Cisco WAN :: Can 3945E Support VRF-Lite
Mar 31, 2013Can Cisco 3945E support VRF-Lite ?
View 4 Replies
ADVERTISEMENT
Cisco Switching/Routing :: How Many Route Entries Does 3945E Or/and 3900 ISR G2 Support
Dec 1, 2011I have a question concerning about how many ospf and bgp route entries does 3945E isr g2 router support?
View 6 Replies View RelatedCisco Switching/Routing :: 2960 LAN Lite Image Does Not Support MLS QoS Trust Device
Jun 20, 2012I have some 2960 switches with Lan Lite ios in my infrastructure.And I try to configure them to support "trust device cisco-phone" and "switchport priority extend cos 0" on ports with cisco phones.But LAN Lite image does not support "mls qos trust device cisco-phone".can I use any workaround to trust cos of cisco phone and to remark PC traffic with cos 0?
View 1 Replies View RelatedCisco WAN :: 3945E - Configuration For 20 T1 / E1
Sep 28, 2011Does following configuration is responding to the request of my client asking for 20 T1/E1 connections on a Secure ISR 3945E, by combining on the same router One (01) NM-8CE1T1-PRI card and Three (03) HWIC-4T1/E1 cards.
Here are the router configuration:
CISCO3945E-SEC/K9 Cisco 3945E Security Bundle w/SEC license PAK
MEM-3900-1GU2GB 1GB to 2GB DRAM Upgrade (1GB+1GB) for Cisco 3925/3945 ISR
MEM-CF-256U1GB 256MB to 1GB Compact Flash Upgrade for Cisco 1900,2900,3900
NM-8CE1T1-PRI 8 port channelized T1/E1 and PRI network module
HWIC-4T1/E1 4 port clear channel T1/E1 HWIC
SM-NM-ADPTR Network Module Adapter for SM Slot on Cisco 2900, 3900 ISR
PWR-3900-AC/2 Cisco 3925/3945 AC Power Supply (Secondary PS)
CAB-ACE AC Power Cord (Europe), C13, CEE 7, 1.5M
S39EUK9-15104M Cisco 3925-3945 SPE IOS UNIVERSAL
PWR-3900-AC Cisco 3925/3945 AC Power Supply
3900-FANASSY Cisco 3925/3945 Fan Assembly (Bezel included)
C3900-SPE250/K9 Cisco Services Performance Engine 250 for Cisco 3945 ISR
ISR-CCP-EXP Cisco Config Pro Express on Router Flash
SL-39-IPB-K9 IP Base License for Cisco 3925/3945
SL-39-SEC-K9 Security License for Cisco 3900 Series
Cisco WAN :: 3945e Udp Packets Are Dropping
Dec 13, 2012I have a NAT setup. Some of my udp packets are dropping. How to find more about the NAT to find whether it missed anything or not. the router is 3945e. [code]
View 3 Replies View RelatedCisco WAN :: Comparison Between 7204vxr Vs 3945E?
Oct 23, 2012the feature difference between Cisco 7204vxr vs 3945E.
Wanted to know the limitation in 3945E compared to 7204VXR
Features39457204VXR with G2MemoryPacket processingBandwidth support
Cisco WAN :: 3945E And NM-8CE1T1-PRI Compatibility
Dec 16, 2011I have inherited a 3945E router with an NM-8CE1T1-PRI card installed in slot 2 using the SM-NM adapter card. The command 'card type E1 2' has been issued but I only see interfaces Serial2/0:0 to Serial2/0:30.
Since it as 8 port card I was also expecting there to be
Serial2/1:0 to Serial2/1:30
Serial2/2:0 to Serial2/2:30
etc etc.......
Serial2/7:0 to Serial2/7:30
The router will not allow me to issue a sub slot number with the card type command.
Am I missing something in the configuration or is there an issue with this card and router combination? The show inventory has the following:
NAME: "Network Module Adapter for SM Slot on Slot 2", DESCR: "Network Module Adapter for SM Slot"
PID: SM-NM-ADPTR , VID: V01, SN: FOCxxxxxxxx
NAME: "8 port channelized and PRI T1/E1 NM on Slot 2", DESCR: "8 port channelized and PRI T1/E1 NM"
PID: NM-8CE1T1-PRI , VID: V01 , SN: FOCxxxxxxxx
It doesn't give any errors when booting up and the router is running c3900e-universalk9-mz.SPA.152-1.T.bin IOS.
Cisco WAN :: Rack Unit For 7206VXR And 3945E?
May 29, 2013I was looking for Rack Unit required for 7206 VXR & 3945E but couldn't find it.
View 1 Replies View RelatedCisco WAN :: 3945E Maximum Throughput Potential?
Jan 8, 2011Am looking at purchasing a router that is capable of serving a WAN bearer at up to 1Gbps. The 3945E has had good reviews as a high throughput router but the datasheets suggests performance of 350Mbps. It also states that additional performance can be ensured by adding SPE modules. Whether the 3945E could achieve up to 1Gbps with SPE modules?
If the 3945E can't achieve such performance, The key features I am after are:
IPV4 and IPV6 support
L2tpV3 support
BGP
IP SLA
1Gb Copper Connections on-board with capability of at least 4 Ports
Cisco WAN :: 3945 Vs 3945E From VPN Feature Perspective
Jan 20, 2013I have an issue understanding the difference between 3945 and 3945E from VPN support perspective.
If you check this link here:
[URL]
You will see that the 3945E doesn't even have an ISM slot for a VPN ISM module and of course I could not find any ISM module for 3945E (I think this is obvious). Nevertheless, the above mentioned page and
[URL]
say "Embedded hardware-accelerated VPN encryption for secure connectivity" for 3945E
That the Cisco 3945E supports the same VPN features (including packet encryption / decryption in hardware) like a Cisco 3945 with VPN ISM card?
Cisco WAN :: 3945E - Terminate A 1Gbps Ethernet
Nov 15, 2011I'm looking to use a Cisco 3945E to terminate a 1Gbps Ethernet internet connection and I want to know the realistic throughput that I can expect. The router will only be configured with BGP with partial routes. No firewall or QoS will be configured.
View 8 Replies View RelatedCisco WAN :: Migrating Router Configuration From 3725 To 3945e
May 30, 2013I'm trying to migrate the running-config from our old 3725 router to our new 3945e router. Almost all of the config is copied over except for a few lines that come up as unrecongnized commands. So it looks like these commands were either removed or changed to something new.
View 12 Replies View RelatedCisco VPN :: 3945E-SEC/K9 And 2911-SEC/K9 Contains Advance IP Services Features (like Eigrp / OSPF)
Sep 11, 2011I am wondering if IOS bundled by default with CISCO3945E-SEC/K9 and CISCO2911-SEC/K9 contains adv. ip services features (like Eigrp, OSPF etc.).
View 1 Replies View RelatedCisco WAN :: 3945e / Client DH Key Range Mismatch With Maximum Configured DH Key On Server
Jan 19, 2012what this syslog message means? Being getting this on my 3945e series routers. My gut tells me they are caused by our Security guys scanning my routers with invalid login attempts.
%SSH-3-DH_RANGE_FAIL: Client DH key range mismatch with maximum configured DH key on server
Cisco WAN :: 1800 - VRF Lite Scalability
Feb 14, 2011Imagine organization has about 300 partners. Currently data center has 100 Cisco 1800 routers to accept P2P connections for each partner.
Now organization proposal is:
- Use MPLS and use an extranet network. Advertise a certain unique route to each partner..
- Grant unique VPN ID for each partner and VRF Lite at the data center. Then bring each partner with separate tagged VLAN to the data center via MPLS.
Can VRF Lite scale to more than 300+ partners OK?
Cisco WAN :: C3750G - VRF Lite Functionality
Jan 22, 2012Using the VRF- Lite functionality on Cisco 3750G's (WS-C3750G-24T-S), I've got a situation currently with a set of 3750's running inter- v LAN routing for around 80/90 connected sub nets (140+ gig ports). I'm looking in the coming week at creating a new VRF and enabling OSPF for that VRF while leaving the existing routing arrangements in the Default IP Routing Table.
I'm in a situation where I can't replicate the live config into a lab to test the impact / implications of enabling / creating VRF's. I know the 3750's have a very small support for VRF's (24 if I recall) but I only plan on using 2 or 3 max currently.
Cisco VPN :: 3945E ISR Router As EasyVPN Server / Local Usernames Restrict Management
Jun 24, 2012I am using 3945E Router as Easy VPN Server, with 15.1 IOS. On router I have bunch on usernames for VPN authentication, I want to restrict Router management access for them(ssh,telnet, http and so on).
View 2 Replies View RelatedCisco Switching/Routing :: 3945E - Bandwidth Percentage For Nested Policy Maps
Jul 15, 2012I'm trying wrap my head around bandwidth guarantee for nested maps. I tried adding a new class to two of my policy-maps today, and got this error: 3945E-1(config-pmap-c)#bandwidth 3000 Insufficient bandwidth 3000 kbps for the bandwidth guarantee
I'm not sure how it knows that with the nested maps and how it's computed. I have a 100mb WAN connectin going to 19 branches. I have a class-map that identifies traffic to the individual branch and within that class, a policy-map is applied to prioritize voice over video etc.
Here's the QoS setup:
class-map Branch1-Policy
match access-group branch-1-acl
*
*
[code]....
I was adding the Video-Conf class to both Traffic-6calls and Traffic-10calls when I got the above error. How would that percentage be calculated? I know by default i can only reserve up to 75% of interface bandwidth. The platform is 3945E running 15.1(3)
Cisco :: How To Tell If My 2960 Has Lan Base Or Lite Image
Apr 2, 2012How do I tell if my cisco 2960 has the Lan Base or Lan Lite image?
View 11 Replies View RelatedCisco WAN :: ASA5510 VRF-Lite Two Customers Same Subnet
Apr 6, 2012We want to deploy a NMS (Network Monitoring System), in this case SolarWinds, to monitor devices we have deployed at the customer site. We will make an IP VPN connection (ASA5510 with Cisco 800's) to the customer site. We have one primary NMS installation running in our datacenter. This NMS has to have a connection to all customer sites. We run into a problem when two customers use the same subnet. We want to use VRF-Lite to solve this problem but I am stuck in my design.
I have attached "VRF.jpg" to show the (basic) design I have made. The connection from customer to the router in the datacenter is not a problem. We can put the fa0.1 and vpn interface in the same VRF group. Via one physical cable we will go from router to NMS in which the NMS has multiple virtual interfaces. The datacenter router will route between the 192.168.x.x (NMS) and 10.1.1.x (Customer).What I can't seem to comprehend is how the NMS can decide how to get to Customer 1 or Customer 2. The customer can reach the NMS one-way but the NMS has no way to reply back because if it replies to 10.1.1.1 it can either use interface fa0.1 or interface fa0.2.
Cisco WAN :: Static NAT On ME6524 Running VRF-Lite
Nov 17, 2011I'm having a rather bizarre and highly annoying problem with static NAT on an ME6524. I've created a virtual router (VRF CORPNET) which has one physical L3 interface, one SVI and one Loop back.This Virtual router has the sole purpose of Na Ting our internet-addressable IP addresses to another set of addresses on our Corporate WAN.
There are two NAT rules - a single 1-1 Static NAT, and an overload NAT for everything else, which uses the Loop back address. The 1-1 Static NAT is used to NAT our VPN ASA, which is used to establish a Site-Site VPN to one of our counterparts on the Corporate WAN. This works fine most of the time, however once or twice a day, the NAT just stops working, our Site-site VPN drops, and traffic is being seen on our counterpart's firewall with source address UN-NATed (They see 200.200.200.1, when they should see 30.30.30.65). When we go onto the 6524 and do a show ip Nat translations we get the following (200.200.200.1 is our VPN ASA - 200.200.200.10 is just user traffic):
ZR-BDG1-6524#sh ip Nat translations
Pro Inside global Inside local Outside local Outside global
udp 30.30.30.65:500 200.200.200.1:500 30.30.40.4:500 30.30.40.4:500
udp 30.30.30.65:500 200.200.200.1:500 30.30.40.4:500 30.30.40.4:500
[code].....
As you can see, for some reason we have multiple identical PAT entries for port 500. While this is the case, traffic from our VPN ASA is crossing the box without being Na Ted. If I issue a clear ip Nat trans * then the situation is immediately resolved, and the VPN reconnects without issue.
Cisco Switching/Routing :: Create Trunk Between 4507 And 3945E Router And Route Two VLans
Feb 12, 2012i want to create a trunk between 4507 & 3945E router & route two vlans from router 3945E
4507# vlan 99 & 51
# int vlan 99
# ip add 10.22.100.1/24
#int vlan 51
# ip add 10.22.103.1/24
[code].....
4507 version : IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.02.00.SG RELEASE SOFTWARE (fc4)
3945E: 15.1(2)T4 what I am missing?
Cisco VPN :: Unable To Access Internet Using VRF-lite On Through ASA 5505
May 4, 2012I am trying to “build up” a small home-network and using some of following Cisco equipment’s
ASA 5505 v8.4.3 witch base licenseCisco Catalyst 3750G with ipservices version 15.0.xand 1 qty of AP1142N I am not able to get internet access from any VRF’s.
From "MILAN (LAN) VRF, I am able to ping my gw: 10.45.45.1 but I am not able to ping for example: “linknett VRF”.
It seems that i am missing some NAT rules on ASA or ?
If i connect my laptop directly to the ASA, i am able to get internet access!
I am not feeling comfortable with a new ASA 8.4 code yet, so im not so sure which exact code's i am missing on ASA ...
attached digram including configuration files from ASA and 3750 sw.
Cisco :: Difference Between Lite Entry And Base 2960 Switches
Jul 1, 2012Thinking of getting one of those 8-port 2960 for a CCNP study. Is the difference between the C2960-8TC-S and the C2960-8TC-L models in Hardware, or in IOS? or both? And if it's in IOS, is the S upgradable to L?
View 7 Replies View RelatedCisco Infrastructure :: 2 6509-E Switches Connected Directly To Each Other While Using VRF-lite (Sup 2T)?
Apr 11, 2013I am trying to test (if possible) the idea of having 2 6509-E switches connected directly to each other while using VRF-lite (Sup 2T). The idea is to have 3-4 separate networks. For example Net-A, Net-B,Net-C, Net-D. There is no PE router*, just these two switches. Also, there sin't any other access layer switches. All users connect directly to the 6509-E's via switch 48 port switch blades.
Net-A and Net-B on separate VRF's, but able to talk to each other. Net-C and Net-D* on separate VRF's without being able to talk to any other. Net-D* will have a PE since it comes from an external network. This is something I would like to test in a lab environment, but I am not familiar with VRF's.
Cisco Switching/Routing :: 2960 LAN Lite / VLAN Number Max 64?
Jun 6, 2013we have inserted into a network with VTP a Cisco Switch 2960-S, not knowing that had installed IOS LAN lite.Now I discovered that it can handle up to 64 vlan. In the network there are currently configured 62 VLAN: what happens when we exceeded the max number (64) of VLAN for that switch?
View 6 Replies View RelatedCisco Security :: 1841 / VRF-Lite And Global Keyword In IP Route?
Sep 1, 2007I have a 1841 with 12.4(16) IOS.In my configuration I have to interfaces for internet access, without vrf:
interface ATM0/0/0
dsl operating-mode auto
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
[code]....
This two interfaces are in the global route table because there is no vrf indication. These are for internet access (a simple adsl connection) Then, I have this interface in VRF named "lan123"
interface FastEthernet0/1.23
encapsulation dot1Q 123
ip vrf forwarding lan123
ip address 192.168.143.254 255.255.255.0
ip nat enable
Now the issue.If I write:
ip route vrf lan123 0.0.0.0 0.0.0.0 Dialer0
this works and, with nat, internet works. The question is why this works without the "global" keyword? I'm going from the vrf named "lan123" routing table to global table without the using of "global" keyword.
If I try to use:
ip route vrf lan123 0.0.0.0 0.0.0.0 Dialer0 global
there is an error indication.
Cisco Switching/Routing :: 2960s - Unable To Access Lite Switch
Nov 9, 2012Unable to access switch from outside the local network. Can get to all routers and PC's
View 2 Replies View RelatedCisco Switching/Routing :: LAN Base Software For 2960 Lite Switches?
Feb 6, 2012We ordered 4x cisco 2960 switch with LAN Lite software by mistake. Can we upgrade them to Lan Base?When I change boot image I get Error: hardware not supported by firmware.
View 3 Replies View RelatedCisco Switching/Routing :: Native VLan Between 2960S And 4507 With VRF-Lite?
Jan 4, 2012We are trying to setup a new configuration with 2960S as access switchs and a 4507 as a core switch.I want to protect the management IP VLAN of the swich using vrf on the 4507 so we :
SHUT VLAN 1 on every switch (2960 + 4507)
CREATE A NEW VLAN 289 (management vlan) -> IP network : 10.32.126.192/26
L3 VLAN on every switch
VLAN 289 in the VRF XXX on the 4507
create tunk between the switch and the 4507 :
switch mode trunk allowed vlan 200-230
sw trunk native vlan 289
so with this configuration on the 2960 the vlan 289 is UP/DOWN and UP/UP on the 4507 I can access to the 4507 using the IP in the VLAN 289 but i cannot access to the 2960 behind the 4507 CDP connectivity is ok?
Cisco Switching/Routing :: 2960 With LAN Lite Software Be DHCP Server?
Feb 10, 2013I need to buy a cheap Cisco switch with DHCP server.Can you confirm that 2960-24-S, 2960-24TC-S and 2960-48TC-S be a DHCP server?
View 3 Replies View RelatedCisco Switching/Routing :: WS-C2960-24TC - LAN Base And Lite IOS Install
Jul 18, 2012A quick one because I'm scratching my head trying to figure the difference between the 2960 LAN Base and LAN Lite IOS installs. I want to put a 2960 into a site which has as layer 2 link on dark fiber taking it elsewhere. This part I'm not concerned about - the WS-C2960--24TC will do what I need without issue - but I don't know if I can get away with LAN Lite, or if I need LAN Base.
I basically need V LAN's with associated SVI's, and a routed link on the up link port (I don't care if it's a switch port with an associated SVI or a no switch port and IP address), but it's got to be able to run OSPF. Can I do this with LAN base on this series switch? Or do I need to go for a higher series (3560?). I *could* get away with static routes, but my boss is walking death on them unless I can 100% prove they're necessary, so I'd rather not right that fight!
Cisco Switching/Routing :: Any Special License On Catalyst 4900M In Order To Run VRF Lite?
Apr 4, 2013Do I need to run any special license (like IP SERVICES) on the Cisco Catalyst 4900M in order to run VRF lite?
View 4 Replies View Related