I am trying to allow telnet to port 551 but i couldn't get it to work.I am using a cisco 1720 router running on IOS 12.2.I am using the below commands to set the access list to allow access to port 551 using remote telnet to the Cisco router.hostname R1!interface ethernet0ip access-group 102 in!access-list 102 permit tcp any any eq 551.After i enter the above command the router will disconnect me and i will not be able to connect to it for awhile. Once the router is up i am still unable to telnet to port 551.
I have configured the TACACS in my network and I have configured the aaa authorization commands 15 default if-authenticated group tacacs+ in Cisco 6504 Switch. Its allowing me to Login by Unable to run the Sh run commands ,i am getting Aithorization error emssage. If i am checking sh Privillage its showing level 15. Same configuration fine in other device with out issue.
I have a Cisco 3640 router with IOS v.12.3(16) It does not recognize the crypto commands.
#sh version Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3640-I-M), Version 12.3(16), RELEASE SOFTWARE (fc4) Technical Support: [URL] Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Tue 23-Aug-05 20:03 by ssearch Image text-base: 0x60008B00, data-base: 0x60D36000 ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) ROM: 3600 Software (C3640-I-M), Version 12.3(16), RELEASE SOFTWARE (fc4) router01 uptime is 3 hours, 43 minutes System returned to ROM by power-on System image file is "flash:c3640-i-mz.123-16.bin"
If there is a router ISRG2 2900 with SEC license and without HSEC license, there is a limit in count of cumulative encrypted VPN tunnels of 225. Which commands can show us a number of current tunnels on the router, so we can see if we are near this limit of 225?
Unable to enter global QoS commands on the 4500E chassis? We're using 12.2(53)SG. If I go to 'conf t', there is no 'qos' command. In the configuration manuals I've seen for the 4500, the following commands seem to be supported:
Region : UnitedKingdom Model : TD-W8961ND Hardware Version : Not Clear Firmware Version : V.3 ISP : ADSL24
Using windows 7 and 8 on different machines I am unable access my routers web based set up.
I enter the usual "admin" and password in the login box. 3 goes and then get error message. or hangs on waiting.(connected to the router with Ethernet Cable). Could this be a windows based problem. I think it was ok on XP but that is gone now. Router is working fine but I just cant access it to alter any settings.
My 2 other spare routers which are not TP-link also have the same problem.
I have a customer that has a Cisco 2900 Series ISR on his Headquarters, and has some branches with RV082s.We have VPN Client configured on the 2900 ISR Router and we can connect remotely using the VPN Client to the Headquarters (192.168.1.0) however we can't reach the branches subnets (192.168.2.0, 192.168.3.0, etc.)... we found out that in the RV082 you need to specify the secure traffic as a destination, but in only supports one network (192.168.1.0 or Headquarters in this case), we can't specify the VPN Client pool defined on the ISR so it can reach the incoming VPN Clients.Is there any way to accomplish this? We need to access the branches subnets when connecting using VPN to the 2900 ISR.
I have came across this topic, and I am wondering if this images can be uploaded to any 2900 series switches or not, and if this will work as access port for more than vlans. URL...
I just purchased a used Catalyst 2900 XL switch and have not been succesful in connecting to the console via minicom 2.5 running on Ubuntu 12.04 or 11.10, I don’t even get junk charecters in the terminal or echo on input. The switch passes POST according to the LEDs on the front and the network ports are fucntional for switching purpouses.
I’m using a Prolific PL2303 USB-Serial adapter, which works with minicom to console into another device. I’ve tried every baud rate available and tried combonations of hardware flow control, software flow control, and niether.I’ve tested the pinout of the console cable and all pins map correctly according to Cisco spec.I’ve also tried Cutecom, putty, and screen. I have not tried HyperTerminal because I do not use windows.Is it possible that the previous owner disabled console access? Do I need to reboot the switch each time I test a different baud rate?
The field engineer has a stand alone 24 port 2900 series switch that he has different equipment connected to and are segmented using VLANs. So for example, he's got ports 1-4 assigned to VLAN 10, 5-12 assigned to VLAN 20, 13-19 assigned to VLAN 30 and 20-24 assigned to VLAN 40. He would like all the gear on VLAN 30 to have the ablity to talk to all of the other VLANS, but VLAN 40 should not be allowed to talk with any other VLAN. Trunking would do no good here since the switch isn't connected to anything and you can only assign one VLAN per port.
Is there a way to do this within the stand alone switch? The only possible way I could think of would be to ensure that each VLAN has an assigned IP number (subnet) and doing this through access lists.
Region : India Model : TD-W8961ND Hardware Version : V3 Firmware Version : S/N: 12B79605315 ISP : BSNL Data One
I had Purchased a brand new TP-Link WifI Modem Router TD-W8961ND with S/N : 12CB5200872 from [URL] and it got delivered few days back. When I am trying to connect it to the internet the modem is not getting connected nor configured. The Power button light, ADSL Light and internet light are continuously blinking and nothing is getting steady. The modem is appearing to be a damaged piece of modem and it is very unfortunate that we have got a modem from flipkart in an unserviceable condition. It came with a warranty of 03 years and I wanted a replacement so that I can use the modem for connecting internet.
Are the IOS commands the same on a router and a ASA for these two topics....CBT Nuggets where I train has 553 videos for some of the new topics. I am preparing for 554 as it has more ASA focus and thats more interesting to me.
I have created a baseline template to run compliancy checks, I understand that lines beginning with a + are mandatory and lines begining with a - should not be on the router. What I need to know is, is there a catch all for any other commands on the router config (startup or running) but not mentioned in the baseline? For example, lets say this is my baseline:
+ service timestamps debug datetime msec + service timestamps log datetime msec + service password-encryption + hostname [hostname]
The router comes back as compliant as it has all the above lines. However there is obviously more config on the router, but this doesn't show? So I know I can get commands that are in the baseline but not on the router; but what about the other way round - on the router but not on the baseline? Surely this exists - at the least from a security point of view, an attacker could well have configured the Dot11Radio int, however without entering the command with the minus prefix I can't tell? LMS 2.6
Region : Others Model : TD-W8901G Hardware Version : V6 Firmware Version : ISP :
problem with filtering
Region : Syria Model : TD-W8901G ver 6.0 54Mbps wireless G ADSL2+:
I used the url filter utility inside the router program. I put some url for example www.google.com, I wanted to try the filtering cababilty, Later I deleted all these adresses , but unfortunatley it keeps telling me the following message: "The system returned: (110) Connection timed out The remote host or network may be down. Your cache administrator is webmaster@proxy1."
I have just received a new cisco 2901 and started on its configuration. when I started configuring VPN tunnels, I saw that non of the crypto commands are available.
The router runs on iOS 15.1.From what I read, people refer that the router needs to past a license activation or something like that. When I run show verison - i do see "none" under most of the categories.
I have DSL 8Mbps DL and 768kbps UL The setup look like this:Internet -> Modem -> Cisco Router -> Firewall -> Switch Core - > Multiple switches like sfe2000p? CiscoRouter: i use port gig0/1 for PPPoE and i use port gig0/2 for LAN static Router port gig0/2 with 122.54.144.153/29 connected directly to Firewall port13 with 122.54.144.154/29 ?i want 122.54.144.153/29 will my default gateway ? include no limit bandwidth,filter etc at router, Firewall will be DHCP Server and control the bandwidth, filtering etc and the client computer should get 8Mbps
Mode: Routing Encapsulation: PPPoE Username: xx Password: xx Service Name: ISP name
I configured dmvpn at cisco router 2900. one hub router and 3 spokes. all of them are working normally but tomorrow i see one error at at one spoke router.
error: Maximum Tx Bandwidth limit of 85000 Kbps reached for Crypto functionality with securityk9 technology package license
I have an old 2621xm router in CCIE lab at home. Only a week ago I started having issue on 2 of them. The problem is on one of them when I go under interface configuration and I type "no shut" nothing happens. Interface stays in administratively down status and when I check running config "shutdown" is still under interface.
On the other one the same problem but only with "router rip" command. I configure my rip routing but then when I check running config there is no rip section and also RIP is not running under "show ip protocols rip".These routers are connected to 2511 AccesServer. So I thought the issue might be communication from AccessServer to these devices. I connected a console cable straight to them and still the same problem. Everything else is working on these devices.
Region : UnitedKingdom Model : TD-W8951ND Hardware Version : V1 Firmware Version : Latest ISP :
In trying to make sure it was NOT wide open to the internet (amongst many other problems of setting it up, which I ,may address later if I can actually connect to the thing ever again) I told it to only accept connections from a range of address inside the LAN. Now it wont accept anything except telnet from the LAN.Short of wiping out 6 hours of trial and error configuration and resetting it, are there any other options I can exercise via the telnet interface?
I am attempting to set up snmp v3 monitoring of my 2900 series routers from the third party Spiceworks utility. My snmp config on the router looks like this:
SNMP-Server view Westv3View internet included SNMP-Server group Westv3Group v3 priv Read Westv3View SNMP-Server user Westv3User Westv3Group v3 auth MD5 <password1> priv DES
[Code]....
I have set the logging level on the 2900 router to informational and see no errors of any kind popping up when I try to scan the router from SpiceWorks. Spiceworks just returns a generic "unable to contact host" message.
I am in search of a 1 Gig Ethernet WAN module for 2900, 3900 series router.I want to terminate 230mbps link on this module.I found EHWIC-1GE-SFP-CU option but as per service provider it will not support to 230mbps link.
I have a Cisco 2921 router running c2900-universalk9-mz.SPA.150-1.M4.bin.Its licensed for ipbase, ipbasek9, Permanent and uc,uck9,Permanent (I'm using the router as a voice gateway),I'm looking to update the IOS to c2900-universalk9-mz.SPA.150-1.M5.bin as I'm told it has a fix for some DSP problems.So the question is, do I need to obtain a new license key to apply this update or am I covered by the existing license on the router.
I have a requirement where 3 Branch locations of an organization is connected to their hub location via MPLS.They have an internet connection only at HUB as shown in the diagram (Attached)Now all spoke locations should access internet via hub.At spoke locations is there a way that I can have Cisco 2900 router and dedicate only 30% of the WAN bandwidth for internet browsing traffic.Remaining 70% should be used for accessing applications at hub.
For example if i have 5 Mbps Mpls port at spoke I want to dedicate only 1 Mbps for internet browsing traffic remaining should be dedicated for accessing the application at hub.How can we acheive this? Can it be done by using PBR and rate limiting?
I have a Cisco router 2900 with firewall, i need to know how can i allow the ping from self zone to outside zone, i trried to create policy from self to outside but i still didn't allow ping or tracert, i get that message when i try to ping from cisco router: "Unrecognized host or address, or protocol not running"
I have a brand new 2901 and I'm trying to work out what licence features I have. The output of show licence shows I have ipbasek9 feature and datak9 as EvalRightToUse feature. Is BGP included in the base feature? What will happen when the datak9 evaluation period expires?
I wanted to get some opinions on the topic above. We are purchasing MPLS services from a large ISP and they offer a managed router option. I will also have a Cisco ISR 2900 at each site running SRST for my voice system. I have some experience with BGP and am not scared at all to support it if need be. That said, I am currently looking at pros and cons of going with a managed router from this company vs managing my own. Actually, I will manage my own regardless and would just plug it into the managed router. My router is perfectly capable of handling the BGP protocol but I am hoping that I can get some opinions from all of you.