We are going to purchase ASR 1001 with ipbase, BGP is our basic requirment if we purchase ipbase(SLASR1-IPB) it will support BGP.
ProductDescriptionASR1001Cisco ASR1001 System,Crypto, 4 built-in GE, Dual P/SASR1001-PWR-ACCisco ASR1001 AC Power SupplyCAB-IND-RAPower Cord India, Right AngleSASR1001UK9-32SCisco ASR 1001 IOS XE - ENCRYPTION UNIVERSALSLASR1-IPBCisco ASR 1000 IP BASE LicenseM-ASR1K-1001-4GBCisco ASR1001 4GB DRAM
I just would like to confirm if the ASR 1001 with IP Base license can support the normal BGP features such as remote-peering IPV4, Local-AS.
I am not looking for advanced features such as Route Reflectors, VPLS, L2 VPN, etc.
is the ASR 1001 either with IDC OC3 or T3 support VPLS and what is the limitation, what is exactly support is it full functionality of VPLS?
View 4 Replies View RelatedA customer recently purchased an ASR 1001 under the impression it could replace their old 3662 router and ASA 5505. The ASA is configured for their SmartFilter proxy server (N2H2), and I am having a heck of a time finding any documention on how to configure this. I found the following: To use SmartFilter with Cisco IOS firewall, install the SmartFilter componentsand use the IFP plugin (off-box). To configure the Cisco IOS for SmartFilter,use the Cisco document Firewall N2H2 Support located on the Cisco Web site,[URL]Well, I found the Firewall N2H2 Support document [URL], but the ip inspect command doesn't seem to work on the ASR. Is there any way to make this work or does the ASA have to stay in line?...
View 3 Replies View RelatedI have two Cisco 3560x switches running IPBase on different sites joined by a 1gbps connection with routed ports. I have video data totalling 80mbps in site A that is crucial to arrive at Site B regardless of any other traffic on the network.
What I would ideally like to do is reserve 100mbps on the link from A->B which is only allowed to be used for this traffic. The traffic starts in a subnet of its own and finishes in a subnet of its own (i.e. only the video traffic is in the VLAN on each switch with data and voice in different subnets).
Upgrading two 6509-E routers containing sup32's to two new 6509-E routers containing sup2T's. We run a large OSPF network but our core mainly is a switched network and only has about 5 Vlans. Now this could change in the future and there maybe more Vlans on it.
Just after realising our new sup32's shiped with ipbase instead of ipservices. Version is s2t54-IPBASEK9_NPE-M. My question is is this version ok for routing?
Our old current 6509's are version s32p3-ipbasek9-mz.122-18.ZYA3.bin and they do some routing about the same amount these new routers will do. Here is a summary of the routing table:
IP routing table name is Default-IP-Routing-Table(0)
Route Source Networks Subnets Overhead Memory (bytes)
connected 1 3 424 640
static 0 0 0 0
ospf 1 26 348 27520 59840
Intra-area: 366 Inter-area: 0 External-1: 0 External-2: 8
NSSA External-1: 0 NSSA External-2: 0
internal 12 14160
Total 39 351 27944 74640
Removing Queue Size 0
Will I need to upgrade the new sup2T's to ipservices or will this version work ok?
I would like to Upgrade license Cisco 1941-K9 from ipbase to security
View 5 Replies View RelatedMy current version IOS is cat4500e-ipbase-mz.122-53.SG5.bin. I just got a new version cat4500e-entservicesk9-mz.122-53.SG5.bin.I put the new version in bootflash: directory and tried various methods of starting the IOS up to run the new version but it always started in the original ipbase version. My start-config shows:
boot-start-marker
boot system flash bootflash:cat4500e-entservices9l-mz.122-53.SG5.bin
boot-end-marker
and I even deleted the ipbase version in the bootflash: directoy so then my switch would not even boot up at all and hung in rommon. In rommon I tried
boot bootflash:cat4500e-entservicesk9-mz.122-53.SG5.bin
and the result I got back was
File has bad file magic number: 0x0
So I had to point the switch to my tftp server and boot back into a back up copy of ipbase. how I can get my new IOS version to work? I understand I might have to download it again but I just got it so I am skeptical it is a bad file. [URL] as a procedure guide and I do notice some of those commands/steps do not work on my 4900m switch.
I imagine this question has been posted a million times before but here goes. I am trying to image a number of machines via Ghost Cast server across a 3750X stack running multiple V LAN's. I am running the IP BASE image so am aware that multicast functionality is limited.
I am running 12.2(55)SE3. I have tried adding both V LAN's into an IGMP group using the "ip igmp join-group" command which shows both V LANs as part of the group but to no real effect. To be honest though I am clutching at straws! I'm just starting to read through the documentation so hopefully that will work.
After deleting configuration with „write erase“ and reloading, our Cisco Catalyst 4503 with version cat4500e-universal.SPA.03.02.00.XO.150-2.XO.bin, and licence ipbase, doesn't recognize any command regarding SSH. We tried configuring SSH key with „crypto key generate“, but that command is not recognized either.
View 1 Replies View RelatedI have a printer sitting on an outside interface e0/7 that external vendors were able to print to prior to an ISP IP address change and IOS upgrade.
We upgraded our IOS from 8.2.1 to 8.2.5. The printer wasn't changed so the MAC address mapping is still correct on the ISP translation list. The ISP issues DHCP MAC reservations for static IP address assignment. My printer doesn't seem to be getting the DHCP assignment now.
Here is the before and after config. I'm just wondering since this worked prior to changeing the IP and IOS changes if there is another command I need since upgrading from 8.2.1 to 8.2.5. The DHCP IP address is assigned and is working on my e0/0 vlan2 outside interface.
Config that worked prior to the IP and IOS change. hostname hrhdomain-name hrh.comenable password passwd multicast-routingnamesname 10.200.200.0 TestNet!interface Vlan1nameif insidesecurity-level 100ip address 192.168.1.8 255.255.255.0ospf cost 10ospf network point-to-point non-broadcastospf
[Code]....
we have just purchased a few 3750x's that we intend to add to our 3750g stacks. We've purchased the 10gb uplink modules, C3kx-nm-10gt, but when they are installed they are not appearing in the switches web gui nor can you configure them correctly. If we upgrade a 3750x to 15.0.1 they seem to work fine. All of our current 3750g's are running 12.2(58)SE2 IPBASE so we don't really want to have to upgrade them all to 15.0.1
Are we missing something or do the 10gb modules only work properly with ios 15.0.1?
Cisco let us try a CISCO C3750X- 24T-S Stack (2 switches) ->> IpBase Sofware licence We've 2 Hyper-v 2008 R2 and one SAN Netapp FAS2040 connected via Iscsi.All was working well with this stacks.Hyper-V see Nas Iscsi interface without problem. Even with basic stack config (no Vlan, ect...).Then, after this test period, we bought a C3750X-24T-L stack (2 switches) to replace the stack lent by Cisco.This one is LanBase Software.
With this stack, hyper-v work very bad ! We've got a lot of Iscsi error in the eventvwr.I can't access luns.So, is there a difference between LanBase and IpBase for a iscsi use ?I put the 24T-S config on the 24T-L switch without pb. So config is the same on both stacks...Also i've got a "TestPortAsicLoopback" = "Failed" on the new stack...I've tried with other stack cables. Not better.
I've an ASR1001 with 15.1(2)S code on it connected to out ISP, we've been get some complaints about performance and I'm seeing drop on the output policy. Checking the bandwidth consumption we have plenty spare when drops are occuring, there's 300Mb/s. Details below, any suggestions gratefully received
The policy is to guarantee the following bandwidth:
Outbound policy:
class 1 => 50% guaranteed
class 2 => 8% guaranteed
class 3 => 1% guaranteed
class 4 => 5% guaranteed
class 5 => 1% guaranteed
class 6 => 5% guaranteed
class => 7% guaranteed
class 8 => 7% guaranteed
class default => not configured
config :
policy-map priority
class 1
priority percent 50
class 2
priority percent 8
class 3
priority percent 1
class 4(code)
i have 1001 ASR which boots up ok but shows a warning "filesystem is not clean" and thereafter the image is validated well, it shows up the following two messages and just goes idle from there. [code]
View 6 Replies View RelatedI just need to start building the configuration of an ASR 1001 but I do not know how gigabitethernet interfaces are named on these routers? Are Gi0/0/X or Gi0/X ??
View 1 Replies View RelatedI am replacing my 2900 Internet router with a ASR 1001. I am really not doing anything to fancy on the configuration just routing traffic from the internal LAN to our ISP connection. With the new ASR 1001 there is a configuration for VRF Definition Mgmt-Intf do I do anything with this? There is also a interface for vrf forwarding. At this point we are just running IPv4. The plan was just to configure the GigabitEthernet interfaces but I wanted to make sure if I should try and configure VRF.
View 2 Replies View RelatedWe have an existing WAN connection from a Cisco 2821 router to Time Warner with a single mode fiber connection using the following SFP:We have a ASR 1001 router configured to replace the 2821 router. When I connect the fiber into the ASR 1001 router the link does not come up. I have used the above SFP without success and the following SFP.I have seen Cisco documentation that only certain SFP modules are compatible with ASR router, but I believe the second SFP I listed is compatible. As a test, I connected my ASR router to a 3750 switch using long haul SFP modules on each end so I know the SFP module works. The only downside to this test is I only had a multi mode patch cable. Are there specific settings on the ASR interface that need to be set to allow this connection?
View 1 Replies View RelatedI have an issue with an ASR 1001. The problem occurs with MQC shaping applied to a gigabit interface in the outbound direction. The CIR of the provider we are using is 100Mb/sec, so we are shaping to that value. However when reported traffic levels are about 60Mb/sec, we see a steady increase in output drops. [code]
I have also tried increasing the hold queue, however this does not work with the drops. Increasing the shaping rate to 200Mb/sec gets rid of almost all the drops (not quite all!) but is not what we need. I think that we should see some drops when rates spike above 100mb, however the amount we are seeing seems excessive?
This would be the first time I will be working on NCS for a client. There is completely a new install and I was just doing my reading to get my head around the overall working of the product. I had a small Q in mind which I wanted to ask here, while going the config guide, i could not find the way to add a router to the NCS prime. W have ASR 1001 in use along with switches. I read in some forum that NCS supported routers but couldnt find the way in the config guide unless i am missing somewhere. The NCS version is 1.0
View 6 Replies View RelatedWe have problem con EIGRP and two ASR 1001 in High Availability. ASR2 have received all route (100 route) from PE, but in ASR1 doesnt received all route (75 route) from PE or from other ASR02. All PE have all route. The ASR1 when modify or lost some route dont update to the ASA. see diagram.
View 5 Replies View RelatedI have a need to capture traffic on an ASR 1001 subinterface, but what I have found is that the Embedded Packet Capture feature is not supported on this platform. Are there any simple alternatives to capture egress traffic on a subinterface or am I SOL? This is a walk in the park on normal IOS routers...
View 1 Replies View RelatedWe've recently bought a cisco asr 1001 Router and I have a number of interface slots. I want to populate these with fiber modules.
Which fiber modules are compatible? Are the regular SFPs ok to use or is there a special asr series of SFPs to use?
I'm trying to configure Tacacs on Cisco ASR1001, and the Tacacs server is Cisco ACS v3.3, the ACS won't pass the authentication, complaining bad request from NAS, key mismatch - which I compared millions of times on both ASR and ACS sides. [code]
View 2 Replies View RelatedHow can i find the list of features supported in ASR for various license
1) IP Base
2) Advance IP Services
3) Advanced Enterprise Services.
i want to apply a QOS for my trafic LAN, in my ASR 1001 , the LAN is connected with ge0/0/0 interface and it configured with the service instance to bridge vlan 1 ( i do that for OTV ) i put service policy in "service instance 1" to marking data with ef31 but i noticed that the class "plateform_datacenter" match the trafic and the ACL associate to this class not mach any trafic trafic !
tha policy-map march trafic for Datacenter :
sh policy-map interface gigabitEthernet 0/0/0 service instance 1
GigabitEthernet0/0/0: EFP 1
Service-policy input: MARKING-OTV
Class-map: Platforme_DC (match-any)
[code].....
I have problems to configure CBWFQ on a ethernet sub-interface on a Cisco Router ASR 1001. Then I applied the policy in the physical interface but it should be is in the sub-interface. How can I configure CBWFQ on sub-interface in ASR 1001. (version 3.02).
Error Messages:
CBWFQ: Not supported on subinterfaces and efps
This the final output:
interface GigabitEthernet0/0/0
description Conexion WAN
bandwidth 153600
no ip address
load-interval 30
no negotiation auto
[code]....
My company has purchased a second ASA for fail over reasons and I'm needing to attach it to my core router (ASR 1001). Currently I'm running the connection between my ASA and my Core as a /19 ie. ASA-10.10.10.2/19 -- ASR-10.10.10.1/19. I know the 2nd interface on the ASR will need to be on a different network segment then the first connection (10.10.10.1/19). What would be the best way to segment this out with out breaking up my /19?
Run /30 segments for each interface? Use a VLan ?
I don't want to use up my Internet rout able IP's on /30 segments. Attached diagram.
when i make a trace route on an ASR 1001 router to 172.23.30.7 I get the following output:
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.99.192 0 msec
192.168.99.191 1 msec
192.168.99.192 0 msec
2 172.23.30.243 1 msec 1 msec 1 msec
3 172.23.30.7 1 msec 1 msec 1 msec
Is there a loop between 192.168.99.191 and .192 (this are two routers with hsrp .190) or is this normal behavior when using trace route on an asr 1001?
I am migration an IPsec site to site VPN config to a new ASR1001 router «facing» a Linux box (ipsec-tools + racoon). As the Debian Linux does not offer VTI, I am using a crypto map.
The working config is given below with the corresponding logs on the Linux side.
When I try to apply this previously working config to the ASR1001, I get the following error :
000855: *Dec 12 18:28:21.859 UTC: %ACE-3-TRANSERR: IOSXE-ESP(14): IKEA trans 0x1350; opcode 0x60; param 0x2EE; error 0x5; retry cnt 0
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: initiate new phase 1 negotiation: 194.214.196.2[500]<=>130.120.124.8[500]
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: begin Identity Protection mode.
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: CISCO-UNITY
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: DPD
Dec 12 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt(code)
deploy OTV using ASR 1001 between 2 data-centers? We want to acquire HSRP localization there, but at this moment I can only see lots docs are saying how to do this on N7K, not ASR. I saw it has a FHRP filtering enabled by default when the OTV configuration is done, and also see there is a access-list created by default call otv_filter_fhrp, Im just wondering besides this IP ACL there should be MAC ACL applied?
View 3 Replies View RelatedI have a few new ASR 1001s throwing false environmental alerts.According to the logs, the inlet temp is in excess of 100 degrees C.When I telnet to the routers, they're well within tolerance (30-32C),Running 15.1(1)S and bug toolkit shows no related issues or caveats.
View 1 Replies View RelatedI was wondering if I am able to add a redundant power supply to an asr 1001 router that is in production without losing connectivity or causing any diruption to the Users - is it hotswappable?
View 1 Replies View Related
