Cisco WAN :: Reserve Outbound Bandwidth For VoIP 877
Mar 31, 2011
I have a Cisco 877 on an ADSL connection. QoS isn't doing the trick -- I need to reserve 200 meg or so of my outbound (upstream) bandwidth for VoIP to end complaints about voice quality. Any example of how to classify SIP, RTP, IAX, and Skype traffic and put a rate limit on anything that doesn't fall into that category? The VoIP phones also are in their own IP range on the LAN side if that would make things easier...or I could even connect them into a specific port on the internal switch in the router.
View 9 Replies
ADVERTISEMENT
Jan 23, 2012
Currently, we have a Cisco router (28xx), ASA 5520, and a core switch 4500. We have different vlans. We also have Auto QoS running for our Cisco IP Phones.My manager just asked me to see if I can either reserve some certain bandwidth for one vlan, or give that vlan higher priority on internet traffic than the others.
1.) Anyway we can reserve some more bandwidth for one vlan than other vlans?
2.) If #1 cannot be done, how can we provide higher priority on the internet traffic to one vlan than the others?
3.) Is #1 or #2 the same config? If not, which one would be easier (without changing our current QoS settings)?
4.) If 1 or 2 can be done, which device I should config the settings on?
5.) This question may be duplicate, but do we need to reset our current QoS to achieve the goal?
View 6 Replies
View Related
Feb 21, 2013
I'm intending to purchase a switch for work,and I need to limit the bandwidth of one of the ports to 25 Mbit upload and 25 Mbit download (we have 100/100 Mbit connection and the customer is only paying for 25). I been trying to find information on how this could be "properly" done and what kind of switch I need to buy. As far as I have understood, most L2+ switches support outbound rate limiting, but not inbound, and as I only want the customer to have 25 mbit up and down, I need both.
I been looking at a Cisco Catalyst 3560 switch, and I'm first and foremost wondering if I can limit the inbound AND outbound bandwidth on this switch? Perhaps it can even be done on a simpler, cheaper, switch - as I rather not spend more money then necessary?
Lastly, how to do it, limit the inbound and outbound bandwidth on a single port (perhaps on the above mentioned switch, if possible), to 25 Mbit?
View 3 Replies
View Related
Sep 5, 2011
We have a Cisco 1841 router at Branch end and a Cisco 2821 router at the HO connected by a 2MB Leased line. There is a Video Conferencing device setup in the branch office . We want to reserve 1MB bandwidth for the video conferencing and leave the remaining BW for Data . The traffic between the locations is passed through the tunnel using the static routes .
View 2 Replies
View Related
Jul 31, 2012
I have a Cisco 5505 with a 12Mbps feed. I want to reserve 2Mbps for RTP traffic. I followed the QoS guide here: url... The goal would be that any traffic destined for port 5000 through 5100 UDP or TCP from any IP to any IP on any interface.should always have 2Mbps available to it.
View 5 Replies
View Related
Sep 21, 2012
Before going further let me tell you I hate QoS..the policies that I applied. I am trying to create reserve traffic for a CE but when I try to download or upload the traffic goes from 2MB which is where it should stay to up to 6MB?completly losted, I will not move to ccnp sp like this.
View 2 Replies
View Related
Jul 15, 2011
This problem applies (in my case) to our ASA5510. The issue here is that the http service on the ASA is runnnig off of the standard port 80. Login to the firewall and run the following.no http server enable http server enable 8080,Now you should be able to add a NAT/PAT on port 443 to another server of your liking. Just remember when you attempt to use ASDM to manage the ASA in the future to specify the new port 8080.
View 1 Replies
View Related
Oct 2, 2012
I know that the 6500 with a Sup 720 reserves power for a redundant 720. If there is no plan to install that redundant Sup, is there a means of releasing that reserved power? I know that one approach would be to insert a card into that slot to cut the reserve down, but I need to reclaim all of that power.
View 10 Replies
View Related
Oct 24, 2009
Why this router have DHCP server and Port forwarding features and many LAN ports, but does not have DHCP reserve feature? If I can plug many computers, each one get own IP address, but how I can't fix it? I need to port forwarding of course, but if lease time ended, next time my computer got other IP address, so I need to reconfigure port forwarding each time! Of course I can do it, but try to explain it for your wife? Yes, I can use static IP addresses, but for what this box have DHCP server?
View 9 Replies
View Related
Sep 9, 2011
We have 1 mpbs bandwidth line, but most of the time we are getting only 300-500 kpbs download speed, i want to send statistics report to our ISP, what will be best procedure to test the bandwidth report, i have checked in some websites like bandwidthplace and speedtest but these sites are not accurate, how to check the actual bandwidth we getting from ISP against 1 Mbps. We have solarwinds monitoring tool in this i have configured the WAN interface for 1 mbps
View 5 Replies
View Related
Dec 6, 2012
I have two ISP, I want to divide Inbound to ISP1 and Outbound to ISP2.
View 3 Replies
View Related
Feb 28, 2011
We're running 8.3(2) in the ASA5540. Users all over our enterprise connect to a business partner's application through the ASA/VPN. We have a class-b address space, and since the users are spread out all over the place, I have the entire class-b space as the local object in the ACL that allows traffic through the VPN tunnel.
The business partner has concerns that our entire address space is available to access the VPN tunnel. So I thought, to alleviate their concerns, to PAT all of our connections outbound to a single IP address.
How is this done in 8.3(2)? We use ASDM to configure the 5540. For example, say our class-b is 159.12.0.0 and the PAT'd IP address will be 199.30.36.6.
View 5 Replies
View Related
May 27, 2013
I've got an 887M router which will be configured with two linke - one ADSL, one 3G - both of which will have (obviously) a separately suppplied IP address from the different ISP's being used. The 3G is a backup - plain and simple - for use only when the DSL service flakes out (which it does often)
Routing is pretty simple - I'll either do soemthing with a bit of PBR, or a simple weighted static, but the NAT has me scratching my head a little.
Can I have two outbound NAT pools (ip nat outside) for each interface which will be used ONLY for traffic going out the interface concerned?
For example, I have one for the primary link
ip nat inside source list 2 interface Dialer1 overload
Can I do the same for the second dialer interface like this
ip nat inside source list 2 interface Dialer2 overload
and have them automatically switch to using the dialer 2 IP for the outbound NAT if the dialer 1 link fails?
I don't think I've ever come across this before, so I'm not sure if it can even be done.
View 1 Replies
View Related
Aug 10, 2011
For about the past 2 or 3 months, I have been experiencing outbound packet loss at about the same time every evening. That timeframe is about 7 PM - 10 PM. This is most noticeable on Teamspeak 3 because of the voice disruption that other users report to me.
View 1 Replies
View Related
Oct 21, 2011
Both of these ISDNs are up, this gives us 4 channels. Someone said they recieved a busy tone when they attempted to dial out. I looked over the system and seen there are two outbound pots dial-peers. Each dial-peer references one of the BRI ports. The preferences are the same on each dial-peer. I think what is happening is that the system is randomly selecting one of the dial-peers due to the preference, even if both channels of the BRI are in use. How does the system know if that port has both channels in use? I've not used ISDN before, so tried to enter the B-channel sub interface and the system (UC500) tells me I cannot do this. I was thinking about adding each channel into a trunk group and then referencing the trunk group in the dial-peer. I can obviously add both BRI's into one trunk group.
View 2 Replies
View Related
Jan 9, 2012
I just migrated our office network router to a RV082. While configuring it, I came across three problems:
(1) From our ISP we have four public IP addresses which I want to make use of for outbound traffic. With the previous router we used we could configure LAN IPs(ranges) to map to static public IPs. Does RV082 support this? I could not find an option for that at the web-interface. From what I understand the 1-1 NATing only goes both incoming and outgoign ways and actually is 1-1 and not the many-to-one I am looking for.
(2) How is it possible to configure incoming port forwards to use a specific WAN interface? Will it always be the primary WAN interface?
(3) Does the telnet access provide more configuration options? I could not log in to it with the same user credentials as with the web-interface.
Serial Number : NKS1532xxxxFirmware Version : v4.0.4.02-tm (Jul 4 2011 13:30:56)PID VID : RV082 V03Firmware MD5 Checksum : 1f84d8d0a2a8b99f9bfa4409e64547aaLANWorking Mode : Gateway
View 0 Replies
View Related
Sep 20, 2012
I multi homed to dual ISPs using a single 6509e. Currently, I am only receiving a default from wash ISP and marking one with a higher local pref. most of my traffic flow is inbound, so this config meets my need. The issue I have: if either ISP has has an outage upstream from my directly connected peer, my router does not detect that and continues to send traffic out thru that provider only to be black holed. My 6509 will only support 256k routes, so full route tables isn't an option. I could receive partials from each ISP. Is there any other method to detecting this upstream ISP issue and then adjusting my local pref on my default to use the alternate provider path?
View 3 Replies
View Related
Mar 4, 2013
I multi homed to dual ISPs using a single 6509e. Currently, I am only receiving a default from wash ISP and marking one with a higher local pref. most of my traffic flow is inbound, so this config meets my need. The issue I have: if either ISP has has an outage upstream from my directly connected peer, my router does not detect that and continues to send traffic out thru that provider only to be black holed. My 6509 will only support 256k routes, so full route tables isn't an option. I could receive partials from each ISP. Is there any other method to detecting this upstream ISP issue and then adjusting my local pref on my default to use the alternate provider path?
View 3 Replies
View Related
Jan 12, 2011
I need to attach a QOS policy to a layer 2 WAN interface between two sites. This is actually an extended LAN circuit with 500Mb/s of allocated bandwidth. The interfaces are Gigabit so I want to make sure I don't attempt to transmit traffic faster than 500Mb/s. What is the best way to implement an outbound QOS policy that sets the minimum and maximum speed to be the same? This policy will be implemented on a 4900M with the 20 port GigE module
View 3 Replies
View Related
Apr 10, 2013
How can I filter outbound sys log messages, so they include only configuration changes messages..
On Cisco 2900 I used:
logging discriminator CFG LOG msg- body includes "PARSER" | "CONFIG"
logging host x.x.x.x discriminator CFG LOG
logging x.x.x.x
How can I do the same on 4507? This feature on Cisco routers is called "Reliable Delivery and Filtering for Sys log" and is available for 12.4(11)T and 12.2(33)SRB (7600) . I am running Version 12.2(25)EWA6 on my Catalyst, so it is not available.
The software I am using is a simple solar winds sys log server.
View 2 Replies
View Related
Oct 5, 2011
I'm having some issues getting ActiveFTP to pass through an ASA 5505, I finally found out when I tested the FTP via cmd on windows(after the major hassle of getting credentials out of the software co) that it does open the connection on the control port, but whenever I try to send/recieve data the connection is dropped, for troubleshooting purposes I've even gone as far as opening up all ports 1-65535 with an acl to no avail, I believe the FTP traffic is encrypted with SSL(can't get a solid Y/N from the company).
View 1 Replies
View Related
Mar 30, 2011
Below is the interesting part of my config. I have static NAT configured and working inbound for the Exchange Server and the Barracuda, however outbound traffic from those hosts comes out as the interface IP. Thoughts? I've tried a number of things (outside, inside), etc.
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network DSN-EXCH01
host 10.250.231.51
object network MAIL-IN
host 10.250.231.50(code)
View 3 Replies
View Related
Jan 30, 2012
I know I can use the RTR statement to determine when the primary ISP circuit goes down via this technote: url...My question can I assign static Nats on the backup ISP connection to the same inside servers in the dmz.?Example 10.1.1.11 is mapped to ISP1 ExternaIP of 65.217.77.11. Can it 10.1.1.11 also be mapped to ISP2's 208.217.77.11?This way I can get my DNS changed and my inbound traffic to servers in my DMZ on the asa 5510 running 8.0.3 code can continue to receive Inbound traffic.
View 1 Replies
View Related
May 7, 2012
How can I achieve this. I am obviously a novice cisco user and really fight my way around. I just want to grant access to a vendor to connect to his vpn. What ports need opened and what else do I need to do?
View 1 Replies
View Related
Sep 18, 2011
I've tried a few different ways unsuccessfully so thought I'd ask here.I'm trying to forward an outgoing port on a Cisco 800 series router. ie. When a user inside the network connects to the router on port 1234, it opens up the same port on a server on the Internet.
View 2 Replies
View Related
Aug 1, 2012
How to set the default outbound policy as block in access rules of rv220w? I configure my company router RV220W to block all outbound service traffic, just allow outbound service as : http, https, smtp, dns_tcp / udp. it works fine for some hours, the next day, the rules like expired, the https / smtp / DNS service fail to outgoing, only the http is still ok? What happen? Now I just set the default outbound policy as allow, all traffic can go out, but that is meaningless for a firewall device.
View 1 Replies
View Related
Jan 30, 2013
I'm trying to configure a simple ACL to block smtp traffic from leaving my LAN -- basically prevent internal users from setting up internet email accounts in their email clients and sending through that smtp server. i want my Exchange server only to send smtp traffic. here's what i have:
-access-list 102 extended permit tcp host 10.10.1.29 eq smtp any eq smtp <===10.10.1.29 is Exchange
-access-list 102 extended deny tcp any eq smtp any eq smtp
-access-list 102 extended permit ip any any
-access-group 102 in interface inside
after i apply this ACL to the ASA, i am still able to send from my internet email address setup in Outlook using my "foreign" smtp server.
View 1 Replies
View Related
Oct 14, 2012
I have a LAN with several linux boxes (Fedora 17, both 32 and 64 bits), as well a a WInXP box. All of these are connected to the same switch, which is connected to the inside port of my PIX 515.
For a few sites (mozilla.org happens to be one of them), for http access, the tcp connection is established, but the "GET" request - or anything else for that matter - will not go through the PIX (from inside to wan). I have verified this by first, using wireshark to watch the packets being sent out from the client box, then by using the trace function in the PIX to see that the packets ARE arriving at the inside interface, but ARE NOT sent out of the wan interface.
This is for the linux boxes ONLY. When I do the same thing with my WinXP box, all works: in the PIX trace, I see the packets arrive at the inside interface, and leave the wan interace. And access to these sites are okay.
(What's a bit weird, although somewhat expected, when I connect my android phone to my LAN via WiFi, it too is unable to reach those sites - but then again, android is linux, right?)
In addition to the tracing, I have narrowed this problem down by connecting a linux box directly to my DSL router, then replacing the PIX with a simple router/gateway. Both of those solutions work.
Some background:
I have been using this PIX for about 10 years now, with the same configuration (except IP addresses). Only in the last several months has this problem started to show up.
I got this pix from a dead company at a really great price (free), so I'd like to keep it, and not have to spend money on something else. I don't have any support license, and have not been able to get any software upgrades. Here is its version info:
taz(config)# sho ver
Cisco PIX Firewall Version 6.2(2)
Cisco PIX Device Manager Version 2.0(2)
Compiled on Fri 07-Jun-02 17:49 by (code)
Serial Number: 405200362 (0x1826ddea)
Running Activation Key: 0x38ac31f3 0x0630df47 0x9a77b805 0x8bc39a60
PS: Since this PIX is at its end of life, I was wondering if any of the software upgrades would be now available without a license?
View 2 Replies
View Related
Apr 4, 2013
We've got a proyect that requires a few thin clients to connect to a remote PCoIP server.
Looking to the documentation, the only port required to be open through Firewalls is TCP/UDP 4172, however, we've seen (making interface captures) that it somehow also uses ESP (IP protocol 50).
We've got a static NAT translation translating those thin clients to a public IP address, we've created ACLs to allow inbound (shouldn't be necessary as our user is connecting to a remote server) and outbound traffic for TCP/UDP 4172 and ESP and I cannot make it work.
I've also enabled IPSec pass-through Inspection to no avail.
how should we configure our ASA to enable this kind of traffic?
View 4 Replies
View Related
Oct 2, 2012
I need to open some outbound ports in order for our CCTV company to receive alarms from our internal CCTV Machine.
The ip addresses of the company who access the CCTV are as follows:
213.130.134.56
81.130.198.97
The above are fixed IP addresses. The internal machine is on 192.168.204.170
The outbound ports that I need to open are the following:
TCP
21
23
80
5201
UDP
1025
2074
2075
I have access to the current config if needs be.
View 8 Replies
View Related
Mar 26, 2013
What I'm trying to do seems pretty basic, but I cannot get it working on the RV180?I have 5 Fixed IPs. Using Access Rules I have configured a few inbound rules with specified WAN Destination addresses and these are correctly port forwarding these inbound ports on the specified Public IP addresses. Perfect!
However, for outbound, I need to do the equivalent for one public IP for outgoing SMTP so that our mail servers public facing address is not the standard WAN address and therefore will not fail a reverse DNS lookup. At the moment I have emails bouncing all over the place and panic has set in. I thought the SNAT option was the soltuion, but that just seems to break traffic flow completely on the specified port. I had this working no problem on my old Netgear, but I had to replace it due to throughput limitations.
View 3 Replies
View Related
Sep 12, 2012
Cisco Router 2900.My setup pppoe dsl 8mbps and i read on other website kinda sound of MTU.. but i dont know what is this or exact number of MTU. [code]
View 2 Replies
View Related
Jan 24, 2012
I have the need to do an outbound NAT redirection. So what I mean is this. I have a custom program that uses SSH to port 22 from a server inside the ASA firewall. This goes out to a server on the Internet over port 22. The ISP of the SSH server told me that they changed their SSH port from 22 to 2102. So instead of changing the custom code on the developed application on the server... I thought it would be easier to do a OUTBOUND NAT redirection for the ASA to see port 22 from the server and redirect it OUTBOUND to port 2102.
so for example:
The server is at 192.168.0.2 and it uses a program to initiate SSH traffic to 205.246.1.1. The server sends to port 22 but I need it automatically changed on the firewall to port 2201 at 205.246.1.1.
It is a Cisco ASA 5510. The server at 192.168.0.2 does have a fixed IP address on the outside with INBOUND NAT for things like port 25 (mail) traffic etc. Lets pretend that was at 64.18.23.60.
View 1 Replies
View Related
