Management of integrated AP in Cisco Router 887

Hello!
I have a Cisco Router 887 here, with an integrated AP. This AP is a separate device in the router, with its own software, config, etc.
My problem I can't get the remote management of this AP to work (I'd prefer CLI, which means via SSH).
The router has a separate interface to communicate/manage with the AP:
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan100
arp timeout 0
interface Vlan100
ip address 172.22.2.1 255.255.255.0
After this initial configuration, I can login to the AP *via the router* by issuing this command:
wlan service-module wlan-ap 0 session
When I'm on the router via console, this works! But when I'm on the router via SSH, it won't work:
router#connect 172.22.2.1 2002
Trying 172.22.2.1, 2002 ...
% Connections to that host not permitted from this terminal
I'd like to configure the access to work via an SSH-session also!
My line-configs are as follows:
line con 0
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
line vty 0 4
access-class VTY.TRUSTED in
exec-timeout 120 0
transport input ssh
I tried to remove the access-class and allow every protocol (transport input all), but it didn't change it. How can I make this access to work? How can I find out what is preventing it?
*Note: The rest of this posting covers technically a different problem! I would be very happy if i had at least an answer to one of the given problems!
After failing to achieve this, I tried to tackle the problem differently. This time by configuring an IP-Adress on the AP itself, to SSH directly to it. But I also couldn't get this to work!
There is an internal data-connection between router and the integrated AP:
router:
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
no ip address
AP:
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.100
encapsulation dot1Q 100
bridge-group 100
bridge-group 100 spanning-disabled
no bridge-group 100 source-learning
interface BVI100
ip address 172.22.2.5 255.255.255.0
bridge 100 route ip
The problem here is: I can't get the IP from BVI100 to work correctly in VLAN100. That is, I can't reach it anywhere from VLAN100. This happens in spite of the fact that the SSID (config not shown, it's a Dot11Radio0.100 subinterface with the corresponding bridge-group 100 attached) works perfectly fine.
In my tests I found if I configure the IP in BVI1 (Vlan1), it's reachable. Just in this case the VLAN 1 is not the VLAN I'd like the management IP to be.
Is there some additional bridge-group config missing? I wouldn't know which, as I see no difference to bridge-group 1, where it would work. The only difference is that VLAN 1 is bridged natively via the internal data-link, whereas VLAN 100 is tagged. As I said, WLAN over these SSIDs/VLANs works as expected.
Thanks,
Florian

OK thanks, I will look into that.
Do you perhaps also have an idea why I can't connect via the internal console port, if I have connected to the router previously via VTY?
router#wlan service-module wlan-ap 0 session
router#connect 172.22.2.1 2002
Trying 172.22.2.1, 2002 ...
% Connections to that host not permitted from this terminal
Thanks,
Florian

Similar Messages

Cisco CP Is not Run Cisco Router 887

Hi,
I have installed CCP in my PC Windows 7 for best administration of my device Cisco Router 887, but when i open CCP, this Application say me the following.
Cisco Confguration Professional requires Adobe Flash Player 10 or adove.
I have installed Flash Player 12, but the application saying the same.
I need your help, please.
Regards

Try using Chrome or Firefox. Safari will also work.
Do not attempt to use Internet Exploder.

Enabling 4G sim on Cisco router 887 VAG - 4G

Please can someone can help me configuring Cisco 887 VAG - 4G router to enable internet through 4G (Sim Card)
Any help / advise will be appreciated.
Kind regards
AB

That is my post as well but no answer yet from any of the geek :(
I want to test 3G sim and ADSL line ------- CISCO 887. I believe there will be two different solutions.

Cisco router interface threshold

Hello,
I have a question about getting threshold information out of a specific interface. I have a customer with DSL on a cisco 887 router.
This customer has 2 different pvc's on the ATM0 interface, 2 dialer's (1 for voice, one for data) 2 vlan's (1 for voice, one for data).
What I would like is that the cisco router wil send me a message that only the voice dialer or voice vlan has exceeded it's threshold limit.
I can configure this with the "rmon alarm" command, but then it isn't specific for the voice dialer, it gives me info on both the dialers.
I also tried it with SNMP traps, but this isn't "real-time"
Does anyone know if there is a different solution to solve this?

Sorry, small mistake :-)
Heres my configuration:
event manager applet int-rate-test
event interface name Dialer1 parameter receive_rate_bps entry-op gt entry-val 110000 entry-type rate exit-op lt exit-val 50000 exit-type rate average-factor 1 poll-interval 1
snmp-server community G***** RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps license
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps flash insertion removal
snmp-server enable traps adslline
snmp-server enable traps vdsl2line
snmp-server enable traps envmon
snmp-server enable traps c3g
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps mac-notification
snmp-server enable traps energywise
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps aaa_server
snmp-server enable traps atm subif
snmp-server enable traps bfd
snmp-server enable traps memory bufferpeak
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps entity
snmp-server enable traps fru-ctrl
snmp-server enable traps resource-policy
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps mvpn
snmp-server enable traps cpu threshold
snmp-server enable traps ipsla
snmp-server enable traps syslog
snmp-server enable traps l2tun session
snmp-server enable traps l2tun pseudowire status
snmp-server enable traps vtp
snmp-server enable traps pw vc
snmp-server enable traps firewall serverstatus
snmp-server enable traps nhrp nhs
snmp-server enable traps nhrp nhc
snmp-server enable traps nhrp nhp
snmp-server enable traps nhrp quota-exceeded
snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down
snmp-server host *.*.*.30 G****
interface Dialer1
description tbv Internet KPN-lijn
ip address negotiated
ip nat outside
no ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname test-vdsl-inet
ppp chap password 7 051F031C3501580D0A095A1B050910
ppp pap sent-username test-vdsl-inet password 7 111D1C16035F1D081726662D263621
no cdp enable
When I download something from the internet it only shows the interface bandwidth usage stats every 5min. I'm not getting any event messages to my Zenoss server that a threshold has been reached or anything like that.
I have attached a file with the results.

Not able to telnet or ssh to outside interface of ASA and Cisco Router

Dear All
Please help me with following question, I have set up testing lab, but still not work.
it is Hub and spoke site to site vpn case, connection between hub and spoke is metro-E, so we are using private ip for outside interface at each site.
Hub -- Juniper SRX
Spoke One - Cisco ASA with version 9.1(5)
spoke two - Cisco router with version 12.3
site to site vpn has been successful established. Customer would like to telnet/ssh to spoke's outside ip from Hub(using Hub's outside interface as source for telnet/ssh), or vise versa. Reason for setting up like this is they wants to be able to make configuration change even when site to site vpn is down. Sound like a easy job to do, I tried for a long time, search this forum and google too, but still not work.
Now I can successfully telnet/ssh to Hub SRX's outside interface from spoke (ASA has no telnet/ssh client, tested using Cisco router).
Anyone has ever done it before, please help to share your exp. Does Cisco ASA or router even support it?
When I tested it, of cause site to site vpn still up and running.
Thanks
YK

Hello YK,
On this case on the ASA, you should have the following:
CConfiguring Management Access Over a VPN Tunnel
If your VPN tunnel terminates on one interface, but you want to manage the ASA by accessing a different interface, you can identify that interface as a management-access interface. For example, if you enter the ASA from the outside interface, this feature lets you connect to the inside interface using ASDM, SSH, Telnet, or SNMP; or you can ping the inside interface when entering from the outside interface. Management access is available via the following VPN tunnel types: IPsec clients, IPsec LAN-to-LAN, and the AnyConnect SSL VPN client.
To specify an interface as a mangement-only interface, enter the following command:
hostname(config)# management access management_interface
where management_interface specifies the name of the management interface you want to access when entering the security appliance from another interface.
You can define only one management-access interface
Also make sure you have the pertinent configuration for SSH, telnet, ASDM and SNMP(if required), for a quick test you can enable on your lab Test:
SSH
- ssh 0 0 outside
- aaa authentication ssh console LOCAL
- Make sure you have a default RSA key, or create a new one either ways, with this command:
*crypto key generate rsa modulus 2048
Telnet
- telnet 0 0 outside
- aaa authentication telnet console LOCAL
Afterwards, if this works you can define the subnets that should be permitted.
On the router:
!--- Step 1: Configure the hostname if you have not previously done so.
hostname Router
!--- aaa new-model causes the local username and password on the router
!--- to be used in the absence of other AAA statements.
aaa new-model
username cisco password 0 cisco
!--- Step 2: Configure the router's DNS domain.
ip domain-name yourdomain.com
!--- Step 3: Generate an SSH key to be used with SSH.
crypto key generate rsa
ip ssh time-out 60
ip ssh authentication-retries 3
!--- Step 4: By default the vtys' transport is Telnet. In this case,
!--- Telnet and SSH is supported with transport input all
line vty 0 4
transport input All
*!--- Instead of aaa new-model, the login local command may be used.
no aaa new-model
line vty 0 4
login local
Let me know how it works out!
Please don't forget to Rate and mark as correct the helpful Post!
David Castro,
Regards,

Connecting to NME-IPS results in connecting to cisco router itself

Suddenly, without any clear reason, I cannot access the NME-IPS in my router.
Instead it connects to the router console.
The IP address is also pingable.
Output:
gateway#service-module IDS-Sensor 1/0 status
Service Module is Cisco IDS-Sensor1/0
Service Module supports session via TTY line 66
Service Module is in Steady state
Service Module heartbeat-reset is enabled
Getting status from the Service Module, please wait..
Cisco Systems Intrusion Prevention System Network Module
Software version: 7.0(6)E4
Model:             NME-IPS
Memory:            443504 KB
Mgmt IP addr:      192.168.11.99
Mgmt web ports:    443
Mgmt TLS enabled: true
gateway#service-module IDS-Sensor 1/0 session
Trying 192.168.11.99, 2066 ... Open
C
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
User Access Verification
Username:

If IME is not connecting, is it giving you some sort of error?
Do you have ASDM launcher loaded? if so, does it also fail to connect?
When you launch IME are you prompted for a password, is that failing on the password entry or does it simply fail to connect to the device?
I have not been able to access my NME via https either, I get a Java error, but I pretty much always use Cisco IME to access my NME module so I have not chased down the Java issue.

Enrolling Cisco Router as Sub CA to Win2k8 offline CA

Hi all,
I'm after some help and guidance on the process of enrolling a Cisco Router as a Subordinate CA to an existing Windows 2008 Standalone Root CA. Due to the security policies in place on the customer account, the Root cannot be attached to the network, therefore all requests have to submitted and issued manually.
Can anyone point me in the right direction? Should I be trying to create a Certificate Request File (CSR) on the router itself or should I just go for something like OpenSSL to generate the request? I have currently tried both of these ways. If I generate a CSR on the router, the Windows CA doesn't seem to want to issue a certificate as a "SubCA" certificate. Using a combination of a different windows server and OpenSSL I have managed to get a Sub CA certificate issued, but cannot get the certificate or private key file imported onto the router.
Any information on this process would be much appreciated,
Cheers
J

Just for completeness - we have bee advised by Cisco that "Enrollment terminal" is not supported when creating Subordinate CA's...

Can WAE be integrated with non-cisco devices?

So far, all documentation that I read, WAE is used in conjunction with Cisco devices. Can WAE be integrated with non-cisco devices?
I guess, In-line mode should work ok, but how about off-path mode? An example or link will be appreciated.
Thanks!
Joe

Hi Joe,
It should be possible to use WAAS with non-cisco routers, as long as they support WCCP.
There are no documents on this because, the configuration from WAAS point of view would be the same, and the router configuration would depend on the vendor.
Regards
Daniel

Changing Wireless Channel on CISCO Router

How do I change the wireless channel on a CISCO 1811W (MPC8500) router? Currently it is channel 10 and I prefer to change it to channel 1 to reduce interference with microwave oven. I have already replaced the standard antenna with 7dBi high gain antenna.
Out of 12 wireless clients about 3 are being dropped whenever microwave oven is turned on. These clients have Linksys WMP54G Wireless G PCI adapters. Other client computers are notebooks with builtin wireless adapters and desktops with Belkin, TRENDnet, or Motorola Wireless PCI or USB adapters.
All computers are within about 60'-80' radius from the CISCO wireless router and are about 20' away from the microwave oven. Any suggestions?
Thanks.
N Murugesan
[email protected]

I tried in SDM and could not find a way to change radio channel.
How do I invoke command line interface (CLI)? I found the following from Cisco Wireless ISR and HWIC Access Point Configuration Guide.
Configuring Radio Channel Settings
Step 1          configure terminal                     - enter global configuration mode
Step 2          interface dot11radio 0                   - enter interface configuration mode for the radio interface. The 2.4 GHz radio is radio 0, and 5 GHz is 1.
Step 3           channel frequency | least-congested - set the default channel for the wireless radio - Channel 1 2412 MHz, Ch 2 2417, Ch 3 2422, etc.
                                                                      - To search for the least-congested channel on startup, enter least-congested
Step 4          end                                        - return to privileged EXEC mode
Step 5          copy running-config startup-config          -(optional) save your entries in the configuration file.
I need help to enter into the privileged EXEC mode. Once I type https://10.10.10.1 (router IP) I get a login screen (Level_15 or view access). Once I enter User Id and Password I get Cisco Router and Security Device Manager (SDM) that has Home, Configure, and Monitor tabs.
Configure - Interfaces & Connections - Edit Interfaces & Connections - DOT11Radio0 shows status as Up; but does not allow me to change anything. Neither channel nor frequency is displayed.
So I not sure how to use SDM to change the default channel.
I will appreciate any help in this regard.
N Murugesan
[email protected]

Cisco Router 2901,voice bundle 4FXO

Need Cisco Part no. for Cisco Router 2901,voice bundle 4FXO
email me [email protected]

Flavio,
It looks like you are missing the "ccm-manager mgcp" command in the global configuration mode.
To enable the gateway to communicate with Cisco CallManager through the Media Gateway Control Protocol (MGCP) and to supply redundant control agent services, use the ccm-manager mgcp command in global configuration mode.
http://www.cisco.com/en/US/docs/ios/12_3t/voice/command/reference/vrht_c4_ps5207_TSD_Products_Command_Reference_Chapter.html#wp1072910
Do a mgcp / no mgcp once its added. Make sure that the domain name on cucm is the same as it appears in the 'show ccm-manager' output on the gateway. If the issue persists, please post show tech as requested earlier.
HTH
Manish

Cisco router 877M capability to use Unified Communications technology?

Hi all,
Can Cisco router 877M have the features or capability to use VOIP or Unified Communications technology?
Cheers,

Hi Tai,
You may want to take a look at the 2800 series routers. There are bundles to support the number of users you currently have.
If you were to install a 2800 series at your headquarters your remote sites could VPN to headquarters and receive their phone service from headquarters.
Doing this will eliminate any toll charges for calls between the offices.
There is the need to maintain connections to the PSTN in case you lose your WAN connection you will maintain telephony services utilizing the PSTN.
At your remote sites you may want to consider the 880 series routers which have a provision for Survivable remote site telephony (SRST).
This feature allows the router at the remote site to maintain call management if the remote site loses the WAN connection to headquarters.
These calls would then be automatically routed through the PSTN until the WAN connection is restored.
The savings from eliminating charges for calls between your sites may justify the purchase of the new technology.
I would suggest you do a cost study to see how much you spend monthly on calls between the offices.
Hope this helps.
Mark

Does anyone configure cisco router with MGCP to link Call agent Clarent ?

hi,
We require to configure As5300 with MGCP to link Clarent call agent. Does anyone have cisco router configuration ?
thanks.
best regards.
fred.

Below is the sample configuration for the 5300 to Call-Agent. This is also dependant on which package is configured on the call-agent so we can configure it accordingly. Hope this helps.
version 12.3
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
hostname AS5300-5
boot system tftp c5300-is-mz.123-2.T1 171.68.191.135
logging buffered 100000 debugging
enable password xxxx
backhaul-session-manager
set bh5300-vsc1 client nft
group bhgrp1 set bh5300-vsc1
session group bhgrp1 172.16.20.35 7007 172.16.20.28 7007 0
isdn switch-type primary-ni
isdn voice-call-failure 0
no scripting tcl init
no scripting tcl encdir
voice call carrier capacity active
voice class codec 1
codec preference 1 g723r63
codec preference 2 g711ulaw
no voice hpi capture buffer
no voice hpi capture destination
dial-control-mib retain-timer 240
dial-control-mib max-size 600
controller T1 0
framing esf
clock source line primary
linecode b8zs
pri-group timeslots 1-24 service mgcp
controller T1 1
framing esf
clock source line secondary 1
linecode b8zs
ds0-group 0 timeslots 1-24 type none service mgcp
controller T1 2
framing esf
clock source line secondary 2
linecode b8zs
controller T1 3
framing esf
clock source line secondary 3
linecode b8zs
interface Ethernet0
no ip address
no ip mroute-cache
shutdown
interface Serial0
no ip address
no ip mroute-cache
shutdown
clockrate 2015232
no fair-queue
interface Serial1
no ip address
no ip mroute-cache
shutdown
clockrate 2015232
no fair-queue
interface Serial2
no ip address
no ip mroute-cache
shutdown
clockrate 2015232
no fair-queue
interface Serial3
no ip address
no ip mroute-cache
shutdown
clockrate 2015232
no fair-queue
interface Serial0:23
no ip address
isdn switch-type primary-ni
isdn bind-l3 backhaul bh5300-vsc1
no cdp enable
interface FastEthernet0
ip address 172.16.20.28 255.255.255.192
no ip mroute-cache
duplex full
speed auto
no cdp enable
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.20.1
no ip http server
radius-server host 172.21.59.165 auth-port 1645 acct-port 1646
radius-server key xxxxxxxx
radius-server vsa send accounting
voice-port 0:23
voice-port 1:0
mgcp
mgcp call-agent 172.16.20.35 2427 service-type mgcp version 0.1
mgcp quarantine mode loop
mgcp package-capability dtmf-package
mgcp package-capability rtp-package
mgcp package-capability as-package
mgcp default-package gm-package
mgcp profile default
timeout tsmax 100
no max1 lookup
dial-peer cor custom

IPSec ikev2 between ASA and Cisco Router

Hi,
i try to do IPSec with ikev2 (SHA2) between ASA and Cisco Router, without success. Any one can help me ?
- Remote site (Router) with dynamic public IP -> Dynamic crypto map on the ASA
- Authentication with Certificats
- integrity sha2
I try a lot of configurations without success.
Thanks for your help.
Mic

The more secure ike policy should have the higher priority which is a smaller number. So I would configure there the following way (policy 30 only if really needed):
crypto ikev1 policy 10
authentication pre-share
encryption aes-256
hash sha
group 5
lifetime 28800
crypto ikev1 policy 20
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 28800
crypto ikev1 policy 30
authentication pre-share
encryption aes
hash sha
group 2
lifetime 43200
The Cisco VPN Client is EOL and not supported any longer. And yes, by default DH group 2 is used. But that can be configured by a parameter in the PCF-file.
There are two (three) better options:
Best option with very little needed configuration:
Move to AnyConnect with TLS. AnyConnect is the actual Cisco client that is also supported with Windows 8.x. The legacy IPsec client isn't.
Best option with a little stronger crypto but more configuration:
Move to AnyConnect with IPsec/IKEv2.
Move to a third-party client like shrew.net. I didn't use that client since a couple of years any more, but it's quite flexible and also has a config for a better DH-group.
For option 1) and 2) there is an extra license needed, but thats not very expensive.

Vlans and cisco router

I have a netgear managed switch and a cisco 1750 router. I would like to set up 2 vlans. the first one is a wan, with a residential cable model connected to it. the other vlan is for my private lan. I will then have the cisco router connected to one port on the switch set up as a trunk. I'm no pro, but from what I've read so far, it should work that way, right? the part I need help with is setting up the cisco router as a gateway and dns proxy, accepting the dynamic ip, gateway, and dns addresses from the cable modem.
I did see this http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Getting%20Started%20with%20LANs&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddcef50
router in a stick *write that down* so my setup should work if I can figure out the router configuration. a good online tutorial or something would be helpful for this. I have plenty of cisco books, but maybe something for dummies would help me get started, before digging into the tough stuff.

In order to set up inter vlan routing or a "router on a stick" with a netgear switch you will need a router that supports IEEE 802.1q VLAN Support.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t1/8021q.htm#28767
On the router interface that is "trunked" to the switch you will need to have a configuration that looks like the what I have below.
Router(config)#interface FastEthernet0/1.1
Router(config-subif)#encapsulation dot1Q 1 native
Router(config-subif)#ip address 10.xx.xx.16 255.255.255.xxx
Router(config-subif)#interface FastEthernet0/1.2
Router(config-subif)#encapsulation dot1Q 2
Router(config-subif)#ip address 10.xx.xx.130 255.255.255.xxx
The sub-interface 1."2" corresponds to the vlan id on the trunk. In this case the .2 is vlan 2.
I have attahced a link that exlains the intricate details on inter vlan routing below:
http://www.cisco.com/warp/public/473/50.shtml
Lastly you may want to check the Cisco IOS feature Navigator. I was looking at it and I did not see that the 1750 has IEEE 802.1q VLAN Support. It looks like the 1751 is the first platform in the 1700 series that does.

Can Apple OSX server replace my Cisco router?

I run a small business. I have 5 computers (windows) & a network printer. I have a Cisco router routing internet access to all of these computers. The router is connected to a T-1. The T-1 is to the ISP.
What I want to do is use and apple computer with OSX server to route the internet to these computer. I also want to only allow certain websites to be accessed through the server. I may also set up a VPN. May also host a website.
Can I do all this with OSX server? How difficult is it?
Thanks
Ray

So based on what you are telling me...
- "limited knowledge when it comes to servers and cisco routers...."
- "the cisco has been up and running for a looong time without any problems"
I would not recommend you change to OS X Server as your NAT router.
To fully manage NAT on OS X Server, you need to do command-line editing for port mapping. Even with experience, I would prefer to leave that function to the router.
I've had good luck with linksys when it comes to basic routing requirements. I'm not sure what trouble you had in the past, but for me they've been very stable and great bang for the buck.
If you would like to block specific sites, for < $100 this router will provide NAT and a pretty decent set of firewall features:
<a class="jive-link-external-small" href="http://">http://www.linksys.com/servlet/Satellite?childpagename=US%2FLayo ut&packedargs=c%3DLProductC2%26cid%3D1130276636538&pagename=Linksys%2FCommon%2FVisitorWrapper
If that link doesn't work, it's model# BEFSX41
Jeff

Management of integrated AP in Cisco Router 887

Similar Messages

Maybe you are looking for