Cisco WAN :: 2911 - No Conflicts With Multiple Telnet Sessions
Feb 27, 2011
We have a new 2911 that needs to be configured, unfortunately it's at a remote site. I had installed the following config: [code]
Now, I do get a dhcp ip on the G0/0 interface and I can ping it from my remote network and the local router as well as the local lan. The hands and eye guy is able to telnet from the local lan but I am unable to telnet from either my remote lan or the local router.The only error I receive is "connection refused by remote host". All lines are clear so I have no conflicts with multiple telnet sessions.
View 8 Replies
ADVERTISEMENT
Dec 19, 2012
Someone told me the commands, but I can't remember them. Have a router (2801) at the end of a highly utilized T1 link/router. How do I protect it so my SSH and/or Telnet sessions will get serviced if the router is real busy.
View 9 Replies
View Related
Jan 26, 2012
I have recently installed four Cisco RV042 v3 VPN routers for a customer of ours to replace existing Nortel Contivity 1010 devices which were providing VPN tunnels from the customer's 3 branches to their headoffice. The original Nortel devices were working perfectly but the customer wanted some firewall rule changes and the Nortels were proving to be somewhat inflexible and incomprehensible in their configuration hence why they were replaced.
When installing the Cisco routers I configured the VPN settings to match the Nortel device settings so that I could swap out a branch at a time without taking the whole setup down for a day.The customer has a Unix based dumb-terminal application running on a server at headoffice that they access from their branches using terminal emulators on Windows PCs and thin client hardware devices that support vt100 terminal emulation.
Prior to installing the Cisco RV042's everything was working fine. Now they are using the RV042's they keep getting the sessions from their branches dropped. Both PC users and thin client users are losing sessions and it happens with active and idle sessions. I have checked the logs on the routers when users are disconnected and there is nothing logged at that time (other than my login)... I had thought maybe it was to do with tunnel renegotioations so I have set to phase 1 / phase 2 SA timeouts to 86400 & 28800 seconds respectively but this has had no effect. I had also seen somebody advised disabling 'SPI' in the firewall... I have tried this and it makes no difference.
View 9 Replies
View Related
Dec 10, 2010
I have some issues with router configuration. I cannot open any external web pages, but ping or telnet is just fine. Im using router-on-a-stick scenario. Router connected to LAN trough EtherSwitch module. Config attached.
View 8 Replies
View Related
Jan 7, 2013
We have a cisco 2911 router configured with password for telnet login, but I always failed to login use telnet, does any one know any place need to be modify?
View 6 Replies
View Related
Jan 21, 2013
We are running in our DC one of the CISCO 2911 terminal server which is connected with HP ARC sight logger.
it is possible to capture user who execute ‘Telnet” or “show line” in the log, I mean all the command entries by user.
How to enable any config on 2911.
View 11 Replies
View Related
Dec 6, 2011
I have two cisco routers (Cisco 2911 and 871) that I'm trying to establish a L2L VPN with. Each have a VPN configured to our cooperate office that is up and working. I'm now trying to establish a site to site VPN from both remote offices. I have my crypto maps, NoNats, and interesting traffic set up however, I do not even see phase one come up.
I've attached each config. Most of my site to site experience is on PIX's and ASA so I'm curious if there is something else I need to do on my outside interface to allow multiple VPN's?
View 2 Replies
View Related
Jun 20, 2012
We are about to install a cisco 2911 router to replace a linux based router.
The Cisco will have 5 gig ports, 4 ports connected to DSL modems each modem connected to a different ISP, and the last port connected to a Cisco LAN switch.
802.1q will be used on the internal router port to split the LAN segments up into VLAN's as the building contains lots of different businesses.
Each customer in the building has there own servers and set of public IP addresses assigned e.g
Customer A - ISP 1 uses 81.34.65.78 NAT'd to 10.0.0.1 Vlan 5 port 25 (SMTP)
Customer B - ISP 2 uses 217.23.67.87 NAT'd to 192.168.1.1 Vlan 6 port 25 (SMTP)
and so on
The outbound traffic also needs to go out of the correct DSL line which ever has been assigned to that customer.
Am i right in thinking the only way to do this will be to use "Route Maps" ??
(IP addresses above are made up, or at least not ours)
View 17 Replies
View Related
Jan 8, 2012
I have only seen this problem with several video conferences from one location. Currently there is only one T1 connection from our HQ to remote location. When two conference calls are set to use 256Kbps connection to come back to the main HQ, after an hour or so the T1 connection would drop. What I mean about drop is that the route on the 2911 will disappear. I have to wait about 10 minutes for the connection to come back up or I have to reboot the router for the connection to appear again. There are no interface drops on the serial connections or ethernet connections.
HQ - 2911
Remote - 1821
2911 running config:
Current configuration : 3529 bytes
!
version 15.0
service timestamps debug datetime msec
[code]...
View 8 Replies
View Related
Nov 7, 2011
I am learning the 2911 router. Is there a way to set a physical single RJ45 port to handle multiple WAN IPs? Or do I need to buy a port expansion module.
View 12 Replies
View Related
Sep 17, 2011
I am wondering if xconnect L2TPV3 feature could be done on multiple SVI interfaces on 871 router and 2911 router with built in 8 port switch?Like I need to extend two ethernet interfaces and can I use two SVIs on router built-in switch module on each side?
View 2 Replies
View Related
Feb 17, 2013
We need to give differentiated internet access to three VLANs. Each one of this VLANs is used for totally different purposes, so traffic between the VLANs is not allowed. Each VLAN has its own internet access provided for the data center using one fast ethernet connection.
We're thinking about using cisco 2911 for Internet access, VPN and firewall. I suppose that best option for VLANs is using Catalyst 2960S or a swithing module for the 2911, but these two options are too expensive for us. We're thinking about using swtiches from the SB series (maybe a SG-200).
We're totaly newbies to VLANs so we have many doubts. This are our questions:
1) The 2911 has three on board ethernet interfaces; we have three VLANs and three internet connections, so we need to use HWICs to get three more ethernet ports. That's right?
2) We need three HWICs or there is some kind of HWIC with more that one ethernet interface?
3) The routing solution is to assign static routes in the 2911 for each interface connected to a VLAN through a 2911's interface connected to internet?
4) Simply connecting three different router interfaces with three different switch ports, each one of them assigned to one of the three different VLAN, are we going to get internet access for all devices in those VLANs? or do we need to configure something else like trunking, VSIs...?
5) Can we achieve our goals using the SG-200 switch?
6) We have the chance to use older routers, is this possible? We're specially interested in knowing if a 1841 or a 2801 router could be used for this setup.
7) This is not a production environment so we can use refurbished equipment.
View 4 Replies
View Related
Nov 11, 2011
LAN subnet conflicts with WAN subnet. My router is d-link 825 and my cable modem is Cisco EPC-3825. Op system is W7. Everything worked great with an older cable modem (Cisco 3000).
View 4 Replies
View Related
Jan 11, 2011
I am using a WRVS4400N as my primary router for a small office. I get the following message repeated over and over in my logs. This seems to happen for 2 or 3 days and then it will go away for about a week and then come back. What is causing this? The best I can tell I don't have any IP conflicts on the network and most of the time the network has very little traffic other than 2 or 3 computers surfing the web. [code]
View 19 Replies
View Related
Jan 24, 2013
[code] Site-to-site VPNs in place between Site A and Site B and between each site to the DC. Site A and Site B have Cisco 2911 routers, there are ASA’s at the DC. The existing Site-to-site VPNs carry data and voice traffic between the sites (though voice and data is on separate VLANs in separate subnets)
ISP1 currently used for the existing circuits at Sites A and B but we have experienced issues with them recently which has disrupted service. So new circuits are to be installed at each site with ISP2. (See basic diagram attached which shows current set-up with intention to get new circuits via ISP2 installed)
We have 3 ports on our Cisco 2911 routers with 2 ports already in use for the existing connections (1 for the LAN and 1 for the WAN connection to ISP1) Can we simply use the 3rd port for the connection to ISP2 or would it be far more advisable to use a 2nd router (for redundancy, etc)
Would it be feasible to have a set-up where we have e.g. voice traffic go over a site-to-site VPN via ISP1 and data traffic go via site-to-site VPN via ISP2 but each can take over from the other in the event of a failure?
View 5 Replies
View Related
Mar 23, 2011
I'm on the road traveling and am having trouble with receiving an ip conflict error message shortly after connecting my windows 7 laptop to this particular hotels wireless network. Shortly after connecting to the correct access point is when the msg appears. I've checked my wireless adapters IPv4 TCPIP properties and ensured Use DHCP is enabled and that IPv6 is disabled. I've done a release and renew on the address after connecting as well (ipconfig /release and renew)to still no avail. Oddly enough, my internet connection works great in the morning at this hotel but has this problem at night time. Are there any known issues with 7 or such a thing as a Windows 7 "unfriendly" wireless router? I don't have this problem at home on my Linksys wireless router. Works fine.
View 1 Replies
View Related
Jun 5, 2012
How do i stop ip conflicts when using 2 or more laptops on home network
View 1 Replies
View Related
Nov 25, 2012
I use a wireless laptop and a wireless printer with no problems until my lodger's friend comes and connects to the network. That is when I lose printer connection and sometimes get the IP address conflict message. Obviously something to do with his laptop wireless connection
View 1 Replies
View Related
May 15, 2011
Im trying to configure a 7204 for radius login authentication, although the router is also configured with radius for VPN access. How can I configure it for both using 2 different raidus servers? the login via radius is working fine on another router, although that one is not doing VPN access so there's no conflict.
My config:
aaa group server radius RADIUS_AUTH server x.x.3.11 auth-port 1645 acct-port 1646
aaa authentication login networkaccess group radius local
[Code]....
For some reason, this does not work. I cannot access the router and authenticate via x.x.3.11 radius server. I think there's a conflict between the VPN and the login authentication but im unsure how to resolve this.
View 3 Replies
View Related
Oct 18, 2011
I just bought a Samsung BD-D5300 Blu-ray player that allows a bunch of networking options including wireless and wired. I was using the wired option when I came across some conflicts with my network using a Linksys WRT350N v1. The Samsung conflicted with the Linksys's DHCP server. The blu-ray player turns off automatically when inactive. It was causing conflicts with my iPad 2, MacBook Pro and Motorola Atrix android phone whenever it got assigned an IP address. When I reset the router and my cable modem, it wasn't assigned an address for awhile, which fixed things, but as soon as it got an address again, it was caused conflicts by being seen as a LAN by my router. When it wasn't receiving an address, it got the automatic private IP address of 169.x.x.x. When I removed the connection with my router, the conflicts disappeared and my computers were able to access my wifi again.
View 1 Replies
View Related
Dec 25, 2011
I am having one router CISCO2911/K9 (Cisco 2911 w/3 GE,4 EHWIC,2 DSP,1 SM,256MB CF,512MB DRAM,IPB). But now my management asking me to upgrade this router as CISCO2911-SEC/K9.
What will be the BOM for this up gradation.
View 2 Replies
View Related
Apr 11, 2013
I have an issue with LMS not terminating SSH sessions on the Cisco ACE?
Cisco LMS 3.2
Cisco ACE A2(3.3)
View 1 Replies
View Related
Nov 19, 2012
What is the maximum allowed number of BGP sessions on Cisco platforms sup720 BXL and 7200 G2? Particulaty what are these numbers if BGP sessions are under MPLS vrf (i.e. maximum number of BGP session per vrf?).
View 2 Replies
View Related
Aug 28, 2011
the customer has a problem with LMS 3.2. This software doesn't terminate ssh sessions created by LMS on ACE. All ssh sessions still exist on ACE, so no new ssh session can be created until the administrator manually clear these session on ACE.
View 7 Replies
View Related
Apr 24, 2013
I've got a problem with an ASR1004 running "asr1000rp2-adventerprisek9.03.02.00.S.151-1.S.bin".
When I'm performing extended ping tests using a tclsh script i'm geting this error message:
ASR_X1A2#ping 172.27.1.250
% Authorization failed.
When i'm pinging 12 diffrent destinations this happens to about 3 of them.
Checking the logs I found this:
Apr 24 19:42:56.071: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection
In my entire backbone this is happening only in this equipment, I've checked the connection between my ASR and the TACACS and it's OK, no packet loss. CPU and MEM are OK too.
View 2 Replies
View Related
Apr 9, 2013
Cisco Works (LMS 3,2) is not closing SSH sessions to a Cisco ACE module, I see the following thread and tried the workaround to no avail.
[URL]
I have also seen the following caveat (CSCtz42393) but this seems to be LMS 4.x, would this be 4.x and below or do I need to find the equivalent LMS 3.2
View 7 Replies
View Related
Dec 15, 2010
Router is running with IOS 12.4(24T) and we are having problems like file download stalls, some emails not being send or received. CBAC is enabled on this router with default values. MTU is also the default value. This problem has started all of a sudden. seeing lot of errors in the logs as below:
Oct 27 16:47:52: %FW-6-DROP_PKT: Dropping smtp session X.X.X.X:4443 Y.Y.Y.Y:25 due to Stray Segment with ip ident 25800 tcpflags 0x5014 seq.no 288975356 ack 3363647737*Oct 27 16:48:31: %FW-6-DROP_PKT: Dropping http session X.X.X.X:2020 Y.Y.Y.Y:80 due to Stray Segment with ip ident 1472 tcpflags 0x5011 seq.no 2686554796 ack 4275837539
View 1 Replies
View Related
Aug 30, 2012
Earlier we had same problem with LMS 3.2
(RME-Admin-Config Management- Fetch Interval) from 180s 420s.
Now after LMS upgrade ( 4.2.2 ) the SSH sessions are stucked on ACE. We had not experienced it with 4.2.1
[code]....
View 4 Replies
View Related
Apr 5, 2011
while traversing through Cicso ASA Firewall 5520,VPN sessions are disconnecting.In Accelissts for VPN-Outbound traffic from LAN to Client VPN ,we have allowed all Ports.Is there any inspection Rules are cause for this issue. In ASA Firewall,presently the inspection rules are [code]
View 1 Replies
View Related
Jul 26, 2011
We are using ACS 5.1 in our network. We have created users and grouped them as per the requirements. We want to restrict the user sessions in the network. A user should authenticate and able to access a network resource. But when he is active with that session, we need to block him from another successful authentication. We want to avoid multiple users using same user credentials for logging into the devices. whether this can be achieved by making configuration changes in ACS.
View 2 Replies
View Related
Sep 11, 2011
I have the default license for a ASA 5505 and this last Friday I received the attached log for SSH sessions through this firewall; we want to be clear about this issue. This limitation has to be with the 10 Inside Host or the Total VPN Peers limitations in this license? This firewall exists only to agree with a PCI requirement between our router and a communication with a Payment Card Industry Brand, all of this in the same site.
ASA5505 <164>Sep 09 2011 10:42:08: %ASA-4-450001: Deny traffic for protocol 6 src DMZ:X.X.X.X/2479 dst DMZ1:X.X.X.X/22, licensed host limit of 10 exceeded.
I hope that the communications through 22 TCP port, are not countable for license propose.
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 3, DMZ Restricted
Inside Hosts : 10
Failover : Disabled
VPN-DES : Enabled
[code]....
View 1 Replies
View Related
May 9, 2013
I am curious of the max supported SIP sessionf of the SRP500 series.
View 1 Replies
View Related
Jan 1, 2013
I've looked at the forum posts and the document post, and I understand the explanations. My question is, under system administration>max user session global settings, would setting a timeout (say 1 hour) purge these sessions?
Under access policies, I am not enforcing max concurrent sessions per user, due to some of our devices using a generic log in. But if I understand the explanation, and my understanding might be wrong, then setting an expiry timeout should purge the accounting sessions, right?
View 4 Replies
View Related
