ASR performs the function of ISG. The number of subscribers until 10000. This number is constantly growing.Because of the economic address space subscribers surf the Internet through NAT.Now the task to keep logs of all translations or binds. Need to store the information about what time, certain internal IP address using the external IP.
View 19 RepliesWe have:
ASR1000-RP2
ASR1000-ESP40
ASR1000-SIP40
SPA-10X1GE-V2
SPA-10X1GE-V2
!
Kiwi Syslog Server
ASR performs the function of ISG. The number of subscribers until 10000. This number is constantly growing. Because of the economic address space subscribers surf the Internet through NAT.
Now the task to keep logs of all translations or binds. Need to store the information about what time, certain internal IP address using the external IP.
I've tried:
!
ip nat log translations syslog
!
logging trap debugging
logging host xx.xx.xx.xx transport UDP port xxx
no logging console (so as not to load the CPU)
!
Error stopped publishing but logs do not come. I think of the huge number of translation per second, it can not send them as fast. How can this problem be solved or otherwise obtain and store information about a translations?
I have a problem with configuring brach router 891 (with IOS v15.0(1)M).I want to connect to HQ via EasyVPN connection (split-tunnel) and allow the local traffic to go directly to the Internet via NAT (PAT).When the VPN connection goes up, NAT stops working and NAT translations don't appear in show ip nat translations. When the VPN connection goes down, NAT begins to work again.
View 1 Replies View RelatedI am at a loss on configuring a new ASA5505 for multiple static port translations.I would have expected to simply add several service command to a network object to complete the task, however, the service command overrides the previous and replaces rather than adds to the translations. [code] However, if entered in that order the 8443 overwrites the 8080 static translation.What is the correct procedure to establish multiple translations? If someone could also provide the "old" style for pre 8.2 release, I'd like to compare because I thought I used to do this with an access-list somewhere.
View 4 Replies View RelatedI'm using a 2601X router connecting to a broadband connections. The following NAT connections is working but I need to do NAT exemptions to set up my VPN appliance on the DMZ. I see a lot of documentation on how to use a pool of public addresses to do that, but I only have the one dhcp address from my isp.
!
boot system flash:c2600-adventerprisek9-mz.124-25d.bin
!
!
!
interface FastEthernet0/0
[code]....
In a 6500 or 7600 a 'show module' gives a run down on all the modules in the slots, their HW and SW versions and status. But I can't find a similar command in the ASR1006.
View 1 Replies View Related I'm trying to configure and DMVPN architecture with two routers ASR1006 to server a bank remote offices, one ASR in CO building and the other in CA building (CO: Operational Center; CA: Recovery Center).Each ASR have two LAN connections to internal network and two WAN links to remote office. Each WAN links belongs to differents provider.Each remote office has a router with two WAN links connected to that WAN providers.We are configuring the DMVPN considering two primary tunnels in the CO building and two failover tunnels in CA building.We made the configuration (schemas and configuration attached) but we only get two tunnels up at a time. We cannot ping from office router to four tunnels interfaces in both hubs.
We made some test disabling some tunnels and we could get communication only with two tunnels interfaces. We got communication through tunnels when we have just two.We want to have the four tunnels for high availability. We would like to know how to troubleshoot and make a design review because the examples and documentations are very limited.
my ASR1006 router with the IOS ver:
Cisco IOS Software, IOS-XE Software (PPC_LINUX_IOSD-ADVENTERPRISE-M), Version 12.2(33)XNE, RELEASE SOFTWARE (fc1)
is restarting again and again when I try to write the configuration.
I would like to know if Cisco Collector Engine 6.0 can recive and reading the sent address traslation logging of router ASR1006. Using Netflow v9.
View 4 Replies View Relatedwhy I would see packet loss when BGP comes back up.We have 2 ASR1006's both running full tables of BGP to the same upstream ISP. We load balance the 2 links to them. the ASR's have an OSPF connection between them.When one pipe goes down we see not packet loss; however, when that pipe comes back up we see packet loss until the BGP table fully loads in that router again.
View 1 Replies View RelatedI want to do something with IP SLA and started by estabilishing a baseline.
I'm trying to check history on an ASR. I tested same config on a 3845 and was forgetting the "history filter all". After this I could see history table on 3845 but still history is empty on the ASR1006. The operation started because I can see information with "show ip sla statistics".
know if i missed something or maybe this is not supported in ASR1006?
re-ld-tcc-02_ASR1006#show vers
Cisco IOS Software, IOS-XE Software (X86_64_LINUX_IOSD-ADVIPSERVICESK9-M), Version 15.2(1)S2, RELEASE SOFTWARE (fc1)
[Code]......
I run a minecraft server over an ad hoc network, but every time we start the server up again, we have to find the new IP address, edit the server files, and re-enter the new IP address onto all the computers.Is there a way to make it so an Ad Hoc always boots with the same Ip Address?
View 2 Replies View RelatedWe have an ASR1006 and I'm just discovering net flow aggregation cache.
I tried prefix aggregation and worked fine. But i cant get any information when checking AS aggregation. All I get is 0 in source and destionation AS. [code]
I have cisco router ASR 1006 .... i need to create PPPOE connection via Ethernet ... and can do that on the management port ???? and what is the type of adapter that use in the Giga Ethernt interface to connect it to fiber ???? hint :- my interface hardware SPA-10X1GE-V2
View 7 Replies View RelatedI have multiple devices running on my home network. Every once in a while my wireless router starts playing up and I have to reset it.Whenever this happens, it changes the internal IP addresses of the devices. Is there a way to make the router keep the same internal ip address for each device? ie Laptop stays at 192.168.1.8I have a few forwarded ports for remote access to certain pieces of software, so each time the address changes, I have to go in and change these details, which is quite frustrating.
View 7 Replies View RelatedWhen trying to configure ERSPAN on a ASR1006, I'm not getting any traffic on the destination port. ERSPAN flavour is LOCAL SPAN, as described in:
[URL]
Configuration used, is the following:
monitor session 1 type erspan-source
no shut
source interface GigabitEthernet0/0/2
destination
erspan-id 10
ip address 10.10.10.1
[code].....
Apparently everything is configured in the proper way, however I’m not getting any traffic in the destination port. Also I’ve noticed the following in the details from ‘Session 1’:
Destination IP Address : 10.10.10.1
how to configure Local SPAN using ERSPAN?
I have problems in exporting translations of NAT from my router through NetFlow v9 ASR1006, to my server nfdump, any opensource or licensed software (collector) that I recommend.
ip nat log translations flow-export v9 udp destination 10.1.1.15 1181
I have a wireless repeater (NETGEAR Universal Wifi Range Extender WN2000RPT) thats been giving me issues lately when attempting to use it to connect an xbox 360 I have to xbox live. The Xbox and the repeater are connected by an ethernet cable so there is no wireless connection going on between them. My router (Cisco WRVS4400N Wireless-N Gigabit Security Router with VPN) located in the basement of my house, and the extender is on the second floor of my house. The xbox that I want to connect to the internet is located on this second floor and because of the distance between it and my router a normal xbox wireless networking adapter doesn't seem to be working.Anyway, if I plug in the extender and let it get a connection, and use it right away to connect, i have no issues. The connection will also usually remain working for a while after I first get it working. The problem comes after I'm done using the xbox and i shut off the console and the tv. When I come back to the xbox later and turn it on, the networking extender still shows it has a full connection and is working properly on the outside with the green lights, but the xbox will not connect and it will tell me the extender is not assigning an IP automatically (DHCP turned off), when I know for a fact it is turned on. It is almost like the extender freezes after I leave it alone and on for a while. When this happens I usually unplug it and let it connect, and everything works as it should again. After a while its gotten a little annoying having to do this every time I need connection.
View 5 Replies View RelatedKeep a log of my own (Wan) IP-adress. It should look up my own IP-address and write it away to a log, so that I can look up a few weeks or months later what my IP-adress was on a certain day. I am using a router at home.
View 6 Replies View RelatedI am building a new computer to replace my existing one. is there a way to transfer my existing network to the new computer when I install the routers software? I don't want to redo all the devices that are connect wirelessly that are using it for internet connection.
View 1 Replies View RelatedThere is an ASR1006 Router in the network that serves as an Intelligent Service Gateway (ISG). Subscribers are layer 2 connected and subscriber sessions are initiated on a DHCP request. ISG is configured as a DHCP relay agent. Wi-Fi clients connect to the WLAN using Open SSID and are being redirected to a Web Portal where they enter their login info. This info is sent to RADIUS server which checks if the user is allowed to use Internet service. All the APs are connected o WLC using CAPWAP. The question is the following: there is a requirement to track from which AP a particular Wi-Fi clients is connected. In this case ISG needs somehow to obtain AP’s mac address and send it to the Radius server (probably using attribute 30 – Called-station-id). One possible way for ISG to obtain AP’s mac is via WLC. But the thing is that when WLC is configured as DHCP proxy and Option 82 is set, a wireless client does not obtain IP address via DHCP. In this particular case there two DHCP relay/proxy in the network path between client and DHCP server. Is there any other away for ISG to obtain AP’s mac address?
View 8 Replies View RelatedI would like to know if it is possible to add a second router to my home network.
My son wants to use his Nintendo DS online but the device does not have WEP capability, it can only deal with the less secure WPA option.
I am not willing to drop my preferred WEP just to facilitate one device, but I do have a spare router and I am wondering if it were possible to hook the second router up and allow him to connect using WPA?
I have two dir655 routers that are connected. The second router is not setup as a wireless access point, but I am open to that if it will work. The second one is going to serve as a public wifi in a business, with a separate SSID. The first one is going to handle the local business network, with its NAS and printers. How would I prevent the public wifi from accessing the first router?
I have tried the guest wifi partition setting, however it still allows access to the lan devices on the first router. It does partition with the second router properly though, but thats not worth anything to me cause there are no lan devices on the 2nd router.
Would it work right if I turn the 2nd router into a access point, disable the dhcp server, and set it up with the guest wifi partition?
I am installing a network that has two SG500X-24 switches as core and several SG300-52 switches as access switches. I've seen in the SG500X-24 datasheet that there is a True Stacking feature. But in the data sheet there are not a lot of details about it. My doubt is the following. If I configure the two SG500X-24 switches as a single switch through stacking them, can I connect one SG300-52 switch to these two SG500X-24 switches through two cables (both configured as a LAG in the SG300-52 and in the SG500X-24 stack, one cable per SG500X-24), the the first cable connected to the first SG500X-24 switch and the second cable connected to the second SG500X-24 switch and keep both connections active?
View 3 Replies View RelatedI have been testing WiFi devices such as the iPhones and iPads connectivity with the following setup:
1. 3502i AP
2. WLC 5508 SW 7.0.98
3. NGS
The i-devices have iOS v4.2
My goal is to have the guest user i-devices maintain the credentials (username and password) when they login again to the wireless network. Like if the device sleep, I think definitely they would loose those IP address issued by the DHCP. Once the guest user uses them again and connect them to the wireless network the user would not need to type-in those credentials on the Web Authentication page directed by the WLC.
The credentials are issued by the sponsor who created them on the NGS. It seems that there are WiFi problems with these i-devices. But somehow, I'm looking for a solution that would automated the logins like a checkbox if you want to be kept signed in, on Yahoo or Stay signed in for GMail.
Have a WLC 5508 running 6.x code with LAP's providing wireless for our internal laptops (WPA2 and EAP-TLS). I want to provide guest wireless which goes out a different port on the WLC to a guest firewall/cable modem. However, we want to prevent our internal laptops from being able to use the guest wireless. I have RADIUS (IAS) and LDAP for my AD available. We would prefer not to have use Lobby Ambassador and just have the guests use a simple password or web passthru. Guests may be laptops or smartphones. What options are available? I have tried a test setup using dynamic vlan assignments from RADIUS using the IETF flags, but can't seem to get it to work. Is there a way to identify the SSID is being used at the RADIUS server?
View 13 Replies View RelatedAs part of my course, I have to install a brand new network, including cabling, setting up equipment etc in a room whilst ensuring that the current network system for that room is still running without any issue. How to do this as it includes taking out/changing the infrastructure in relation to cabling?
View 5 Replies View RelatedI have a Cisco 877W-K9 router, and I for the life of me can not work out how to enable multiple SSIDs on the AP whilst keeping them all to the same VLAN?
I know this may seem silly but basically for our clients we setup WPA-Enterprise for one SSID and WPA-PSK for the other to help ease migration between the two etc, however all I can seem to do at the moment is create multiple VLANs and use ip unnumbered vlan1 to sync them all into one, but this seems really silly.
it's across 3 floors and the current setup is a single wireless router DIR655 (1st floor), but the WiFi suffers greatly on the floor below/above.
I have sourced 3x D link switches and 2x more DIR655's and would like to have all machines/consoles/phones etc in the household on the same network. Is it possible to keep one DIR655 as the main wireless connection and have the other as pure AP's as well as keeping the same SSID?
Having problems with my wireless router, dropping and keeping connection active. For some odd reason I keep dropping connection either wireless or wired. I have a total of 5 items going through this router. 2 of them are wireless and the other 3 are wired. The wireless items are a desktop computer that is using the Wireless USB adapter to get online. Sometimes it drops and most of the time it doesn’t have any problems. I have a laptop that sometimes the connection goes from strong all the way down to no connection at ALL. It starts at 54MBPS to down to the RED X over the wireless manager. Forgot to mention both of these machines are Windows XP. If I reboot the laptop, it comes up without any problems.
Sometimes I tell Windows XP to manage the Wireless connection and tell it to disconnect and re-connect again, it goes. Now for the wired items, I have 2 gaming systems and another computer plugged directly up to the router. For some odd reason when I double click on the internet, on the computer that is hooked directly to the router, it says page couldn’t be found. I know that there is connection and there is nothing running in the task tray except for the Anti-Virus and Firewall. The browsers that I am using are Internet Explorer 8 and Mozilla Firefox 3.0.10. Also checked on the back of the machine to see if I have link lights and everything is flashing. Finally, when I click the homepage or refresh button about 2 or 3 times, it goes through.
think that I am overloading this Router and it can’t handle it. I might have to look into sending "Keep Alive" packet setting on the router.
We have a Linksys E1200 modem and I have been having problems with keeping my son from using the wireless interenet. I did change the password and that worked for about 24 hours and then he was able to get onto it again. He has a nintendo dsi and he is smart enough to figure out how to dismantle any parental controls on his gaming device. I think that he resets the modem in order to get back onto the internet in order to use his gaming device. Someone told me that you can register each item individually in order to keep kids from using it but I have no idea as to how this works. We have two iphones, a lap top, and two tablets.
View 7 Replies View Relatedhow to turn off this logs??
*Mar 2 13:26:07.919: %SEC-6-IPACCESSLOGP: list 101 denied udp 79.2.199.68(57143) -> x.x.x.x (34803), 1 packet
Router#
*Mar 2 13:26:09.766: %SEC-6-IPACCESSLOGP: list 101 denied tcp 108.15.116.235(63864) -> x.x.x.x (34803), 1 packet
Router#
*Mar 2 13:26:11.276: %SEC-6-IPACCESSLOGP: list 101 denied udp 24.130.2.212(26935) -> x.x.x.x (34803), 1 packet
I cannot read ACS 5.3 logs from my WCS. I have the ACS server added to the WCS. Below is the message I'm getting:
Unable to connect to any ACS View Server.Failed to access the WSDL at: { URL}. It failed with: {URL}. Do I need to install any special module on the ACS to support this?