Cisco WAN :: Community Tags Between EBGP AS200 / AS100?

Oct 10, 2012

I would like to know how long a route would maintain its community tag when it traverses ***?Basically, a route is tagged 100:1000 when exiting AS100, and then accepted into AS200. AS200 will not modify the tag. Would AS200 export the route to AS300 with the same 100:1000 tag?

View 2 Replies


ADVERTISEMENT

Cisco Infrastructure :: How To Hide Ospf N/w In AS100 From Routers In AS200

Mar 11, 2013

how we can hide our ospf n/w in AS 100 from routers in AS 200 and and there is still communication between R1 and R7

View 2 Replies View Related

Cisco WAN :: AS100 / Multiple Upstream EBGP Peers?

Nov 11, 2012

I am imagining a smallish networking (AS1234) with say three full BGP table peers that provide transit to the network (just to keep the maths simple here); Lets say AS100 and AS200 are preferred transit providers with AS300 as a backup/least prefered (AS prepends or similar stop us from using this network by default). So in this scenario our little network gets two different paths across the Internet, as not to rely solely on one provided, with a backup provider to hand also.
 
How do you mange issues like packet loss somewhere in AS100's or AS200's network? So lets say a host on our AS1234 network is talking to host in AS888 and the preferred route is through AS100 but somewhere deep in AS100 a link is flapping (for example) and I can't get to AS888 reliably through there anymore, but I can through to other peers of AS100 OK. We can postulate that AS100 is the best path for 50% of the Internet and AS200 for the other 50% (this is a best case fictional scenario). I can't ping 50% of the internet via AS100 and then in the event a ping fails (or some other more reliable test) tear down the BGP session to use AS100 until it's fixed again, nor vice versa with AS200.
 
First of all, I asume you don't know about the issue between AS100 and AS888 until someome moans about it to you? Secondly, do you then some how modify the route(s) to AS888 that come from AS100 (route map for example to change the weight or preference) so AS200 is now preferred for AS888? Do you infact shut down the AS100 peering and now use AS200 & AS300? How do you rectify these situations that are beyond you control using what is in your control?

View 2 Replies View Related

Cisco WAN :: Keep VLAN Tags Between 1921 Over T1?

Aug 8, 2012

I am looking to transfer 3 VLANS (10, 20, and 30) over a T1 point to point using Cisco 1921 routers.  I do not want to "Bridge" the connection, one location has a 10.1.0.0/16 subnet and the other location has a 10.2.0.0/16 subnet because we don't want to saturate the already slow link. 

I tried the instructions here: [URL] With these routers couldn't I create the three VLAN's then tell the GigabitEthernet0/0 interface it's a trunk port?  Or do I setup sub interfaces (.10, .20, and .30) for each vlan?  I've tried all of the above and I can't get it to work.  I can directly plug into the router and ping the other router on the other side of the T1 but I can get the info coming from my Dell PowerConnect 6248 (plugged into a trunk port) to go through to the router which is why I think it's a vlan issue.

View 17 Replies View Related

Cisco :: Strip DSCP Tags At ISP Edge?

Oct 7, 2011

My company's spent the last few weeks struggling with an issue with their VPN backups where select packets were being lost.

View 7 Replies View Related

Cisco Switching/Routing :: 802.1 Span And Wireshark To See P-bits And Vlan Tags

Dec 30, 2009

I do not see 802.1Q tags nor do I see p-bits (COS) in my wireshark captures. My setup is not working and I have no way to verify (sniff) that the 6509 is setting the p-bits to 3. [code]

View 4 Replies View Related

Cisco WAN :: 2911 With Partial EBGP Routes

Jun 29, 2011

a customer of us asked if C2911 (to be bought) is ok for partial BGP routes.This is the situation: 2 cisco 2911, each peering with 3 other AS (AS1, AS2, AS3), and maybe, in the future, at a small IXP (AS4, AS5, AS6, AS7).They will accept defaults plus partial routes from upstream AS1, AS2, AS3.When deployed at the IXP they also will accept partial routes from AS4-7.So, is 2911 ok for that configuration?the default route is included in the first row of as-path, isn't it?I have no experience with partial routes, only with full (for our datacenter) and default only (for other customers).

View 5 Replies View Related

Cisco :: Catalyst 2960 Unable To Add Members To Community

Mar 27, 2013

I try to add a  Catalyst 2960 to Cisco Network Assistant, I get the prompt for password but I get a "Authentication failed". I use the same login / password for telnet that works fine. Http admin page is reachable but I cannot login with the "admin" account.

View 2 Replies View Related

Cisco WAN :: 2811 EBGP With Static Default Route

May 8, 2011

My 2811 is connected with two ISP,s as below and have VPN with Central branch.I want to set DSL as primary and WiMax as secondary but problem is that routes learned via BGP get precedence over default route as they are specific one.I think i may need to put all static specific routes of central branch over DSL along defautl but I want any idea if my default route stay active and when it down then BGP neighborship can be establish  (like ip sla tracking.)

View 3 Replies View Related

Cisco AAA/Identity/Nac :: Add SNMP Server IP And Community In ACS 3.2 Appliance

May 23, 2012

how to add an snmp server ip and community in the ACS 3.2 appliance .

View 3 Replies View Related

Cisco WAN :: C2900 - Route Selection When Using EBGP And EIGRP

May 22, 2013

I have a mixed WAN environment with both eBGP and EIGRP routes.  The BGP routes should always take precedence, when they exist.  If no BGP routes exist I want the router to fail over to using the EIGRP routes.  So far, this works fine.

The problem is, when the BGP route again becomes available (and the associated entry appears in the "sh ip bgp ... received-routes" output) the router is NOT relinquishing the EIGRP route.  It remains in effect, showing as a "D" route int the route table even though there is a better ("B") route available. If I bounce EIGRP or the interface associated with it, the EIGRP route disappears and the BGP route reasserts itself, and everything will run correctly until the next time the BGP route disappears due to maintenance, line failure, etc. 

My router is (C2900-UNIVERSALK9-M), Version 15.3(1)T
 
Here's the associated config
interface Tunnel101
description VPN backup WAN interface
bandwidth 7168
ip address 192.168.75.1 255.255.255.0
[code].....

View 7 Replies View Related

Cisco WAN :: Setup EBGP Session To 2801 CE Router

Mar 29, 2011

I have setup an eBGP session to a Cisco 2801 CE router. The BGP session establish, however, the session keeps resetting after  90 sec which is the BGP keepalive holdtime value.
 
On the PE router I found that the OutQ doesn't clear = 22 when doing a "sh ip bgp x.x.x.x summary" - Session reset at 1:30.When I filter the amount of routes advertized to the CE neighbor with the "neighbor x.x.x.x prefix-list out" - I see the OutQ clear = 0 and the BGP session remains up.
 
-Number of NRLI advertized without prefix filter = 172
-Number of NLRI after filter = 52
 
why the OutQ doesn't clear.

View 1 Replies View Related

Cisco Switching/Routing :: 5548 Nexus Snmp Community

Nov 20, 2011

I am using cisco Nexus5548 and trying to enter a snmp community, but it doesn't accept it. I enter a community name that is less than 32 characters, with symbols, numbers and letters.

View 2 Replies View Related

Cisco WAN :: 65210 - Add Last Two Static Routes / Communicate Other Sites Via EBGP?

Apr 7, 2013

My client has MPLS network via eBGP to communicate with all the sites. Here is the basic config on the router.router eigrp 65210.neighbor 192.168.1.2 remote-as 13939
 
When they installed the internet on the local router, and added the static route on the router to hit the internet, they need to add the static route (2nd one) to communicate to the other sites.
 
ip route 0.0.0.0 0.0.0.0 75.75.75.1

ip route 192.168.0.0 255.255.0.0 192.168.1.2

ip route 172.20.0.0 255.255.0.0 192.168.1.2
 
They want to route all the traffic out thru the local intenet besides their private networks ( 192.168.0.0/16 and 172.20.0.0/16). Are there ways not to add last two static routes and communicate the other sites via eBGP?

View 5 Replies View Related

Cisco WAN :: 7206VXR Router Not Respecting AD Rules Between EBGP And EIGRP

Apr 17, 2012

I have a setup where a router learns a subnet from both EIGRP process and a BGP process (EBGP peer). In the network's normal state, the EBGP path is preffered path (Primary Path). When the route to the subnet is lost in EBGP, then the router will install the EIGRP learn route into the routing table and use that as its path to get to subnet now (Backup path). This works as expected.
 
The problem is when the EBGP learn route comes back, the Router still holds on the EIGRP learned route in its routing table. I would think that since the Admin Distance (AD) of EIGRP (90) is higher then the EBGP AD (20) that once the EBGP route is learned again, that it would re-install itself back into the routing table (replacing the EIGRP learned route). But this is not happening.
 
Im not sure what Im missing here since I thought AD was highest considered attribute the routing table consider when install a route learned from 2 routing process.
 
The setup Im running is an Cisco 7206VXR (NPE-G2) processor (revision A) running IOS c7200p-spservicesk9-mz.124-15.T12.bin.

View 8 Replies View Related

Cisco Infrastructure :: C3825 / Police Route And Match Community-list

Aug 20, 2012

I have a C3825, and have been using standard ACLs and a PBR to route certain HTTP traffic via an alternative default gateway:

route-map RTRMAP-OfficeLAN permit 10
match ip address RTRMAP-OfficeLAN-toADSL
set ip next-hop x.x.x.x
 
This is working absolutely fine, and as expected, all traffic matching the ACL is being sent to x.x.x.x However, we have recently expanded our network, and I am now receiving various networks via BGP from various sources.  All BGP incoming via iBGP is tagged in communities:
 
Community (expanded) access list 100
permit 37xxx:100
Community (expanded) access list 200
permit 37xxx:200
Community (expanded) access list 300
permit 37xxx:300

[code].....
 
All communities are also matching prefixes when executing either 'sh ip bgp community 37xxx:100' or 'sh ip bgp community-list 100' What I am trying to achieve, is create an EXCEPTION for the policy route.  Traffic matching the community lists, must be forwarded based on the routers routing table, whilst traffic maching the ACL, must be sent via the policy route...
 
route-map RTRMAP-OfficeLAN permit 5
match community 100 200 300 400 500
!
route-map RTRMAP-OfficeLAN permit 10
match ip address RTRMAP-OfficeLAN-toADSL
set ip next-hop x.x.x.x
 
My logic dictates to me that the above should work, but looking at the route-map, I get matches on seq 5 and pacets are exiting the route-map as expected (first matched).  However no traffic that does NOT match community 100,200,300,400 or 500 and that DOES match the RTRMAP-OfficeLAN-toADSL never matches.
 
The counters on the route-map for seq 5 is increasing, but no counters are increasing at seq 10..  It's almost as if seq 5 is matching all traffic.

View 1 Replies View Related

Cisco :: C6500 - Create SNMP For Couple Of Servers / Access List For Separate Community

Jun 4, 2013

On C6500 series I have to create a separate community to send a SNMP trafic for a couple of gig interfaces.The user that will collect these informations has a Monitoring server and is only interested in monitoring traffic on those link and maybe pps.
 
I understood to create a an ACL pointing to his IP of the server, and that create a community and associate this access list with that community. Those commands I have, but I need to send the user the MIBs or other relevant info on how to collect and forbid everything else but thos interfaces.Do I need to give the SNMP HOST command and associate with this community after that.

View 1 Replies View Related

SNMP Couldn't Make Router Restrict A Range Of Address Allowed To Use A Community

May 3, 2011

I have a XSR-1805 (Version 7.5.0.0) enterasys router here. Got SNMP server to work successfully. The thing is that I couldn't make the router restrict a range of address allowed to use a community. Only 10.1.0.13 is allowed to use SNMP in this case.

View 1 Replies View Related

Wireless :: Setting Up Retirement Community Wireless Networks

Jan 20, 2012

This is a retirement community consists of a 1 floor apt bldg with around 80 apt. They have house, nursing home and our apartment bldg.If you are one of the lucky ones to live near the offices we can get the Internet with routers.you can WIFi Netflix in too. from the Mgr office or the Social workers office it in to our homes.The other apt's can't get it because they are 2 far away. What would it cost to WiFi our little apt. bldg?.I have been blessed to get the Internet. I just would like to see what it would cost to make 80 apts WiFi ready?/

View 1 Replies View Related

Cisco :: Test Fast Roaming Using A Cisco 2100 Series Controller And 2 1140 APs?

Jul 20, 2011

I'm trying to test fast roaming using a Cisco 2100 Series controller and 2 1140 APs. The initial authentication succeeds fine and the wireless connection works ok using WPA2+CCKM and LEAP with a Cisco ACS radius server.The problem is that the client does not attempt to preauthenticate with the other AP because the RSN Capabilities IE in the AP beacons and probe responses do not set the RSN Preauthentication capable bit. I can't figure out what it takes to get the APs to indicate to clients that it can do preauthentication. I'm been crawling through all the documentation I can find, to no avail.

View 1 Replies View Related

Cisco WAN :: Does Cisco Catalyst 2960-8TC Support Bandwidth Limit Control

Aug 22, 2011

We are about to share a 10 MBit ISP connection with 2 others companies, and they are going to split the bill up into 3,3 and 4 Mbit, so we where thinking that we could setup a switch before their and ours router and provide them with a static IP from our ISP. But is it possible to set a bandwidth limit on the ports of a Cisco Catalyst 2960-8TC, so that we can set a limit of 3,3 and 4 on 3 ports.

View 1 Replies View Related

Cisco Wireless :: WLAN Cisco / AP 3502e - How To Get PAT (Product Acceptance Test)

Dec 3, 2011

I want to PAT my project of WLAN and i attached the document, how I create the Testing Criteria of the said scenarios, PAT document includes WCS 7.0, WLC 5508, MSE 3310, Cisco AP 3502e and ACS 4.2.

View 0 Replies View Related

Cisco Firewall :: Cisco ASA5510 Unable To Block Unwanted URLs

Jul 12, 2012

I have  cisco ASA5510 firewall  using in my network but  unable to bolck Url's  unwanted. can i block the [URL] on the asa by using regular exp.

View 3 Replies View Related

Cisco Switching/Routing :: Configuring COS On 2960G Switches With Non-Cisco Phones

Mar 1, 2012

I have 7 POE switches that have ESI IP phones attached.  I have two VLANS, 1 and 2.  VLAN 2 is used for voice and is defined in each switch.The ESI IP phones connect to my POE switch ports and the pc attaches through the ESI IP phone.
 
I have had voice quality issue between floors in my building.  Talking to others on my floor via the IP phone, there are no voice quality issues. [code]

View 1 Replies View Related

Cisco Wireless :: Connect Ap-1242AG With Non-cisco Router To Work As Repeater?

Nov 18, 2012

is it possible to connect Cisco Ap-1242AG with non-cisco wireless router to work as repeater?

View 1 Replies View Related

Cisco :: Unable To Understand Cisco Syntax For Nat Rules On 5550

May 1, 2012

I am looking at a config on a 5550 FW, and am trying to make sense of the syntax of the following rules. I have been to the Cisco site, but can't find much on the syntax.

View 8 Replies View Related

Cisco :: IPSec Tunnel Between Cisco ASA And OpenBSD (Access Enforcer)?

Mar 10, 2011

I currently use a device called the Access Enforcer which runs OpenBSD. I have 3 stable, working VPN tunnel's where the other side's device is a Cisco ASA 5520 or 5540. I was setting up my 4th VPN where the other side used a Cisco ASA 5520 and ran into issue's. The Cisco side can bring up the tunnel. Once the tunnel is up each side can talk to the other side. However, when the tunnel is dropped, the OpenBSD side cannot bring up the tunnel. The error received is on the OpenBSD device is "isakmpd[29581]: transport_send_messages: giving up on exchange from-XX.X.X.0/24-to-XX.XXX.XXX.240, no response from peer XX.XX.XXX.141:4500". I have been trying to figure this out for weeks now and can't seem to find the cause.

View 3 Replies View Related

Cisco Switching/Routing :: Cisco 3750G Error During POST

Dec 5, 2011

I am trying to configure a 3750G that has been sitting on the shelf for several months and am getting the following error -
 
% Error: Unable to create flash:/microcode_update% Error: It must not already exist

Normally, getting an error during POST isnt a good thing.  My first thought was that flash was corrupted or flagged RO somehow. I did fsck flash: with no change.  I next tried fsck /test flash:.   It tested 77 blocks and performed 0 erasures.  It had been running for about 15 minutes with no problems reported so far.  Multiple reboots of the switch still report the same error.
 
I have reviewed the history of what I have done on this switch and finally think I found the problem.  I noticed a microcode_update directory that I am not used to see on a 3750.  Deleted the directory using the rmdir command and rebooted the switch.  On reboot, I noticed that a front_end/ directory was listed as being created as well as fe_type_1 and fe_type_2 were created.  The switch now boots up without any errors.

View 3 Replies View Related

Cisco Wireless :: 2 Cisco Aironet 1401 APs Keep Kicking Users Off

Jan 3, 2013

I have two Cisco Aironets 1401 connected to a Cisco Catalyst 3560 Switch. When users log onto the Wifi the APs authenticate with a Freeradius that then authenticates with LDAP.
 
Recently users have been getting kicked off of the network but I'm not sure why.If so how do I set these APs to roam with my setupd?For all I know there could be an issue with the switch I'm just not sure where to start when it comes to troubleshooting this issue.

View 17 Replies View Related

Cisco :: CISCO Advanced Firewall On 2911 Router Using CCP?

Dec 29, 2012

Guys I am using a cisco 2911 router with three interfaces: Gi0/0 connected through a switch to all my servers and Gi0/2 which will connect to another server, and Gi0/1 is my outside interface connecting through a switch to two ISP's.I have webservers and Terminal servers/File Servers with 10.0.0.0 network address connected throught My Gi0/0 interface.Now I want to implement a Cisco Advanced firewall for security on my router using CCP.I want the firewall to work such that it allows external users to access the servers on Gi0/0 through ports 0,23,25,20,21,53, 110,3389. and to access the SIP server on Gi0/2. My issue is can i just create two DMZ's for both interface Gi0/0 and Gi0/2 without creating an inside zone and Gi0/1 as outside zone as my internal traffic is mostly server based and the users connect remotely through terminal server to access resourcess using RDP, secondly how do I open the relevant ports.I have checked alot and all I have seen is just basic process on using the wizard I have no idea how to go about this issue.

View 19 Replies View Related

Cisco :: How To Connect Laptop To Cisco 3550 Switch

Mar 30, 2011

I bought a new cisco 3550 switch to prepare for my Cisco certification prepration. Actually i dont know how to connect the cisco switch to a laptop with only usb ports....... earlier i used to do my practise using Cisco packet tracer but i think for CCNP switch that is not enough thats y i bought second hand switch. how can i connect that switch with my toshiba laptop which has only USB ports. do i need to buy some sort of convertor or other hardware. And if so what does u call it and how much does it cost?

View 5 Replies View Related

Cisco :: PPTP VPN To Pass NAT On Cisco 2921 Router

Apr 14, 2013

I am struggling to have my PPTP traffic to get routed through NAT to reach other Server LAN segment. I am using Cisco 2921 router as a PPTP server.This Cisco 2921 router is working as PPTP server and doing NAT also to reach Server LAN segment (LAN-B).My problem is after PPTP connection establishes I cannot reach any of the LAN segment, but after connecting PPTP I can browse Internet without any issue, but none of the LAN element is reachable. Please have a look on the configuration I am posting 2921 router configuration to suggest something, I have also attached the network setup for better understanding…Just to update Clients in LAN-A can access Internet as well as servers (LAN-B). [code]

View 2 Replies View Related

Cisco Switching / Routing :: Cisco 7600 - Support On ACL

Dec 8, 2011

I would like to know the IOS which supports :ACL Support for Filtering on TTL Value feature on my Cisco 7600 device. I check on cisco and found the Cisco 12.4T release but this software doesn't fit onto my chasis. which software should I  upgrade to on my cisco 7600 to have this feature.

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved