I wish to use a 1921/k9 as a router on a stick. Inside interface interconnects up to 9 VLAN, and performs the routing. Does the 1921/k9 supports trunking and VLANs (I think it should support 16 VLAN, but I am not shure) or I should choose 1921-SEC-k9? Routing performance is the same both on 1921/k9 and 1921-SEC-k9? (I think I'll use static routes or RIP, it is not a large network)
View 1 RepliesI can not connect to the web features when plugged in the router but works fine when plugged in the modem directly.
View 1 Replies View RelatedWe want to puchase new Cisco ISR 1921/K9 . i want to know does it support the following sample IP-SLA commands
ip sla 2icmp-echo 172.16.1.2timeout 500frequency 1ip sla schedule 2 life forever start-time now
track 10 rtr 1 reachability
delay down 1 up 1
!
track 20 rtr 2 reachability
delay down 1 up 1
ip route 0.0.0.0 0.0.0.0 192.168.1.2 track 10ip route 0.0.0.0 0.0.0.0 172.16.1.2 track 20
Im asking above question because we will need to enable ip-sla on the mentioned router. as i read on the cisco webside, it says Cisco-ISR-1921/K9-IP Base support only IP-SLA RESPONDER feature nothing else. If Cisco-921/K9 does not support the above commands , should i go for ordering Cisco-1921-SEC/K9 ?
I would like to configure the policy base routing (PBR) on router (3900) base on the "specific tcp port" (TCP port 16255) to re-direct the traffic to another FE port.
From cisco web portal, CAT 4500 should support PBR as below:"Policies can be based on IP address, port numbers, or protocols. For a simple policy, use any one of these descriptors; for a complicated policy, use all of them." url...
Does 3900 router has the same features on the PBR? if yes, can it support "source tcp port" and/or "destination TCP port"?
Do any of Linksys routers have the recently popular guest network access feature where you can create a password protected or no password secondary network that provides internet-only access to guests and prevents them from accessing your main network (computers, printers, HDDs etc?). Does Linksys's highest end WRT610N have a similar feature that works slightly differently but does the same thing?
View 9 Replies View RelatedI just picked up an e3000 last night. Set up was performed manually. Flashed to 1.0.04. No issues and I was up in under 10 min.Although I read the user guide, prior to purchase, I admit I did not expect that I would not be able to configure ALL of the router's features and functions from the web based configuration, without using the CISCO Connect CD.Parental Controls and GUEST Access cannot be configured unless you load the Cisco Connect software.While this is not a huge deal, this implementation is clumsy and cumbersome for advanced users. Honestly, I had no disire to install the Cisco Connect software. I was further disappointed to see that it stores the router's password.
My feeling here, let's not ruin a great thing. There are two types of users. One's who need a configuration wizard, and other's who don't. I guess some inroads are being made in the right direction as some GUEST access functions can be made in the web gui on the e4200. I hope this can be further expanded to all "e" series routers in the future. Overall, it works as advertised. Streaming 720p HD video over wireless 2.4Ghz band G only is flawless. This is no different than my wrt54g2, but I'm upgrading to a 1080p player and have read that N on the 5Ghz band is the way to go.
I have the Linksys/Cisco router E4200. My question is setting up parental control features as specified in [URL] - specifically the blocking of sites based on certain keywords and/or blocking sites based on age groups (child/teen). I do not see this capability in my Cisco Connect software. Is this feature available for E4200 v1? If so, how can I obtain the software?
View 2 Replies View RelatedFor a high end wireless router like the E4200, the parental control features are lacking. The other features and performance of the router are great, but why not provide outstanding router based parental controls? With the latest firmware (1.0.03) no new parental control features were made available. Currently, I can restrict by time, which is useful. I can also restrict 10 websites - which is not useful. I certainly don't want to maintain a list of the 10 most offending websites that I want to block. First of all, 10 is not even close to being enough. Second, and more important, there should be a way to subscribe to some service that automatically updates the list of blocked websites based on content. I would not mind paying for this service if the cost is reasonable. I know that there are software "solutions" for this, but my 6 year old easily found a way around this sort of solution. I have tried many with no success. The only real way to enforce parental controls in a home network is at the router. I would love to this feature available on this high end router. There are a few lower end wireless routers that offer this service, but the other feature set is poor. I want to have my cake and eat it too.
View 3 Replies View RelatedI have installed a Cisco 1921 router in our company and i have stumbled upon an issue with the DNS.
We have a internal DNS server and an internal WEB server. In the DNS server there are records pointing to sites on the WEB server, this is working just fine.
The thing is when i use a public DNS such as 8.8.8.8 (googles public DNS) i cannot resolv the external IP of those sites. I do not want to access the sites and i do not want to send any packets to the sites. All i want is to query the public DNS and resolv the public IP where the site is.
I have a cisco 1841 router and want to run BFD i think it needs IOS 12.4T..It has currently 12.4 but no T does the "T" IOS have mroe features?
View 1 Replies View RelatedNCM is going away. It is recommend to move to LMS. We already have a LMS deployment. Currently just used for Monitoring/Performance.Trying to figure out how to get the Configuration change piece that we used NCM for into LMS. Not really having any luck.What I am really wanting to do is configuration archive, device config change notices (when a device config changes I can run report to see who and what was changed), and configuration comparisions (between old and new configs)
View 5 Replies View RelatedNeed to understand some features of Cisco Small Business 300 Series Managed Switches. one of this is "Static routing/Layer 3 IP routing between V LAN's allows for communicating across V LAN's without degrading application performance" what is this means can i create V LAN or just V LAN can pass through this kind of switch? how about this features from Cisco Catalyst 2960 Series Switches " The ability to set up virtual LAN's so employees are connected by organizational functions, project teams, or applications rather than on a physical or geographical basis" what is the difference of this features of this different model of switches?
View 3 Replies View RelatedI just purchased a SA 520 and I am trying out the IPS feature before I buy. During my tests I get around 85 Mbps off a 100 Mbps connection (which is relatively normal), however as soon as I enable IPS with very few options (Trojan/virus, HTTP, etc), it drops down to 18 or so. Anyway to improve this?
View 14 Replies View RelatedI am really stuck with router requirement for one of our client. I need 891 SEC router. I think this comes with advanced IP services. What I have is 1921, with IP Base. can I upgrade 1921, so it will become alternative to 891 SEC.
View 1 Replies View RelatedI'm attempting to set up a Cisco 1921 router running IOS15, and am having trouble with the NAT - it might be that what I am attempting is not possible. The only traffic going across the router is UDP, and the outside of the network canot be changed.
View 1 Replies View RelatedI'm trying to secure my dir-615 and I can get in to the web site but the connection wizard is greyed out and the manual set-up is alos greyed out even though I can select manual set up?
View 2 Replies View RelatedThe router passes the Interface test for the WAN port in CCP but it still we cannot access the internet. Here is my configuration:
Building configuration...
Current configuration : 3663 bytes
!
! Last configuration change at 09:29:52 Chicago Mon Feb 20 2012 by fbcpekin
version 15.1
[Code].......
We are having problems configuring NAT on our Cisco 1921 Router. Below is the running config. The problem we're having is for example our FTP server 192.168.1.16, cannot be accessed from its outside IP address, which is NATed on the router. The server is verified to be up and running and when we do a show debug ip nat, we see the router is translating outside users attempting to access the ftp server to it's correct internal IP address.
View 3 Replies View RelatedI have a 1921 with 3 interfaces. One for the LAN and the other 2 are wan each with a public address. The 2 wan interfaces are used for redundancy. I would like to know how I can static nat the same port and inside address on both wan interfaces.So if the request comes in on one or the other it works. I know if I do a static nat to one of the wan interfaces and then add the same port and inside address to the other wan interface it replaces the previous configure.
View 5 Replies View Relatedi have a cisco 1921 router and it has ge0/0 (LAN) and ge(0/1) WAN. ge 0/0 is well connected and i can ping it and the LED light is on but ge 0/1 has failed to come up.Ge0/1 is connected to an IDU and has a public IP address. The LED light also does not light on ge 0/1.Where could the problem be?
View 5 Replies View Relatedhow do I monitor temperature of my 1921 router? Which commands do I need to put on router and which MIBs to use. I am using PRTG network monitor as a monitoring system.
View 10 Replies View RelatedI have a 1921 router with a V.2 T1 wic installed connected to a MPLS circuit. The circuit is down hard and the CD light is flashing. We reseated the WIC card and the circuit recovered for about 30 seconds, then went down and CD began flashing again on the WIC. AL is solid.
View 1 Replies View RelatedHow do I access the router's web gui management? I already enabled the ip http server and ip https commands. I have a username and password configured
I open a browser session with the ip address:URL, But I do not get the management GUI. I haven't used the GUI in many years,
Cisco Systems
Accessing Cisco CISCO1921/K9 "my-router"
Show diagnostic log - display the diagnostic log.
Monitor the router - HTML access to the command line interface at level 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
Show tech-support - display information commonly needed by tech support.
Extended Ping - Send extended ping commands.
I have a Cisco 1921 in place with the security IOS so it is also acting as a firewall.
I am wondering if I can enable the GUI so I can configure it remotely.
I am doing a security assessment of an organization that uses 871/881 routers with the firewall features enabled. I see the following commands defining packet inspection done by the firewall software.
-ip inspect name inet-users tcp
-ip inspect name inet-users udp
-ip inspect name inet-users icmp
What I am trying to define is the inspect name "inet-users". It is obviously a constant defined by IOS as it is not defined anywhere in the configuration file like any other "variable" and does not generate an error.What does "inet-users" define? I'm assuming it is all users using the interface(s) where the inspect commands are used, but is that correct? The Cisco IOS manuals do not contain a reference to "inet-users" hence why I'm here asking.
We just replaced a floor swithc, and ended up going with an IOS-XE software, LMS does not seem to like this software, the device is not available in my Identity dashboard, it's abviously running dot1x.
LMS shows it as software version 03.02.01.SG, same as you get when you do a show version, license level is enterprise services.
Actual Image name: cat4500e-universalk9.SPA.03.02.01.SG.150-2.SG1.bin
Also, the IOS upgrade option does not work for this device, it give an error saying to perform an inventory collection, which I have manually performed, the device is reachable and manageable by LMS, and it does not show up in any of the IOS version reports.
My current network setup has pix 525 firewall and for IDS i have 4215 box.As the utilization is high i am buying new ASA5520 firewall.
My query is
1 My IDS is end of support should i buy an IPS moudle with the asa 5520.is it recommended?
2 Other than firewalling what are the default features supported in asa 5520 like vpn,content filtering etc.
I need to know how many IPsec VPN tunnels one Cisco1921 can support reliably. Haven't had any luck sifting through documentation on the web.
View 2 Replies View RelatedWe have a 1921 router that has WebVPN (Any connect) enabled on it as well as IPSEC. When a user logs in using IPSEC client they stay connected no issue. IF you connect using Any Connect it will disconnect you after exactly 10 minutes. Never a second more or less. I ran some “debug webvpn” and the disconnect looks to be a planned event and reports no error it just sends the disconnect command. However, if you watch the buildup you get the following message from Debug.
003960: Jun 7 09:09:06.833 NewYork:
003961: Jun 7 09:09:06.833 NewYork:
003962: Jun 7 09:09:06.833 NewYork: [WV-TUNL-EVT]:[3318C168] CSTP Version recd , using 1
003963: Jun 7 09:09:06.833 NewYork: [WV-TUNL-EVT]:[3318C168] Allocating IP 172.18.249.50 from address-pool IPRange1
003964: Jun 7 09:09:06.833 NewYork: [WV-TUNL-EVT]:[3318C168] Using new allocated IP 172.18.249.50 255.255.255.255
003965: Jun 7 09:09:06.833 NewYork: [WV-TUNL-EVT]:[3318C168] Full Tunnel CONNECT request processed, HTTP reply created
[code]....
The highlighted entry is a session timeout set for exactly 10 minutes. I cannot find how to change, remove, or modify this setting. Google has failed me in my ability to find this timeout setting.
Have a cisco router 1921 ,version 15.0,configuration register is 0x2102 and did not remember the password try to solve by GW-RTR>confreg 0x2142 give error translating "confreg"....domain server (196.46.100.2) (196.46.104.2) %Bad IP address or host name translating "confreg"....domain server (196.46.100.2) (196.46.104.2) %Unknown command or computer name, or unable to find computer address also tried this GW-RTR>confreg 0x2102 give error translating "confreg"....domain server (196.46.100.2) (196.46.104.2) %Bad IP address or host name translating "confreg"....domain server (196.46.100.2) (196.46.104.2) %Unknown command or computer name, or unable to find computer address what are the way forward to get to default settings?
View 2 Replies View RelatedI have recently configured a cisco 1921 router for internal routing on my network. Here is what i am trying to accomplish:
Main network 10.65.1.0 mask 255.255.255.0- all office devies and computers.
Second network 10.65.2.0 mask 255.255.255.0 - All plant equipment machinery and production lines
i have configure gig 0/0 for my company network and gig 0/1 for my plant network. I can ping the router from both networks but am unable to route traffic betwenn them. what am i missing?
i'm having some trouble setting up the correct NAT configuration of a Cisco 1921 router. The NAT is not working as I want - I think my configuration is wrong somewhere. All clients in 172.16.0.0/24 have the correct outgoing address of 1.1.1.3. But the NAT for 10.10.0.4 (and 10.10.0.5, 10.10.0.6) is partially broken: Ping and ssh from the outside world to 1.1.1.4 is "natted" to 10.10.0.4 and works as expected. But from inside (172.16.0.0/24) ssh to 1.1.1.4 should be "natted" to 10.10.0.4, but doesn't work (ping works). ssh from 172.16.0.0/24 to 10.10.0.4 (without doing NAT) works.
network design:
===============
172.16.0.0/16: network for normal use
192.168.64.0/24: network for specific clients and servers
[Code].....
I am trying to stack the following -
3750G 12S - 12.2.53(SE2 IP Services) Running EIGRP & OSPF
with
3x 3750X 48P-S - 12.2.53(SE2 IP Base License)
Doing some research, the IP Base does EIGRP on the 3750X, does it do OSPF?
If not I will have to get licence for the 3750X?