Cisco WAN :: ASR 1002 - OER PfR Limitation On Number Of Interface
Mar 6, 2011
We have a deployment of 400 store. Each of those have 2 GRE tunnels running over MPLS & 2 GRE Tunnels running over Internet leading to our 2 data-centers. At each Data-Center, we have 1 ASR-1002 connecting both MPLS & Internet MPLS tunnels (800 total per router).
I saw in the documentation that OER & PfR cannot support more than 20 external interface (in our case GRE tunnels) per MC. Does it means that we need to have 20 routers acting as MC to be able to use PfR for our Internet GRE tunnels ?
Is there any more scalable solution for this ? How big company address this issue when they have a lot of interface to run PfR ?
View 3 Replies
ADVERTISEMENT
Jul 7, 2011
I have LMS3.2 running and have set up daily log rotation of my SYSLOG file via Common Services-Server-Admin-Log Rotation. In LMS2.6 I set this up from the command line and was able to set the number of rotations to 120. I found in LMS3.2 setting up the rotation via the GUI that the number of rotations is limited to 90.
View 1 Replies
View Related
Feb 19, 2012
our WAN is connected via L2WAN and using EIGRP to connect the sites. Currently there are 35 EIGRP neighbors over L2WAN and we are to install 15 more sites and will be connected to the same L2WAN. Some sites are still using Cisco 2651XM and we would like to know if it can still handle another 15 EIGRP neighbors. Some sites are 2800 and 2900 routers. And is there any other things to consider for EIGRP over L2WAN?
View 5 Replies
View Related
Dec 11, 2011
We have a Cisco 2505 WLC which can support 5 Ap's based on license. Is there any limitation on the no. of ssid's that can be configured on a wlc, how to determine that detail.
View 5 Replies
View Related
Feb 4, 2013
We have 2 Hubs (Cisco 7200 - 2 for redudancy). Every customer have a Spoke (Cisco 881). The Spokes are 24/24 connected to the 2 hubs (2 dmvpn tunnels) to give us the access to our equipments of monitoring and for support. Every Spoke have a NAT table with a specific NAT range for every Spoke. Like this we can reach every devices with a unique IP inside the VPN.For example:
- Spoke_001 have a NAT IP range of 10.80.0.0 255.255.254.0
- Spoke_002 have a NAT IP range of 10.80.2.0 255.255.254.0
...
To connect to the hubs with our laptops, we are using the Cisco VPN client. We have different profiles created in the hubs:
- Admin profile with an ACL that allow the connectivity to every Spoke
- Integrator profiles: that allow the connectivity of one integrator to some defined Spokes.
So the integrator profile looks like this in the hub
crypto isakmp client configuration group [NAME]
key [PASSWORD]
domain [DOMAIN]
pool [NAME]
acl [NAME_VPN_Split]
[code]....
The problem is that if we can't summarize an ACL in less than 50 lines, we will have to create a second profile and to know wich one to use for wich network...
Version:
ROM: System Bootstrap, Version 12.3(4r)T3, RELEASE SOFTWARE (fc1)
BOOTLDR: 7200 Software (C7200-KBOOT-M), Version 12.3(15), RELEASE SOFTWARE (fc3)
System image file is "disk2:c7200-advsecurityk9-mz.151-4.M2.bin"
View 3 Replies
View Related
Jul 19, 2011
We have an ASA 5520 using for VPN & would like make use ASA's local CA to manage certificate.Do you know if there's any limitation on number of certificates that the local CA supports ?
View 6 Replies
View Related
May 12, 2013
I have a cisco ASR 1002 I have plugged a host into an addressed port and the port comes up however the host cannot ping the router and the router cannot ping the host. Neither can router ping its self. I do the same on a cisco 2800 router and it works fine. What's goin on. Is it the fact that this is a ASR router ?
View 5 Replies
View Related
Jan 13, 2013
I need to know it the adsl router SRP547w or SRP546 permits to set class B subnetting ( or class A) on the Lan interface. I read the model SRP527 has a limitation to set ip address on the lan interface but I did not find any information about 547 or 546.
View 0 Replies
View Related
Aug 13, 2012
We have 400 branches is ended on ASR 1002 router. ASR 1002 is the Hub router. When we disconnect/connect WAN interface or Shut/no shut tunnel interface, at the moment, router is not reacheable via telnet.
But if i disable the EIGRP on tunnel interface, tunnel are ok, then when i enable eigrp on tunnel interface, all eigrp neighbourhoods are OK.Is there any way to limit NHRP or EIGRP packets ?
View 1 Replies
View Related
Apr 19, 2012
I am configuring my first 2911 using a SFP card but I dont know the interface name for this module.
show inv shows the card..
What is the interface number for this card or if it needs some config before it will recognize the interface?
View 6 Replies
View Related
Feb 28, 2012
i want to know a number of maximum tcp connection at same time on interface of my 7200 router,how i'll do that?any configuration, software?
View 1 Replies
View Related
Mar 9, 2011
Any Cisco command similar to Junipers monitor interface interface type / number. It's handy seeing real time interface stats. monitor interface?
View 5 Replies
View Related
Mar 26, 2011
I have some tunnels which terminate to my home router. I'm allowing the other ends of the tunnels to use my voice setup. I need to prepend *67 to all called numbers which don't originate from my house. I don't want people calling my home number based on the caller-id number they see when someone across one of the tunnels calls.
So if 5008 calls 212-333-4444 I want it sent to my provider as *672123334444. If 5001 calls a number, I don't want it touched. Can I do this? I can use IOS or CUCM here.
View 13 Replies
View Related
Aug 6, 2011
Does the limitation on ASR 1000 series RP1 with regard to maximum number of match statements per class-map?. I have more than 30 match statements under my class-maps but when I apply the service policy on the interface, I get the error "cannot configure more than 16 matching statements per class-map for the interface”.I am running 3.1.0 S on an RP1. Is it a hardware limitation just like the older Cisco 10Ks?
View 1 Replies
View Related
Jun 27, 2011
Due to lack of address space, I have to go to NAT for our wireless guest users.Are there any limitation with WLC/NGS when comes to NAT?I have four 5500 WLCs, should I put them in 1 mobility group, at 2 different locations?
View 1 Replies
View Related
Oct 8, 2011
I would like to know the technical Specification regarding the AC power supply for ASR1002.
I need to know the following:
Voltage
Amp
BTU
Watt
BTU and AMP for ASR 1002?
View 1 Replies
View Related
Jun 28, 2011
I have one ASR 1002 router and one GSR router. when i insert SFP-OC48-IR1 module with GSR and connect 100 Mb link that comming from MUX then the GSR port is up but when the link is connect with ASR with same module the port not going up.i had cross check the module GSR to ASR but the problem remain same.
View 1 Replies
View Related
Oct 27, 2012
I have Cisco router ASR 1002-F on which I have created two subinterface, Gigabitethernet 0/0/1.333 and Gigabitethernet 0/0/2.111. I try to bridge those two subinterface but no success. I can create bridg-group and everything needed but I can not add subinterface to specific bridge-group. If I try write command bridge-group on subinterface there is not even possible to chose this command.
View 1 Replies
View Related
Mar 6, 2011
OK ran into a little problem with getting this to work. Only group members participate in the encryption process, correct?
I have numerous remotes all coming into one central location. I set up a KS and have currently only 2 of the remote routers set up as GM's, with the intention of the others coming into play as I move forward. Here is basically what I have in my KS and GM's:
KS
crypto isakmp policy 10 encr aes authentication pre-share group 2crypto isakmp key testkey address [code].........
GM's
crypto isakmp policy 10 encr aes authentication pre-share group 2 lifetime [code]....
So I applied the crypto map to the serial interfaces on my routers on either side of the cloud (central-ASR1002 and remote-ISR1841). When I did this, ALL the remotes went down and I'm not sure why. Even the ones that didn't have anything to do with gdoi. Ya, it wasn't good. I thought that only the group members would be affected.
Is it the fact that my acl is encrypting any to any? Surely I don't have to reverse that and have two statements with the same syntax. I'm basically just trying to encrypt all traffic from specific remotes back to the central side. However, I'm trying to do it without taking down the rest of my network .
View 1 Replies
View Related
Oct 26, 2011
We are running LMS 3.2 with IPM 4.2 installed....and we are looking to do IPSLA monitoring on a couple of our Cisco ASR's with IOS-XE code installed.
I looked at the IPSLA feature mapping and it only talks about supported IOS code....do we need to upgrade our current IPM module to a current version?
View 0 Replies
View Related
Aug 2, 2012
I have a 1262 that will be setup as a WGB and wirelessly connect to a Cisco MESH AP. A switch and clients will hang off of the 1262 WGB. How many clients can a 1262 WGB support?
View 4 Replies
View Related
Aug 10, 2011
i have few questions about MAC adress limitation. We have in our network cisco RV042 router, SLM2048 switch and WAP4410n AP.
My 1. question: is it possible to disable internet connection for concrete mac adress based on scheduling?
For example: between 23:00 - 5:00 this mac adress will not connect to internet.
If yes how i could do that?
My 2. question: is it possible that if this "mac adress" is connected for 5 hours than disconnect it for 6 hours?
View 2 Replies
View Related
Apr 17, 2011
I have a NMWLC6 module connected to a 3825 ISR using 1140N APs. Latest (but one) code. I had two SSIDs configured and deployed in the default AP group. Last week I needed to deploy a third SSID for unencrypted webauth, I created the interface and WLAN associated with the interface and the sub interface/svi on the WLAN-controller 0/1 with dot1q. All created with no problem and enabled, however the SSID was not available to clients and did not show up as available WLANs under AP groups menu. Out of desperation I created a new AP group and added an AP to it and hey presto all three WLANs were available and the third is now visible to clients! Is this normal behaviour? Is the default AP group limited to two SSIDs? (a quick google failed to find any documented limitation!) or is something weird going on?
View 2 Replies
View Related
Sep 14, 2011
I have
MLS : C6509-E
SUP : VS-S720-10G
PFC : VS-F6K-PFC3CXL
I'm trying to find out what is its limitation for encrypted traffic via SVTI there .
I don't have a SPA for the ip sec .
View 2 Replies
View Related
Oct 23, 2012
I have route-map defined on my ASR 1002 12.2(33)XNE and applied to my gi0/0/1 interface. I need to change the IP address defined on the "set ip next-hop ..." line. My question is, when I make the change in just the route-map definition, does the change take effect immediately, or do I need to remove and re-apply the "ip policy route-map ..." statement on the interface? If I do have to remove and re-apply, will this be service-affecting for all the traffic flowing through the interface? I'm just not sure what to expect.
View 2 Replies
View Related
Jan 8, 2013
I have Cisco ASR 1002, code XE 3.4.1 doing site-2-site VPN with an ASA managed by another company that I have no control over running 8.3 (I think).the site-2-site vpn is very easy straight forward as follows.
View 4 Replies
View Related
Dec 6, 2011
I have a pair of physical ASR 1002 routers, called ASR-1 and ASR-2. I setup HSRP on both ASR-1 and ASR-2 on both g0/0/0 and g0/0/1 interfaces, nothing complicated, just straight forward HSRP.
Now Cisco TAC told me that HSRP is NOT supported between physical ASR routers. WTF!
Furthermore, they told me that HSRP only supported within a single ASR because of multiple routed processors. In other words, you can setup HSRP with a single physical ASR but not with two physical ASR routers.
HSRP can not supported with two physical ASR routers?
View 8 Replies
View Related
Dec 25, 2012
I have 2 sub net directly connected to a ASR 1002. This is the configuration
interface GigabitEthernet0/0/0
ip address 193.145.14.114 255.255.255.252
negotiation auto
[Code] ....
The interface gi0/0/0 is connected directly to 193.147.14.113/30 in another router. And the Gi0/1/1 is connected to my internal infra structure. From my router I can ping 193.145.14.113 . So. I configure my PC with default-gateway 193.147.107.3 (ASR).
From my PC
I can ping 193.147.107.3 (gi 0/1/1)
I can ping 193.145.14.114 (gi 0/0/0)
But I can not ping 193.145.14.113 (the other point connected to gi0/0/0)
Why???? It is a IP inside of a sub net directly connected to the ASR. Why the ASR is not doing routing? ip routing is enable.
View 2 Replies
View Related
Oct 4, 2012
I am planning to implement SSL-VPN (Any Connect) on an ASR 1002 router running IOS-XE Software Version 15.1(3)S2. I need to use LDAP for user authentication, and need to understand what are RADIUS/ TACACS requirements to use LDAP. Do I need to use Cisco ACS or can I use something like Microsoft IAS or Free Radius?
View 6 Replies
View Related
Jan 10, 2011
I'm trying to upgrade the ASR 1002 we just purchased and am having some issues (this is a new device and is not in service). I first tried upgrading the ROMMON using the upgrade rom-monitor filename bootflash:asr1000-rommon.150-1r.S.pkg all command, but the upgrade didn't seem to work completely. When I do a sh platform I get the below output showing 15.0(1r)S: [code]
no valid BOOT image foundFinal autoboot attempt from default boot device...Rommon upgrade requestedMaximum upgrade attempts exceeded, continuing with old Rommon...
I've also tried upgrading the IOS, but that is not working either. I tried "boot system flash:asr1000rp1-advipservicesk9.03.02.00.S.151-1.S.bin" command, but that did not work. I made sure the image was good using the "verify" command and made sure to set "config-register 0x2102". After I do a wr me and reload the router I get the below errors. [code]
View 1 Replies
View Related
Jan 26, 2012
Looking to link up to 6513 chassis via 6704 10 gig cards.
I have a 6513 on the 8th floor and one on the 3rd floor in same building. Distance would be approx 150' max. New 10 gig cabling was installed between these floors.
I would like to use 2 10 gig ints on each 6704 to form a port channel (LACP) between the 2 environments.
So far I have been unable to get the links up between 6704's.
View 2 Replies
View Related
May 6, 2012
Customer wants to place a single 1552E to cover a particular area in his campus, and it will be placed on a tower, and the question is concerning the height. I can not find any particular height limitation such as 5 meters, 10 meters, etc. I understand this will influence the sign propagation as well as throughtput to the users, but can not find a matrix or a best practice guide for that.
View 1 Replies
View Related
Jun 26, 2012
I want to use a subnet mask of 255.255.254.0. The setup window doesn't allow me to type in that mask, rather it only allows me to choose from options on a drop down menu (which doesn't include that mask). Is there a way to do this?
View 2 Replies
View Related
