Cisco WAN :: 3640 IP NAT Forward 443 ASA VPN
Apr 1, 2013
when dealing with NATing with port fowarding from a specific IP range on the outside to a inside IP address. Here is what I have now:Cisco 3640 WAN Router: [code]
which ofcouurse did not work and ASA did not respond to 443 on either Anyconnect or HTTPS. Nothing showing in"show ip nat translations" for the incoming traffic from “ip nat outside source static tcp 15.236.10.0 192.168.4.2” and “ip nat inside source static tcp 192.168.4.2 15.236.10.0”
View 1 Replies
ADVERTISEMENT
Feb 25, 2013
I'm looking to upgrade the iOS on a Cisco 3640 to the last supported level, 12.4.25, and then see what I can make it do.
I'm understanding that the only way to acquire a legitimate copy of the appropriate iOS version is to pay for a service contract, even though I won't need any other service provided for it.
View 3 Replies
View Related
Oct 24, 2012
We have a location that currently has one frame T1 and 4 point-to-point T1s. We are looking at adding a second frame T1 to be bonded with the first. Currently, we have an old 3640 router, so I am thinking this would be a good time for an upgrade. Cost is a concern, so I am hoping to buy something refurbished that is newer than what we have now but is not going to cost a ton as buying new would. My thought is either a 2821 or 2921 with 2 HWIC-4T1/E1. I am not familiar with this HWIC just wanting to make sure this a good solution for our situation.
View 8 Replies
View Related
Feb 8, 2012
I have two routers I am trying to connect via the WIC-2T port. I can ping from router to router, but not from my PC (192.168.2.122) to the 3745 (10.0.1.3)..
3640:
Current configuration : 1846 bytes
!
version 12.2
[Code].....
View 15 Replies
View Related
Jul 19, 2011
how many NM-32A or NM-16A module can be installed on 3745 and 3640 routers?
View 1 Replies
View Related
Jun 27, 2011
i have a cisco 3640 router that i have deleted the image without saving and the router is in ROMM mode i wish to use tftp to download the image
View 2 Replies
View Related
Apr 28, 2013
I'm using 3640 router running on c3640-js-mz.124-25d.bin IOS. I'm using NM-1A-OC3SML= (ATM OC3, long reach single mode) interface card. Now my pc is connected an fast ethernet interface of the router. Need to know the ATM configuration on this cisco 3640 router in order to achieve the ATM over ethernet traffic get success. As of now i've confugred as below but it's not working it seems.
interface ATM2/0
bandwidth 120000
ip address 10.2.2.1 255.255.255.0
no atm ilmi-keepalive
pvc 0/36
protocol ip 10.2.2.10 broadcast
cbr 70000
encapsulation aal5mux ip
let me know the correct encapsulation type for the connectivity.
View 2 Replies
View Related
May 4, 2011
I have a NM-4A/S serial network module which I suspect is having problem on a Cisco 3640 router. Is there a way which I can test the async ports out without connecting to any other devices? [code]
View 2 Replies
View Related
May 13, 2012
i have configured a cisco router with the following configuration to practice obtaining certificates from a microsoft 2008 server configured as a stand alone CA.this part works okay but what i am trying to do next is giving me a headachei am trying to delete the identity certificate but am having no luck whatsoever
interface FastEthernet0/0ip address 192.168.2.1 255.255.255.0ip nat outsideno shut
interface FastEthernet0/1ip address 192.168.1.1 255.255.255.0ip nat insideno shut
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255access-list 102 permit ip 192.168.1.0 0.0.0.255 any
[code].....
i entered the following commands on the router to delete the certificatebut as you can see its telling me the certificate dosn't exist(this method of deleting the cert has come from Richard Deals complete cisco vpn configuration guide) 3Purley(config)#crypto ca certificate chain PurleyPurley(config-cert-chain)#no certificate 61E0446A000000000002% Certificate not found.ps the router is a 3640 running c3640-jk9o3s-mz.124-7.bin
View 1 Replies
View Related
May 14, 2011
I have been confronted with an issue recently with two of my 3640 series router reloading endlessly.Initially i thought it could be a matter of MEM not well seated, but unfortunately it wasn't the problem.i have attached the gibberish produced when these routers are booted up.Be informed as well that these devices are loaded with max MEM.
View 1 Replies
View Related
Oct 17, 2011
i have 2 x T1 terminating on border router cisco 3640 route. (configured using multilink interface). Our IP block is routed on this bundled T1 circuits by At&T. I want more internet bandwidth.
1. Can i connect my DSL (on ethernet interface and using static DSL IP) on the same router and confgure two static routes to internet - one to multilink interface and other to ethernet interface (connected to DSL) ?
2. I have many servers using static NAT to external IPs which are routed on T1 circuits. Will it get into issues when communicating to outside? [for example my exchange server, websites etc?
View 6 Replies
View Related
May 23, 2013
I have a Cisco 3640 router with IOS v.12.3(16) It does not recognize the crypto commands.
#sh version Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3640-I-M), Version 12.3(16), RELEASE SOFTWARE (fc4) Technical Support: [URL] Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Tue 23-Aug-05 20:03 by ssearch Image text-base: 0x60008B00, data-base: 0x60D36000
ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) ROM: 3600 Software (C3640-I-M), Version 12.3(16), RELEASE SOFTWARE (fc4)
router01 uptime is 3 hours, 43 minutes System returned to ROM by power-on System image file is "flash:c3640-i-mz.123-16.bin"
[code]....
View 5 Replies
View Related
Sep 23, 2012
The Cisco 3600 series (3640) is hanged during booting proccess, the IOS is decompressed, but after some text it hanges and I even cannot go to user exec. ROMmon and bypassing the config setting, but the result is still the same.
View 5 Replies
View Related
Mar 21, 2013
I got this 3640, trying to apply a service-policy (output and input), but seems like I do it something wrong...because he only apply the output policy... here the config, I already try to config the service police inside the fa0/0, but is not showed at all, he only show the output, its like I never apply that
View 1 Replies
View Related
Apr 8, 2013
I got some unexpected System crash, and this happens to 2 different routers on the same network.. (We suffer a Crash and change the router, happens the same to the new router after some time, maybe 40 minutes!!)
Here is the last console report for the new router....
%Software-forced reload
Preparing to dump core...
4w1d: %SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IP NAT Age
[Code]....
View 3 Replies
View Related
Nov 1, 2011
We have a Cisco 3640 router running c3640-is-mz.123-3g.bin Switching ports are devided into several VLans. Each VLan has its own IP subnet. We can't ping IP address X in subnet A from subnet B unless we log into the router and ping it from there first. (and then the IP address will show up in "show ip arp" command. Then we can ping X in subnet A from subnet B, and browse web on device X from subnet B, etc. )
View 6 Replies
View Related
May 10, 2011
So apparently the 3600 series do not support the tftpdnld to upgrade your ISO when you upgrade your flash. You have to use the Xmodem transfer as described here: Xmodem Console Download Procedure Using ROMmon [URL]. everything is going great but it is going to take another 3 hours.
Now when i installed the new flash at bootup it said the "device does not contain a valid magic number" now that is just because the flash is not formatting correctly and downloading the new flash file automatically formats the flash setup?
View 18 Replies
View Related
Oct 1, 2012
i am running c3640-is-mz.124-21.bin on a cisco router 3640. i am trying to create a monitor session in the CLI and everytime i type the command Router(config)#monitor session 1 interface ethernet2/1 % Invalid input detected at '^' marker. Router(config)#monitor session 1 interface ethernet2/1 ^% Invalid input detected at '^' marker. i get the error invalid input ?
View 10 Replies
View Related
Feb 8, 2011
I have a 3640 router with 4 Fast Ethernet Network Modules (1fe-tx, 1fe2w & 2fe2w-v2) and a Catalyst 2912 switch. I can not acheive a link between the 2 devices. All four will not get a link light and the interface(s) show no errors. If I plug the Router nic into virtually any other switch or workstation it works flawlessly. I put a switch between the catalyst and the 3640 and it works without error.
Steps I have tried...
1. Configure interfaces on both Switch and Router to Auto Speed, Auto Duplex2. Configure interfaces on both Switch and Router to speed 100, Full Duplex3. Try Both Crossover and Straight-Through verified working cables.4. Tried a second 2912xl-en switch
Both 2912 switches are factory defaulted, other then the changes I made to the speed and duplex to try to get them connected.Both the router and switches have been doing other functions (seperatlly) within our network for years?So my question is...Why is the NICs in the router compatible with every other vendor other than CISCO?
View 5 Replies
View Related
Dec 6, 2011
So I have 2 routers (cisco 3640) that each go to their own ISP and then back to the same switch. I have setup ospf and glbp, and now have pretty good redundancy. If either internet connection or routers go down everything is still golden.
So I was thinking that if an interface went down then the router would not be load balanced with glbp which got me thinking whats the best way to get interface redundancy (and I was going to add a 2nd switch with the second interface).
1) Setup BVI on the 2 interfaces.
2) Setup a 2nd interfaces (on each router), I would have to split the subnet, for instance: [code]then the machines could be on the subnet 192.168.0. 0/23 and setup glbp for 1 ip across all 4 interfaces (I'm not even sure if you can do this but think it would work).
3) Is there a way to utilize etherchannel or anything like this
A negative to option 2 would be that if 1 of the interfaces went down, all the sudden 2/3 (or so) of your traffic would be going through 1 router.
View 5 Replies
View Related
Feb 5, 2012
How to configure my serial modules on my 2600 and 3640? Each router has the WIC-2T with two cables connecting them. I tried to ping one router from the other, but no luck. Serial IP address I just made up, this is my home lab, so if I messed those up some how,
Here is the running config for each rotuer:
2610:
Current configuration : 1071 bytes
!
version 12.3
[Code]...
View 22 Replies
View Related
Dec 28, 2011
I have two routers at our core data center, a 3845 and a 3640. These are configured with GLBP. There are 4 remote sites:
Site #1: One T1 link to the 3825
Site #2: One T1 link to the 3825, and One T1 link to the 3640
Site #3: One T1 link to the 3825, and One T1 link to the 3640
Site #4: One fractional T1 link to the 3825, and One T1 link to the 3640.
My question regards site #4. If i understand correctly, GLBP works on the premise of "host" balancing, and not true "load" balancing. The reason I ask is that the large majority of our WAN traffic is from our Exchange server to our remote sites. In the case of site #4, our exchange server is sending traffic on the fractional T1. Is there any way with GLBP to either split this traffic from a particular host across two links in a round-robin fashion, but leave other hosts to travel wherever the router sends them, or, to force at least our exchange server to use the full T1, rather than the fractional?
I've read up on the weighting mechanism, and it appears that tracking an interface has nothing to do with bandwidth use. If I understand correctly, if I were to track the Site #4 PPP to the 3640, and give a weight of 10 to glbp on there, it would really only take affect if the interface is down. It will have nothing to do with host AVF election.For the record, exchange traffic is constant to this site, so there is no chance for the host connection to reset and potentially elect to use the larger pipe. I would like to "tweak" this to make better use of available bandwidth.
View 2 Replies
View Related
Jun 25, 2012
I have the cisco 3640 with IOS Version 12.2(46) , and it with DRAM:32M , Flash:8M.What IOS version can support IPv6 RIP in the hardware limit?
View 3 Replies
View Related
Jul 11, 2011
My cisco 837 is connected to a ADSL Router by Ethernet Cable. I have forwarded the telnet port from my ADSL Router to the LAN IP of the Cisco Router so that i can connect to it Remotely but it is not working. I am able to telnet internally but from Internet it is not working. I am not using Cisco Router for ADSL Connectivity.
View 5 Replies
View Related
Jan 2, 2011
I have just purchased a nas drive. I want to be able to access my files from anywhere. I believe if i setup FTP i can view the files over the web. from what i have been told i need to forward port 21 to the ip address of the nas drive.
View 6 Replies
View Related
Jul 4, 2011
ASA5510 configuration, I would like to know if it is possible (and how) to forward traffic received on WAN port of the first ASA to the server in LAN on the other side of VPN tunnel:
Internet (IP 85.128.50.x) – ASA5510 (192.168.1.x) – VPN tunnel – ASA5510 – LAN (172.16.71.x)
I need to have IP 85.128.50.50 redirected to 172.16.71.15 through VPN?
View 1 Replies
View Related
Jul 21, 2011
I purchased a Cisco 851 Router for the reliablity, but the process to manage the router to port forward a IP address for a internet camera ... I'm lost. I will try the forums, versus paying a $400 dollar fee for support.
What is the process to have an internal IP address for my outdoor network camera visiable for WWW? How do I port forward 10.10.10.40 How do I assign a static IP to this outdoor network camera?
I can access the Cisco SDM Express V2.5
View 17 Replies
View Related
May 14, 2012
I've just bought a Cisco 887m-k9 and I am trying to forward the ports. I have a Polycom HDX H.323 device connected to it with a static IP of 10.10.10.5 (ethernet port 0).Previously I had a consumer grade Linksys router which worked fine (I simply entered ports into the GUI), but I couldn't hardcode LAN port speed so I bought this. I have the list of TCP and UDP ports which are forwarded using the following commands:
ip nat pool Polycom 10.10.10.5 10.10.10.5 netmask 255.255.255.0 type rotary
ip nat inside source static tcp 10.10.10.5 80 88.xxx.xxx.49 80 extendable
ip nat inside source static tcp 10.10.10.5 443 88.xxx.xxx.49 443 extendable
ip nat inside source static tcp 10.10.10.5 1300 88.xxx.xxx.49 1300 extendable
[code]....
Where 88.xx.xx.49 is my static IP, while 77.xx.xx.170 is my default gateway.
View 1 Replies
View Related
Sep 20, 2011
I always seem to have problems when trying to configure port forwarding on cisco routers. I've even tried the instructions I have for a cisco 1811, but no luck. I have a cisco 871 and a computer that has VNC installed on it. I want to be able to access that computer from out side the network using the external ip address and port 5950. People outside the network will be able to open vnc viewer and type in *external ip address*:5950 and it will be directed to the computer with a static internal ip address of 10.12.0.10. What commands do I use to do this?
View 4 Replies
View Related
Oct 19, 2011
I'm trying to forward a site (ex: facebook) to another ip address or site (on another computer). Just wondering if it's possible by editing settings in the router (I do not have access to the 2nd computer but it is on the network).
View 5 Replies
View Related
Oct 15, 2012
What the most cost and time effective way to have an ip request return with another ip address from outside the WAN of the router.Specifically want to have an application request for example 192.168.1.121 and have 173.194.43.41 respond and communicate with the application instead. To make it a bit more interesting I'd like actually to set a table or config file to point to a domain name (url) which gets resolved as an ip address. (Port independent)To get a better understanding:one example might be typing in 192.168.1.121 in a browser and googles search engine comes up on the browser.another example might be typing in 192.168.1.121 in an ftp client and it hooks to an ftp server on the other side of the world which resolves to [URL]. I was looking at openwrt and tomato a little but I don't think I have such a complete grasp on how to do it in general. Being that it seems they are 2 different layers of the network model, I was told it can't be done but I don't know if I can believe that yet. Either by third party software or reprogramming the router or adding another device to the network.
View 3 Replies
View Related
Jan 8, 2012
I had a DI 604 router and I couldn't forward ports, someone told me to buy a new router because my modem (TM602G) doesn't have a built-in router and can't be blocking it so I bought a DIR 601 with wireless and I still have the problem.I don't have any firewalls.
View 19 Replies
View Related
Apr 3, 2012
A fair while ago I setup a transparent proxy server running Opensuse (think it was version 10.2), it worked perfectly, cached the http traffic and still allowed https, and other services to be accessed. However the drive in it died so its being setup again.I've got squid running transparently just fine, but I can't get the other services to forward through IP tables.. I know i can't cache HTTP - and nor do I want to. I thought from memory that I had the default option for the sections in iptables to "ACCEPT", and just had rules to redirect the http traffic to squid. However that's exactly what I've got now - and I can't access anything other than port 80.I have Google it and i'm getting so many varied responses people telling saying it can't be done, others saying you have to add a rule for every other port.
View 1 Replies
View Related
