I have two sites linked by fibre a few miles apart, site A is on a 10.0.0.0 range, site B is on a 192.0.0.0 range, at site b there is a firewall with 2 cards, Site A also has a firewall, it external is poiting to the internet at site B, so basically site A get it internet from site Bs internet. Now they have decided that site A needs to be able to have access to one sql server at site B, how can this be achieved without allowing all traffic across the link, as, for example, both sites have their own DHCP for and cannot have site A giving out IPs to site B, so its a bitmore complicated than just linking the two can it be as simple as a masquerading rule at site B, with a second card in the sql server or 3 VLANs at site B (one for site b one for site a and one for the external internet, with site As traffic tagged), idk i cant get my head around it.
I followed the instructions in the manual for checking and changing the MTU on the router. It didn't have any effect. When I take the router out of the system and go directly to the modem, I can get the sites.
I have just started using D-Link 655 router and ATT DSL connection at home. There is an internet signal. Skype is working. But I can't open any sites. Ie tried typing hotmail, Google, anything - sites do not open. Ive tried to plug in the Ethernet cable directly into my laptop and I get the same result sites don open.
I have dir655 Hardware Ver B1 Firmware Version: 2.10NA.Comcast Motorola cable modem surfboard SB5101. The problem started happening a couple of days ago. When my computer is hooked up to the cable model directly, i am able to connect to outlook.com just fine but when i go through my router, it can't connect to the site. I played with MTU (lower it by 10) all the way to 1300 but it didn't work.The problem started happening all the sudden without any changes in the cable modem, router or my computer.
I also tried cloning MAC address from my pc but didn't work.I also tried turn off both modem and router, wait 2 minutes, start modem, wait for all lights to come up and start the router.Sites i can't connect are: outlook.com, starcraft2, Comcast, eBay, Facebook.One thing that i noticed weird is that i am able to connect to cnn.com using IE9 just fine but ping shows: [code]
MY ISP installed one router in my lab.for internet connectivity they mail me steps :connect your Laptop directly to gi0/3 port to check internet connectivity with public ip 1.1.1.x and Gateway 22.214.171.124 with subnet mask 255.255.255.240 after connection I surprised because I am able to access only google sites like gmail,google search etc. but I am able to ping/traceroute all sites.from browser I am able to access only google sites only.In Router no firewall no such access list.
So I can't seem to access ANY site related to my university (www.concordia.ca) anymore from my home network. I've tried to visit URL or any of its' sister sites from my desktop, my laptop, my iTouch, even my ps3, I've also tried cross-browsing to no avail. I've checked the router page, apparently my Hardware Version is B1 and my Firmware Version is 2.00NA. Access Control is unchecked and there are no sites at all listed under Website Filter. I've also tried resetting using the reset-hole and also by pulling off the power chord. Also did a factory-reset from the router page, the problem persists despite all of that.Every other site works just fine, it's just my university site that refuses to load up. I've browsed the last 7-8 pages of this forum, this doesn't seem to be a common problem based on that little sample. So what gives exactly? I used to be able to visit those sites just fine prior to few days ago.
I have fiber optic net, going into a TP Link 1043 ND router out in my garage.All of the 4 lan ports go into one of the rooms in the house. I also have two more routers of the same kind, one downstairs and one upstairs.They are configured in a way, that DHCP server is only turned on, on the one in the garage, the other two act as switches.My problem is that 50 % of the time I can't acces facebook, and some other random sites.The interesting bit is that when I chat with someone on FB, I can see what they write, but my message doesn't go through.The way it goes, is that I can browse on facebook for like 5 minutes, after that its unavailable for another 5 minutes.I can still access the site from my smartphone, but only if its not connected to the wifi network, meaning the problem is somewhere within my setup.I've already tried turning the router firewall off, but that doesn't make any difference.
I need to restrict access or rather, block altogether if i can, access of one of the computers on my local wireless network, to online multi-player gaming sites, in particular Age of Empires and Voobly.com, which also uses a messenger type program for them to chat.I've searched and searched online, but alas, have come up with nothing that i understand. I've tried doing the block ports thing, but am unsure if what i've been doing is right. I have blocked Voobly.com under domain and URL settings via the router admin page, but for some reason, it only seems to be denied on my computer. I even went so far as to register and download relevant programs to my computer, for Voobly, so i could see if the blocking worked. Seems it's only my computer that's blocked, i didn't specify ip or mac addresses.I am unable to get on the other computer as it's not mine, and it's also password locked. I don't know the password
We are having two sites seperated by half a mile and we are using dedicated 100 Meg link at the moment for intranet traffic, and now we got new 1 gig link and I am working to set it up, Service Provider came on site installed two circuits on both sites and fiber connectivity is tested succesfully betweeen sites, now I need to connect the circuits to our network and make the 1 gig link active to make traffic flow between sites and as well bring 100 meg as standby.
So to brief the issue:
Connectivity at the moment SiteA: Switch1(3560)------100Meg--------.SiteB: Switch 2(3560)
I Want to configure SiteA: Switch 3(4507)------1gig (Active)--------.SiteB: Switch 4(3560) SiteA: Switch1(3560)------100Meg(Standby)--------.SiteB: Switch 2(3560)
simple as connecting a fiber or ethernet link from external circuit on both sites to respective switches on their interfaces and configuring hsrp to enable redundancy. A
i have a adsl modem tp link td 8840, and i had this up and running well for about 3 days. then we decided to get a router cause my little sis got a ipad2.the router is dlink dir 61.so basically i followed all the instructions and the internet was working fine.then for some reason ign site stopped working, i thought that it was down for some reason and didn't think much of it and today when i tryed to go into hotmail or facebook it doesn't work either. so i can get into the log in pages of both, but when i put in the id and password, the screen goes blank and just says waiting for .... on the bottom (using google chrome).and it never loads.i tryed with other internet browsers and it din't work so i took out the router and re wired the adsl modem only and voila. all the sites started working again.i want to use my router but i don't know why i can't acess some sites when i have it connected.
Region : UnitedKingdom Model : TD-W8960N Hardware Version : V4 Firmware Version : 1.4.0 Build 111130 Rel.55990n ISP : DEMON
I'm using parental controls to block all devices in the house from using tumblr. I cannot do this at a device by device level as it is being used on iphones/androids, laptops and desktops.Unfortunately, the way that tumblr works is that it use many URLs for the different pages people set up so it is not just a case of blocking url... - so I'm struggling to work out if I can do this via URL blocking on the router settings. How to do this at router level.
I'm trying to set up a website filter on my DIR-601. I created a policy for 2 MAC addresses, with a schedule from 10AM-6PM, selected "Block some websites", and disabled logging. Under website filter, I added some entries, and selected "DENY computers access to ONLY these sites". When the policy is enabled, and I try to access one of the blocked websites, it gets blocked correctly ("The URL access was denied by administrator.") However, for all other websites, I get "server unexpectedly dropped the connection" errors, eg "Safari can�t open the page [URL] because the server unexpectedly dropped the connection. This sometimes occurs when the server is busy. Wait for a few minutes, and then try again." or in Chrome "No data received. Unable to load the webpage because the server sent no data." This happens with ALL non-blocked websites. I'm using hardware version A1, firmware version 1.01NA.
I have a trouble to implement dynamic QoS between two sites (Site A, and site B) across low speed WAN link (512k). On each site I have Cisco 1921 router. Most important app is Oracle. Because of slow speed WAN links, I want to avoid exact bandwith reservation for Oracle. I only reserve 5% bandwith for network control(icmp, ssh, telnet...) and want configure next Qos scenario:
1. If Oracle traffic exist on a network, it must have 70% of link speed guaranteed, all other apps (e.g mail, file share, ftp) use rest of the bandwith.
2. If there isn't Oracle traffic on a network, all other apps can use all available bandwith.
Issue descrtption:I used all Cisco guides, but when I implemented this on production it simply didn't work. There is no any significant improvement after implementing this (when I start network file sharing accross wan link, Oracle becomes etremly slow.).Here is configuration wich I trying to implement:
ACL-s and class-maps used to mark traffic:
access-list 119 remark ###QoS-MGMT### access-list 119 permit tcp any any eq 22 access-list 119 permit tcp any any eq telnet access-list 119 permit icmp any any access-list 120 remark ###QoS-DB_ORA###
Region : UnitedKingdom Model : TD-W8961ND Hardware Version : Not Clear Firmware Version : ISP : Solwise (Plusnet really though)
We need to replace the old modem for a small hotel, at the same time we are trying to expand the open (and free) public wifi that we currently offer in the bar area. Before our current modem/router went *PFFFT*, we had managed to get quite decent coverage using the 5 TP repeaters (TL-WA830RE) - but it was ALOT of work. Now we're hoping to replace with a TP modem to make the wifi setup easier.We also have 3 pc's, two wired and one wireless, that are for hotel use. We would like to keep these as separate and as safe as possible from the guest wireless, and i have been told VLAN is the best way to go.So, from what i have read on its spec's, the TD-W8961ND has both VLAN and QoS (which we would also like). It is also well within our price range.Given the setup we wish to implement, is the W8961ND the right idea? What considerations do i need to be bearing in mind for setup?
I buy this model is QOS, I just read a lot of DIR-655 streamengine article, it's hardware-base QOS router, can operate under heavy p2p application, it's why I am here.The wireless Client is ACER AS1810TZ laptop, the wireless card is Intel wifi link 1000, I have already disable power saving option. AS1810TZ worked fine with my old 802.11G router linksys WRT54GS and Buffalo WRH-HP-54G.The dir 655 seems fine when I just surfing web and download some files with IE, but when I check the statistics, I see a lot of wireless error and tx packet/ rx packet dropped, the percent I calculate is about 0.5%, I am wondering if it's normal phenomenal?When I download several bit torrent files With XUNLEI simultaneously, total 6 files, after 3 minutes, lot of session be created, the router slow down the download and finally crashed, wan be reset and wireless connection lost. router can recover after 1 minutes and try to continue the BT download again, but failed again. [code]
We have a L3 gig link between 2 locations (6513 <-->4507). Each location got its own addressing scheme and vlan interfaces on the edge switches.For our new exchange servers, I received a requirement on having the possibility of single vlan at both locatons. so that the all the replicaton traffic between both location servers (Prod/DR). Ex: Create a new vlan at 6500 site with an addressing scheme 192.168.100.x and having the same addressing scheme vlan stretched over the L3 link to 4500. The link is not MPLS. I read few posts in the forum and seems it is possible if we have MPLS. OSPF is the routing protocol.
Region : Netherlands Model : TL-WR1043ND Hardware Version : v1 Firmware Version : V1_120405 ISP : UPC
After buying and installing i get no wlan/wifi connection.I do have internet by ethernet, the laptops and ipad sees the wlan/wifi but get no connection? Resetting re-installing manualy or with the wizard doesn't work.
we got a dark fiber betwwen two sites away from each other 30 Km,i need to connect this sites acts as backup dc to main dc in main site using cisco 4900 Switches in BK-DC anf 6513 in the main site,how can i verfiy if this fiber oparates as L2 and i can extend vlan servers,is it via "sh cdp neigh" and "sh vlan br"?
I've turned up a new layer 2 WAN link between two data centres and i'm having some trouble trying to logically figure out how things should be configured.As you can see from the diagram i've created, I have the link connected on port 13 on one switch and port 14 on the other. Both ports have an IP address assigned to them and they can both ping each other..
The problem comes when I need to add routes in order to get traffic flowing over the link.I added an IP address to switch 2 on the link interface (port 14) as: 192.168.4.10
I then added an IP address to switch 1 on the link interface (port 13) as:
When I tried to add 192.168.3.10, it said "192.168.3.0 overlaps with VLAN2626". This would be correct as Vlan 2626 has an IP address of 192.168.3.15.
However, if I remove the IP address from vlan 2626 and add 192.168.3.10 to vlan 2 (the link port VLAN), I would surely lose remote access to the switch. (I'm telnetting into the switch from a machine on vlan 2626).
I started to tinker with this by manually adding a route to a server in each location and seeing if I could get traffic to flow:
On server 1: route add 192.168.4.0 MASK 255.255.255.0 192.168.1.10 METRIC 1 On server 2: route add 192.168.1.0 MASK 255.255.255.0 192.168.4.10 METRIC 1
If I try to tracert 192.168.1.20 from server 2, the first hop is the default gateway instead of 192.168.4.10.
The ultimate goal is to add the static routes to the Layer 3 router/firewall, but before I do that, I need to be sure of what to add to that router (It's a manged firewall from the data centre, so I don't have access to it and I need to raise firewall change requests to get the work done, so want to ensure it's right first time.
I have pair of 5596 switches in vPC. One host say "HOST A" is connected to the primary vPC peer and other "HOST B" on secondary vPC peer.Both are in same VLAN 10. Both hosts are vpc orphan ports as their NIC is configured in active/standby mode.I have configured span session on both vPC peers with span source as VLAN 10 in rx mode.Span destination is connected to secondary vPC peer. The issue here is that I am not able to capture the traffic originating from HOST A destined to HOST B which is traversing vPC peer-link.Same issue occurs for the traffic in reverse way and span destination on primary vPC peer. In a nutshell, any traffic which crosses vPC peer-link is not getting captured.
What could be the issue and is there any solution for it. Below mentioned is the span config and relevant interfaces. [code]
We are trying to config vlan 10 for data and vlan 20 for voice on the same port - port 1 of swtich SF300-24P to run both data and voice on different vlans.Do I have to add vlan 10 as an untagged vlan to port 1 and add vlan 20 as an tagged vlan to port 1?If I do not want to assign the native vlan 1 to port 1, how can I remove it ? The GUI page - assign VLAN to port does not allow to remove it.Aslo, what mode shall I set up on port 1? General, trunk or access ?
How do I submit an RFE (Request For Enhancement) to the Cisco SBR team to encourage them to implement the missing support for VLAN to VLAN firewall rules that was available in the RVS4000 (See [URL]) and that was supposedly added to a beta release of the RV220W firmware (See [URL])?
Between our hosting and a customer we have an extended vlan, traveling on a fiber, between two cisco 3560 switches.The thing is, that we want to create one or more vlans inside that extended vlan, in some way if possible?
I have two networks at two sites with a dot1q trunk between the two L3 switches at both sites (no routers involved)
SITE A - Cisco 3750 L3 - VLAN ID 50 10.10.50.0/24
SITE B - Cisco 3750 L3 - VLAN ID 50 10.20.50.0/24
I would like to extend the SITE A VLAN to SITE B so that I can move hosts from SITE A to SITE B without needing to change their IP address but the vlan ID is already in use. Obviously the easy solution is to change the VLAN ID for one or other of the sites but both sites contain hosts that run 24/7. Is there a way to join two VLANs with different IDs together.So for example I create a new VLAN 60 at SITE B and associate it with VLAN 50 at SITE A.
We have 6509 VSS with FWSM Module and we have created two context on it, one is INTERNALL CONTEXT othe is EXTERNALL Context? We have spanned various VLANS in switches and FWSM context level. All VLAN Gateways are configured in context level.
Activity description : We had planned migration of these devices into a new Datacenter, it was a planned activity. During migration of devices from one Dc to a new DC we broke the VSS and kept the primary running and removed the secondary switch and migrated this secondary to new DC and powered this device ON in the new DC and checked all the config was very much fine but this device was OFF network as secondary was brought to new DC just to limit the downtime during the primary switch movement.
During the activity ( Primary switch movement )We powered off the Primary switch and mean time before shifting into new Data center We had brought up secondary switch which was already existing in the DC was put live in the network and it was working fine without any issues.
Later we had moved Primary into new data center and tried to put into VSS with the secondary , during this period the secondary device into went into RECOVERY MODE and primary device was not responding and devices went off network and immediatly we removed the VSL link and brought up primary into production network without secondary online in the network ( Without VSS just stand alone switch ) network started working, but bringing up the primary we found that some of the VLANS in the FWSM was deleted and some VLAN had misconfiguration ( example : say original VLAN ip 10.200.112.1 has become 10.300.13.1 ) also some of the access list as well as SVI was deleted making configuration mismatch.
Wanted to know while syncronization b/n primary and secondary switch in VSS if we pull out VSL link would create this type of issues.
I have set up 2 DHCP pools and 2 VLANs (1 *the native* for data / 1 VLAN for voice). When I use the command "switchport voice vlan 20" the port disapear from the show vlan brief list. When I use the "switchport access vlan 20" it shows up in the show vlan brief in the correct VLAN and gives the phone an IP. I assume that using the access instead of the voice is wrong and the phones would not configure correctly. But when I use the access the phone goes to the next step and tells me the TFTP files are not found. Why does the port disapear from the VLAN list?
I have a Netgear GSM7248R switch with 5 different Vlans including th management Vlan. Each of the vlans are connected to my layer 3 switch for routing. I want to access the management vlan form any of my Vlans so my layer two switch can be detected by my snmp manager.
I have a 3750G switch in my production network that only has VLAN 1 on it. All ports are in a default state and VLAN 1 is disabled. The switch is passing traffic but shouldn't having the default VLAN shut down cause the ports not to pass traffic? If I start to create VLANs will that cause the switch to stop passing traffic?
I'm wanting to setup a Virtual Office scenario. Everything is working fine except for 802.1x...I can get the 881 to authenticate things connected to it, but I don't have the options of guest-vlan or auth-fail vlan.Idea is if the users takes the router home and someone, either accidentally or on pupose, connects an unauthorized Laptop, they stay off the Corp network but can get to the internet still.I found this link on Cisco's site: [URL]That link shows them configuring a guest vlan right on the fa0-3 ports of an 881W. I dont have that option on mine. I can only configure 802.1x on the vlan interface. I have 802.1x working, for things that connect to vlan1, but I would like to have a "fallback" setup.