Cisco WAN :: IPv6 / Implementing M-BGP On 7200VXR Running 12.4?
May 15, 2011With IPv6 Coming i've been tasked with implementing M-BGP on our 7200VXR running 12.4.
View 5 Replies
ADVERTISEMENT
Cisco WAN :: 7200VXR - Router Not Using All Available Bandwidth?
Aug 9, 2011I am having trouble with a T1 connection between a cisco 7200VXR and cisco 2600. I have no problem connecting across it, but when I run a download across the link I get a flat 6KB/s. I can't seem to find what is wrong in my configuration that would be causing this.
7200 Router:
#show running
Building configuration...
[Code]....
Cisco WAN :: 7200VXR - What Is Exactly Current Throughput Of Device
Jul 10, 2012I would like to know what is exactly the current throughput of device? How can we calculate if the device is reaching it's throughput?
For example if router 7200VXR has maximum throughput of 520 mbps as per Cisco documents.
How can we measure if the traffic going through the device has reached maximum throughput. Is it the traffic only inbound traffic or the total of invound/outbound on all physical interfaces?
Cisco WAN :: 7200VXR - NPE-G2 Fast-Ethernet Management Interface?
Apr 30, 2012Is there a keyword that we use under the interface to specify that it is purely management?
We need to assure that the subnet and any node on that subnet is not shared with the default routing table.
how do we set the gateway for the management interface if the node we are sourcing the ssh session from is on a different private subnet?
Cisco WAN :: 7200VXR - BGP Advertising Default Route In Mutihomed Network
Feb 25, 2011I have Cisco 7200vxr doing BGP with 2 directly connected ISP's over ethernet. I am receiving default routes only, and have added a higher weight to my routes learned from my primary ISP. below is my configuration (ip addresses changed of course)
router bgp 100 no synchronization bgp router-id x.x.x.x bgp log-neighbor-changes network 100.100.64.0 mask 255.255.254.0 network 100.100.71.0 network 100.100.78.0 mask 255.255.254.0
neighbor <ISP_A-IP> remote-as 200 neighbor <ISP_A-IP> weight 175 neighbor <ISP_B-IP> remote-as 300 neighbor <ISP_B-IP> weight 150 auto-summary
Advertising my rotues to the primary ISP is fine
7206vxr.rb#sh ip bgp neighbors <ISP_A-IP> advertised-routesBGP table version is 7, local router ID is x.x.x.xStatus codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path*> 100.100.64.0/23 0.0.0.0 0 32768 i*> 100.100.71.0 100.100.64.57 0 32768 i*> 100.100.78.0 0.0.0.0 0 32768 i
Total number of prefixes 3
However, advertisements to the secondary ISP inlcludes the defautl route learned from the primary 7206vxr.rb#sh ip bgp neighbors <ISP_B-IP> advertised-routes BGP table version is 7, local router ID is x.x.x.x Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 <ISP_A-IP> *> 100.100.64.0/23 0.0.0.0 0 32768 i*> 100.100.71.0 100.100.64.57 0 32768 i*> 100.100.78.0 0.0.0.0 0 32768 i
Should I not just only be advertising just the networks that i specified in my configuration?
Cisco WAN :: Running All Switches Running By Default Configuration And Connected To WS-C4506
Jun 11, 2013I have 30 switched in my corporate network it’s all up and running all switches running by default configuration and connected to WS-C4506 core switch our dhcp server pooling 192.168.100.1/27 network. Now we need to configure new Vlan for finance department this department has more than 200 users. If my server distributes 192.168.200.0 range ip can vlan2 automatically assign ip 200.0 addresses to finance department.All switches running default config no ip address assigned.
View 9 Replies View RelatedCisco Firewall :: Configuration Migration From ASA 5540 Running 7.2 To 5525X Running 9.1
May 7, 2013I need to replace an existing ASA 5540 with a new ASA 5525X. I would like to pre-stage and configure the new box with the existing config, migrate license and export certificate files before swapping it with the old one during a change window. The new firewall will run 9.1 on deployment. Now the same 7.2(4) cannot just be copied over to 5525X running the minimum 8.6 version. There is a Web based tool available at [URL] according to Cisco documentation but the page does not load for me (Cisco intranet only tool ?). Is there another tool for automatic conversion ?
View 3 Replies View RelatedCisco :: Implementing The Multicast In The Network
Jun 5, 2012The desktop team has asked me to set up multicast in our network with building PC's as they will be deploying a few hundred of them starting in two weeks. We currently do not have multicast set up, and the only experience I have with it was during my certification studies, so I have a lot to catch up on quick. They will be sending the build traffic from a single server. The network environment is simple: a 3750 stack as the router/distribution layer and mainly 3550's as access. The PC's that they will be imaging will be on one VLAN that is already designated for PXE builds. This VLAN is across multiple switches. Is it possible to just enable the multicast features on a single VLAN? I have been reading around but not finding much other that very in-depth Cisco papers.
View 5 Replies View RelatedCisco Routers :: Implementing QOS Over VPN Between 2 RVS4000?
Mar 15, 2012We have backup and other traffic over our vpn which is affecting our ip phone service between two sites. Our consultant suggested implementing QOS over the VPN to give the phone traffic priority. Is this possible with the rvs4000. Is there any good source saying how to do it. Is the setup of the QOS on this router similar to another router where this has been discussed.
View 1 Replies View RelatedCisco AAA/Identity/Nac :: Implementing Group NAR For ACS 4.2?
May 22, 2012I have a problem implementing a NAR for a specific device group. I am running Cisco ACS 4.2 and it works fine for all the other stuff I do but this issue is perplexing me a bit.
I have a device group with Juniper devices in it and I authenticate using RADIUS (Juniper) as the radius setting. I have a Administration user group set up.
I placed a NAR into the group "Per Group Defined Network Access Restrictions" specific to the device group with * for port and address
I placed this group into both the Define IP-Based as well as the Define CLI/DNIS-based section.
No matter what I do I keep getting authenticated.
When I go to the passed authentications page I see my login and the group-name is identified correctly and the network device group is identified correctly too. The filter says "no filters activated". So how can I get this NAR to kick in? I would like to restrict one device group from a ACS user group.
Cisco :: WLC 4402 Not Implementing PEAP?
Jul 24, 2011I was able to successfully implement MS-PEAP authentication with 5508 WLAN controllers and Cisco ACS v4.2. However, when I integrated 4402 WLC with version code 7.0.116, it did not pass across any authentication requests. Did a debug aaa events enable and there was no output. Configured another SSSID with PSK to test that my controller was OK and aaa debug was working, and there were CLI messages when I associated an AP.
why the 4402 is not working as I have compared configs with the 5508 and there is no difference. The shared secret is configured on both ACS and Controller and CA is downloaded on the ACS.
Implementing / Planning / Building A LAN
Mar 25, 2012I have to propose/design a network system. It has 350 computer terminals/workstations out of which 300 of them are divided into two separate networks while the other 50 are to be on another network. So I assume I'd need 3 networks (or LANs) I guess (all connected ofcourse)So far I've inferred it needs a mail server, a file server, a print server, a DHCP server to assign IP addresses (C class and private ones ofcourse) and a web proxy server. Also I thought a fast Ethernet LAN network might be ideal here but I'm not quite sure on that (nor have I ascertained what sort of topology or hardware to use).
View 5 Replies View RelatedCisco Firewall :: Implementing ASA5510 To Network?
Aug 12, 2012Existing nework New Network
I have attached some diagram here, 2911 Router configured as a zone based firewall and it works fine. I need to put ASA 5510 as an internal Firewall in to the existing network. So I need to hand-over the NATing configuration from IOS FW to ASA 5510 , are there any special configs here? I have done this but it's not working, If i bypass IOS ZB FW and ASA directly connect to internet Its works fine, If NAT configurations keep in IOS ZB FW then it works fine.
I have attached IOS ZB FW current config file below.
Cisco Switching/Routing :: Implementing QoS On 3750 Using MQC
Feb 15, 2012I'm attempting to configure Classification and Marking on our access switches using the MQC model. The Switches are 3750's running IPBase Version 12.2(35)SE. For some reason when I activate the policy-map on an interface, no traffic is being tagged, i've used the 3750 QoS configuration examples (url) for reference.
View 5 Replies View RelatedCisco Switches :: Implementing VoIP With SG300-28P
Oct 12, 2012I want to implement VoIP on my client network, currently the data network is using SG300-28P small business switches for user access. According to my design the IP Phones (Cisco 9971 and 7942G IP Phones) are to connect to the small business access switches while the user PCs connects to the IP Phones.
My concern is I really don't understand how the small busness switches will advertise the voice VLAN to the IP Phones. I understand that the switches are suppouse to use LLDP/CDP for this but it seems the model I have can only do LLDP. The IP Phones and the PCs connected to them will be recieving IP addresses from an uplink L3 managed switch.
how LLDP works (particularly regarding this scenario)? Does it matter if the small business switch is in L2 or L3 mode for the VoIP implementation?
Cisco Wireless :: Configuring While Implementing 1142N AP
Apr 30, 2013Need to configure Cisco 1142 N access Point togetherwith the Cisco Switch . I have a POE Switch 4510 and Cisco 1142 N Cisco AP . I have one management vlan 5 & User VLAN for WIFI VLAN 10 . The problem is when i make the POE port which is connected to the AP as trunk port means : [code]I am not able to ping the management IP allotted from VLAN 5 . However when i make it as access i am able to ping the managament IP . But for both the VLANs to work it should be in trunk mode & in cisco i can either assign the port as access or trunk .Post this i would configure the 1142 N with Cisco SG300-10P POE Switch . I guess if issue with my 4510 gets resolved the same way i can configure SG300-10P as well .
View 6 Replies View RelatedCisco Wireless :: Recommendations For Implementing A Second WLC 2100?
Jan 3, 2013We have two 2100 WLC's that support 12 access points. One has been sitting in a box for some time, but we're at the point where we need to add additional access points that will put us in excess of the 12 limitation. What is the best way to go for installing the second WLC?
View 2 Replies View RelatedCisco :: ASA5520 - Implementing VPN For Remote Users?
Apr 25, 2012I have roughly 50 users that are remote, and use VPN to access the resources in my network such as file servers, application servers etc. We currently use Microsoft VPN to authenticate those users. It works, but I am not a fan on Microsoft VPN.
I have purchased an ASA5520 to replace my crappy layer 3 HP core backbone switch, and plan on replacing my Microsoft VPN with Cisco VPN. I want to configure my ASA so my remote users can continue to VPN into my network securely?Is this possible?
Cisco Firewall :: ASA 8.4 - Implementing NAT (Connection Not Working)
Apr 14, 2013I am facing problem in implementing NAT on Cisco 8.4 . the scenario is
Inside interface network 10.10.10.0/24 and 10.118.0.0/16 is also routed towards inside network
Other network 192.168.10.0/24 is routed via outside interface.
My requirement is to NAT the 192.168.10.2(real IP) to 10.10.10.2(mapped ip) so that when users from inside network (10.118.0.0/16) will come they will access the 10.10.10.2 instead of the real Ip(192.168.10.2)
So I used nat (inside,Extra net) source static obj-10.118.0.0 obj-10.118.0.0 destination static obj-10.10.10.2 obj-192.168.10.2 but the connection is not working but with show nat I am getting hits on the NAT statement.
cap test Ethernet-type arp interface inside real-time
1: 23:29:05.684199 arp who-has 10.10.10.2 tell 10.10.10.1
2: 23:29:09.687998 arp who-has 10.10.10.2 tell 10.10.10.1
I have also enabled the proxy arp on the inside interface but still the connection was not working.
Packet tracer output
[Code] .........
Cisco VPN :: Adventures Implementing NEM Between 5520 And 5505
Feb 28, 2013I have a 5520 acting as a VPN server... and 5505's acting as clients.The 5505's connect fine when using "client mode" but things go sideways when I try and use NEM.Namely, they never complete a connection.
debug vpnclient shows this repeating rather fast (this device is connected a Fios connection behind a gateway/router (it's my test environment and it does work when I have the device setup in "vpnclient mode client-mode".
Some of my remote sites are configured directly with a public IP (issued via DHCP) others are behind a 3rd party firewall/device that I have no control over... but again, these sites currently work as "vpnclient mode client-mode". [code]
Cisco AAA/Identity/Nac :: ACS 5.3 Slow CLI Response After Implementing TACACS
Sep 30, 2012After implementing TACACS, one of our routers takes about 8 seconds to response to any CLI command. We have no problems with other devices in the same location with the same AAA configuration. The router is talking to the ACS server (ACS 5.3) and the logs on the ACS server look normal for the router as well.
View 5 Replies View RelatedCisco Switching/Routing :: Implementing Voip On 3825?
Dec 16, 2012implement VOIP on my router 3825 I have Ip phone 7905G and 7960.
View 2 Replies View RelatedCisco Firewall :: ASA5510 - Implementing Security Context
Oct 29, 2012I have a ASA 5510 and planning to implement multiple context in a 2 tier security level and vrf-lite. meaning I have 2xASA facing the internet and below that a 2x3560 switch for our extranet and below that is another 2xASA for intranet. See diagram below. In this kind of network I want to know how it would impact the total throughput and resources of the ASA using multiple context?
INTERNET
| |
| |
2811A 2811B
| |
| | (OUTSIDE)
ASA_A-------ASA_B
| | (INSIDE)
| |
3560A---------3560B
| |
| | (INSIDE)
ASA_C--------ASA_D
| |
| | (OUTSIDE)
3560C----------3560B
| |
INTERNAL NETWORK
Cisco :: 3550 Implementing Multiple DHCP Servers
May 2, 2011i have the following scenario that i'm requesting you guys verify if it will work.I have a 3550 catalyst switch running EMI and an auotomous 1131AG aironet ap, i have two dhcp pools already setup on the switch one for the LAN and the other for the wireless clients.There are two vlans on both the switch and ap for LAN and wireless clients.I have already setup multiple SSID's to be broadcasted from the AP, is there a way i can bind one SSID to the lan dhcp pool and the other to the wireless clients dhcp pool?
View 1 Replies View RelatedCisco WAN :: 3845 - Implementing IP Multicast With PPPOE In DSL Network
Oct 2, 2011I have a major problem regarding implementing IP Multicast in an ADSL network. The diagram of our network is attached. In every Access Network , there is only IP DSLAMs which are connected via Metro ethernet links ( L2 links) to the main site. So there is no Router or Layer 3 Link to the main site. In the main site there is an Aggregator router which is an PPPOE server which terminates subscriber's PPPOE sessions. All the Access networks and subscribers are just connected to one Aggregator and they use that one as PPPOE server. It is an Cisco 3845 Router. Then the Aggregator is connected to Core network and behind the Core network is an Streaming server which streams in Multicast. IP Multicast Routing is configured in Spars-Dense mode in all routers in Core network and also the Aggregator and it is working properly. So the sucscribers are able to join the multicast stream and the very last router in the path toward the subscribers( which is the Aggregator) does the Multicast replications.
There are two problems we faced:
1- Since all the subscribers from different Access Network use the same Aggregator in the central site as PPPOE Server, all the connection are terminated on that router. The goal is to use the uplink bandwidth of the Access networks to the central site more efficiently and if e.g 20 subscribers watches the same channel, it just consumes as the amount of one channel due to doing IP Multicast.Now the problem is that when for example 2 subscribers of the same Access Network (in the same POP site) connect to the same stream, the amount of bandwidth used between the central site and the Access network is double. It happens because the aggregator activates IGMP on every virtual-access lines for every PPPOE subscribers who wants to joint the stream. So it can not recognized these two subscribers are from the same Access network. Therefore, the result is that although it is doing Multicast, it does not save the bandwidth because it activates IGMP group on every subscriber's virtual access line for his PPPOE connection. So is there any solution to this problem? Something came to my mind that we need to implement a separate aggregator for every Access network which means that we have to place a router for every access site and it will be expensive for us. But I think in that case every local aggregator can do IP Multicat routing and it saves the bandwidth definitely. Any better solution that may solve our problem using the same topology?
2- Another problem is that when the subscriber's CPE are configured in bridge mode and subscribers set-up a PPPOE connection on their PCs, they are able to join the multicast stream properly. But when they put their CPE in router mode and have their ADSL modems as PPPOE client, they are not able to join the Multicast stream. i.e the ADSL modem is doing NAT and routing and it connects to PPPOE server using username/password credentials. I also tried a feature in ADSL modems called "IGMP support" when I wanted to create the WAN settings. But it did not work. I am not sure but I think that we need "IGMP Proxy" feature on subscriber's CPE.
Implementing InterVLAN Routing In Campus Network?
Dec 9, 2012I have a task to compare different approaches to implement InterVLAN routing in campus network. Google suggests only Cisco technologies for such query. But what I need is also other companies solutions (like Dell, HP etc), cost of the implementations, pros and cons.
View 1 Replies View RelatedAAA/Identity/Nac :: ACS5.2 - Implementing IP Phones In Network?
Oct 13, 2011We have customer with implementation ACS5.2 in Windows environment. Now they want to implement IP phones in the network.
View 0 Replies View RelatedCisco WAN :: 4500 Switch - Implementing Backup ISP Circuit Using RIPv2 On LAN
Mar 21, 2013We currently have 3* offices located in London, Reading and Oxford which have a (ISP) VPLS service to interconnect all sites.I am using RIPv2 for intersite routing between all offices. We plan on implementing a backup circuit at the Oxford office for resiliency.There are 2* Core 4500 Switches, Core 1 is uplinked to the Primary circuit and Core 2 will be uplinked to the Backup circuit.At the moment Core 2 learns all of its routes from Core 1.My question is, if the Primary circuit goes down, how do we get the Routing on the Core Switches to than point out of the backup circuit?
View 1 Replies View RelatedCisco Switching/Routing :: 3750x Implementing Macsec Between Two Switches
Aug 19, 2012Can I implement MACsec betwen two Cisoc 3750X using the C3KX-NM-1G? 3750x (C3KX-NM-1G) -------------------MMF------------------(C3KX-NM-1G) 3750x.
View 1 Replies View RelatedCisco WAN :: 2960 / 3560 Switches - Implementing QoS On MPLS Network
Jan 16, 2013I am implementing QoS on our MPLS network. Our environment exists of a mix of Cisco 2960 and 3560 switches. The IPT system is Avaya CM with Avaya phones.The WAN network is a MPLS network.Ports are configured for access and voice vlan (no trunking), one vlan for voice, one for data (vlan 1 is disabled).I dont have Qos coonfigured on LAN just wanted to configure on WAN Router where my Mpls link is connected.I have 45 Mb Mpls links on all sites connected to each other.
I have multiple sites connected via MPLS and i have control at both sides.Current config is mentioned below in which DSCP marking is not done for signaling. What is the best config with example.Current Config on all Cisco Router where MPLS link is terminated at all sites. [code]
Cisco AAA/Identity/Nac :: Implementing Mac-auth On Selected Ports Between An HP ProCurve 2510 And ACS 5.3?
Apr 15, 2012I am having difficulties implementing Mac-auth on selected ports between an HP ProCurve 2510 and Cisco ACS 5.3.The 802.1x works just fine, but for selected ports I need to implement port-access with MAC-based authentication instead of regular 802.1X (yeah, I know, but this line of ProCurve switches only support one auth-mechanism per port!).The switch successfully forwards interesting MAC-auth requests for authentication to the ACS with CHAP/MD5, but the ACS reports this:
Logged At:
April 16,2012 1:20:48.080 PM
RADIUS Status:
Authentication failed : 22056 Subject not found in the applicable identity store(s). NAS Failure:
Username:
002655886b3d MAC/IP Address:
00-26-55-88-6b-3d Network Device:
[code].....
The ACS is configured to use the Internal Hosts database, where the client computer is configured like this;MAC-address: 00-26-55-88-6B-3D
Cisco Switching/Routing :: Implementing Jumbo Frames On Nexus 5548
Apr 16, 2013The server team has asked me to implement jumbo frames on a single VLAN, the one they use for v motion. We have two pairs of 5548s, each pair running VPC for most connections. I am aware of many postings that describe how to enable jumbo frames globally, like this:
policy-map type network-qos jumbo
class type network-qos class-default
[code].....
I am not clear how I can extend this principle to one VLAN only.
Also, I am aware of a posting [URL], that shows some pitfalls of implementing jumbo frames in a VPC configuration. Pretty well all my connections are VPC, including all the FEXes, which are all dual-homed. In many cases, the VPC extends through to the servers so that the servers run port.channels across two FEXes. I am unclear whether the pitfalls are still valid, or whether I have to wait until my next maintenance slot (6 months away) to implement jumbo frames. Can jumbo frames be implement safely on the fly? How does enabling jumbo frames fit in with "conf sync" mode?
Cisco Switches :: SG30028P - Implementing QOS For Over Multiple Switches For Two Vlans
Jul 17, 2012I was looking for configuring QOS for two VLANS i have created. these will be for voice traffic vlan 22 and video traffic vlan23. i also have three other vlans for pc's, wireless devices and our cnc machines. we have 5 switches that are all SG30028P's with a single switch doing the intervlan routing (operating at layer 3). all of the switches are trunked back to the main switch and ive been through the guide written on how to do this on a single switch which i dont think is layer 3.
View 5 Replies View Related