Cisco WAN :: C2811 - Implement CoPP On Routers?

Apr 9, 2012

Required by regulations to implement CoPP on our routers, I installed  the following configuration on a C2811 router  pair with integrated DSU/CSU cards connecting a point T1.  STAC compression(software) is configured on the serial interfaces  and the link is often congested.

[code]...

This configuration severely degraded the IP traffic flow and I had to remove it. Not having any practical experince with CoPP.

View 1 Replies


ADVERTISEMENT

Cisco WAN :: 2800 Implement IPSec VPN Between Two Routers

Aug 20, 2009

We want to implement an IPSec VPN between two routers cisco 2800 IOS version of what we need.

View 4 Replies View Related

Routers / Switches :: How To Implement Ipv6 On Windows 7

Feb 10, 2011

How to implement ipv6 on windows 7

View 1 Replies View Related

Implement Networking In Three Floor Office By Using Routers And Switches?

Apr 24, 2011

How can i implement networking in my THREE floor office by using routers and switches?

View 1 Replies View Related

Cisco WAN :: CoPP On 2811 ISR?

Aug 23, 2012

Looking to implement CoPP in our 2811 ISR. We currently have the base 256mb of DRAM in there. Will this bring our router to its knees? I've priced a RAM upgrade.

View 0 Replies View Related

Cisco VPN :: Max IPSec VPN Throughput On C1812 And C2811?

Apr 19, 2012

recently we had some performance issues with C2811 which caused us to do some lab testing. For testing we used also C1812. The results were quite surprising for us, as the C1812 appeared to be more efficient than C2811. Below you can see the lab scenario and results.

1. Why C2811 is performing worse than C1812?

2. Is there any official Cisco reference stating what are the max VPN throughputs of certain platforms/models? (we consider migration to C2900 platform and would like to choose the right model)

[URL]

as presented on the small diag:

All routers had enabled onboard hw VPN modules and SEC/K9 IOS ver. Configuration was very simple and beside encryption there were also GRE tunnels configured and EIGRP process for routing between "remote LANs". Part of conf responsible for encryption:

crypto isakmp policy 10 encr aes 256 authentication pre-share group 5 lifetime 3600crypto isakmp key ......... address ......... no-xauth!crypto ipsec transform-set SHA-AES256 esp-aes 256 esp-sha-hmac
crypto map VPN 90 ipsec-isakmp set peer ......... set transform-set SHA-AES256 set pfs group5 match address .........
 
TEST RESULTS
                                                                                                                                                                                                                       Cisco 1812Cisco   2811iperf   generated BW [bps]WAN   if BW (max of 30s avgs) [bps]CPU   usage (max of 5s avgs)WAN   if BW (max of 30s avgs) [bps]CPU   usage (max of 5s avgs)500k--540k5%1M1,1M3%1,2M8%2M2,1M4%2,3M14%5M5,4M10%5,7M34%10M10,6M20%11,5M65%15M15,8M28%17M96%16M--17,2M99%25M27M48%--35M38M64%--45M48,2M72%--53M60,8M88%--59M67M94%--61M72M97%--

View 4 Replies View Related

Cisco VPN :: C2811 Client Vpn And Site On Same Router

Mar 20, 2011

I have an office c2811 and it has three Ethernet interfaces(two onboard and one expansion).  Faste0/0 is on one isp and faste0/1 is on another.  The third is private.  I have multiple site ipsec vpn’s terminating on faste0/0.  I had a client ipsec vpn on faste0/1.  One of the site vpn’s on faste0/0 terminates at a collocation site.  Both the site vpn and client vpn need access to the same collocation.  When I connect via client vpn, I cannot ping/access collocation subnet.  I suspect this is because I have a site vpn already terminating to the collocation.  Can I have a site and client ipsec vpn on the same router terminating to same place and still work? 

View 1 Replies View Related

Cisco WAN :: C2811 Separate Ingress / Egress Interfaces

Apr 14, 2011

I have a 2811 Router with two fast ethernet wic cards installed. I need traffic to go out one interface, but it's received back through another. Both interfaces have public IP's and the same subnet, and are connected directly to satellite modems. One can receive data / the other only send.

View 3 Replies View Related

Cisco Switching/Routing :: Is CoPP Only Available With 5500s

Mar 22, 2012

According to release notes, this is available in v5.1.3-n1.1. I am running 5.1.3-n1.1a According to the security guide, all you should have to do is config t, then control-plane, but I do not have that option:
 
nx5k-2(config)# c?
  callhome   Enter the callhome configuration mode
  cdp        Configure CDP parameters
  cfs        CFS configuration commands
  class-map  Configure a class map
  cli        Configure CLI commands
  clock      Manage the system clock
 nx5k-2(config)#
  
so my question is, is CoPP only available with the 5500s?

View 1 Replies View Related

Cisco VPN :: C2811 - (Show Crypto Isakmp / Ipsec Sa) Shows Nothing

Feb 25, 2012

I have setup ipsec VPN in my C2811 router but when "show crypto isakmp/ipsec sa" shows nothing. Remote end point is an "ASA5520".  Does it indicates that the remote ASA5520 not yet configured?

Code...

View 9 Replies View Related

Cisco Switching/Routing :: CoPP Logging On A 6500

Mar 19, 2013

I am looking for a way to see packets that are matched on certain ACLs in a CoPP policy map.  I have read that it is not a good thing to add the log keyword at the end of an ACL when using that ACL for CoPP.  I initially tried to use a logging policy map but the 6500 12.2sx doesn't support this.
 
how I can see source/destination IP for a certain class in a CoPP policy map?           

View 1 Replies View Related

Cisco Routers :: RV120W - Implement Security To Keep Internet And Non-internet Vlan Computers?

Sep 4, 2011

I have a RV120W Firewall and I've created 3 Vlans.  One for Internet Access Computers, One for non-Internet access, one for printers.  How can I implement security to keep Internet and non-internet vlan computers from communicating with one anothers?  Both computer vlans will need to communicate with printer

View 1 Replies View Related

Cisco Switching/Routing :: ASR 1001 - Configure CoPP / Unwanted Traffic?

Oct 30, 2012

I'm configuring CoPP for an ASR 1001 router with consolidated IOS XE Version: 03.07.01.S.  And I'm trying to use 'DROP' command under policy map to drop.un wanted traffic. But the drop command is not listed.

[code]...

View 6 Replies View Related

Cisco WAN :: 6500 - Copp Configuration / Error Failed To Install Policy

Dec 12, 2012

I was trying to configure copp on one of 6500 sup-2T. Is it ok to add customized policies to the default copp "policy-default-autocopp".When I created my own customized policy using policy-map, I get following error
 
control-plane service-policy input policy-custom
  
error: failed to install policy map policy-custom

View 7 Replies View Related

Cisco Switching/Routing :: Unable To Access C2811 Router (AC Operated) Through Console Port

Jan 11, 2012

I not able to access cisco 2811 router (AC operated)  through console port when I try to access it by selecting COM Port, but I  able to access by selecting the TCP/IP option.

View 5 Replies View Related

Cisco Switching/Routing :: N7000 Details Of Packets Dropped By COPP Policy

Mar 13, 2012

On one of our N7K, we have some packets dropped by the COPP policy in the class-default class-map. Partial results of "show policy-map interface control-plane" not so long after clearing the counters : [code]
 
what traffic is dropped by the policy ? Is there any logging possible ?

View 2 Replies View Related

Cisco :: Can Implement BGP Without IGP Protocol

Feb 9, 2013

Can we implement BGP without IGP Protocol ? If yes, then how can we do it ? If no, why ?

View 11 Replies View Related

Cisco WAN :: ASA 5520 - Implement With A New ISP

Jul 31, 2011

We are attempting to implement an ASA 5520 with a new ISP.  Based on the limited routing needs, I believe we can use it as the router as well. I am familiar enough with routers, but the ASA is obviously a different thing.
 
The setup looks like:
 
ASA Version 8.2(1) !
host name Cisco
 interface GigabitEthernet0/0description Internet name if Outsidesecurity-level 0ip address 69.XX.46.1 255.255.255.252 !interface GigabitEthernet0/1
description DMZnameif DMZsecurity-level 0ip address 69.XX.56.1 255.255.255.240
!interface GigabitEthernet0/2description Localnameif Insidesecurity-level 15ip address 10.0.XX.XXX 255.255.252.0
[Code] .....

1) Outside 0/0 connects to MRV from service provider (Public)
2) DMZ 0/1  connects to outside switch with servers (Public)
3) Inside 0/2 is LAN (Private)
 
A) Based on a completely default config and aside from setting the routes to send traffic from inside to outside, and outside to DMZ, what is the next step?
 
B) What should the interface security levels be, I am unsure what they should be or why...?
 
Based on the initial config with interfaces set as above, I cannot move traffic through.

View 5 Replies View Related

Cisco VPN :: ASA-5520 / How To Implement DAP

Oct 21, 2011

Today we have a simple ASA-5520 SVC setup with just one connection profile and one group policy. Authentication (2 factor – AD + SMS) is performed by RADIUS. We would now like allow access to this VPN service only if you reside in a particular group in the MS AD. From what I understand this can be accomplished through DAP. Either by matching the LDAP attribute “memberOf” or RADIUS id 146. I’m I right? Can I still perform authentication using RADIUS and then DAP using LDAP or must I use DAP using RADIUS?

View 3 Replies View Related

How To Implement LAN Network

Feb 21, 2013

How to implementation LAN network

View 2 Replies View Related

Cisco Switches :: SF 300-48P How To Implement Route

Oct 13, 2011

We recently purchased a SF 300-48P to replace a Layer 3 3Com switch that died. I've sucessfully put the switch into Layer 3 mode and assigned ip addresses to each of the VLANs but I cannot figure out how to implement routes for those. Here's some info on our network and what the previous switch had. [code]
 
Not sure if this can be translated into the Cisco or not.. If i try to create an IP route like these i get errors that the Gateway can be a route.

View 5 Replies View Related

Cisco :: Implement ACLs In Layer3 Switch?

Oct 15, 2012

Is it possible to implement ACLs in layer3 switch??

View 4 Replies View Related

Cisco WAN :: Implement MPLS On 2651 Router?

May 18, 2012

I have some Cisco 2651 routers, I was trying to implement MPLS on those routers, Can i accomplish this upgrading newer IOS version? link to download the supported IOS.

View 2 Replies View Related

Cisco WAN :: 1812J Best Way To Migrate Config And Implement QoS?

Apr 26, 2012

I am looking to upgrade an 1812J router to 1921/K9 router with 8-port double wide switch port.What's the best/easiest way to migrate the config? (We have access lists, vlans, etc. configured on the original device)Also, I'm looking for a way to prioritize traffic from an external site on the internal LAN. Reason being that I would like to prevent dropouts of interent streaming radio when Internal LAN traffic is high. If so, what's an easy way to implement on 1921?

View 1 Replies View Related

Cisco WAN :: 3560G What Platform And IOS Version Need To Implement IOS SLB

Nov 27, 2011

I want to select catalyst 3560G for my network. But IOS SLB need to be implemented in my network. I only know catalyst 6500 series can support this feature and i am not sure whether 3560G can support this feature. what platform and IOS version i need to implement IOS SLB?

View 1 Replies View Related

Cisco Firewall :: Implement Secondary ISP To ASA 5510?

Aug 27, 2012

We are in the process of implementing secondary ISP to our ASA firewall and We would like to run both ISPs in parallel so we can test until we finally cutover?

View 2 Replies View Related

Cisco Firewall :: ASR1002 - Implement ZBF On Router?

Jun 3, 2012

We are trying to implement the ZBF on our router to assist us in limiting the intial impact of DDOS attacks.We have configured the below and it appears that it's not working, as when un der attack the statistics don't increae.

[code]...

View 2 Replies View Related

Cisco VPN :: QoS On 7206VXR DMVPN - Implement VoIP?

Sep 27, 2011

one of my customers wants to implement VoIP in his existing DMVPN Network Topology. I have read about the "Per-Tunnel QoS for DMVPN" but when it comes to configure it on my hub router (Cisco 7206VXR with c7200p-advsecurityk9-mz.124-15.T14.bin) I am lacking the option to set the "ip nhrp map group" command.
 
My question now is, is it generally not supported by the 7206VXR platform? Or can I get the option by upgrading the IOS to a newer version? If so, which one could I use ?

View 2 Replies View Related

How To Implement Isa Server And Active Directory

Nov 29, 2012

I have 1 server where i enabled dhcp server and active directory on it . I still have to install something like ISA server on it as isa doesnt support 2008 r2. point me out on the networking , like how should i connect the clients to the server. And how the wireless router and switch should be connected to the server?

View 1 Replies View Related

Implement Based On Newer Models Of Cisco Switches

Mar 13, 2013

(eth ports routing only) and a layer 2 switch into a cluster of two layer 3 switch clustered. I have looked at Cisco 3550 EMIs with HSRP but I would like to implement based on newer models of Cisco switches.

View 6 Replies View Related

Cisco Switching/Routing :: Implement EtherChannel On 2901

Feb 3, 2013

I am trying to implement an etherchannel on a cisco 2901 (IOS 15.1). i have already created the port-channel but i cannot assign the gig interface to the channel group.

View 1 Replies View Related

Cisco Firewall :: 2800 / Implement Backup Between Two Sites

Sep 13, 2011

I need to implement the backup between two sites I have router 2800 which is having a point to point connectivity with the far end.At the far end there is no router ,only one firewall is there on that firewall one access-list is there to allow the traffic .To implement the back up link i have created a site to site vpn  .But the problem is as soon as the tunnel is establised .For the time being i have removed by site to site config from both firewall.

View 7 Replies View Related

Cisco Switching/Routing :: Implement QOS On 3560 Switch?

Nov 22, 2011

I have a 3560-48 switch running Cisco IOS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(44)SE3 and i need to implement basic QOS commands to the fast Ethernet interfaces as well as the gig  interfaces and Also I need to create port channels on the switch and need what the port channel syntax are as well for that particular IOS version? 
 
I have only read only access and i can't see what the QOS and Port channels syntax should be for that IOS version.

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved