Cisco WAN :: 3900 Router - Traffic Not Flowing
Jun 13, 2013
i have a gateway router going to the internet....using public IP addresses on both interfaces. starting on Monday, traffic would suddenly stop flowing from the inside of the network going out, though i can still ping the outside interface , but when I log in to the router I am able to ping to the internet. so its like traffic is not passing from the outside int to the inside int. I have a 3900 router. other thing is, when i restart the router it will work for some time and then just stop again....
View 6 Replies
ADVERTISEMENT
Jan 11, 2013
I recently upgraded from a Cisco 3900 series router to a Cisco ASR1k router. Since the upgrade, I have internal clients who claim they cannot connect to external VPNs. These internal clients are behind a NAT that routes a public IP address to a group of clients with private IP addresses.
How can I ensure that all VPN traffic is able to pass through the NAT?
View 2 Replies
View Related
Jun 7, 2011
im attempting to setup a L2L VPN between an 1841 and an NSA 2400, via the SDM.The Tunnel comes up, and when I test connectivity it shows as being successful, but I do get an error stating:-
"A ping with data size of this VPN interface MTU size and 'Do not Fragment' bit set to the other end VPN device is failing. This may happen if there is a lesser MTU network which drops the 'Do not fragment' packets."
From my reading this shouldnt cause all traffic to drop though, right?
Currently I cannot ping or telnet to services from one end of the tunnel to the other. I was able to ping momentarily from the Sonicwall end at one point, but this disappeared shortly afterwards (without my changing anything regarding the config).
All of the ACLs created were populated through the SDM.
View 3 Replies
View Related
Mar 27, 2011
I'm currently using ASA 5510 with software 8.4.1 and I have an issue with nat configuration. I used the following config line:nat (inside, dmz) source dynamic LAN Pat1 destination Server1 Server1
The traffic is not flowing and when I use Packet Tracer, packets are dropped at the NAT rule with the following error: Drop-reason: (acl-drop) Flow is denied by configured rule.The only ACE I have is permit ip any any.
View 2 Replies
View Related
Jul 12, 2011
I have manually configured the Firewall ASA 5510 from existing PIX to match the configuration, however when I connect the firewall to the Network, no traffic is flowing in either direction. I have the Inside network on the 172.29.0.0 subnet and the outside network on 20.2.0.0 subnet. I am attaching the cofiguration file.
View 4 Replies
View Related
Aug 20, 2012
I've got an ASA 5505 with the Security Plus license that I'm trying to configure.
So far I have setup NATing on two VLANs, one called 16jda (VLAN 16 - 10.16.2.0/24) and one called 16jdc (VLAN 11 - 10.105.11.0/24).
From each subnet I am able to connect to the internet, but I need these subnets to also be able to talk to each other.
I have each VLAN interface at security level 100 and enabled "same-security-traffic permit inter-interface", and I have setup static NAT mappings between the two subnets, but they still can't communicate.
When I try to ping there is no reply and the only log message is: 6 Aug 21 2012 09:00:54 302020 10.16.2.10 23336 10.105.11.6 0 Built inbound ICMP connection for faddr 10.16.2.10/23336 gaddr 10.105.11.6/0 laddr 10.105.11.6/0
View 11 Replies
View Related
Oct 4, 2011
We have 3560 switch with following IOS. version 12.2(55)SE3 and image name is C3560-IPSERVICESK9-M. On one of the interface we need to know what are traffic is flowing.
Do we have "ip nbar or ip route-cache" support on this switch IOS? Is there any other way to find out which protocol traffic is flowing through that interface.
View 1 Replies
View Related
May 7, 2012
I have configured multicast(ip pim dense-mode) on two 2911 that are connected by a Multilink( 3 Mbps) Wan connection.The configuration works fine for awhile and sometimes all day but at some point one of the Multilink interfaces stops passing multicast traffic.I perform a SH Multilink 1 on the interfaces and one show multicast packets incrementing and one does not, it just stops.The problem acts like there is a buffer that gets full and after that happens it just stops working.
View 2 Replies
View Related
Jun 3, 2013
I have two 1841's, setting up a Lab WAN in Packet Tracer. I have one of the 1841's run to a DSL modem, then out to the cloud and the same setup on the other end... from the cloud to the DSL modem and to the 1841 on that end... I have all green lights, so that tells me layer 2 is up, but I'm trying to figure out
what IP to assign the routers to test pinging and getting traffic flowing. but the DSL Modem's have the public IP's and dynamically assign an IP to the routers? I've also tried setting up a static IP on the routers fa0/0 interfaces and the pings fail.. Wondering what I am missing to get these two talking.
View 2 Replies
View Related
Jan 16, 2013
We are in the process of rolling out iPads to our offices. As part of this implementation, we need to print from the iPads to our network printers. Our network printers are mostly HP and Xerox and do not have native Apple AirPrint capabilities. As such, we have been using the FingerPrint software to share out the network printers as Apple AirPrint printers. We have a mixture of switches at our offices. Most offices utilize a 3550 PoE switch. In these offices the AirPrint traffic is being transferred successfully and everything works great. In the offices which are using 3560 PoE switches, the traffic is never seen at the iPads. We are using EnGenius EAP300 access points connected into the Cisco switches to provide wireless access to the iPads. Both 3550 and 3560 switches are running iOS 12.2(25). What might be stopping/blocking the AirPrint traffic on the 3560 switches?
View 3 Replies
View Related
May 28, 2013
I am in search of a 1 Gig Ethernet WAN module for 2900, 3900 series router.I want to terminate 230mbps link on this module.I found EHWIC-1GE-SFP-CU option but as per service provider it will not support to 230mbps link.
View 3 Replies
View Related
Dec 12, 2010
Am trying to do a dynamic configuration of a 3900 series router (3925 to be precise).For the software and licenses, under the IOS technology Package Licenses, what's the significant of SL-39-DATA-K9 and SL-39-SECNPE-K9? Are they really necessary for the router?
View 3 Replies
View Related
Oct 24, 2011
I am looking for the procedure of the router 3900 series failover. I have got two 3900 series router with the same ISO and other interface cards. What are the main things that I should watch ? Does the standby router takes the same ip of active router if the active router fails ? How should I configure it.
View 1 Replies
View Related
Dec 17, 2011
I would like to configure the policy base routing (PBR) on router (3900) base on the "specific tcp port" (TCP port 16255) to re-direct the traffic to another FE port.
From cisco web portal, CAT 4500 should support PBR as below:"Policies can be based on IP address, port numbers, or protocols. For a simple policy, use any one of these descriptors; for a complicated policy, use all of them." url...
Does 3900 router has the same features on the PBR? if yes, can it support "source tcp port" and/or "destination TCP port"?
View 2 Replies
View Related
Sep 26, 2012
Transitioning from 3825 to 3945 (OS is 15.0(1r)M13 c3900-universalk9-mz.SPA.151-4.m4). Turning on FDL on the 3825 was easy but the same command on the 3945 doesn't work.
View 3 Replies
View Related
Feb 6, 2013
Can the 3900 series router be ordered or upgraded to a license with advances enterprise services? I have a few of these routers and I'm looking to get the license upgraded if possible.
View 1 Replies
View Related
May 9, 2013
My Cisco 3900 router is not taking the no auto summary command?
View 5 Replies
View Related
Oct 30, 2011
Is there a router (1900-3900 series router) that will support a 100FX fiber connection. We use to use 2800-3800 and 2600-3700 series routers with FX fiber interface now these routers are no longer available and our need for 100Mbps FX is still a requirement.
View 3 Replies
View Related
Jan 29, 2011
Is RTP port open indicates that rtp is flowing in the network.
View 2 Replies
View Related
May 28, 2011
using task manager in XP it is clear that while browsing data is being uploaded mirroring the data downloaded..ie in a given period if 18mB comes downstream (just surfing) then 11mB goes upstream. The graph in task manager shows that the peaks and troughs of the data upstream and downstream exactly correspond and watching the bytes tick over confirms that data goes out for every data coming in.I assume that this should not happen? I realise ip protocols have some kind of error detection that may require uploading data, but the amount sent seems excessive! From my limited understanding of networking and running wireshark it looks like that when packets come from an ip on the web ( i use the terms web/internet interchangeably ) then packets are sent out to the same ip ... using TCP and HTTP ( I don't really understand them ). The info for one such packet going out is "Continuation or non-HTTP traffic" using the HTTP protocol, which sounds a bit contradictory. I regularly run virus scans and rarely find anything. The cpu regularly maxes out and its usually something to do with firefox ( I've heard of buffer overflows but i assume the problem is a relatively old processor and hardware).The browser is firefox. OS is XP.Coincidentally, the pc was recently rebooting after crashing until I disabled "restart on system failure" which prevented the crashes ( if they were crashes and not just the system reacting to an error ). Again, that is a bit suspicious but maybe not. Spybot, bit defender quickscan,avira, zone alarm, malwarebytes etc haven't flagged anything up.Maybe the router is not configured properly. As with all these things, there will be some simpler things to start with to diagnose this issue (if there is one ) but I don't know what they are.The pc uses wifi to connect. The isp is not the best and the speed is pretty bad for adsl. Every couple of days the router needs rebooting because it stops giving out ip's.
View 6 Replies
View Related
Jul 2, 2011
I have a HQ with two branches, the HQ contains one 3900 ISR router with two WAN connections, the two branche sites each one contains one 2900 ISR wth two WAN connections for each router.
i need to establish a site to site vpn with GRE between the HQ and the two branches, so is it possible to
1-for HQ: i need to configure site to site VPN to the branches using the both WAN connections on the HQ Router like if one site to site vpn is down the other one will be on and works as High Availabilty.
2- same for the branch offices i want use both wan connections with HA in site to site vpn to the HQ.
3-using GRE for routing after configuring IPSEC VPN.
View 1 Replies
View Related
Dec 26, 2011
I have some simple rules on 2 extended lists:ip access-list extended FWINpermit tcp any host 192.36.86.231 eq ftp-data ftp 22 www 443 516 666 671 672 2222permit tcp any host 192.36.86.231 eq 4500 8008 8443permit tcp any host 192.36.86.231 range 5900 5950permit tcp any host 192.36.86.231 range 33434 33550permit tcp any host 192.36.86.241 eq ftp-data ftp 22 www 1935 2195 3306 8888permit tcp any host 192.36.86.241 range 8080 8090permit tcp any host 192.36.86.241 range 33434 33550ip access-list extended FWOUTpermit tcp host 192.36.86.231 any eq ftp-data ftp 22 www 443 516 666 671 672 2222permit tcp host 192.36.86.231 any eq 4500 8008 8443permit tcp host 192.36.86.231 any range 5900 5950,The issue is that 192.36.86.231 can access internet, and 192.36.86.241 can not.Is there a way to troubleshoot 192.36.86.241's connection/packets flow?
View 1 Replies
View Related
Oct 9, 2012
Wat will be the default memory and hard disk for SM-SRE-710-K9 and wat will be the maximum support for this module.
View 1 Replies
View Related
Jun 20, 2012
provide my some (official) info regarding the MBTF for the C2900 and C3900 routers (2911 and 3945)? This info is currently not part of the data sheets.
View 0 Replies
View Related
May 8, 2011
On my 3900 Router my port seen to be shutting themselves off, they are connected antenna.
View 2 Replies
View Related
Jan 29, 2011
The datasheets indicate that the 39xx series ISR G2 routers support AES, but they don't indicate if they handle both AES128 and AES256 in hardware. Via our account manager, we've heard that they only support AES128 in hardware, but not AES256. Given there's no equivalent of an AIM-VPN/SSL-3 module for a 39xx router, this could be a problem for a deployment we're looking at doing.
I can find no document anywhere on cisco.com that confirms that AES256 specifically is supported IN HARDWARE on, say, a 3945E router.
And, if it is supported, are there any performance numbers available for throughput? We're trying to find out if a 3945E is appropriate, or if we need to go with a 7206VXR w/NPE-G2 and VAM2+ module.
View 3 Replies
View Related
Apr 6, 2011
I just replaced 2800 router this did not have a VPN hardware accelerator with a 3925 that does have a VPN accelerator built in. I copied the same VPN (ISPEC/ISAKMP) config from the 2800 to the 3925 and it works. Is there something special I have to do to enable the hardware acceleration or is it automatically used for every VPN session?
View 1 Replies
View Related
Mar 12, 2013
I have a cisco 3900 integrated services router. I am a little new to the cisco IOS. I am having an issue getting my LAN network to communicate with the WAN gateway. From hosts I can ping the interface IP address but not the gateway. I have used the default route command of IP route 0.0.0.0 0.0.0.0 [wan gateway from ISP] I have already set up NAT, DHCP, I just cant seem to get the internet working, the following is my config.
Code...
View 9 Replies
View Related
Jun 10, 2013
i have a cisco router (3900 series) and a add on module (4 x 1 Gig port module). For some reason i cant seem to port channel them and cant do routing (can set an ip address on those ports). I can do port channel and routing on on-board ports. Do i have to enable any commands to do this ?
View 3 Replies
View Related
Feb 20, 2012
I am trying to configure ISP failover using IP SLA tracking in Cisco 3900 router(C3900-SPE100/K9).
I want to configure below commands:
R1(config)# ip sla 1
R1(config)# icmp-echo 2.2.2.2 source-interface FastEthernet0/0
R1(config)# timeout 1000
[Code].....
configure IP sla static route tracking in Cisco 3900 series router.
View 3 Replies
View Related
Jan 1, 2013
I am setting up a DMVPN between several dozen sites using 2800, 2900 and 3900 series ISRs. The DMVPN Design Guide recommends current 12.4 or 12.4T IOS, but the DG was last updated in July 2008. I cannot seem to find any recommendations newer than this. I'm hoping Cisco or the community can give me an updated recommendation.
View 5 Replies
View Related
Feb 16, 2012
I run streaming multicast video cameras on my network. I stumbled upon the command ip multicast rate-limit. When I configured a test setup in my lab (multicast camera source and a few routers) and tried the command it simply did not work. Moreover, when I went to use the command on a 3900 router in my lab, it was not there.
I take it this command has been deprecated?
View 3 Replies
View Related
Apr 3, 2012
I've been trying to find the right information on Cisco's site, and I'm not having success.
We have a 3900 router that we would like to do authentication via a local userdatabase. We want ssh access and console access using a local user on the router. I've been working on the console piece and everytime I try it, I get prompted for a username, but it is not accepted.
View 2 Replies
View Related