Cisco WAN :: Establishing 3G Connectivity Using 887VAG+7-K9
Oct 1, 2012
We have a fixed IP address 3G data SIM which we intend to use as backup for our ADSL connectivity using a CISCO887VAG+7-K9 router. (We have previously implemented similar using the older CISCO887G-K9 router without any issues)
The problem is, we don't seem to be able to establish 3G connectivity with this new router. Our service provider assures us that the SIM card is active (although they have seen no connection attempts from us on their RADIUS server)
The router is running IOS version 15.1(4)M4 and the following is the relevant config we have used:
My company bought another company and moved them into our building. the company moved in but are on an entirely different network all together. wired separately, different domains.what i would like to do is be able to have them communicate with each other. have users on company A be able to use printers on company B's side of the network.
I live in a very rural location with very few high speed Internet options.Unlike a lot of others, i have a relative 1.5 miles away who does have a high speed internet connection and is willing to up their package and split the cost with me. We've each gone up on our roofs with binoculars and confirmed we have a good line of sight, so setting up a long range point-to-point connection is what I am looking to do.
I already have a Tranzeo CPQ (TR6) to place on my roof (destination), so I just need something on my relative's house (source) to connect with.My initial thought was just to pick up another Tranzeo unit like mine from eBay for $100, but after doing some research, it appears the Tranzeo unit I have can only act as a client at the destination, so placing one at the source won't work ... or am I wrong here?
I have used my Tranzeo in the past over a much shorter distance (<800ft) to link up with a consumer Belkin N router, and it worked fine. For this new setup,I'm looking to connect the source's long range unit into my relative's router, then connect the Tranzeo on my roof to my router's WAN port.This way, my router will receive a DHCP address from my relatives router.
I have a site to site IPSec tunnel setup and operational but periodically the remote site goes down, because of a somewhat reliable internet connection. The only way to get the tunnel to re-establish is to go to the remote site and simply issue a ping from a workstation on the remote network. We were having this same issue with a Cisco PIX 506E but decided to upgrade the hardware and see if that resolve the issue. It ran for well over a year and our assumtions was that the issue was resolved. I was looking in the direction of the security-association lifetime but if we power cycle the unit, I would expect that it would kill the SA but even after power cycling, the VPN does not come up automatically.
Attached are the configuration files for the devices in question. I have a 5510 that belongs to my company and a 5505 that belongs to another company. The 5505 sits behind the 5510 and is able to connect to the Internet. My thought was that VPN access should be a trivial pursuit. I was planning on just giving the admin at the remote office the public IP address that's natted to the 5505 and all would be good.
A multipoint GRE (mGRE) and IPSec tunnel is built between two routers. The topology of the device is briefied below:Configuration in End Router: This is a cisco 2811 router. Amoung 2 ethernet interface ,one is using for LAN and one is for WAN. In WAN part , we have configured mGRE (Tunnel1 and Tunnel 2)by creating sub-interface of the router. From the interface ,we terminating the link to MPLS cloud from there its pointing towards our core router.From End router we are advertising the path through EIGRP and from the cloud BGP advertisied to the core router.[code]
I am having an issue with establishing L2L VPN with remote site. My side is cisco asa 5520 and other side is check point UTM-- tunnel is not up.just wnated to confirm on my sidde if the configuration is OK.al the parameters using are correct for both side. any issue with below conf ? default route is pointing to my next GW address is there additiona default is required for VPN ? to reach the remote LAN somthing like pointing to remote peer address.to give a brief idea front end device is router as GW wher in internet is terminated and other wan connections ASA is behind ther GW rtr and outside int of asa and lan interface of GW rtr is having public ip. LAN switch is connected to ASA
I'm at a FOX affiliate TV station, and in order to connect our EAS Device to the internet & Fox Splicer, I need to setup a Statio NAT, so we picked up an 1841 on eBay.
I've done a little configuration in HyperTerminal.
I've done these ip addresses:
FE0/0 10.1.10.13 this is the subnet our EAS device is on FE0/1 10.110.81.174 this is the subnet of the Fox Splicer.
I need to have NAT translate 10.1.10.11 to 10.110.81.170 and I also need to set a route for 10.110.81.0/24 pointing to 10.110.81.161
I'm trying to dial a Cisco 1841 BRI from my Cisco 2811 PRI. I'm getting a few errors but not sure what else to do to correct the issue. Config & Logs below from 1841:
interface BRI0/0/0no ip addressencapsulation pppdialer pool-member 2isdn switch-type basic-niisdn point-to-point-setupno cdp enableppp authentication chap callin 00:26:44: ISDN BR0/0/0 Q931: RX <- SETUP pd = 8 callref = 0x46 Bearer Capability i = 0x8890 Standard = CCITT Transfer Capability = Unrestricted Digital Transfer Mode = Circuit Transfer Rate = 64 kbit/s Channel ID i = 0x89 Signal i = 0x40 - Alerting on - pattern 0 Called Party Number i = 0xC1, '452####' Plan:ISDN, Type:Subscriber(local) Locking Shift to Codeset 5 Codeset 5 IE 0x2A i = 0x808001039E05, 'From ', 0x8B0C, '214 ###-####', 0x8001, '<'00:26:44: [Code]....
I have 100 mbps fiber connection. I bought 320N today I bought 320N and here is the problem:
We have a switch in the building. I am getting connection via CAT5. So I choosed "Use as WAN Port" from Ethernet settings. There is not much you can do here. I just used PPPoE and connected internet without any problem. The problem is I am only getting 32mbps. When I connect CAT5 cable directly to my computer I am getting 92mbps.
Maybe WAG320N is not establishing a full duplex connection.
My ISP (OTEnet, Greece) offers IPv6 connectivity in the form of dual-stack IPv4/IPv6 with the requirement that the router supports DHCPv6 Prefix Delegation for establishing an IPv6 connection.Using other routers (Cisco 887W, DrayTek Vigor2130n), I have established an IPv4/IPv6 connection but I am unable to do so with the EA4500. As a matter of fact, when I have the "IPv6 - Automatic" option enabled the router not only cannot obtain an IPv6 prefix from the ISP but it gets stuck in the connection attempt and never obtains an IPv4 or an IPv6 address. I have to disable the IPv6 option in order to simply establish an IPv4-only connection without problems.So, my questions are:
1. Does the latest (2.1.38.38880) firmware support dual-stack IPv6 and DHCPv6 Prefix Delegation?
2. If the router cannot negotiate an IPv6 connection why is it not establishing an IPv4 connection only but gets stuck in the process?
I reset the wap610N,after establishing connection, my iphone see my network domain but does not connect. I heard of dual band setting,how do i go about that. What must i do to establish connection with the iphone.
I have recently bought two CISCO routers RV220W for our main and brach office mainly for VPN tunneling. I didnt know they are routers only not modems. so I have set it up using BT 2wire Router as modem only.
I have successfuly setup the routers and manage to establish the VPN tunneling between two routers. AS bt doesnt give static WAN IP address so I have used Dyndns which works fine. although I have 5 static ip address which cannot be used for WAN unless i cahnge to one IP address even then BT tech said it will not work.
when I created the tunnel i could ping both servers with their IP only not with the names. I can ping them fine locally. I could also see the network from branch office to main office but not from main office to branch office. today when I restarted the server I cannot ping both server i mean vice versa but VPN tunnel is established. now I cannot see the network from branch office to main office as well.
Both sites running windows server 2008 standard. main office server has 6 NIC cards two wwith public and three with private ip addresses, its also runing Terminal server, exchange, file etc. the branch office has two NIC card one with private and one with public ip. Intially I could establish the VPN tunnel as the network range was same on both sites so I changed one in th e10.0.0.0 range other in 192.168.1.0 range and VPN tunnel was established straightaway.
As soon as the VPN tunnel was created I manage to creat an external trust without any problems and both servers are added in each other forward zones as name servers.
in the main office the fues went off and I had to re-start the router and now the VPN tunnel is not establishing, mainly the error is ISAKMP-SA Expired I will paste the log of both routers below
1. How to Clear Old or Existing Security Associations (Tunnels) on RV220W 2. how to fix the problem where I can ping the server with their IP as well as domain names ? 3. how to set it up so that both sides can see the network resources as well as access it ? 4. how to set it up so if the staff in branch office wants to log on the domain in main office he can simply do it as he does it in his office.
I am trying to establish a Site-to-Site VPN to our customer. I am using ASA5510 and the customer was using Fortigate 1000A. The problem that we're having was regarding the IKE Phase 2, I think!. Cisco debug information indicates "All IPSec SA proposals found unacceptable!"
I have a problem configuring a site to site VPN between two sites, one is an ASA5540 with version 8.2, the other is an ASA5545X with version 9.0 I'll try to include the relevant portions of the configs here... the tunnel will not establish and nothing shows on debug logs that I can find. I know the outside addresses for both work, as clients can connect into both.
We relocated several servers to our DMZ and, without a domain controller in the DMZ (we plan to put a RODC in the DMZ later when we mvoe to Windows Server 2008), i punch through the standard recommended TCP ports. ports 88,135, 389, 53, etc.) to the internal network located DC. I am double hopping to the DC (I hope thast doesn't matter) as the DMZ located web server communicates to another IP address in the same DMZ network and then I NAT that address to the internal IP address of the DC. Everything seems to be working for the servers we moved to the DMZ but i think i don't have all the necessary TCP/UDP ports punched through because we have found that logging into the DMZ servers is taking an extended amount of time, sitting on the “applying settings” screen. For 2-34 minutes. Also, we noticed that our applciations fols have to now add the fully qualified domain names when making calls to servers that just needed the domain name. When i open the access-list up completely without opening specific TCP/UDP ports, the issue is resolved.
I am currently configuring an ISR 892 without wifi. I got the start-up config working and am now stuck with zone-based firewalling. I configured four zones: private, dmz and internet-static and internet-dial. The private zone is configured for Vlan1 witch covers one ethernet switch port connected to the LAN. The dmz zone is currently not configured. The internet-static zone is configured for GigabitEthernet0 which connects us to our ISP providing a static IP. Internet-dial is configured for FastEthernet8 and connects to another ISP using a dial-up ADSL line, which is currently not connected. So, in short: I try to connect the private zone to internet-static and get traffic flowing, but can't get this working. The private zone can talk to the router and the router can talk to the internet. I suppose I forgot some basic configuration for the router itself because the zone configuration was done with this config guide: [URL]
This is my current running config:
Current configuration : 6076 bytes !! Last configuration change at 08:26:03 UTC Thu Feb 3 2011 by admin!version 15.1service timestamps debug datetime msecservice timestamps log datetime
I have created a management vlan on my network of 2950 and 3750 switches. One 3750 has a trunk to each of the 2950 switches which includes the management VLAN. On that 3750 the vlan and line protocol are both up even though there is no specific port assigned to the vlan; I believe the trunk connections allow the vlan line protocol to come up. On another 3750 stack I have my VLAN defined with no ports designated or trunks; the VLAN is up however the line protocol is down.
Physical devices are a Cisco 2901 (CISCO2901/K9) with GE0/0 configured as 192.168.1.1 Connected through a D-Link DGS-1210-24 configured as 192.168.1.202 Running on a domain with an HP domain server as 192.168.1.2
The 2901 was an EHWIC (VA-DSL-A oPoTS) on EHWIC 0/0/0 GE 0/0 on the 2901 is physically connected to the DGS-1210 which is physically connected to the server. VDSL 0/0/0 is physically connected to the DSL jack.
So far the configuration reports all is connected, and I can ping the gateway of our ISP (using CLI or Cisco CP); however the server reports no internet connection and no workstations can access the 'net.
Once connected; I'd also like to allow ports through for use on the network (25, 80, 110, 443, 987, 1723) - but not sure on how to do that just yet!
Our IP is 202.27.19x.19x Our Gateway is 202.27.217.5
i found that cisco small business SF302 PoE managed switch connect with the end device (RFID component) would causing packet drop issue.how should i isolate the issue and proper troubleshooting? would it cause by the PoE issue, or the 10/100 base etc.
I have a 2921 series router w 15.1M series IOS. The platform has HWIC-2SHDSL module installed, which is used for point-to-point G.SHDSL connectivity. When I apply a service-policy on atm pvc, after 10 to 20 minutes I lose IP connectivity on ATM interface and tunnel interface also goes to down state. If I remove the service policy on ATM PVC IP connectivty returns back.
Interestingly I use exactly the same config on 2821 platform (w. WIC-1SHDSL installed) and I do not live such an issue on that platform.I tried to carry the Qos config on to Tunnel interface with shaping enabled and "no qos-preclassify" command issued, but the result is the same.
policy-map MetroDSL-llq class sna-dsl bandwidth percent 10 class netbios-dsl bandwidth percent 10
I'm trying to configure ACS 5.2 so that should it loose connectivity to Active Directory it chooses the local authentication, however I can't seem to make this work.Within ACS 5.2, Access-Policies, Access Services, Default Device Admin, Identity,
I have a single rule configured for any device that matches tacacs to use the identity source of Active Directory, If authentication failed: Reject If user not found: Reject If process failed: Drop
The ACS can not access Active Directory, when I debug TACACS authentication on any 65k or 2921 device I get "Received Authen status error".
I purchased a RSV4000 for my home network and I was setting it up when I ran into a bit of an issue. My WAN is set for DHCP so it received an IP and DNS information from the cable modem. From the router I am able to ping my providers DNS servers as well as tracert to google.com. From inside my network I can log in to my admin page and see my other devices so internal DNS is working fine as well as DHCP. I can ping my router internally and I can also ping the WAN IP address of my router internally but that is as far as I can get.
From a PC on my network I cannot access any web content beyond my router WAN port, which I have verified has connectivity. I have power cycled both my modem and my router numerous times to no avail. I plug my old router back in and it works with no problem. I plug my computer into my modem and it works as well.
I turned off all firewall settings, set it so that it is in router mode and edited the DHCP and LAN IP information on it but that is all. All of the other settings should be default.
I even went so far as to plug the RSV4000 into my old router which was plugged into my modem since I know my old router worked. It did the exact same thing. It received an IP from the old router, was able to ping externally and I was able to ping the WAN port but then after that bupkiss.
I am writing to be given some support related to a issue that I am having. The fact is that I am trying to give connectivity between two companies that are connected to mine through the same Cisco VPN 3030 device (I know that it would be better that they access directly between them and not through my Concentrator, but due to some security reasons it is not possible).
The problem that I found is how to route the destination network through one specific L2L, because the static routes can only be configured to IP addresses or Interfaces (in my case just Internal-LAN and External-Internet).
WAN Interface gig0/0 interface ip add 62.x.x.x 255.255.255.252 duplex full speed auto LAN interface gig0/1 ip add 10.x.x.x 255.255.255.0 duplex full speed 100 ( i am keeping the speed 100 because it is connected in switch port f0/48,made the switch port as speed 100)
but after some time my connection to the internet goes off and i just shut and no shut the WAN interface and it comes back.
I have an ASA 5505 and i recently for some reason cannot connect to the VPN using anyconnect.Usually users would connect using the Anyconnect URL with the configured port number: https://publicipaddress:8443
Right now we are getting "page cannot be displayed" since it doesn't connect to the Anyconnect URL page.
I haven't done any recent configuration for this to have failed. I have checked the and both ports 443, and 8443 are allowed in the firewall. NAT is also allowing an exemption for the VPN Pool.
I have been having some gripes with the above problem for the past few days, connecting several PCs in my office into a network. To cut a long story short, it's a bunch of XP SP2 and SP3 machines with only some of them having these issues. The network consists of two switches and one router with integrated modem and wireless. Internet access is established over that router/ ADSL modem.I have drawn out all the cabling and made all the connections myself, I don't doubt network related hardware one bit. Basically, I had the problem on two PCs, I tested connectivity on that cable with a laptop which didn't have any problems connecting to the network. All the cables are brand new, "straight" connectedC
i did this and the sign of unable to connect went away, restarted back to it, did it again and it goes away but still no connection. TCP/IP stack repair options for use with Windows XP with SP2.
my internet is not working on my PC (XP) however the wifi in my house is still on (i can use laptop with functioning internet). The internet status say's "limited or no connectivity" and shows a yellow triangle with an exclamation point in the middle.
I manage a small office network IP's are generated via a rooter. I need to add a new pc to the network and here is where the problem starts.I have a cable from a HUB in that office which has a splitter 1 way goes to a PC the other is empty. At first i tried connecting the other PC from that splitter but i get the Limited or no Connectivity message on both PCs. If i connect only one of them to the splitter the connection works fine.Now i tried with a HUB, made a Crossover cable from the splitter to the HUB in the WAN port, same deal both PCs get Limited ot no Connectivity. THe strange thing is that if i connect only one via the HUB the same thing happens.I am really out of ideas, my only option left is to connect the PC from the main HUB which means allot of cable posing.
When using an Ethernet cord, I have no problems connecting to the internet. Also, my iPhone and my Wii have no problems connecting (wirelessly). However, I can't get any laptops to connect to my wireless. I have tried three different laptops and get the same problem, that it can connect to the network but limited or no connectivity.
