Cisco WAN :: Adding MPLS With 1841 To Existing 5505
Aug 28, 2011
We currently have out T1 attached to a 5505. We have IPsec site to site tunnels that also terminate on the outside interface of the 5505.
We are getting rid of the T1 and bringing in a manged MPLS circuit which will run off of a 1841 ISR. I would like the 5505 to pretty much work as is with little change. Whats the easiest way to accomplish this? Of course the MPLS will come with new external IP.
Current Design ---> T1<------>[asa5505]<------->[LAN]
New design---------> Mpls<------->[1841]<------>[asa 5505]<------->[LAN]
Questions:
1. Whats the easiest way to drop in the 1841 without having to change all my ASA acl's.
2. How would I terminate my ipsec site to site tunnels on asa outside interface. Now that the WAN interface is on 1841 and not ASA how would I terminate the other side of tunnel? Can I leave my tunnel end points on ASA or do they now have to terminate on 1841?
3. How would I configue outside interface on ASA to communicate out 1841 MPLS?
View 2 Replies
ADVERTISEMENT
Feb 4, 2013
I currently have a wired network which starts with a cable router downstairs which is a virgin media netgear box with firewall and DHCP turned on. I have a NAS server and a smart tv which run off ethernet connections to this router.then have a cable run upstairs to a TPlink gigabit switch which is connected to a PC and a printer (in my study). All this works just fine, no configuration needed.I have a TPlink wireless router, a TL-WR743ND. I want to use this to connect to the switch upstairs (not downstairs - my stone walls limit any wireless access point) to provide wireless network coverage for my house.So I figured I should configure it with a dynamic IP address (ie it gets it from the netgear DHCP), turn off the TPLink's DHCP and firewall, and then any wireless devices attached to the TPLink by wireless should have access to printer and NAS
View 8 Replies
View Related
Oct 30, 2011
I have 3 locations connected with MPLS connectivity … 2 mbps , 2 mbps branches and 4 mbps and I have Cisco 1841 router ?Last few days I am facing problem that Cisco 1841 router’s Lan port suddenly stop working and connectivity get disconnected.In this stage branch offices can reach up to CISCO 1841 WAN port.
( I have changed 2 different router assuming router problem but issues remain same, Hence No hardware problem )
View 3 Replies
View Related
Feb 26, 2013
I have a working 3800 router which runs on bgp pretty well. Existing setup has 2 serial ports for the bgp and 1 gigabit port for the LAN.Now, i want to add another 3800 as a standby router making it clustered - ACTIVE/STANDBY via hsrp protocol.
1.) What are the implications in adding another 3800. Do i need to reconfigure the ip addresses on my serial? or just the LAN
2.) Are there any additional requirements like firmware versions etc?
View 1 Replies
View Related
Apr 10, 2012
We have an ASA5520 version 8.3(1) We have an existing VPN tunnel between us and our partner site. We need to add a new vlan to our existing VPN tunnel.
Where do we need to add the new vlan to in ASDM interface? Looking through using ASDM, I found 3 places.
Site-to-Site VPN:
1) Connection profiles
2) Advanced > crypto maps
3) ACL Manager
View 5 Replies
View Related
Mar 3, 2013
I need your input on how to appropriately introduce an N5K with Jumbo enanbled to a prexisting Core Network (Stack of Cisco 3750G Switches) without making any major alteration on the Core configs (everything is happy). The idea is to move two High I/O servers to the N5K during a transitional phase. I already have a fair understanding of what Jumbo-Frames are and what it does. Keep Jumbo-Frames within the N5K ONLY.
Conditions:
- Traffic is Data traffic, not storage/iSCSI
- The servers host our ERP applications and MySQL that is accessed heavily by users
- N5K to C3750G connectivity is a Port-Channel consisting of 4x1GB ports
- The servers are to remain on VLAN 2 (Data VLAN)
- The Core Switch is L3 and the boundaries reside here
View 1 Replies
View Related
Feb 16, 2010
we have 2xNexus model 7010 (let's call them Nexus1 and Nexus2) connected via VPC to a couple of catalyst 6509 switch.Trunking has been enabled on the port-channel defined on both Nexus allowing some vlans.Below the config applied on both port-channel interfaces on both Nexus which are members of the same VPC number: [code]
supposing I'd need to remove some vlans from that trunk (e.g. vlan 100,200 and 300) using command "switchport trunk allowed vlan remove 100,200,300" and that I'll run that command on Nexus at a time (that means there'll be a condition for a short period of time where Nexus1 has removed vlan 100,200 and 300 from the trunk, while Nexus2 is still carrying those 3 vlans on its port-channel which is a VPC member) , could it cause any VPC inconsistency condition suspending VPC interfaces and therefore affecting the service for all remaining Vlans or only Vlan 100, 200 and 300 will be suspended when that condition will be detected?
View 3 Replies
View Related
Aug 26, 2012
We have a Cisco 3845 router for Site 2 Site VPN tunnels to external business partners. The IOS is (C3845-ADVIPSERVICESK9-M), Version 12.4(15)T8.One of our partners is doing a DR test and needs to have us swing the VPN traffic to another peer in a test location temporarily. I plan on adding the test hosts to our existing encryption ACL, but instead of building another crypto map, I was wondering if I can add a secondary peer to the existing one?
View 3 Replies
View Related
Oct 5, 2012
My ISP comes in via phone line to modem then to wireless router.I want to run 200' direct burial line to WAP so that I can access wireless internet at the far point. I have modem and wireless router. what do I need to do the create the distant wireless access?
View 2 Replies
View Related
Feb 11, 2011
My wife has a home office with her office computer connected to our modem via a cisco router. Our home computer is connected via this router as well. I want to add a wireless router (netgear) so I can use my laptop anywhere in the house.
View 1 Replies
View Related
Nov 24, 2012
I am trying to hook a second computer up to run off my belkin router?
View 1 Replies
View Related
Apr 1, 2013
I have a Airnet 1600 Series that I want to add as another repeater to our 1200 series 802.11g network. We already have 2 AP's running fine as Repeater and BR, I just need to a this 1600 AP to the existing wirelss. Everytime I try to change the 1600ap as a repeater, I get the below error.
cannot set role in radio network to when another radio is set to one of the above roles
View 1 Replies
View Related
Oct 1, 2012
I need to add two additional 2960S switches to my stack. I saw a diagram that showed how a 4 switch stack can be connected, but I couldn't find much detail on adding a switch to an existing stack (besides master election). The output below shows how the existing stack is connected and its state
SW#sh switch detail
Switch/Stack Mac Address : 0011.2222.3333
H/W Current
[Code].....
I will need to break one of the stack rings between SW1 and SW2 in order to connect the new switches. Does it really matter which ring I break to connect the additional switches? Does one ring act as primary? If so, I'd rather not break that ring so this process is transparent as possible. Also, is there any benefit to disabling the stack port vs just disconnecting the cable?
View 2 Replies
View Related
Nov 23, 2012
Moblie WLAN range 192.168.1.0/24.Default Gateway: 192.168.1.1 - Firewall..Next available range to add more addresses are 192.168.11.0/24..Current range is having IP address issues..I have seen a feature in 4402 controller that I can assigne second address range to exisgint SSID Mobile.What should I set the default gateway for 192.168.11.0/24 range?How can I point all mobile users traffic to the firewall as default gateway without creating additional interface on the firewall?I really do not want to create another vlan and interface in the network to just add another 255 addresses if tehre is any option?
View 3 Replies
View Related
Nov 14, 2012
I have a 3750 stack as our core switch. On the core switch I have 2 VLANs. One VLAN is for WAN and one is for LAN. The WAN VLAN has our internet router, and the outside interfaces of two ASA's set up as failover. The LAN VLAN has everything else, including our MPLS router for the remote offices. Execs are cheap and want to increase internet bandwidth by purchasing a local home internet service like COX or Time Warner cable to add to our Business internet service with TelePacific which is a bonded T1 at 3 meg. Execs dont seem to care about SLA's and simply will not spend big dollars to increase the pipe. I was looking at those Mushroom Networks appliances but its too expensive for us also. Any way to add additional low cost bandwidth with out current setup? Maybe prefer to keep important internet traffic to the SLA circuit, and then put low priority traffic to the cheap non SLA cable modem if possible.
View 5 Replies
View Related
Apr 11, 2012
Here's the deal. My internet provider provided me with a shitty router with a lot of settings locked. I can't change DHCP settings or add custom static IP addresses. This sucks. The wireless function on it sucks also.I added an extra router to the network so I have good Wifi in my living room. I turned off the NAT, firewall and DHCP on that one, so it's a simple switch with a wireless access point now.Now here's the deal. The DHCP server of the provider's router hands out IP's from 192.168.2.1 to 192.168.2.253 (192.168.2.254 is the router's own IP address).I gave the added switch/access point the IP address 192.168.1.1 in its own settings. The original router doesn't 'see' the switch now anymore because it's out of the DHCP's range. When I gave it an IP address within the DHCP's IP range, I got all kinds of conflicts (as expected).
I guess this is a solution since it works, but I'm open to other suggestions since it doesn't seem to be the best way of doing things. Besides, I can't access the access point's web interface anymore since it doesn't have an IP address within the network now. It isn't important because I don't need to change any settings anymore, but still.I'm going to add a second wireless router to replace the built-in wireless function of the provider's router. For some reason it sees its own wireless network as a separate network or something. When I roam from the new access point wifi to the provider router's wifi, everything gets confused because it tries to give the laptop a new IP address.
View 4 Replies
View Related
Feb 17, 2011
ive got 2 laptops on my wireless network and have just bought a pc. it dosnt seem to be finding my connection so i cannot get it onto my wireless network?
View 1 Replies
View Related
Mar 28, 2012
I have an existing wireless working network with WIN 7 - 2 laptops, two desktop PC's. Can I add a security code/password without setting up a new network?
View 1 Replies
View Related
Mar 25, 2012
in our network we were using three 3750-48-s switches with stacking one of the switch due to some hardware failure power problem,
now i want to add a new switch 3750-48-s in the existing Stack two switches , the old two switches ios version is = 12.2(25r)SEC the new Catalyst 3750 io verion is = 12.2(35)SE5
how to add this switch in the existing two stack switches , with documentation
View 1 Replies
View Related
Nov 23, 2011
I am looking to add a new 3750 Switcch to an existing stack shown below
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 26 WS-C3750-24P 12.2(35)SE5 C3750-IPBASE-M
2 26 WS-C3750-24P 12.2(35)SE5 C3750-IPBASE-M
3 26 WS-C3750-24P 12.2(35)SE5 C3750-IPBASE-M
[code]....
I have looked on notes to add a switch to an existing stack and haven’t identified answers on how the IOS will be affected on the new switch – will it downgrade to the current stack version or will the current stack upgrade to its version. At this moment in time I would prefer if the new switch IOS downgraded to the current stack IOS version.The new switch is a 3750V2 – will this affect how it joins the stack?The new switch has the image of IPBASEK9-M – again will this affect how it joins the stack?
View 5 Replies
View Related
Feb 27, 2013
I have to add a 2960s PoE switch to an existing stack of two 2960s PoE switches. If The new switch has no configuration on it and the existing stack is broken by pulling te stack cables and then new cables are added and everything re-cabled correctly will the new switch assume the configuration from the stack without any issues?
View 10 Replies
View Related
Dec 6, 2012
I am having an issue with adding a c3750x switch to an existing switch stack Currently there is 2 x WS-C3750X-48P and I am trying to add another WS-C3750X-48P to this switch I have cabled the switch to the stack using the stack cables and added the command to provision the switch on the exisitng stack. However when I turn the switch on it just goes on its own stack.
I noticed the new switch had a later version of IOS so have downgraded this to the same version as the other switches but still no joy Here is the sh ver from the exisitng stack
uptime is 4 weeks, 4 days, 23 hours, 30 minutes
System image file is "flash:/c3750e-universalk9-mz.122-53.SE2/c3750e-universalk9-mz.122-53.SE2.bin"
License Level: ipbaseLicense Type: PermanentNext reload license Level: ipbase
cisco WS-C3750X-48P (PowerPC405) processor (revision A0) with 262144K bytes of memory.Processor board ID FDO1448Z0FJLast reset from power-on21 Virtual Ethernet interfaces1 FastEthernet interface156 Gigabit Ethernet interfaces6 Ten Gigabit Ethernet interfacesThe password-recovery mechanism is enabled.
[code]....
View 3 Replies
View Related
Oct 16, 2012
I am attempting to add and Catalyst 3750 - 12 port Gigabit switch to an existing stack of 3750 48 port switches (non-X fabric). I am not sure how to proceed. These are the two questions/thoughts I have. Any additional perspective I should have before proceeding.
What kind of configuration should I apply to the Gig switch before adding it to the stack?I am sure I will need to assign priority to the new switch, ideally, it will act as master.
View 1 Replies
View Related
Dec 22, 2011
Add wireless conection that can't see network. I have an existing working hard wired network. I want to add a wireless connection that has access to the internet, but not to the other devices on the original network.
View 2 Replies
View Related
Sep 23, 2012
Added a wireless router to our office here so that people with laptops could get on the net without having to physically plug in. Right now it is ok, but the router is acting as it's own DHCP server instead of our server here assigning out the IP's.
The main gripe I have is I can only login to the router through my phone and not through my computer. How can I achieve this. We have multiple offices that all connect through a VPN. I would like our sys admin to access the router at his location as well.
Do I just turn off DHCP on the router and thats it? The model is Netgear WNDR4500.
View 10 Replies
View Related
Jan 29, 2013
I need to tear down an existing port-channel on a 3750X running c3750e-universalk9-mz.150-1.SE3.bin. This port channel is currently down down. It has three ports in it that will be added one each to three existing port-channels, I am assuming as long as the "channel-group" command is exactly the same as it is on the three existing port-channels I should be ok just adding the new port. One point to note is that the three existing port-channels all have three ports so this will be adding the fourth port to each port-channel. I know after reading that it is a best practice for load balancing to use either 2, 4, or 8 ports for a port-channel. Also what is the command to see all ports that are in a port channel?
View 1 Replies
View Related
Apr 3, 2013
current topology is build from 4 6500 switches connected in a ring topology. Using Port channel (2x 10Gbit) links to connect left side top and bottom 6500's (DC1), 10 G bit link to connect right side 6500's (DC2) In between a 1 G bit link is used to connect top 6500's (DC1-DC2) and the same for bottom 6500's (DC1-DC2).
Path costs are 5 and 6 so the T5/4 from bottom right is blocking. Bandwidth demands are increasing, so thinking about adding extra 1 G bit links to the existing ones and create ether channels. Path costs here are 4 and 5, so T5/4 from bottom right is still blocking, but when the bottom 2 G bit port-channel is loosing one 1 G bit link the path costs of both directions become equal. So I am worried that STP will not re converge and leave me with a congested 1 G bit link. I cannot test this setup in a lab, are there any options for STP to re-converge here?
View 1 Replies
View Related
Oct 26, 2010
I have an existing wireless network using a Cisco/Linksys WRT400N wireless router (which in turn is connected to a cable internet provider). I need to extend my wireless coverage and so purchased a Cisco/Linksys E1000 to act as an additional access point. Purchased from BB, the local 'geek squad' rep instructed me to follow the users guide for the set up. After login into the admin service on my E1000, I followed the 'Advanced Routing' instructions and disabled the 'NAT' option and subsequently enabled the 'Dynamic Routing (RIP)' option. Everything worked like a charm to this point, but now I'm stuck. What steps do I need to follow to allow clients to log onto my wirelss network via the E1000 (secondary access point)? I've established WEP security keys on the WRT400N (primary access point) and want to use the same network security parameters on the E1000.
View 9 Replies
View Related
Sep 25, 2011
Too many devices in our home including two playstations and 4 computers. I want to add a Linksys dual band E2500 to my existing WRT160N.
1. I will be able to hard wire the two together too.
2. Which Linksys router should I connect to my cable modem?
View 3 Replies
View Related
Apr 2, 2009
I have 1841, 2800 and 3800 routers and need to do IOS upgrade to all of them. Existing routers do not have enough flash to hold 2 IOS images.if the router has 12.4.13r ROM IOS, will I be able to boot the ISR router via Cisco brand USB? That means in case something goes wrong while I am uploading new IOS to the router via WAN and something wrong, now router in ROMMON mode. If a local site person has a Cisco USB with an IOS in it, can he just stick it to the router and reboot the router and router will go out of rommon and go into normal mode? After it is working, then I can put the running IOS onto the exisitng CF card so now I can remove the USB and the CF card has a good IOS and reboot the router again.I am just trying to find a safe way to upgrade the site when they don't have big enough flash to hold 2 IOS at the same time. The local person is not technical so asking him to setup tftp server and put the IOS in the computer and so I can do tftpdnld while in rommon mode to grab the IOS from his tftp will be difficult to have the local person to set it up.
If ISR can boot off of the IOS in USB only, then I assume the requiremetn is the ROM IOS needs to be 12.4.13r. Then what is a safe way to upgrade the ROM IOS to this then? I never upgrade ROM IOS before so don't know what kind of problem I may run into and whether it's higher risk to upgrade this than upgrading the regular ios? If it is, then all my routers won't have this ROM IOS version, so that means I can't use USB to boot then? Will that means I am down to tftp server option? ( I heard xmodem won't work as it will time out before the ios can load via the slow dialup link into the router to rescue it from rommon mode).
View 33 Replies
View Related
Jan 2, 2012
I'm trying to learn a little about Cisco router setup, since I'm fairly well versed in configuration. I have an 1841 w/ K9 that I'd like to set up as a WAN Router to hot swap if one of ours goes down. I installed a VWIC2-1MFT-T1/E1 MultiFlex card in Slot 1 of the router.
Currently, if I run a "show diag", the VWIC2-1MFT-T1/E1 shows up in Slot 1 but in the configuration I can't see it or configure it. Am I missing an enable or something? I thought I had to declare card type but I can only do that on the existing card, the router doesn't seem to recognize that the card is there in any place other than "show diag".
View 7 Replies
View Related
Mar 3, 2011
I have a customer with active/standby on a pair of 5510's with the CSC modules. They were inquiring about the AIP/ASA, and since this would NOT work in their current setup, would getting a pair of 5510/AIP configured for transparent failover work placed in front fo the existing units? Would I need to have a switch placed between the AIP and CSC ASA's? Or would I setup the ASA's for context based Active/Active failover to interconnect the ASA's to the existing units, but I still see a need for a switch.
View 1 Replies
View Related
May 31, 2013
I have been having a heck of a time trying to configure my 5505 to allow the second segment on my network to use the internet. Office 1 has a fiber internet connection, and all traffic flows fine. Office 2 had gotten it's internet from AT&T, via a network based firewall injecting a default route into the mpls cloud. both offices connunicate to each other through the mpls.
When we added the fiber to office 1, we had the mpls people change the default internet route to the inside address of the 5505 and things worked fine. when AT&T attempted to remove the NBF defaut route, and inject the 5505's address as default, things didn't go so well.
AT&T claims that it is within my nat cmmands on the 5505, but won't tell me anything else. I assume that they are correct, and I assume that I am not good enough with the 5505 ASDM to tell it what to do.
Office 1 uses 10.10.30.xx addresses and Office 2 uses 10.10.10.xx - the 5505 inside interface is 10.10.30.2 the internal interfaces of the mpls are 10.10.30.1 and 10.10.10.1
View 21 Replies
View Related
