Cisco WAN :: IP SLA Configuration 2911
			Feb 12, 2013
				I have a router Cisco 2911 with two possible Wan interfaces out and a backup configuration using IP SLA. When the Primary Interface goes down the traffic is automatically rerouted through the Backup Interface, but the problem I have is that when the traffic is going through the Backup Interface (because the Primary is down) if the Backup Interface also goes down, if the Primary goes up, the traffic  is not automatically rerouted to the Primary Interface. And it looks to me like it keeps trying to goes out the Backup Interface and cannot see that the Primary is down. I guess that the pings are going out the backup Interface and as it is down the router doen't receive any anwer to the ping and doesn't change to the Primary.
The main configuration related to the IP SLA is this:
 
!
track 1 ip sla 1 reachability
!
interface GigabitEthernet0/0
description backup Interface
ip address 175.xx.xx.10 255.255.255.252
ip nat outside
[Code]....
	
	View 8 Replies
  
    
		
ADVERTISEMENT
    	
    	
        Aug 29, 2011
        I try to configure PGM in my 2911 plattform but it was impossible. I tried with many 15.1 version that support this protocol.
 
Someone configured PGM over 2911 Routers? What does correct IOS for work?
	View 4 Replies
    View Related
  
    
	
    	
    	
        Sep 3, 2012
        I have CISCO 2911 with SRE module for Wireless Lan controller software. also between my local network and CISCO router is a firewall, CISCO router is an edge router so router and my Lan are in different subnets.  i want Wlan and Lan to be in a same subnet is it possible? In other words, can WLC and Access points be in different subnets? the case is that wireless devices should be behind the firewall.
	View 5 Replies
    View Related
  
    
	
    	
    	
        Dec 11, 2012
        We have CISCO2811 model with VWIC2-2MFT-T1/E1 module working good over the E1 line. Since it's getting hard to find new model of CISCO2811 we decided to connect new branches with CISCO2911/K9 model (according to migration doc) 
 
My question is can we use 2811's old config file with the 2911 model directly?
	View 1 Replies
    View Related
  
    
	
    	
    	
        Nov 15, 2012
        How I configurate EHWIC-3G-HSPA+7 card on 2911.
	View 3 Replies
    View Related
  
    
	
    	
    	
        Jun 11, 2013
        I am attempting to establish a Site To Site VPN between our SA540 and 2911 routers and somewhere I have a misconfiguration that eludes me. I suspect maybe in the 2911 Transform Set? Here is the output from the SA540. [code]
	View 1 Replies
    View Related
  
    
	
    	
    	
        Dec 25, 2011
        I am having one router CISCO2911/K9 (Cisco 2911 w/3 GE,4 EHWIC,2 DSP,1 SM,256MB CF,512MB DRAM,IPB). But now my management asking me to upgrade this router as CISCO2911-SEC/K9. 
 
What will be the BOM for this up gradation.
	View 2 Replies
    View Related
  
    
	
    	
    	
        Jul 17, 2012
        I am position to migrate from CatOS 6509 switch to native IOS 6509 switch. long time ago, there was some site to convert automatically based on copy and paste onto the tool, but i can not find. 
 
Does anybody know how to convert CatOS configuration to Native IOS configuration ? It is not IOS change, but it is configuration convert.
	View 1 Replies
    View Related
  
    
	
    	
    	
        Jan 28, 2011
        I am looking at this doc to use an ASA + 2911 to do Policy Based Routing with multiple ISPs.From the linked doc, under the PBR scenario, what should the IP addresses be for the routers connection to the ISPs?  It isnt labeled.
	View 4 Replies
    View Related
  
    
	
    	
    	
        Dec 21, 2011
        What specific commands are needed to configure qos on a router?
 
Two sites:
Cisco 2911 (site 1 ) Cisco 2911 (Site 2)
 
Data Vlan
Management Vlan
I want to configure QOS on Site 1 where the Data Vlan traffic is always marked higher than the management Vlan coming from Site 1.
	View 1 Replies
    View Related
  
    
	
    	
    	
        Dec 27, 2012
        I have one router 2911 with the following image c2900-universalk9-mz.SPA.151-4.M4.bin I have two IPS on this routers and I tried to configure the IP SLA on this and I`m not able to do it and I don´t know why. I can configure almost everything but not the IP SLA command.this is the config:
 
track 10 ip sla 1 reachability
 delay down 10 up 1
!
track 20 ip sla 2 reachability
 delay down 10 up 1
!
[code]....
What I need to do in this case? or why cannot configure the IP SLA?
	View 5 Replies
    View Related
  
    
	
    	
    	
        Oct 13, 2011
        I have a cisco 2911 router that is located in my head office LAN and I use this router to connect to my branch networks. I want to configure IP SLA Monitor on this router to track my WAN Links but it does not support the command IP SLA Monitor. My IOS VERSION is  c2900-universalk9-mz.SPA.151-2.T1.bin. how I can configure IP SLA on my router.
	View 4 Replies
    View Related
  
    
	
    	
    	
        Aug 5, 2012
        We have 2911 with   HWIC-4ESW. System image file is "flash0:c2900-universalk9-mz.SPA.152-1.T1.bin"_2911#sh inv NAME: "CISCO2911/K9 chassis", DESCR: "CISCO2911/K9 chassis" PID: CISCO2911/K9      , VID: V05 , SN: FGL16011005
[Code]....
The problem was that HWIC-4ESW no longer pass traffic although showing that the interfaces are up rebooting the router solved the problem. What IOS is more stable and not subject to this problem?
	View 3 Replies
    View Related
  
    
	
    	
    	
        Mar 2, 2012
        Recently i attempted to build a LAN 2 LAN VPN tunnel from an Asa to a 2911 running zone based firewall.  This was a standard IPSec psk tunnel nothing fancy.  I got the tunnel to establish but i could only get traffic to encap on the Asa side and decap on the 2911 side.  I couldn't get return traffic.I followed this doc here for classic IPSec in the last example. URL
And I am sure the Asa is right I built a ton of those but I am new to zfw.  I did not see anything about a NAT exempt rule.  But since everything uses real IPs instead of NAT I wasnt sure and I could not find any info.  Do I need to do NAT exempt?  If so do you use a route map on the end of you NAT overload config line like in the past?
Also I have a zone-pair to "self" and I was not sure if I needed anything there to be able to ping the inside interface of the 2911 when the tunnel is up from the remote end.
	View 7 Replies
    View Related
  
    
	
    	
    	
        Mar 26, 2013
        I have to build HA environment, at the moment we have only one R1 and WAN1 but company wants to buy R2 + WAN2 and have HA between the routers, in case R1 or WAN1 goes down the other router will take over.
 
What would be standard methodology nowadays to do that  - does HSRP will do what I need or it is better do some other way? 
	View 7 Replies
    View Related
  
    
	
    	
    	
        Dec 14, 2012
        I have webcams that need port 8081 opened and I did that, everything worked fine until my DIR655 jammed up and power cycling it and the modem 3-4 times DID not make it work: no internet access and it was definitely a DIR655 problem.  So, out with the paperclip to do the big reset, causing me to lose my configuration.  When "most" of it came back up with my new config (I had screen prints), all was okay EXCEPT the webcams.  Addresses and ports were all configured properly, address was fixed too on the client computer rather than use DHCP.  I had a DNS relocation service running (DYNDNS) for the WAN side, but that address (My IP) didn't change either.  I tried EVERYTHING.  Finally, I realized in all my screwing around that I had enabled UPnP in my application, something I hadn't done before, but did this time as a desperation move.  UPnP had always been checked off in the router.  So.....I REMOVED my port forwarding and virtual server settings (either one worked before), and voila, everything working, Is this a normal occurrence, that if you have UPnP running, that this auto configuration overrides any manual configuration? 
	View 2 Replies
    View Related
  
    
	
    	
    	
        Mar 11, 2013
        What are the max number of T1's that can be bundled on a 2911 router?
	View 0 Replies
    View Related
  
    
	
    	
    	
        Apr 19, 2011
        I need a interface v.35 on 2911 router, but it does not have WIC slot, it has EHWIC. Could some one told me if there are a card with V.35 interface that I can install in this model of router?
	View 2 Replies
    View Related
  
    
	
    	
    	
        Apr 26, 2012
        I have the following setup where the Cisco ME 3400 provided by the ISP.
 
My Cisco 2911 is configured as below:
 
CORE_Router#sh run
Building configuration...
 Current configuration : 6075 bytes
[Code].....
	View 6 Replies
    View Related
  
    
	
    	
    	
        Aug 1, 2012
        I have a problem I am running into... I replaced a 2621 with a 2911. The 2911 has three interfaces and I need to use all of them... Description:
 
gige0/0 dhcp static IP from ISP, public IP, they assign me 4 more usable public IPs gige0/1 broken into four VLANS, 108, 109, 120, 127, ip nat on 109 for them to get to the internet, and a static translation on 127 for the phone system to get to the internet gige0/2 assigned another public IP. A tenent has a linksys router on this interface, they want a public IP. 
 
The problem is that this setup worked, but when we moved to the 2911, some nat translations are failing, and we would like to figure out how to minimize the number of public IPs we use (right now it is three + the static assigned dhcp). The nat that is not working is the nats to the 2001-3001 range. I am not sure why it is failing, but the router seems to indicate it thinks some of these overlap. This router is also doing a vpn to an asa... that seems to be working fine.  
 
Current config:
 
Current configuration : 6072 bytes
!
! Last configuration change at 14:31:44 UTC Thu Aug 2 2012
! NVRAM config last updated at 14:31:50 UTC Thu Aug 2 2012
[Code]....
	View 7 Replies
    View Related
  
    
	
    	
    	
        May 19, 2011
        I've got a 2911 with a primary ethernet link to the ISP, with BGP running over it.  There's also an ADSL module in it, which will connect into the same ISP AS. how do i configure BGP over the ADSL so that it sits there doing nothing until the primary link fails?  Do i need to setup a new instance of BGP with a different AS on the router or can it sit in the same AS as the primary link?
	View 1 Replies
    View Related
  
    
	
    	
    	
        May 18, 2011
        I thing that i find some bug in the newest IOS 15.1.4M.
 
The case is falow:
 
I start to configure failover for the costomer - make default route, make the default path but i cant find the comand IP SLA monitor. Is some meet this problem with this IOS or just Cisco make some chenge in the CLI commands?
 
Tomorrow i will try with IOS version 15.1.1T.
	View 2 Replies
    View Related
  
    
	
    	
    	
        Dec 14, 2011
        I have a 2911 router that I am trying to use a h.323 gateway for faxing purposes.Right now I can 4 digit dial and 10 digit the number and my analog phone answers, but when I try to place a call I get a fast busy immediately (as soon as I pick up the receiver) 
	View 1 Replies
    View Related
  
    
	
    	
    	
        Feb 1, 2012
        Were bringing up a new site shortly and I'm trying to configure Serial0/0/0 which will be connected to an MPLS over 1.5m T1 line.  I am basically doing a simular configuration as other sites where one of the ethernet interfaces is handed off from a fiber optic wan, but a T1 MPLS is connected to a WIC card and this provides a redundant path (though slower) in case of a fiber cut or equipment failure.  This should be pretty straightforward but it appears as if I have no serial interface on this router.  Card is in and everything, it is a VMIC-3-1MFT-T1/E1 in EHWIC 0.
	View 7 Replies
    View Related
  
    
	
    	
    	
        Jun 26, 2012
        I want to connect a RPS2300 to a Cisco 2911 router to provide power backup.I have two questions ,Easy one : if the 2911 PSU (internal Power Supply Unit) fails, how to confirm the RPS2300 provides power to the 2911 with no reboot of the 2911 ?,Tricky one : After we replace the broken PSU, will the 2911 reboot or not as power revert from RPS2300 to internal PSU ?
	View 4 Replies
    View Related
  
    
	
    	
    	
        Nov 20, 2011
        I purchased a 2911 router and a 25-pack of VPN licenses (PID: L-FL-SSLVPN25-K9=).I registered the license, and supplied the serial number of my router when asked.I received a .lic license file.When I attempt to install the license on the appliance, I receive an error:
 
% Error: Install failed. UDI L-FL-SSLVPN25-K9=:FTX1542AKJ3 on license does not m
atch any device
0/1 licenses were successfully installed
0/1 licenses were existing licenses
1/1 licenses were failed to install
 
However, the following establishes that the serial number is correct:
  
SFGallery#show inventory
NAME: "CISCO2911/K9 chassis", DESCR: "CISCO2911/K9 chassis"
PID: CISCO2911/K9      , VID: V04 , SN: FTX1542AKJ3
 NAME: "C2911 AC Power Supply", DESCR: "C2911 AC Power Supply"
PID: PWR-2911-AC       , VID: V03 , SN: AZS153303LY
	View 3 Replies
    View Related
  
    
	
    	
    	
        Jun 11, 2013
         I have a Cisco 2911 Router and I need to split the traffic from my Lan (Gi0 / 0) by ISP1 (fa0 / 0) and that of my servers (Gi/0/0) by ISP2 (fa0 / 1). [code]My problem comes when wanting to communicate with my remote networks that reach the int Gi 0/1, because when my network to match the policy- route internet sends me all the way.
	View 1 Replies
    View Related
  
    
	
    	
    	
        Mar 14, 2012
        We can't seem to SSH from the outside network into our router. Our router config looks straight forward enough. 
 
!
! Last configuration change at 10:41:22 zone Thu Mar 15 2012 by tssconsult
! NVRAM config last updated at 11:19:12 zone Thu Mar 15 2012 by tssconsult
!
[Code].....
	View 7 Replies
    View Related
  
    
	
    	
    	
        May 20, 2012
        Is it possible configuring load balance with three intefaces, in my router with the following features?I have three ISP, and would like balance the traffic ... Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(2)T1, RELEASE SOFTWARE (fc1) Cisco CISCO2911/K9 (revision 1.0) with 483328K/40960K bytes of memory.
Processor board ID FTX1613AH8D
3 Gigabit Ethernet interfaces
1 terminal line
2 Channelized (E1 or T1)/PRI ports
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
255K bytes of non-volatile configuration memory.
250880K bytes of ATA System CompactFlash 0 (Read/Write)
[code]....
	View 3 Replies
    View Related
  
    
	
    	
    	
        Jan 30, 2013
        Does Cisco 2911 support VRRP?I can’t find in datasheet anything about it.
	View 2 Replies
    View Related
  
    
	
    	
    	
        Apr 14, 2012
        I'm working on tweaking the config on a 2911 ISR G2 with a ZBF and am looking for some input.  Our main issue right now is that the router is having performance issues once we hit certain troughput thresholds.
 
Right now, I have an inside-outside inspect set to look at all FTP, TCP, UDP, ICMP, DNS, SIP and HTTP (I know, its a bit redundant) traffic and do inspection on it then pass all other traffic.  From a company policy, we are not filtering ANY traffic of any kind going outbound.  (I know this isn't best practice but that's another battle for another day.)
 
Additionally, I have an outside-inside policy set to pass GRE traffic to an internal PPTP server (I know, not secure but its what we have.) then I have another inbound policy to inspect all traffic coming through that matches a specific ACL that defines all of the holes we're poking for hosting various functions on internal servers, etc.
 
could I, should I, why would or wouldn't I simply pass traffic that matches specific ACLs or whatever instead of how we are presently doing a lot of inspection?If I was to simply pass matching traffic instead of doing the inspect, would I see a substantial performance increase/workload decrease ont he 2911?
 
What are the security ramifications related to simply passing traffic instead of doing the inspection?
	View 2 Replies
    View Related
  
    
	
    	
    	
        Feb 18, 2013
        Recently they bought a new Cisco 2911 router and told me that they want it connected to an outside WAN connection that they hadn't used in a while so they could create a little network on the side. They want to just plug the server into the router and go. Unfortunately, I am sort of clueless about how to set up the config for it.
 
There are 3 GE ports, with the line from the outside coming in on GE0/0. I've already activated the interface and it is up, but that's where I get stuck.
	View 14 Replies
    View Related
  
    
	
    	
    	
        Jan 16, 2013
        We have a PBR configured on a 2911 router (15.1-4.M2).  The PBR is being used to send specific traffic across a S2S VPN instead of an MPLS connection.  If ip cef is enabled, the router sends the traffic across the MPLS.  If ip cef is disabled, the traffic goes across the S2S VPN.  I checked to see if there were any bugs in the code they are running about this and nothing came up.  It almost like CEF enabled PBR isn't working on this device, even though it should be enabled by default when ip cef is turned on.
	View 3 Replies
    View Related