Cisco WAN :: 3560 / 2811 - NATing To Surf Some Of IPs
Feb 28, 2011
I am facing problem in my setup which includes cisco 3560 and cisco 2811 router.Actully I am ruuning BGP in 3560 l-3 switch.Some of the customers are connect to 3560 switch via 2811 router,all of those customer having same rate-limit.Some of the customers are directly terminated in 3560 switch where i configure vlans,all vlans has different rate-limitsPROBLEM:I need to do nating to surf some of the ips only for one customer on the 3560 switch.so i m using route-map using acl on switch and doing natting on router.Using route-map i m redirecting traffic to my routers loop back interface, where i m doing natting and send it back to the switch.
View 2 Replies
ADVERTISEMENT
Feb 26, 2012
what's the meaning of the output:
Interface Speed Local pair Pair length Remote pair Pair status
--------- ----- ---------- ------------------ ----------- --------------------
Gi0/40 100M Pair A 2 +/- 4 meters Pair A Normal
Pair B 2 +/- 4 meters Pair B Normal
Pair C 2 +/- 4 meters Pair C Short
Pair D 2 +/- 4 meters Pair D Short
From the command
test cable-diagnostics tdr int gi 0/40
It's normal?If not, then. the problem is on the cable or on one of the interfaces?The interface is connected between a fastethenert on a 2811 router and a 3560-48 switch.The cable is a straight through cat 5e cable. (I have changed several cables with same result).
View 4 Replies
View Related
Oct 19, 2011
I have just received 4 static ip's from my isp, i want to be able to point these ip's at different services on my internal servers, for example: [code]. The firewall I have is Cisco PIX 515, how to set the NATing up or commands?
View 1 Replies
View Related
Apr 9, 2013
I have a client with an ASA 5505 who has several networks he's trying to get communicating over a VPN tunnel with a remote office. One of the networks is not working because it's also in use on the management interface of the other side of the tunnel and neither side seems willing to re-IP their internal space.
Their proposed solution is to NAT the conflicting network on the firewall on this side to a different subnet before passing it across the tunnel. How do I implement a NAT that only the VPN tunnel uses while keeping the rest of the traffic that comes across this device un-NATted?The network in question is 192.168.0.0/24. Their desired NAT target is 172.16.0.0/24. ASA config is attached.
View 11 Replies
View Related
Jul 29, 2012
I am currently trying to apply a reverse NAT on asa 8.2 and not sure how to do this. I have done this on asdm 6.2 for asa 8.3 but the options are not simiar on 8.2. Is there a CLI equivelant?
I am trying to Achieve the object below for any traffic coming from outside interface to the inside interface with any source address to destination 10.X.X.58 then translate it so that it become 192.X.X.X to address 192.X.X.58. This is so that communications can traverse internal network as the server is not ona DMZ.
I have done this on 8.3 (shown below) but do not know if it is possible for 8.2, I have tried replicating the same command on 8.2 but commands are not recognised.
nat (outside,any) source static any 192.X.X.X destination static 10.X.X.X 192.X.X.58
Should I just upgrade to 8.3? never done it before so not sure of the consequences.
View 3 Replies
View Related
Jan 28, 2011
Problem with the PIX 525e while "NATING ".
View 3 Replies
View Related
Mar 18, 2011
Our ISP gave us a /30 for our external connection (with one IP being their side, and the other our firewall's outside int) and they then route a /28 down to us to give us 14 public IP addresses. Usually we use static NATs to give internal servers a public IP, and it works fine.
However, now I need to setup another VPN device with a public IP from our /28 pool. How the heck do I nat that? Should I give it's external int a private IP, and then NAT it at the first firewall? The 2nd firewall will be a VPN end point, and I'm afraid the NAT will break that.
View 9 Replies
View Related
Jan 9, 2012
I just migrated our office network router to a RV082. While configuring it, I came across three problems:
(1) From our ISP we have four public IP addresses which I want to make use of for outbound traffic. With the previous router we used we could configure LAN IPs(ranges) to map to static public IPs. Does RV082 support this? I could not find an option for that at the web-interface. From what I understand the 1-1 NATing only goes both incoming and outgoign ways and actually is 1-1 and not the many-to-one I am looking for.
(2) How is it possible to configure incoming port forwards to use a specific WAN interface? Will it always be the primary WAN interface?
(3) Does the telnet access provide more configuration options? I could not log in to it with the same user credentials as with the web-interface.
Serial Number : NKS1532xxxxFirmware Version : v4.0.4.02-tm (Jul 4 2011 13:30:56)PID VID : RV082 V03Firmware MD5 Checksum : 1f84d8d0a2a8b99f9bfa4409e64547aaLANWorking Mode : Gateway
View 0 Replies
View Related
Feb 19, 2011
We have a RA Vpn split_tunnel setup in one of our locations which is working fine in all areas except for traffic destinged for one specific website using https. This vendor only allows the HTTPS connections to them to come from certain outside IP addresses. ssentially it should work like this:RAVPN_client (10.4.4.0/27) --> https request to vendor_ip (208.x.x.x) ---> ASA55XX --> NAT_to_outside_ip --> https request to vendor_ip (208.x.x.x) need to understand how you would go about NATing ONLY this specific https traffic from the RA VPN while not having to alter the setup otherwise. Internal hosts (aka behind the ASA physically) do not have any issue getting to this site, as its nat'd to the outside ip address as we expect.Here is what we are using for the NAT Exemption list he 10.2.2.x, 192.168.100.x and 172.23.2.x are other remote sites that we have. RA VPN users are using the 10.4.4.0/27 do not have any issues connecting to them, no matter the protocol.
View 3 Replies
View Related
Oct 12, 2011
I have the following network connected and configured to a single Cisco 1800 router.
VLAN 2 (10.1.20.0/24)
|
int vlan2, ip address 10.1.20.1
|
Cisco 1800 ----- int fa0, public ip address ---- Internet
|
int vlan3, ip address 10.1.30.1
|
VLAN 3 (10.1.30.0/24)
VLAN 2 is server vlan with a webserver.
VLAN 3 is clients.
NAT configuration:
VLAN 2 and VLAN 3 is using NAT to access the internet, and both is configured as inside interfaces.fa0 is configured as outside interface. Now I don't know if this is about NAT, but I've tried several things without luck.
Problem:
A client in VLAN 3 tries to access a domain on the webserver in VLAN 2.It starts by sending a DNS query to a DNS server located at the ISP, and gets the ip address for the domain, which is of course a public ip address. Then nothing happens because the client tries to access the domain on the webserver using the public ip address, and the webserver have a local ip address 10.1.20.20 which is on the local LAN (VLAN 2).
I've tried NAT because I have to change the destination ip address, but I can't seem to get it right.
View 3 Replies
View Related
Dec 22, 2012
i have asa901-k8.bin" in my asa firewall and downlaod liecnce from cisco,now i dont know how to allow internet to my user.?
View 1 Replies
View Related
Jan 17, 2011
I have a Cisco 881 VPN Router (TX) which connects to the Concentrator at our corporate office (NY). The TX subnet is 10.16.x.x. The corporate subnet is 10.1.x.x, 10.2.x.x, 10.9.x.x.Right now, the 881 router is only used for VPN to corporate, but, I would like to use it our primary router. We have to ISP's, and I would like to allow traffic to come in on either interface to our internal LAN to a few servers.
LAN - 10.16.1.3 / 255.255.0.0 ISP1 - 175.15.110.242 / 255.255.255.240: Gateway: 175.15.110.254ISP2 - 211.106.234.114 255.255.255.240, Gateway: 211.106.234.113Required NAT / port forwarding:211.106.234.115 -> 10.16.9.104 /
[Code]....
View 1 Replies
View Related
Aug 15, 2011
CISCO ASA 5505
Interfaces:
OUTSIDE - 194.50.90.221 255.255.255.0 / security level 0
DMZ - 192.168.12.254 255.255.255.0 / security level 25
INSIDE - 192.168.0.6 255.255.255.0 / security level 50
Now, if I want to ping from the DMZ to INSIDE, I get an error message "no translation group found for icmp src DMZ: ...... dst: INSIDE...."
I fixed is by adding "NAT 0" onto the INSIDE interface so that packets originating from "INSIDE" that are destined for "DMZ" do not get NAT'd.
Now my question is, becasue these are all directly connected networks, how come the firewall does not route the packets, but tries to NAT them instead.
View 6 Replies
View Related
Apr 27, 2013
I have a doubt on how do nat 2 internal ip addresses to 1 public ip for FTP uses.
As I know Cisco ASA cannot use to nat 2 internal ips to 1 public ip as the ASA cannot read the host header. It there anyway to control it by using acl or network object group?
My current configuration for nat 1 internal ip to 1 public ip:
static (firewall-dmz,firewall-outside) tcp 210.19.xx.xx 21 172.16.101.11 21 netmask 255.255.255.255 dns
View 1 Replies
View Related
Sep 25, 2012
I have a DVR installed inside my network with local ip address 10.0.0.117/24 and i need to access it from the internet. there is a pix 515e (ios ver. 6.2) between the internet and my internal network. I've configured NAT from inside to outside to allow my internal clients to access the internet. but i need to allow external clients from the internet to access the DVR. I've tried to configure it on my pix but i found it doesn't have more options for nating like ASA.
is there any way to do that on pix and if so what the correct commands to do that.
View 6 Replies
View Related
May 22, 2013
I have Router 2800 series Global nating is configured on it.
ip nat inside source list 111 interface Dialer1 overload
!
access-list 111 deny ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 111 permit ip 192.168.1.0 0.0.0.255 any
My object is that i want give internet access only for few users ip E.g IPs addresses from range 192.168.1.0-10 can acess intenet access other all are deny.How i do this with ACL .
View 2 Replies
View Related
Jan 13, 2012
I have configured cisco 6509 to do nating and its not working. Static nat is perfectly working fine below is the config.
View 6 Replies
View Related
Jul 9, 2012
I have a Cisco ASA 5520 (Ver 8.2(4)) with all four interfaces in use (Public, Private, DMZ, Local offices) and an IPS module, so there are no spare interfaces. I have used all of Public IP's on the current interface for various services (these need one to one mapping, so I can't port map mainly due to SSL certificate issues) and I need to add another Public IP range. The secondary option on ASA interfaces does not exist as on routers/switches and I need to use an additional non contiguous IP address range for additional services advertised on the Public interface that are NAT'd to be servers in my DMZ.
I have seen an example of adding a static arp on the Private interface to allow a secondary gateway to be used for outbound traffic, but I need to allow 14 new IP addresses to be NAT'd from the Public to DMZ and possibly also for outbound NAT'ing (from either Private or DMZ to the Public). I have a L2 switch between the ISP router and the firewall, so using VLAN's is not an option unless the ISP can be persuaded (highly unlikey) to add the seondary IP's as a sub interface with tagging. Anyway if this was actioned then we would have a massive outage on our current IP range during the transistion.
View 3 Replies
View Related
Jun 3, 2012
I have an ASA5510 running version 8.2(5) I am having an issue with routing/natting from an internal network to the outside interface IP on port 443 which has a nat back in to another internal address. i works externally in from a public address. i also see log messages to do with IP Spoofing
View 1 Replies
View Related
Apr 12, 2011
I have instaled free vpn software from logmein hamishe but do not know how to surf internet.
View 1 Replies
View Related
Dec 2, 2012
I woke up this morning to find that I cannot surf the web anymore. I was able to last night just fine. My set up is this: Verizon Fios router(192.168.1.1)> Netgear gigabit switch> SMC router smcwbr14s-n3 (192.168.1.201) the Fios router is has a build in wireless but is in another building and i am not within range of it. I have a cat 5 cable that run between 2 house's... the cable comes into my house and into my switch then to my SMC router (smcwbr14s-n3 ) that is running in bridged mode to function as an AP. I can connect to a lan port on the switch or router and connect to the web (im currently in a lan port now.) Here's the thing, I can still connect to the wireless, it's just so slow (1Mbs -6Mbs)that i am unable to get anywhere... I do have security setup (WPA2) an im going to kill that to see if it resolves the issue... but it has been working fine with the current security setting for the last 5 months, so i dont really thing that is the issue.
View 3 Replies
View Related
Jan 26, 2012
my TWC connection and I can surf the net everywhere but when he takes it to his home and connects through his DSL he can pull up Google and can even search through Google but he cannot go to yahoo.com or Aol.com. Malwarebytes comes up with no infected files. I did a restore and the same problem. I did a recover! And same problem. I pulled up a Cmd window and run an ipconfig. I am used to seeing a 192.168.x.x address but on his I get a 10,x,x,x number.
View 5 Replies
View Related
Aug 26, 2011
I set up my D-Link DIR601 and set the password for the internet, though I can't surf on the internet. but I can connect, like it says im connected but it won't allow to surf.
View 1 Replies
View Related
Apr 10, 2012
I can be connected to the internet (i.e. surfing, emailing) and suddenly loose my connection. I can then ping sites but not be able to access via IE or Firefox. I am running Windows 7 Home Premium and Norton. I have had the problem on multiple networks. I have DSL at home and connect wireless to the network. When this occurs my wired machines still work fine.
View 3 Replies
View Related
May 16, 2011
I have windows xp on sony laptop. I use dial-up, cricket broadband and wifi. When on wifi I can surf. I cant cannot get off the homepage nor change it when I connect to my cricket broadband. Cant surf because it keeps going to Crickets homepage and when closing or opening another window, it will revert back to cricket and it keeps changing homepage
View 1 Replies
View Related
Apr 7, 2011
I have a Asus EEE PC 900 laptop running Windows XP Home. I DO NOT use a modem or router. I connect wireless to someones network (which of course i dont know who it is or how far it is from me) I connect to a Linksys unsecured network. I get good to very good (some times excellent connection from it) The name of my adapter is: Atheros AR5007EG wireless network adapter.Two days ago i was on the internet, and all of a sudden i Lost service ( usually when this happens i wait it out and it comes back)But it hasn't.So I'm checking through my settings and i noticed that im sending way more network packets than receiving. Last i checked it was around 40,000 sent and 5 received. So I wait and wait and wait and the most packets it would go up to is 90 while as sending is still in the thousands.It also says im successfully connected with good to very good connection status (but yet i cannot surf the web because i do not have enough network packets)
I tried different locations in my house (that didnt work)I uninstall and reinstalled my network adaptor (that didnt work)I turned off and on the wireless switch(that didn't work). Im wondering if this has something to do with my laptop or the other persons network? how can I increase the received network packets?
View 2 Replies
View Related
Dec 15, 2011
I'm having trouble getting any web browser to work/recognize my connection. I've confirmed that I am indeed connected to the internet (I know this because, for example, I have no problem at all downloading games via Steam). For some reason, though, when it comes to surfing the web using a browser it's as if I'm not connected (even Steam can't load the Store page, I can only download games via the Library).I moved an infection a week or two ago, and I suspect it altered something that is causing this issue. I did get some advice to open the browser and go to Tools>Internet Options>Connections>Lan Settings and make sure "Automatically detect settings" was checked, and "Use proxy server for your LAN" was not checked.I did this, and in fact "Use proxy server" WAS checked while Automatically detect settings" WAS NOT checked.
View 19 Replies
View Related
Oct 5, 2012
I cant surf the net on my Galaxy S2 through my home wifi connection but I can access files on my phone through Kies Air wirelessly from it. How do I fix this?
View 10 Replies
View Related
Sep 23, 2011
I set up my linksys wireless router as I have before. I am using Verizon PPOE DSL with modem in bridge mode I am online in that I receive email in outlook and can use IM. However I can't surf to any web page. All the troubleshooting I have done has come up short. I can ping yahoo, my dns, gateway, and local ip.
View 18 Replies
View Related
Apr 4, 2010
: Saved
:
ASA Version 7.2(4)
!
hostname ciscoasa
domain-name default.domain.invalid
enable password EhxQ5dBfvkyaUj52 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 192.168.10.8 W2K3-X32-SP
[code]....
I have a problem with a dmz vlan. I can´t surf over internet on a remote host.The dmz vlan links with remote network on host 192.168.20.3 .
INSIDE (192.168.10.0) -------------- Outside (88.88.88.0) -------------- DMZ (192.168.20.0)
^
|---------- Remote network (192.168.9.0)
View 8 Replies
View Related
Jun 19, 2012
this is weird my laptop DV67000 HP running vista ,suddenly stops connecting to any sort of webpage.funny thing is my other programs like MSN can with no problem.my desktop can surf no problem.i noticed that i loose internet connection when i surf too then i diagnose. It reports thats there is nothing wrong. this is puzzling me this only happened 3days ago i have done scans on my hole computer and even tried defraggler.oh i use firefox and Internet Explorer .
View 3 Replies
View Related
Jan 29, 2011
this has been a new developing problem i have been having it its starting to be a pain in the you know what. Recently i have been losing connection off the network countless times a day then to have problems getting back online. I have a Belkin Surf and Share Wireless N router that was working perfectly. i have a laptop sitting next to me that doesnt go offline when i do. Seems like im the only person in the house hold experiencing problems. I even tried a different wireless card and still have the same issue. im clueless on what to do. i tried flushing my DNS several times. I have a connection of only .30 mbsp from this issue as well.
View 1 Replies
View Related
Jul 8, 2011
I am experiencing a great inconvenience with my relatively new Belkin Surf+ N300 wireless ADSL router.I am confident that the router has been doing this since I got it, however I have not noticed until now. Whenever I try to access a URL with the word "router" anywhere in it (e.g url...) it will take me to my router's settings page (usually comes up when the router's LAN IP is entered)Yes this is very handy if you don't know the LAN IP, or are less skilled in router management, however if, like in my case, you like to access websites with "router" in their URL, you have a serious problem. I have tried factory resets, and have scoured through the settings of the router but have been so far unsuccessful.
View 4 Replies
View Related
