Cisco WAN :: Multiple SVI Interfaces On 871 Router / 2911 With Built In 8 Port Switch
Sep 17, 2011
I am wondering if xconnect L2TPV3 feature could be done on multiple SVI interfaces on 871 router and 2911 router with built in 8 port switch?Like I need to extend two ethernet interfaces and can I use two SVIs on router built-in switch module on each side?
View 2 Replies
ADVERTISEMENT
Nov 7, 2011
I am learning the 2911 router. Is there a way to set a physical single RJ45 port to handle multiple WAN IPs? Or do I need to buy a port expansion module.
View 12 Replies
View Related
Nov 19, 2012
I am trying to figure out exactly what I need to buy to to connect to an ISP's fiber switch. We need to install a router between the fiber switch and our own core switch to be able to access the IP's allocated to the property. We installed a 1700 with the below config, but we want to purchase a brand new router and we were looking towards possibly the 1921 if the budget allows. Our distributor is telling us that we need to purchase an Ethernet WIC also, but if the router already has 2 ethernet interfaces, why do we need to purchase more hardware? I am a little out of the loop with routers at the moment, so I am not sure if they correct or not, just looking to see if this is the case and if so, why?
interface Ethernet0/0
ip address x.x.x.x 255.255.255.248
full-duplex
!
interface FastEthernet0/0
ip address y.y.y.y 255.255.255.252
speed 100
full-duplex(code)
View 5 Replies
View Related
May 13, 2013
I am trying to build a new network from scratch, I have the WLC 5508 w/ Aironet 3600e APs connected to my Netgear Smart Switches and a Linksys RV082 router that I'm using as my DHCP server with several VLANs for several stuff on my Switches.
I have 2 questions:
1. Can I have 5 Interfaces configured on 5 different VLANs, each SSID on each a different Port:
Port 1: Controller management only=> 192.168.x.x /24
Port 2: SSID 1: WiFi Internal=> 172.16.x.x/12 (Radius Auth with no sharing)
Port 3: SSID 2: WiFi Internal w/ sharing=> 192.168.x.x/24 (Radius Auth with sharing)
Port 4 :SSID 3: WiFi Guest=> 10.0.x.x/8 (Web Auth)
Port 5: SSID 4: WiFi IT=> 192.168.x.x/24 ( Radius or certificate Auth with access to the controller management interface)
2. How can I use the Controller as the DHCP server for all the WiFi traffic, and how should that be configured to work with my other DHCP server?
View 3 Replies
View Related
Apr 3, 2013
I have a Cisco 1801W router, running a DSL connection with wireless connectivity for a school. This is configured on the fastEthernet0 interface on the 192.168.1.0 network (the router is 192.168.1.1).
I was wondering if it is possible to get the built-in switch (fastEthernet 1-8 interfaces) to be used as a part of the same network (192.168.1.0/24).
Fastethernet0 is connected to the school's main switch (24 port), but we could use a few more ports. I'd love to use the 8 ports on the router.
View 1 Replies
View Related
Oct 23, 2011
I have a 2610 router. How can I tell if the built-in ethernet port is only a 10BASE-T or if it's a 10/100 port? Is there a "Show" command to give me this information or did it only come one way? I have found conflicting information on this :-( If it's only 10BASE-T, can I upgrade it to 10/100?
View 8 Replies
View Related
Feb 24, 2013
i have a question about multiple TACACS Groups. I want to archive the following:
A Cisco 888 is managed by me and a Provider Support Team. Since we both want to access our own TACACS Server, i want to create two TACACS Groups. Is it possible to me, to bind a Tacacs Group to one Interface, and the second TACACS Group to another ? Means that our stuff is connecting to the LAN Interface FastEthernet0 that is applied to the SVI in V LAN 1.
The service technicians from the Provider are connecting to the external Interface or through a possible Lo. (another IP). I do not want to mix our 2 TACACS+ Server and theirs together in one Group. So have anybody tried this before ?
View 8 Replies
View Related
Nov 15, 2011
I have a 2911 router. One interface is configured external (WAN) and two interfaces are configured on separate internal private subnets. What is the configuration to allow all traffic in both directions between the two internal subnets?
View 21 Replies
View Related
Sep 30, 2012
I built a pc asrock z77 pro3 mobo, i5 3570k 3.4ghz, ati 7950, 8gb kingston ddr3 1600mhz ram, corsair 650w psu, a hyper 212 evo and a 500gb hdd with a 128gb ssd all in a cm haf912 case.My problem is that everything works fine except for the inbuilt gigabit lan port. I'm accessing the net through an old pci-e slot network card i found, and I'd really like to use the inbuilt gigabit port. The realtek drivers do not appear under device manager. I installed the latest network drivers from asrock - (Realtek Lan driver ver:7048 for 64-bit win 7), I tried various things I read online like removing the ram for a few minutes, disabling the NIC and sleep mode. I always get this message when installing the driver: "Realtek ethernet cable was not found if deep sleep mode is enabled plug the cable" I've done everything I've read online and from reformatting to removing the ram.In the bios, i made sure the adapter was enabled. another thing is that there is no light coming from the port when the lan cable is inserted into the port. there is a light from the pci adapter so i'm not sure if it's faulty. I've also checked that the cables are fine. I hooked them up to my macbook and ps3 and the network was fine.
View 1 Replies
View Related
Sep 5, 2012
i am trying to upgrade the firmware in my C2960 switch to 15(1) SE2, and i get the error: Failed to execute the command archive download -sw /overwrite /http iosFile.
View 10 Replies
View Related
Mar 7, 2013
I have an ASA connected to 2 ISPs.I am using object tracking for the default route so only 1 path is used at a time. I have a L2L VPN setup going out interface A. I would like to configure a 2nd VPN going out interface B with identical parameters.
(ASA software 8.2)
crypto map PATH_A 1 match address outside_1_cryptomap
crypto map PATH_A 1 set peer 10.1.1.1
crypto map PATH_A 1 set transform-set ESP-AES-128-SHA
crypto map PATH_A 1 set security-association lifetime seconds 28800
crypto map PATH_A 1 set security-association lifetime kilobytes 4608000
crypto map PATH_A 1 set reverse-route
[code]....
View 2 Replies
View Related
Sep 5, 2012
What is the configuration for allow port from Outside to inside( 80,21,https...) and i want to allow traffic from outside to inside only 80,https and 21.
View 1 Replies
View Related
Apr 1, 2013
If I have a PI 1.2 system that has multiple interfaces configured I can upgrade to PI 1.3 and both interfaces remain and I can see both under the admin webpage under appliance interfaces. But if I do a fresh install of PI 1.3 I can only configure one interface. The commands fail from the cli to configure anything but gigabitethernet 0. Are multiple interfaces not supported in PI?
View 2 Replies
View Related
Jan 15, 2013
Having upgraded to 8.3 from 8.2 I and read much about the differences , it seems that 8.3 deals with NAT in a much more managed method.However I am confused on how one would NAT a network object to multiple interfaces? i.e I know you can specficy a NAT adddress within the network object howeveer this only allows you to specific a single IP address.What if I want to talk accross multiple interfaces how would I specify this?
View 5 Replies
View Related
Jun 16, 2011
We have an ASA 5510 firewall. There are 4 ports on it configured as 2 outside, one inside, and one DMZ. We have two cable modems attached to the outside ports. Our plan is to have the "inside" port directed to one outside port/cable modem, and the DMZ port directed to the other outside port/cable modem.
We have been able to get the "inside-to-outside" setup to work but not the "DMZ-to-outside" setup (at least at the same time).First off, is this possible? If so, what are we likely missing - some way to have a second default route for the DMZ?(My manager is the "Cisco person" here, not me, so I may not have enough info.
View 1 Replies
View Related
Aug 20, 2012
I am trying to enable a second WAN interface on our ASA.the end goal is to move all internet traffic to the new connection, but first i want to test it working.I have setup my computer as an object in the ASDM and the interface is configured correctly (same settings on a different router and that was working)I setup a route with a lower metric ( 1 lower than the default route which routes everything through current main internet interface) to route traffic from my computer out through the new interface but i am still connected on the old interface.I duplicated some of th NAT rules (but i would have thought if these werent working then i would have no internet connection anyway)
View 5 Replies
View Related
Feb 24, 2011
I am trying not to run before i can walk,.. so first thing I'm trying to do is ping out to a DNS server in the internet: 212.135.1.36 from my internal network.
- If I put a default gateway on my router, and set to 172.16.32.254 (Firewall Vlan100 interface) and ping,.. it works fine from my router.
- If put a default gateway on my switch below the router as 172.16.32.252 (VLAN100 interface of the router) and ping from the switch it doesnt work.
I assume its getting to the switch as I can ping the 172.16.32.252 from the switch so the router is dropping the packets... my question is why!?
Once this bit works,.. the intention is to route any external bound traffic that comes from VLAN100 to 172.16.32.254, external bound traffice from VLAN200 to 172.16.64.254 etc etc
[Code] .....
View 5 Replies
View Related
May 12, 2013
I have c3725 router that have two WAN interfaces, both of which I want to serve VPN clients. However, I have only one default route, say for WAN1, so how can I accept client requests on WAN2.
ps: I use vpdn and pptp, and I'm a newbie to Cisco router and IOS.
View 4 Replies
View Related
Sep 4, 2012
how this switch module works in 2911 router? I have two 2911 routers in HSRP configuration for redundancy with crossover cable between switch modules. OSPF running on routers.If active router loses its power and then comes back again, it boots first, its internal link to switch module comes up and it starts to forward packets to switch module. The switch module starts to boot only after router is ready. So I have outage of about 3-4 minutes. For our real-time applications it is way too long.
any way to start booting of the switch module before router gets ready?I understand I can boot it manually, but it is only after router is ready. Only way to get around it I found is to disable internal link and use router interface to connect to the switch module.
View 1 Replies
View Related
Apr 2, 2012
we use LMS 3.2 in our network. We have a couple of 6509-V-E Switches with mutiple interfaces (VLAN interfaces and Layer 3 interfaces) The problem is, campus manager discovers the switch by a interface randomly...one time its a lay3 Interface and another one its a vlan interface which none of them are in DNS hence no name resolution can be made.
Is there a way to "tell" CM to us for instance the VLAN Management IP of the switch?
View 2 Replies
View Related
Jan 24, 2011
I have 2 routers ( Cisco 3845's) both running identical IOS's. Each router has identical 5 networks on it with one network each being different.I have HSRP set up on the identical 5 networks.Your standard Fail over senario.ON one of the routers one network is not seeing the other router in the same network, Will not Ping or traceroute.And HSRP stopped working ( both were thinking they were active. which of course brought the network to a halt. Non of the interfaces has any ACL on them, They are plugged into a Brand new Cisco 3560v2 switch. I have switches out the cables to eliminate that as an issues.
View 1 Replies
View Related
Jan 3, 2012
I have a 5508-WLC appliance and configured multiple ap-manager interfaces to balance the join request from LAPs and the load.I went to console port from some LAPs and saw that there was that balance among multiple ap manager interfaces (Dynamic AP Management Interfaces). Then we torn down one of the ap manager interfaces and confirmed that the LAPs were moved to next ap manager interface automatically.But the question here is, how can I verify which ap-manager interface was used for a LAP from the WLC via GUI or CLI ?? or how can I see the amount of APs joined using that ap manager interface from WLC ?
View 2 Replies
View Related
Apr 10, 2013
I am trying to lab something up and I believe I am doing something incorrectly. My management VLAN works fine, the AP on port 7 finds the controller fine, but my VLAN 80 doesn't seem to be mapped to port 2. I mapped a test WLAN to the VLAN, and setup a DHCP scope, and a client can get on the WLAN, acquire an IP address, etc. I thought I coudl then map that VLAN (80) to port 2 and have it go out a cable modem. Doesn't seem to be working that way, however.
View 3 Replies
View Related
Sep 23, 2011
I have an ASA 5505 running 8.2(1), that is configured with three interfaces as follows:
Inside (security 100) 10.0.0.0 /24
Inside 2 (security 100) 192.168.0.0 /24
Outside (security 0) internet
Inside is connected to my internal network, inside 2 is connected to the network of a sister organization, outside is outside.
I'd like to be able to route between from inside to inside 2, and have NAT translate me to inside2's address.
I have inter-interface traffic configured, and when I use a NAT exemption, I can route fine. But the resources on network 2 must see my request as coming from the inside2 interface IP.
View 2 Replies
View Related
Feb 12, 2013
This is for an ASA 5505 with the base license...I have a situation where I will not have one interface in my outside VLAN, but instead I want to have interfaces 1-7 in my outside VLAN and interface0/0 in my inside VLAN.
Is this supported with the Base license, and if so how would I do this? Do I still just need to assign one IP address to the outside VLAN?
Or will I need to upgrade to the Security Plus license and put each interface in a separate outside VLAN, so in essence I would have 7 outside VLANs each with the same security level (0)?
My situation is that I have several partner networks that i want to "aggregate" thru my one ASA 5505. So each outside interface represents a separate partner (outside) network, each of which I want to get to from my inside network. Hence the many outside to one inside.
View 5 Replies
View Related
Nov 21, 2012
I have a virtualization server with 4 network interfaces and connected it to a SAN. There are few virtual machines which writes data to the SAN.
I want to connect to the SAN with multiple interfaces to speed up the network.
Is it possible to send data on multiple interfaces? How can I configure it?
Computers are connected to san through switch.
SAN: Equallogic PS 4100 E
Switch: Dell Power Connect
Computer: Dell T610
OS: Centos 5
Virtualization: Kvm
NIC: 8
I am not sure about network card brand now.
View 1 Replies
View Related
Apr 27, 2011
Purchased a 2911 router for a customer, and I'm sure I'm missing a module here.
Teleco installed T1 and left connection to smart jack. Router only has 2-3 copper ports.
Can I get away with configuring the blackbox with RJ45 to the copper port on the router ethernet or do I need to purchase a HWIC ?
View 1 Replies
View Related
Dec 6, 2011
I have two cisco routers (Cisco 2911 and 871) that I'm trying to establish a L2L VPN with. Each have a VPN configured to our cooperate office that is up and working. I'm now trying to establish a site to site VPN from both remote offices. I have my crypto maps, NoNats, and interesting traffic set up however, I do not even see phase one come up.
I've attached each config. Most of my site to site experience is on PIX's and ASA so I'm curious if there is something else I need to do on my outside interface to allow multiple VPN's?
View 2 Replies
View Related
Jun 20, 2012
We are about to install a cisco 2911 router to replace a linux based router.
The Cisco will have 5 gig ports, 4 ports connected to DSL modems each modem connected to a different ISP, and the last port connected to a Cisco LAN switch.
802.1q will be used on the internal router port to split the LAN segments up into VLAN's as the building contains lots of different businesses.
Each customer in the building has there own servers and set of public IP addresses assigned e.g
Customer A - ISP 1 uses 81.34.65.78 NAT'd to 10.0.0.1 Vlan 5 port 25 (SMTP)
Customer B - ISP 2 uses 217.23.67.87 NAT'd to 192.168.1.1 Vlan 6 port 25 (SMTP)
and so on
The outbound traffic also needs to go out of the correct DSL line which ever has been assigned to that customer.
Am i right in thinking the only way to do this will be to use "Route Maps" ??
(IP addresses above are made up, or at least not ours)
View 17 Replies
View Related
Jan 14, 2012
I am having big problems trying to get what should be a rather simple configuration to work.I have a Cisco 2901 Router and have setup Zone Based Firewall on this.Traffic from the 192.168.223.x network does not pass through to the 192.168.1.x network.my traffic appears to disappear down the big bucket...Interesting I can ping machine on 192.168.223.0/24 network from the 192.168.1.0/24,So the static routes setup on the router on the 192.168.1.0/24 appear to be routing ok.
View 4 Replies
View Related
Mar 20, 2012
I've got a question concerning the configuration of multiple AP manager interfaces on -for example- a cisco WLC 2504. I've read the configuration guide but I'm not sure whether this is the way the protocol works. Say I want to distribute AP's (and traffic) across various AP Manager interfaces on the WLC. I would configure the following:
Create one management interface (which will automatically also be an AP-Manager interface)Configure 1 (or more) Seperate ap-manager interfaces, assign them to a port number, and select "Enable dynamic AP Management". VLAN ID's will be the same.Create a WLAN and configure it's interface to "management" Is it correct if I state that the LWAPP protocol takes care of the discovery from the Access Point and sends information about the available AP-manager interfaces back to the AP and the AP knows which ap-manager interfaces are available, connecting to the least loaded one?
View 3 Replies
View Related
Oct 10, 2011
I've been trying to figure this one out for quite a while. I currently have 2 inside interfaces (data, phone) and I am moving to 3 inside interfaces (servers, workstations, phones). I have not been able to get any traffic between the interfaces. With the current setup it was not a major problem. With the new setup it will be a major problem.
Below is a sanitized version of the config.
ASA Version 8.2(1)
!
hostname BOB
[Code].....
View 11 Replies
View Related
Oct 18, 2012
Due to special circumstances we have 2 ISP links on an ASA5510. I am trying to terminate some L2L VPN tunnels on one link and others on the second ISP Link, eg below:
LOCAL FIREWALL
crypto map outside-map_isp1 20 match address VPN_ACL_Acrypto map outside-map_isp1 20 set peer 1.1.1.1crypto map outside-map_isp1 20 set transform-set TS-Generic
crypto map outside-map_isp2 30 match address VPN_ACL_Bcrypto map outside-map_isp2 30 set peer 3.3.3.3crypto map outside-map_isp2 30 set transform-set TS-Generic
crypto map outside-map-isp1 interface ISP_1crypto map outside-map-isp2 interface ISP_2
crypto isakmp enable ISP_1crypto isakmp enable ISP_2
route ISP_1 0.0.0.0 0.0.0.0 1.1.1.254route ISP_2 3.3.3.3 255.255.255.255 2.2.2.254
Establising the VPN tunnels in either direction when using ISP_1 works fine establishing in either direction from remote access users and multiple L2L tunnels (only showing one for example).
On ISP_2
1. Peer 3.3.3.3 device establishes a VPN tunnel, but the return traffic does NOT get back to devices on 3.3.3.3 tunnel.
2. The local firewall does NOT establish a VPN tunnel going to 3.3.3.3
It would seem to indicate that the problems lies with this multihomed firewall not directing the traffic correctly to either return down and establised VPN tunnel (point1) or to intiate a tunnel if none exists (point 2).
Reconfiguring the VPN tunnel peer for 3.3.3.3 to be on ISP_1 of the local firewall, all springs into life! There are sufficient license etc...
View 4 Replies
View Related