcp). The nat that is not working is the nats to the 2001-3001 range. I am not sure why it is failing, but the router seems to indicate it thinks some of these overlap. This router is also doing a vpn to an asa... that seems to be working fine.  
 
Current config:
 
Current configuration : 6072 bytes
!
! Last configuration change at 14:31:44 UTC Thu Aug 2 2012
! NVRAM config last updated at 14:31:50 UTC Thu Aug 2 2012
[Code]....
	View 7 Replies
    View Related
  
    
	
    	
    	
        May 18, 2011
        I thing that i find some bug in the newest IOS 15.1.4M.
 
The case is falow:
 
I start to configure failover for the costomer - make default route, make the default path but i cant find the comand IP SLA monitor. Is some meet this problem with this IOS or just Cisco make some chenge in the CLI commands?
 
Tomorrow i will try with IOS version 15.1.1T.
	View 2 Replies
    View Related
  
    
	
    	
    	
        Dec 14, 2011
        I have a 2911 router that I am trying to use a h.323 gateway for faxing purposes.Right now I can 4 digit dial and 10 digit the number and my analog phone answers, but when I try to place a call I get a fast busy immediately (as soon as I pick up the receiver) 
	View 1 Replies
    View Related
  
    
	
    	
    	
        Jun 26, 2012
        I want to connect a RPS2300 to a Cisco 2911 router to provide power backup.I have two questions ,Easy one : if the 2911 PSU (internal Power Supply Unit) fails, how to confirm the RPS2300 provides power to the 2911 with no reboot of the 2911 ?,Tricky one : After we replace the broken PSU, will the 2911 reboot or not as power revert from RPS2300 to internal PSU ?
	View 4 Replies
    View Related
  
    
	
    	
    	
        Nov 20, 2011
        I purchased a 2911 router and a 25-pack of VPN licenses (PID: L-FL-SSLVPN25-K9=).I registered the license, and supplied the serial number of my router when asked.I received a .lic license file.When I attempt to install the license on the appliance, I receive an error:
 
% Error: Install failed. UDI L-FL-SSLVPN25-K9=:FTX1542AKJ3 on license does not m
atch any device
0/1 licenses were successfully installed
0/1 licenses were existing licenses
1/1 licenses were failed to install
 
However, the following establishes that the serial number is correct:
  
SFGallery#show inventory
NAME: "CISCO2911/K9 chassis", DESCR: "CISCO2911/K9 chassis"
PID: CISCO2911/K9      , VID: V04 , SN: FTX1542AKJ3
 NAME: "C2911 AC Power Supply", DESCR: "C2911 AC Power Supply"
PID: PWR-2911-AC       , VID: V03 , SN: AZS153303LY
	View 3 Replies
    View Related
  
    
	
    	
    	
        Jun 11, 2013
         I have a Cisco 2911 Router and I need to split the traffic from my Lan (Gi0 / 0) by ISP1 (fa0 / 0) and that of my servers (Gi/0/0) by ISP2 (fa0 / 1). [code]My problem comes when wanting to communicate with my remote networks that reach the int Gi 0/1, because when my network to match the policy- route internet sends me all the way.
	View 1 Replies
    View Related
  
    
	
    	
    	
        Mar 14, 2012
        We can't seem to SSH from the outside network into our router. Our router config looks straight forward enough. 
 
!
! Last configuration change at 10:41:22 zone Thu Mar 15 2012 by tssconsult
! NVRAM config last updated at 11:19:12 zone Thu Mar 15 2012 by tssconsult
!
[Code].....
	View 7 Replies
    View Related
  
    
	
    	
    	
        May 20, 2012
        Is it possible configuring load balance with three intefaces, in my router with the following features?I have three ISP, and would like balance the traffic ... Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(2)T1, RELEASE SOFTWARE (fc1) Cisco CISCO2911/K9 (revision 1.0) with 483328K/40960K bytes of memory.
Processor board ID FTX1613AH8D
3 Gigabit Ethernet interfaces
1 terminal line
2 Channelized (E1 or T1)/PRI ports
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
255K bytes of non-volatile configuration memory.
250880K bytes of ATA System CompactFlash 0 (Read/Write)
[code]....
	View 3 Replies
    View Related
  
    
	
    	
    	
        Jan 30, 2013
        Does Cisco 2911 support VRRP?I can’t find in datasheet anything about it.
	View 2 Replies
    View Related
  
    
	
    	
    	
        Apr 14, 2012
        I'm working on tweaking the config on a 2911 ISR G2 with a ZBF and am looking for some input.  Our main issue right now is that the router is having performance issues once we hit certain troughput thresholds.
 
Right now, I have an inside-outside inspect set to look at all FTP, TCP, UDP, ICMP, DNS, SIP and HTTP (I know, its a bit redundant) traffic and do inspection on it then pass all other traffic.  From a company policy, we are not filtering ANY traffic of any kind going outbound.  (I know this isn't best practice but that's another battle for another day.)
 
Additionally, I have an outside-inside policy set to pass GRE traffic to an internal PPTP server (I know, not secure but its what we have.) then I have another inbound policy to inspect all traffic coming through that matches a specific ACL that defines all of the holes we're poking for hosting various functions on internal servers, etc.
 
could I, should I, why would or wouldn't I simply pass traffic that matches specific ACLs or whatever instead of how we are presently doing a lot of inspection?If I was to simply pass matching traffic instead of doing the inspect, would I see a substantial performance increase/workload decrease ont he 2911?
 
What are the security ramifications related to simply passing traffic instead of doing the inspection?
	View 2 Replies
    View Related
  
    
	
    	
    	
        Feb 18, 2013
        Recently they bought a new Cisco 2911 router and told me that they want it connected to an outside WAN connection that they hadn't used in a while so they could create a little network on the side. They want to just plug the server into the router and go. Unfortunately, I am sort of clueless about how to set up the config for it.
 
There are 3 GE ports, with the line from the outside coming in on GE0/0. I've already activated the interface and it is up, but that's where I get stuck.
	View 14 Replies
    View Related