Cisco WAN :: How To Connect Two Office For Two 2911
Jun 5, 2012
We have two different location for two offices
Office 1 =
Office 2
they are connected by Micro-Wave , Radio , and we have two cisco 2911 routers so we like to connect this two offices
Office 1 Microwav-radio ip address == 155.155.155.1
Local Network ===== 10.10.10.x
Office 2 Microwave-radio ip adddress == 155.155.155.2
Local Network 1 = 192.168.1.0
Local Network 2 = 192.168.2.0
i can configure interfaces , but i have little bit confuse for the Routing and the access list , so how office 1 can access the two local networks office 2
I am attempting to get a solid setup for a remote office we have going up and I am running into little issues that I cant seem to get around.
Basically, we have a remote office that will have dual ISPs, one hard wired circuit from a local carrier and the other will be a Verizon 4G router that plugs in via Ethernet and hands out DHCP to my Cisco router.The Cisco router is a 2911 with IP SLA configured. I have it setup to ping my DC out one interface and if that fails, it removes the default route and injects a new default route from the other ISP,
The problem I am having is with the VPN. I figured using EZVPN would be the only solution because the Verizon 4G only supports DHCP so I have to be able to connect from a dynamic remote host. The other caveat is that failover needs to be seamless as we have no person onsite that can troubleshoot. Its fine if it takes a few minutes, but the VPN just needs to come back up on its own without any intervention.
I attempted to setup two different EZVPN crypto maps on the router but realized you can only have one inside cryptomap per interface, which would cause a problem with the internal network. I thought I could just create subinterfaces off the router to have two inside interfaces to work with but that wouldnt have supported because they would now be on different subnets.
I decided that adding an ASA5505 behind the router may be the simplest solution. Use the router only for the purpose of handling routing between the two ISPs and performing NAT out the interfaces. Then use the ASA to do EZVPN from. This works well but there are some issues I am trying to work through.
First, when the ISP fails over to the backup, the NAT translations have to timeout before things start working again. For a constant ping, this is fine, I have the timers set down to 15 seconds for NAT timeouts and after 15 seconds the ping picks right back up again. However, this breaks the EZVPN. The ASA keeps trying to bring up the ISAKMP nearly every second, which keeps resetting the countdown on the NAT timeout for the remote EZVPN server. Because of this, the VPN will never come up until I manually clear the NAT translations on the router. So my first question is this; is there a way to adjust the timer that the VPN uses to try to bring the tunnel up? I tried the crypto isakmp keepalive command but that didnt work, it looks like it doesnt work with EZVPN.
The second issue is really with the IP SLA and is only an issue because of the first issue I mentioned. When the router first comes up after a reboot, both the primary and secondary interfaces come up. However, since the primary default route is only injected into the routing table once IP SLA is up and can reach its destination, the secondary route gets injected initially and the VPN comes up over the secondary ISP. In a few seconds, the primary default route is injected, changes the path and because of the NAT translation, breaks the tunnel and never comes up again because of the first issue with the VPN tunnel renewing the NAT translation continuously.
I could easily go out and purchase a $100 Linksys router that will do the failover and clear its NATs and everything, but I need better reliability out of the hardware than that. There has got to be a way to do this on a Cisco device since consumer level equipment can.
I have a Any Connect setup and able to VPN into my office.i bought a ASA5505-SW-UL that is unlimited user (UL) software license but now the vendor tells me that: From the ASA you can saw the unlimited license is for inside hosts, instead VPN client's, by default, ASA 5505 included only 2 VPN client's and can supported up to 25 VPN client's, your license look only default 2 VPN client's. If need more VPN client's connect, you have to purchase the additional VPN client's license. I am just wondering his statement TRUE/FALSE, because i thought ASA5505-SW-UL means unlimited license
I was just wondering how to connect 3 laptops to 1 printer in my office?We don’t have a server and all laptop contacted to internet wireless through a router next door. (I don’t have access to that router)I was thinking to get a hub and then connect it to the Ethernet cable back of the printer and then connect it to each laptop?
I would like to connect my three pcs together so that they can all make use of the printers, scanners, internet etc in my office space. i also need to be able to access this lot from a remote laptop so that i can continue to work from home. i would like to store all my data in one place that was easily accessible from every PC and my laptop.
I have a Dell XPS L321X, ultrabook, which can connect to wifi except a specific office wifi, say TPR. The interesting thing is I can connect to this TPR wifi when nobody is in office, I thought it might be an IP conflict. So I tried to assign a static IP address, but it doesn't work. I have updated the wifi adapters two days ago.I tried few things like IPCONFIG /RELEASE, IPCONFIG /RENEW, but nothing works. The security type of all the wifi in my office are WPA-PSK and they all have good strength. We use sharepoint services for our daily office work, which can be accessed only using a TPR wifi. It's frustrating that I cannot connect to it.
i am having problem adding the officejet printer that was uninstalled because it was not working. after three days of online support from HP and Lynksys, I am about to buy a new printer. Can't add printer wirelessly or wired.
I have got two 1841 and one 881 cisco router. I can keep any one of this router at HO and remaining at branch office. I have got a static internet IP at HO but dynamic IP at branch office. I want to setup a VPN to connect to HO from branch office through router. The branch connects through a private IP for internet purpose. Which VPN is the most secure and best for this purpose.
I have my laptop. I need to use my broadband connection at my home. Also I need to use my laptop with wifi at my office. We do not have any dhcp servr at office. What I am doing now is changing ip configuration at office every day manually.
I have a group of five computers at one end of my home office and another group of four computers across the same room. All are hardwired on the same internal network. These cannot be consolidate or moved into one corner or closet. There just is not the space and it's just physically not possible.There is one Internet router as provided by the local cable company. I have this connected to a LinkSys WRT54G2 broadband router. A Netgear DS108 8-port hub is connected the LinkSys. All computers either connect to the Netgear hub or to the LinkSys router. As of now, the WiFi from the LinkSys router is only ever used by my cell phone while at home.
This set up is annoying. At first I did not mind, but there are cables on the floor that I have to step over. These CAT5 cables connect one set of computers to the LinkSys or Netgear. I have to watch where visitors are walking or stepping to assure they don't trip.How can I keep these computers on the same network and eliminate just those cables crossing the floor of my home office?Should I use WiFi NICs? Would this overwhelm the WiFi on the LinkSys?
I have been told to connect our branch offices over outdoor point-to-point wireless CPE. The wireless brand is Orthogon. The Main office got cisco 4507 L3 switch where all building switches terminate. DHCP,DNS and all application are hosted in main office. The branch office got ONE 24 port POE Switch cisco 2960 where all users will be connected, On Port 0/24 of 2960 switch at branch will terminate the outdoor Wireless and other end will be terminated on 4/15 of 4507 at main office? what command I need at both interface where Wireless is terminated.when we connect floor switches to 4507 we got these commands on access switches
I am trying to connect my Cisco 2911 router to my community in CNA. I can see the routers on the topology map, but when I try to add to community I get an error message stating that the router is unreachable (Unable to connect). I can ping device from ame client. I can view Device Properties for map (Device type: CISCO2911/K9). Telenet attempt to connect but we only use SSH for connectivity (the same as all of my switches that are connected to community). 2911 is listed as a supported router on Cisco site.
I am having one router CISCO2911/K9 (Cisco 2911 w/3 GE,4 EHWIC,2 DSP,1 SM,256MB CF,512MB DRAM,IPB). But now my management asking me to upgrade this router as CISCO2911-SEC/K9.
I want to connect to the Internet small office where docsis (internet over tv cable) is used as WAN.For similar tasks but other WANs (adsl, dial-up) I used 800 series. But now I can't find anything in this series to solve my issue. There is 815 but it has no wi-fi.
I can use cable modem that my ISP gave to me: this modem acts as bridge so I can use router with FE-based WAN but it is better to have one device instead of two.
My current IT people are so expensive, I am determined to hook up a new laptop to my office network if it destroys me (wirelessly). I have the office network map with all usernames, passwords, and IP addresses...but I can't figure it out. Can someone give me a step by step for dummies to save me the several hundred or should I just bite the bullet? (I am the business owner and seems like we add laptops every year or so and desktops and would really love to finally understand)
I am trying to set our VPN connection to route to our branch office from a VPN Client. So far I did not succeed and at this point I am stuck.At our office we have a VPN Server which enables VPN Clients to connect to our main office with an IP Range of 192.168.104.0 with subnet 255.255.248.0 and a branch office with a IP Range of 192.168.25.0 and a subnet 255.255.255.0Internally on the LAN the routing is done by our firewall, which acts as DHCP and Default gateway. It connects the 2 LANs by a leased line.When I ping an IP address in our branch office from our main office I get a reply.
Now when a VPN client connects it gets a IP Address in the range of the main office from our firewall and the client can connect to all computers in the main office network. However if i try to connect to a computer in the branch office it does not work.I tried a static route in the Routing and remote access Server (which is Windows Server 2003 R2) and I tried adding a static route to the DHCP settings on the firewall. In both cases it does not connect from the VPN Client to the branch office.Searching the internet, since the examples are all based on a setup with a RAS Server on both networks. The LANs are already "integrated"/"physicly connected" trough the routing on our firewall and its leased line.
I also tried settings on the VPN Clients machine. Settings like "Use gateway in remote network" on or off and tried adding static routes. This did not work, since the Default gateway I must use is not on the same range as the home network and returned an error trying that.What I noticed is that the VPN Client gets a route which uses the VPN CLient IP as default gateway. Makign a static route like that will work (I think), but since the IP addresses for the VPN clients are obtained through DHCP and can vary each time, there is no way (i think) to automate adding a route with, for example, a batchfile that I could give to the employees connecting trough VPN because of the variable IP.
A friend has asked me to work with him set up a new office. He already has a PC and a phone line but not broadband, so he is going to organise that and getting a wireless router.He wants a wireless colour laser printer so that his visitors/guests can print easily from his office, or the next office. Does he really need a wireless printer to do this? Or if I plug a network printer directly into his router with an Ethernet cable, same with his PC, will that enable laptop users to print wirelessly (assuming they know the router passphrase of course)? I guess they would need to install the relevant printer driver to do this too.
I have a small office with 4 employees. We all work off of laptops (although I am about to bring a desktop in because I need a little more horsepower for some graphic stuff).I have a number of files I would like everybody to share, update and save so we can all access them. I also need the ability to access them remotely.
i just managed to config the Cisco 877 and send it to my client,when the client connect the router from his location the router can't make VPN connection to my HQ office,i can connect to the router using the external IP adress,i tried to reset the VPN tunnel but no avail,
We have cisco 1941 as router in office, it's dhcp server, it has only vlan 1 192.168.4.0/24?I've set up 1142 ap for wireless clients How can i make it give clients ips from dhcp server from vlan 1 ?
I have a problem with a branch office setup, and I can't for the life of me think of what the problem is.I have a remote office setup, using an ASA 5505 that is set up to establish an easy vpn connection to the central network. The connection at the branch office is a 20/5 cable modem, the central network has a 25/25 fiber connection.
The issue I have is this. Wired clients work fine at this branch office, at least 95% of the time. I have a lightweight AP there that can come up and join the controllers at the central network, no problem. I haven't done anything with H-REAP because there are really no resources locally they need that would allow them to do their work, so all traffic is tunneled back to the WLC.
Wireless clients can authenticate to the AP, and I can get 15-20ms ping responses from them all day. Latency never comes close to the 600ms proposed limit with CAPWAP. Yet, for some reason the performance of the clients is problematic. Webpages will frequently not load correctly, they experience some freezing, and with one application we use - it refuses to load completely.If we bring these same computers to an AP connected to our central network, on the same SSID, they work flawlessly.
Something about this particular location is causing a lot of grief for our users.For what it's worth, we are running WCS 7.0.230.0 and the WLCs are on 7.0.116.0. The ASA is running a pretty basic configuration, pretty much out of the box with the easy vpn configuration entered.
for your recmmendation, on what type of equipment should I use in a Small Office probably around 50-100 users.Feature sets that I would want are: VPN - 5 VPN Peers for L2L connectivity and 50 SSL VPN connections, Firewall, Active-Standby Fail-over.
I'm on a limited budget, ASA 5510 with Security Plus License can give me this but its a bit expensive.Is there something else that you guys can recommend. ISR maybe?
I'd like to connect through a VPN the HQ office to a Branch using two ASAs.I have a 5520 in the HQ and 5505 in the Branch Office.My problem is in the Branch office where I have a dynamic IP (ADSL).
I couldn't find a example this kind of configuration.
Ive run into something a bit new to me. Networking! Now i do have some experience but not enough for me to figure this one outHere is what i am trying to achieveWe have a webserver at the office which i can access from the outside world. We also have a local server with a static internal ip(File Server)My question is as follows can i add a link on a web page on my webserver to that i can access the internal ip address from outside the office?
I was hoping if someone could give me some suggestions on this matter. I have some IT knowledge but a bit rusty.I currently have 25 pcs all running web based applications on their own. So filesharing is a headache. I decided to setup a small file server for the office.This is what I need the server to do.1) Internet connection comes through server protected by a firewall and then distributed to the 5 pcs (star topology)2) Print and file sharing.3) application sharing (accounting software)4) fax facilitiesMy question to you all:How do I go about setting this up. What do I need (OS, softwares, etc)How do I secure the internet and distribute it to the rest.witch, router, etc)
My current set-up is: my laptop connects to the coaxial outlet with a cable so I can access the internet. So I can't really bring it somewhere else since the cable is short.
Now, I am planning to buy 2 more computers and a printer. The printer will be shared by all 3 computers. what else I need to buy (modem?? wireless router??) and what type. I also request that you let me know how to set it up. Of course, I will follow the manufacturer's instructions.
