Cisco WAN :: Keep VLAN Tags Between 1921 Over T1?
Aug 8, 2012
I am looking to transfer 3 VLANS (10, 20, and 30) over a T1 point to point using Cisco 1921 routers. I do not want to "Bridge" the connection, one location has a 10.1.0.0/16 subnet and the other location has a 10.2.0.0/16 subnet because we don't want to saturate the already slow link.
I tried the instructions here: [URL] With these routers couldn't I create the three VLAN's then tell the GigabitEthernet0/0 interface it's a trunk port? Or do I setup sub interfaces (.10, .20, and .30) for each vlan? I've tried all of the above and I can't get it to work. I can directly plug into the router and ping the other router on the other side of the T1 but I can get the info coming from my Dell PowerConnect 6248 (plugged into a trunk port) to go through to the router which is why I think it's a vlan issue.
View 17 Replies
ADVERTISEMENT
Dec 30, 2009
I do not see 802.1Q tags nor do I see p-bits (COS) in my wireshark captures. My setup is not working and I have no way to verify (sniff) that the 6509 is setting the p-bits to 3. [code]
View 4 Replies
View Related
Apr 9, 2012
I asked this in the LAN forum but I don't think people understood what I was asking. I want to know if I can route VLAN's across my T1 point to point connection using 1921 routers. I currently have AdTran 3205's and although I found info on the internet saying you can make them do this I could not after many hours of trying. I also found this article: [URL] that also seems to say I can do what I want but I just want to verify.
We have two main locations currently connected by a point to point T1 (1.54Mbps) through the AdTran 3205's. We are running out of IP addresses as we just have a single subnet on each end. I want to move to a VLAN setup for a couple reasons including security and QoS for our voice system. Each location has it's own dedicated internet and proxy server. Here is my planned layout:
ISP 1 ISP 2 | | | | | | | 10.0.0.0/30 | Layer-3 Switch 1 -- 1921-1 ---------- 1921-2 -- Layer-3 Switch 2 | | | .1 .2 | | | | VLAN 20 | | VLAN 20 | | 10.1.20.0/24 | | 10.2.20.0/24 | | | | | VLAN 10 VLAN 30 VLAN 10 VLAN 3010.1.10.0/24 10.1.30.0/24 10.2.10.0/24 10.2.30.0/24 Building #1 Building #2
Can I do this with the 1921s? Is there a better design for what I want to accomplish (seperate our users, servers, and phones onto seperate VLAN's)?
View 6 Replies
View Related
Feb 6, 2013
I have a Cisco 1921 Router, a Cisco Catalyst 2960 and a Cisco Catalyst 2970 and I want the router to be able to assign ip-addresses by what VLAN a device is active on.
VLAN1: 10.0.0.0/24
VLAN2: 10.0.1.0/24
The router is connected to the Catalyst 2960 and there on to the Catalyst 2970 so the VLAN1 and VLAN2 is active on the to switches and the Router.is it possible?
View 8 Replies
View Related
Oct 7, 2011
My company's spent the last few weeks struggling with an issue with their VPN backups where select packets were being lost.
View 7 Replies
View Related
Oct 10, 2012
I would like to know how long a route would maintain its community tag when it traverses ***?Basically, a route is tagged 100:1000 when exiting AS100, and then accepted into AS200. AS200 will not modify the tag. Would AS200 export the route to AS300 with the same 100:1000 tag?
View 2 Replies
View Related
Aug 1, 2012
I will be installing two Cisco 1921 Routers to connnect a T1 between two offices. We are changing out our current AdTran routers as we would like to bridge three VLAN's across the T1 link. I followed the instructions at (URL) shtml to the best of my ability and my two Gigabit Ethernet ports are tied into a bridged virtual interface (BVI1). I then assigned a IP to BVI1 and another to my Serial0/0/0 then made a route to get to the other side of the T1 and a defualt route out our proxy. What I want to do now is setup QoS to make sure my voice data gets priority.
I setup a QoS ACL called "Voice" with the TCP and UDP source and destination ports that our phone system uses. I then setup a QoS policy on the Serial0/0/0 outgoing interface called "VoiceTraffic" and under the "match" list I match DSCP 46 or my "Voice" access rule. For the action I turned on "Queuing" and set it up for LLQ at 50%. Does this sound about right? Is there anything els eI can setup? I tried ot setup something else on the ethernet side but because they have the BVI I can't. I read some article sin this forum that said I could still apply QoS to the GigabitEthernet ports even if they are in the bridge group but it doens't let me do that.
View 10 Replies
View Related
Oct 5, 2012
We want to puchase new Cisco ISR 1921/K9 . i want to know does it support the following sample IP-SLA commands
ip sla 2icmp-echo 172.16.1.2timeout 500frequency 1ip sla schedule 2 life forever start-time now
track 10 rtr 1 reachability
delay down 1 up 1
!
track 20 rtr 2 reachability
delay down 1 up 1
ip route 0.0.0.0 0.0.0.0 192.168.1.2 track 10ip route 0.0.0.0 0.0.0.0 172.16.1.2 track 20
Im asking above question because we will need to enable ip-sla on the mentioned router. as i read on the cisco webside, it says Cisco-ISR-1921/K9-IP Base support only IP-SLA RESPONDER feature nothing else. If Cisco-921/K9 does not support the above commands , should i go for ordering Cisco-1921-SEC/K9 ?
View 4 Replies
View Related
May 12, 2011
We are trying to config vlan 10 for data and vlan 20 for voice on the same port - port 1 of swtich SF300-24P to run both data and voice on different vlans.Do I have to add vlan 10 as an untagged vlan to port 1 and add vlan 20 as an tagged vlan to port 1?If I do not want to assign the native vlan 1 to port 1, how can I remove it ? The GUI page - assign VLAN to port does not allow to remove it.Aslo, what mode shall I set up on port 1? General, trunk or access ?
View 18 Replies
View Related
Jan 12, 2013
How do I submit an RFE (Request For Enhancement) to the Cisco SBR team to encourage them to implement the missing support for VLAN to VLAN firewall rules that was available in the RVS4000 (See [URL]) and that was supposedly added to a beta release of the RV220W firmware (See [URL])?
View 1 Replies
View Related
Jan 10, 2012
Between our hosting and a customer we have an extended vlan, traveling on a fiber, between two cisco 3560 switches.The thing is, that we want to create one or more vlans inside that extended vlan, in some way if possible?
View 3 Replies
View Related
Jan 10, 2013
I have two networks at two sites with a dot1q trunk between the two L3 switches at both sites (no routers involved)
SITE A - Cisco 3750 L3 - VLAN ID 50
10.10.50.0/24
SITE B - Cisco 3750 L3 - VLAN ID 50
10.20.50.0/24
I would like to extend the SITE A VLAN to SITE B so that I can move hosts from SITE A to SITE B without needing to change their IP address but the vlan ID is already in use. Obviously the easy solution is to change the VLAN ID for one or other of the sites but both sites contain hosts that run 24/7. Is there a way to join two VLANs with different IDs together.So for example I create a new VLAN 60 at SITE B and associate it with VLAN 50 at SITE A.
View 4 Replies
View Related
Aug 12, 2012
We have 6509 VSS with FWSM Module and we have created two context on it, one is INTERNALL CONTEXT othe is EXTERNALL Context? We have spanned various VLANS in switches and FWSM context level. All VLAN Gateways are configured in context level.
Activity description : We had planned migration of these devices into a new Datacenter, it was a planned activity. During migration of devices from one Dc to a new DC we broke the VSS and kept the primary running and removed the secondary switch and migrated this secondary to new DC and powered this device ON in the new DC and checked all the config was very much fine but this device was OFF network as secondary was brought to new DC just to limit the downtime during the primary switch movement.
During the activity ( Primary switch movement )We powered off the Primary switch and mean time before shifting into new Data center We had brought up secondary switch which was already existing in the DC was put live in the network and it was working fine without any issues.
Later we had moved Primary into new data center and tried to put into VSS with the secondary , during this period the secondary device into went into RECOVERY MODE and primary device was not responding and devices went off network and immediatly we removed the VSL link and brought up primary into production network without secondary online in the network ( Without VSS just stand alone switch ) network started working, but bringing up the primary we found that some of the VLANS in the FWSM was deleted and some VLAN had misconfiguration ( example : say original VLAN ip 10.200.112.1 has become 10.300.13.1 ) also some of the access list as well as SVI was deleted making configuration mismatch.
Wanted to know while syncronization b/n primary and secondary switch in VSS if we pull out VSL link would create this type of issues.
View 1 Replies
View Related
Feb 2, 2011
I have set up 2 DHCP pools and 2 VLANs (1 *the native* for data / 1 VLAN for voice). When I use the command "switchport voice vlan 20" the port disapear from the show vlan brief list. When I use the "switchport access vlan 20" it shows up in the show vlan brief in the correct VLAN and gives the phone an IP. I assume that using the access instead of the voice is wrong and the phones would not configure correctly. But when I use the access the phone goes to the next step and tells me the TFTP files are not found. Why does the port disapear from the VLAN list?
View 8 Replies
View Related
Mar 31, 2013
i need to solves this little problem on 2960S lan BASE but i dont know if it is possible.
Uplink port config for gi 1/0/28 is:
switchport mode trunk
switchport trunk alloved vlan 10,11
but on interface gi 1/0/1 i want to have data from vlan 10 tagged as VLAN 20.
At this time i have solved this issue very primitively
I have set up gi 1/0/2 as int mode acces, acces vlan 20 and i have connected gi 1/0/2 with gi 1/0/3 with eth cable. int gi 1/0/3 is switchpor mode acces, switchport acces vlan 10
View 4 Replies
View Related
Sep 16, 2012
I have a 3750G switch in my production network that only has VLAN 1 on it. All ports are in a default state and VLAN 1 is disabled. The switch is passing traffic but shouldn't having the default VLAN shut down cause the ports not to pass traffic? If I start to create VLANs will that cause the switch to stop passing traffic?
View 4 Replies
View Related
Oct 12, 2011
I'm wanting to setup a Virtual Office scenario. Everything is working fine except for 802.1x...I can get the 881 to authenticate things connected to it, but I don't have the options of guest-vlan or auth-fail vlan.Idea is if the users takes the router home and someone, either accidentally or on pupose, connects an unauthorized Laptop, they stay off the Corp network but can get to the internet still.I found this link on Cisco's site: [URL]That link shows them configuring a guest vlan right on the fa0-3 ports of an 881W. I dont have that option on mine. I can only configure 802.1x on the vlan interface. I have 802.1x working, for things that connect to vlan1, but I would like to have a "fallback" setup.
EZVPN_Remote(config-if)#int fa1
EZVPN_Remote(config-if)#dot
EZVPN_Remote(config-if)#dot1?
dot1q
EZVPN_Remote(config-if)#dot1
[code]....
View 1 Replies
View Related
Jun 13, 2011
I am trying to setup a L2tpv3 VLAN-to-VLAN tunnel.My setup has two Cisco 890 router with Cisco IOS Software version 15.0(1) M4. These routers are connected directly on FastEthernet port 8.
One linux machine is connected on FastEthernet port 0 on each router. The two linux machines are on same vlan. I am trying to establish a vlan-to-vlan tunnel between the routers and send traffic between the linux machines.
I followed the case study 11.4 from [URL] and configured the l2tp-class and pseudowire-class. However, the vlan interface configuration is different on 890 router.
I configured a vlan interface as follows.
(config)#vlan 200
(config)# interface FastEthernet 0
#shutdown
#switchport access vlan 200
(config)# interface vlan 200
I don't see the 'xconnect' command in this context. What's wrong with my configuration?
View 3 Replies
View Related
Nov 20, 2012
We have a low bandwith (15-20 Mbit/s) to the ASA from our Client vlan. If i connect the Client to the same vlan as the ASA is, the bandwith (90 Mbit/s) is good.
Here are the Layer 3 Design:
Client -> vlan 2 - Switch - vlan 7 -> vlan 1 - ASA 5505 -> ISP
The Layer 2 Design:
Client -> Gig2/0/13 - Switch - Gig4/0/43 -> Eth0/1 ASA5505 -> ISP
IP Address:
Client: 172.16.2.10Vlan2: 172.16.2.1Vlan7: 172.16.7.1ASA: 172.16.7.2
I assuming the switch has a problem with routing ?It is a stacked Switch with following members:
switch 1 provision ws-c3750g-12sswitch 2 provision ws-c3750g-24tsswitch 3 provision ws-c3750g-24tsswitch 4 provision ws-c3750x-48
And we have following error message in the log from the switch:
%PLATFORM_UCAST-4-PREFIX:
One or more specific prefixes could not be programmed into TCAM and are being covered by a less specific prefix, and the packets may be software forwarded I first get the idea that the switch is overloaded with router traffic. Thats why i assuming i have to check the sdm templates, but i'm not sure if this resolves the issue.
Here are the relevant config:
ASA Interface on the Switch:
interface GigabitEthernet4/0/43description ASA-inside LANswitchport access vlan 7switchport mode accessspanning-tree portfast
Client Interface on the Switch:
interface GigabitEthernet3/0/1switchport access vlan 2switchport mode accessswitchport port-securityswitchport port-security aging time 2switchport port-security violation restrictswitchport port-security aging type inactivitymacro description cisco-desktopspanning-tree portfastspanning-tree bpduguard enable
[code]...
View 2 Replies
View Related
Nov 21, 2012
i'm going mad on following problem. I'm trying to get 2 networks seeing each other while one of the network is a non VLAN network and the other one is a VLAN network.They should use the same interface so i added VLAN e0/0.122 to the interface e0/0.Send a ping from my asa to both gw-IP's made me happy at first. In second in figured out that i cannot reach any client in the other network. For testing purpose i created an permit acl to any/any for both networks, but the packets still get dropped by the default implicit rule. (deny any/anyMaybe i'm to stupid for this
View 10 Replies
View Related
Nov 27, 2012
I am trying to set up a Vlan on an SF-302-08 small business switch. I would like two Vlans both with internet access but the two cannot communicate with each other. I am not really sure how to go about setting this up as its all fairly new to me. I have successfully set up the Vlans and the ports on each VLAN cannot communicate with each other however the internet access will only work when plugged into either VLAN but wont work on both together
View 1 Replies
View Related
Jan 23, 2013
I've been given the task to clean-up our network config, and have walked into a disaster zone.We have a 4510R on site with everyone using the default VLAN, VLAN 1.I have created 4 new VLANS, VLAN100, VLAN150, VLAN200, VLAN250 I have assigned interface addresses to each VLAN and configured Inter VLAN routing.I can route to and from each new vlan with no problem, i.e VLAN250>VLAN100 VlAN100>VLAN200 etc but I can't route to VLAN 1(Default VLAN) from any of them, I can ping the interface on VLAN 1 from any VLAN , but any hosts are unreachable. On the flip side , from VLAN 1 I can route to all of the VLANS.
View 3 Replies
View Related
Apr 6, 2013
I have some problem in my small network.I have 2 SF-300 48 port switches and connected to 847 router for intervlan routing. I configure 7 vlan in SW1 and uplink to SW2 with trunkport.
The problem is that if i used default gateway for users ip address of interface (vlan interface) is ok. I bring two adsl modem and connected to vlan1 and vlan2 for internet access. When i connected this two modem vlan 1 and vlan 2 are not going to access other vlan 3,4,5,6,7 and wise versa.
vlan1 users getting default gateway from adsl modem ip, how i can permit this two vlan should to access other vlan 3,4,5,6,7 and 3,4,5,6,7 should access to internet also.
[URL]...
View 4 Replies
View Related
Jan 20, 2011
I have a Netgear GSM7248R switch with 5 different Vlans including th management Vlan. Each of the vlans are connected to my layer 3 switch for routing. I want to access the management vlan form any of my Vlans so my layer two switch can be detected by my snmp manager.
View 3 Replies
View Related
Oct 27, 2011
We are a small business that just bought a Cisco 1921 ISR. I am trying to set it up right now but I cannot get CCP to discover it. I am new to Cisco products and IOS.The router is currently set up in a test environment with a USB connection to a Win7 PC for console management. I also have the PC connected to gigabit ethernet port 0/1. I am using putty to access the console which I did with no problem for the initial configuration. After that I thought I would be okay to discover the router with CCP using the IP address I specified but then it prompted me for a username/password which I didn't see in the initial configuration. After this I did some research and found out I needed to set up a few more things so I ran the following commands: [code]
After this the video I was watching said to go in to CCP and specify the IP address or hostname of the router and use the login info that was just created admin/pw. When I ran the discovery I got the failure message: Connection to the device could not be established. Either the device is not eachable or the HTTP service is not enabled.When I run 'show ip interface' I notice 'Router Discovery disabled" is this why it is not working? How can I enable this or what else am I missing here? Am I not connecting to the router correctly? Oh and just for reference our plan is to have this router set up as a VPN gateway and firewall with 2 WANs for redundancy and connecting to our switch via an HWIC SFP for fiber.
View 14 Replies
View Related
May 18, 2011
I have installed a Cisco 1921 router in our company and i have stumbled upon an issue with the DNS.
We have a internal DNS server and an internal WEB server. In the DNS server there are records pointing to sites on the WEB server, this is working just fine.
The thing is when i use a public DNS such as 8.8.8.8 (googles public DNS) i cannot resolv the external IP of those sites. I do not want to access the sites and i do not want to send any packets to the sites. All i want is to query the public DNS and resolv the public IP where the site is.
View 1 Replies
View Related
Jul 3, 2012
where can i find this ios for free CISCO1921-SEC/K9 ?
View 4 Replies
View Related
Jan 11, 2013
I have been playing around with a 1921/K9 router in our dev environment. It's been about 24 hours and I just can't seem to get it to work. My DHCP Server is working hence my internal network is getting IP address as desired. But Router doesn't seem to connect to internet for some reason.
I am trying to make it a internet facing router with static IP address (67.210.209.113). LAN side of this router will be our .11 Network which is our Dev Network.
Here is some network information:
WAN:
Interface IP: 67.210.111.111
Default Gateway: 67.210.111.222 (I can ping this address through router)
tlm1921A-11A#ping 67.210.111.222
[Code]......
View 7 Replies
View Related
Mar 31, 2013
Any issues upgrading the IOS on a 921 router.How can i create a certificate for the new IOS? I've never had to do this for other IOS 15 upgrade?I've confirmed the IOS is not corrupt and if i upgrade the router in ROMMON the router boots correctly.
View 1 Replies
View Related
Sep 6, 2011
I have purchased a PAK for my 2 cisco 1921 routers .I would like to to configure IP SEC or SSL for VPN connectivity on the routers. How do i convert the PAK into a license?
View 1 Replies
View Related
May 3, 2013
I am really stuck with router requirement for one of our client. I need 891 SEC router. I think this comes with advanced IP services. What I have is 1921, with IP Base. can I upgrade 1921, so it will become alternative to 891 SEC.
View 1 Replies
View Related
Feb 23, 2011
I'm attempting to set up a Cisco 1921 router running IOS15, and am having trouble with the NAT - it might be that what I am attempting is not possible. The only traffic going across the router is UDP, and the outside of the network canot be changed.
View 1 Replies
View Related
Nov 28, 2012
I am trying to get the Cisco 1921 to route between 2 LANs. I can ping from the router itself, but cannot ping across either, is there something I am doing wrong here:
version 15.1
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
[code]....
View 10 Replies
View Related
