ASA5520 Routing/Subnet Configuration Help
Hi,
I'm not much of a networking guy and need some help getting my ASA5520 to play ball. The general gist is that I have 3 subnets (xxx.xxx.1.xxx,
xxx.xxx.2.xxx, and xxx.xxx.5.xxx), two of them (.1 and .2) are on ASA1 and can see each other fine. One (.5) is on ASA2 and can see .1 (ASA2's outside interface is assigned a .1.xxx IP) systems but not .2. I believe it's because ASA2 has no default route for the .2 subnet and I have no idea how I would go about getting that set up. So there's my question, how can I make the .5 subnet on ASA2 evident to systems on the .1 and .2 subnets and viice versa?
For clarification here's a rough diagram of what I currently have:
<---->xxx.xxx.001.xxx subnet<---->[ASA2]<---->xxx.xxx.005.xxx subnet--
INTERNET<-->[ASA1]-{
<---->xxx.xxx.002.xxx subnet<---->
And here's what I need:
<---->xxx.xxx.001.xxx subnet<---->
INTERNET<-->[ASA1]-{ }[ASA2]<---->xxx.xxx.005.xxx subnet--
<---->xxx.xxx.002.xxx subnet<---->
I really appreciate any help you can give me.
I got the network setup, but did not get what you are trying to do. Do you have 2 WRT54Gs there? Are you trying to turn off DHCP server of second WRT54G? A detailed information would be appreciated.
Similar Messages
-
Cisco asa 5505 with Router 881w Configuration Help
Hello all,
I'm having trouble setting up a second vlan to route to the internet. I have a Cisco ASA 5505 connected to my ISP(OUTSIDE) and a Cisco 881w (INSIDE) router in the back of my firewall. My vlan 10 with the network 192.168.5.1 255.255.255.0 works with pat, however vlan 15 that is on my 881w router does not route to the internet at all. I can only ping from 192.168.15.15 network to 192.168.5.1 I would like some advice on how can I make this set up work. Attached with this discussion is a picture of my topology.
Thanks in advance.
here are the show runs:
Cisco ASA 5505 show run:
ASA Version 8.3(1)
names
interface Vlan1
no nameif
no security-level
no ip address
interface Vlan5
mac-address xxxx.xxxx.xxxx
nameif OUTSIDE
security-level 0
ip address dhcp setroute
interface Vlan10
nameif INSIDE
security-level 100
ip address 192.168.5.1 255.255.255.0
interface Ethernet0/0
switchport access vlan 5
interface Ethernet0/1
switchport access vlan 10
interface Ethernet0/2
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
shutdown
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
object network INTERNAL_LAN
subnet 192.168.5.0 255.255.255.0
object network PRIVATE_LAN_192
subnet 192.168.15.0 255.255.255.224
description PRIVATE_LAN_192
access-list INSIDE_access_in extended permit ip any any
access-list INSIDE_access_in extended deny ip any any
access-list OUTSIDE_access_in extended permit ip any any
access-list OUTSIDE_access_in extended deny ip any any
pager lines 24
logging enable
mtu OUTSIDE 1500
mtu INSIDE 1500
ip verify reverse-path interface OUTSIDE
ip verify reverse-path interface INSIDE
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
object network INTERNAL_LAN
nat (INSIDE,OUTSIDE) dynamic interface
object network PRIVATE_LAN_192
nat (INSIDE,OUTSIDE) dynamic interface
access-group OUTSIDE_access_in in interface OUTSIDE
access-group INSIDE_access_in in interface INSIDE
route INSIDE 192.168.15.0 255.255.255.224 192.168.5.2 1
dynamic-access-policy-record DfltAccessPolicy
http server enable
dhcpd dns 8.8.8.8 75.75.76.76
dhcpd address 192.168.5.10-192.168.5.100 INSIDE
dhcpd enable INSIDE
Router 881w show run:
Current configuration : 4912 bytes
version 12.4
no ip source-route
ip dhcp excluded-address 192.168.15.1 192.168.15.10
ip dhcp pool PRIVATE_LAN
network 192.168.15.0 255.255.255.224
interface FastEthernet0
switchport trunk allowed vlan 1,15,1002-1005
switchport mode trunk
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
ip address 192.168.5.2 255.255.255.0
duplex auto
speed auto
interface wlan-ap0
description Service module interface to manage the embedded AP
no ip address
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
interface Vlan1
no ip address
interface Vlan15
ip address 192.168.15.1 255.255.255.224
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet4
no ip http server
ip http authentication local
ip http secure-serverThe cable modem does not have any configuration. I cant add any to it. Its a cisco dpc3008. From vlan 10 i have no problem to get to the internet with the above configuration. My problem is just vlan 15.
-
Need some advise / help. A client moved locations and running a Cisco 831 router, which is hooked up to a new internet connection. I have not much experience with Cisco Routing commands and the command panel. I attempted to configure the router with new ip and DNS, but still unable to get an internet connection. Wa
I have attached two configuration files - assume the changes were saved but also not sure if need to reset or reboot the Router.
Appreciate any help.
thank you!
-jonI bet you fixed the issue by this time, but it appears that the default route statement (ip route 0.0.0.0 0.0.0.0 < >) is missing in new config.
hth
MS -
Basic Internet Routing Configuration Help -- Cisco 2811
Hi everyone,
I want to start by saying that I brought a Cisco 2811 Router to use at home and to practice advanced networking with. So far, I believe I've configured everything as it should be, however, I am not getting any internet connection.
DHCP is set up and working properly, I can lease addresses without issue.
Both interfaces are configured, fe0/1 with a static IP, and fe0/0 as a DHCP client.
I have connected fe0/0 directly to the Cable modem and it acquires an IP without issue. Connecting my laptop directly into fe0/1 allows my laptop to lease an IP from the router's DHCP server. So I know everything up to there is working properly. I've set up NAT as best I can with what I know, but I am still not getting the router to provide internet access.
The following is my Router's Configuration. Does anything seem to be missing? I used Configuration Professional to set it up.
------------Begin Configuration-------------
Building configuration...
Current configuration : 2570 bytes
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Network
boot-start-marker
boot-end-marker
security authentication failure rate 10 log
security passwords min-length 6
no logging buffered
logging console critical
enable secret 5 $1$4FJS$RQUEiWuTaMOAGhVx1O1Du0
enable password 7 046F03070C291D175F40
aaa new-model
aaa authentication login local_auth local
aaa session-id common
dot11 syslog
no ip source-route
no ip routing
no ip gratuitous-arps
no ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.100.1
ip dhcp pool Network
import all
network 192.168.100.0 255.255.255.0
dns-server 4.2.2.2 4.2.2.1
lease 7
no ip bootp server
ip domain name Network
ip name-server 4.2.2.2
ip name-server 4.2.2.1
login block-for 5 attempts 5 within 1
multilink bundle-name authenticated
voice-card 0
no dspfarm
username Admin password 7 1526035D5D7C72252B3B
archive
log config
hidekeys
interface FastEthernet0/0
description $ETH-WAN$
ip address dhcp client-id FastEthernet0/0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
no ip route-cache
duplex full
speed auto
no mop enabled
interface FastEthernet0/1
ip address 192.168.100.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache
duplex full
speed auto
no mop enabled
ip forward-protocol nd
ip http server
no ip http secure-server
ip nat pool Network 192.168.100.1 192.168.100.254 netmask 255.255.255.0
ip nat inside source list 101 interface FastEthernet0/0 overload
logging trap debugging
logging facility local2
access-list 100 permit udp any any eq bootpc
access-list 101 remark INTERNET ACCESS THROUGH NAT
access-list 101 remark CCP_ACL Category=2
access-list 101 permit ip 192.168.100.0 0.0.0.255 any
dialer-list 1 protocol ip permit
snmp-server community public RO
no cdp run
control-plane
banner motd ^C Welcome! ^C
line con 0
login authentication local_auth
transport output telnet
line aux 0
exec-timeout 15 0
login authentication local_auth
transport output telnet
line vty 0 4
password 7 107D0C1A10051B1F15
login authentication local_auth
transport input telnet
scheduler allocate 20000 1000
end
------------------End Configuration-------------------
Does anything seem amiss? Thank you all in advance for your help!
JohnHi Again,
I sent
dhcp pool Network
default-router 192.168.100.1
to the router and wrote it to config. I still didn't have internet access at first, so I followed John's tip and hooked up my machine to an old Catalyst 2849G switch I had laying around. The switch has no settings, just gets an ip from the router and does its own thing. After doing so, I do now have internet access. I'm using it to post this reply in fact.
Here are the results of ipconfig /all on my Ethernet NIC on my machine before even having the switch:
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : hsd1.ut.comcast.net.
Description . . . . . . . . . . . : Intel(R) Ethernet Connection I217-LM
Physical Address. . . . . . . . . : 54-EE-75-27-6F-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7cdd:83b5:e603:127e%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.100.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, October 02, 2014 7:57:10 AM
Lease Expires . . . . . . . . . . : Thursday, October 09, 2014 7:57:10 AM
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.100.1
DHCPv6 IAID . . . . . . . . . . . : 290778741
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-B2-3D-AF-54-EE-75-27-6F-06
DNS Servers . . . . . . . . . . . : 75.75.76.76
75.75.75.75
NetBIOS over Tcpip. . . . . . . . : Enabled
It seems everything was working as it should, but I didn't have internet access and windows still reported it as an unknown network.
After hooking up my Switch, Windows reported seeing 'Network' (From my router's host name, I presume?) and once I reset the modem, I had internet access.
This was a huge learning experience and I am glad to have help from all of you. Is there anything else I can to do optimize my configurations? Also, why didn't I have internet access when directed hooked up to FastEthernet0/1 even though my machine acquired IP's and DNS info?
Here is another copy of the running config with today's changes:
---------------------Begin Configuration------------------------
Building configuration...
Current configuration : 2401 bytes
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Network
boot-start-marker
boot-end-marker
security authentication failure rate 10 log
security passwords min-length 6
logging buffered 4096
logging console critical
enable secret 5 $1$4FJS$RQUEiWuTaMOAGhVx1O1Du0
enable password 7 046F03070C291D175F40
aaa new-model
aaa authentication login local_auth local
aaa session-id common
dot11 syslog
no ip source-route
no ip gratuitous-arps
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.100.1
ip dhcp pool Network
import all
network 192.168.100.0 255.255.255.0
default-router 192.168.100.1
lease 7
no ip bootp server
ip domain name Network
login block-for 5 attempts 5 within 1
multilink bundle-name authenticated
voice-card 0
no dspfarm
username Admin password 7 1526035D5D7C72252B3B
archive
log config
hidekeys
interface FastEthernet0/0
description $ETH-WAN$
ip address dhcp client-id FastEthernet0/0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex full
speed auto
no mop enabled
interface FastEthernet0/1
ip address 192.168.100.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
duplex full
speed auto
no mop enabled
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 dhcp
ip http server
no ip http secure-server
ip nat pool Network 192.168.100.1 192.168.100.254 netmask 255.255.255.0
ip nat inside source list 10 interface FastEthernet0/0 overload
logging trap debugging
logging facility local2
access-list 10 permit 192.168.100.0 0.0.0.255
access-list 100 permit udp any any eq bootpc
dialer-list 1 protocol ip permit
snmp-server community public RO
no cdp run
control-plane
banner motd ^C Welcome! ^C
line con 0
login authentication local_auth
transport output telnet
line aux 0
exec-timeout 15 0
login authentication local_auth
transport output telnet
line vty 0 4
password 7 107D0C1A10051B1F15
login authentication local_auth
transport input telnet
scheduler allocate 20000 1000
end
--------------------------End Configuration-------------------------
Let me know if there is anything else you guys need or I should do, I'll be back after classes today. Thanks again!
-John -
Policy Based Routing and IP Helper
Can anyone help with an issue i am having with PBR and an IP Helper. I cannot get devices in the VLAN with the associated SVI to get DHCP addresses, there is no DHCP server in the VLAN so an IP Helper is used but whenever i enable PBR on the SVI, DHCP stops working. The switch is a 6506 Catalyst running Version 12.2(17d)SXB11 of IOS
The SVI config for the VLAN is as below
ip address 10.2.60.254 255.255.255.0
ip helper-address 10.10.80.200
ip helper-address 10.10.80.201
ip policy route-map ACPBR
no ip igmp snooping explicit-tracking
no ipv6 mld snooping explicit-tracking
no ipv6 mld snooping
a route map configured as follows
route-map ACPBR permit 10
match ip address ACPBR_ACL
set ip default next-hop 10.99.1.252
route-map ACPBR permit 20
set default interface Null0
and an access list as follows
ip access-list extended ACPBR_ACL
deny udp any any eq bootps log
permit ip 10.2.60.0 0.0.0.255 any
So any DHCP traffic should hit the deny command and drop back to the normal routing process, at least thats my understanding. The logs on the 6506 even show the DENY being hit, see below
list ACPBR_ACL denied udp 0.0.0.0(68) -> 255.255.255.255(67), 1 packet
Can anyone advise why this may be happening, if i add the PBR to the SVI DHCP stops working, if i remove it then it starts working so it is definately PBR doing something.
Thanks
RyanRyan,
The deny line in your ACL merely causes the DHCP traffic to be not processed in the ACPBR block 10. However, for this traffic, the processing of the route-map continues to block 20 with the set default interface Null0 command. This could be the cause of the drops you are seeing. Remember, the permit/deny in ACL here only select packets to be dealt with in the particular route-map block. However, it is the permit/deny in the route-map block header that determines whether the packet is going to be PBR-ed or normally routed.
Assuming you want to keep the DHCP traffic to be normally routed, one of ways of doing that would be:
ip access-list extended ACPBR_ACL deny udp any any eq bootps log permit ip 10.2.60.0 0.0.0.255 any!ip access-list extended ACPBR_DHCP permit udp any any eq bootps!route-map ACPBR permit 10 match ip address ACPBR_ACL set ip default next-hop 10.99.1.252!route-map ACPBR deny 15 match ip address ACPBR_DHCP!route-map ACPBR permit 20 set default interface Null0
This configuration causes the DHCP traffic to be processed in block 15, and because of the deny action in the block header, the traffic should fall back to normal routing.
While I am somewhat surprised that the PBR would affect broadcasts (it should not, and perhaps it affects only a part of the DHCP communication that does happen to be unicasted), I believe this modification of your config is worth trying.
Best regards,
Peter -
Routing for configurable material
Hello PP gurs,
I want to create Routing for Configurable Material in SAP PP-PI or PP industries. How the object dependency is defined applied ?
This requirement is for Make TO Order scenario for Configurable Material.
At present I am working with resources only.
I want to create in such away So that while creating Production order system should ask select BOM & routing.
How can I define the Super BOM & Super Routing in Order?
Is it possible to calculate cost for this kind of requirement?
Please Give your Contribution from Whatever the Questions above....
Thanks & Regards,
Bhavik Dangi.Dear,
In can explain youn w/ example
Let us say you have to manufactur CAR's(matyerial no in SAP is CAR). The coonfiguration options are - Paint, and tyre
Create a char inn CT04 as piant and tyre with value as below(data type = char)
Paint - white, red, blue and black
Tyre - Redial, Normal
Create materials like White-paint, Red-paint, Blue-paint, black-paint, Tyre-redial, tyre-Normal, Engine
Create a class in CL01 called CAR-CLASS , clas type 300 and assign the above Char to this class
Assign this class to Material CAR.
Create BOm with following items
Engine
White-paint
RED paint
Blue-paint,
black-paint,
Tyre-redial,
tyre-Normal,
Create a object dependency in CU40 type - selcetion condition to selcet red-paint material when in Sales order select paint red. and like this all others.
Selection condition for red paint is as below
Paint = 'red'
Like this for all others
Paint = 'white'
Paint = 'black'
Paint = 'blue'
Tyre = 'Normal'
Tyre = 'Redial'
Assign this object dependency to BOm items
Engine
White-paint -
>Paint = 'white'
RED paint -
>Paint = 'red'
Blue-paint, -
>Paint = 'blue'
black-paint, -
>Paint = 'black'
Tyre-redial, -
>Tyre = 'Redial'
tyre-Normal---->Tyre = 'Normal'
Now create a configuration profile
When you create a Sales order, system will pronmpt to enter the vlaues for piant and tyre
if you have selceted piant as red and tyre as normal, then the BOm will look like as below
Engine
RED paint
tyre-Normal
This is the configured BOM...what you have cretaed is supre BOM.
It is available in PP
For nmore information see blow
http://help.sap.com/saphelp_47x200/helpdata/en/92/58d455417011d189ec0000e81ddfac/frameset.htm -
1941W configuration help needed
Our Deployment Scenario:-
1941W Gigabit Ethernet 0/0 is connected to the PPOE connection of the ISP.
Gigabit Ethernet 0/1 is connected to the wired LAN
I have created 2 wireless radio Cisco_Kamran_BGN which is operating at 2.4 Ghz Devices and Cisco_Kamran_A which is operating at 5Ghz Devices.
I have created 2 VLans for the Wireless.
Vlan 10 for Cisco_Kamran_A 192.168.10.x
Vlan 11 for Cisco _Kamran_BGN 192.168.11.X
The problem is the Wireless users are not getting the IP address from the respective DHCP server which has been configured on the Router.
Can please any from the community help me and show me where I am missing the configuration.
Please find my router & ap configuration below.
Router Configuration
Router#
sh run
Building configuration...
Current configuration : 3022 bytes
! No configuration change since last restart
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Router
boot-start-marker
boot-end-marker
enable secret 5 $1$TdQt$npYeaf/W0kRElcfMggzJ31
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
no ipv6 cef
ip source-route
ip cef
ip dhcp excluded-address 192.168.1.1 192.168.1.50
ip dhcp excluded-address 192.168.10.1 192.168.10.10
ip dhcp excluded-address 192.168.11.1 192.168.11.10
ip dhcp pool DHCP
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 195.229.241.222 213.42.20.20
ip dhcp pool Cisco_Kamran_A
network 192.168.11.0 255.255.255.0
default-router 192.168.11.1
dns-server 195.229.241.222 213.42.20.20
ip dhcp pool Cisco_Kamran_BGN
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 195.225.241.222 213.42.20.20
multilink bundle-name authenticated
crypto pki token default removal timeout 0
license udi pid CISCO1941W-E/K9 sn FCZ1553C1VK
hw-module ism 0
redundancy
bridge irb
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered GigabitEthernet0/0
arp timeout 0
no mop enabled
no mop sysid
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface Wlan-GigabitEthernet0/0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
no ip address
interface Vlan1
no ip address
interface Vlan10
ip address 192.168.10.1 255.255.255.0
ip access-group DSL_ACCESSLIST in
ip nat inside
ip virtual-reassembly in
interface Vlan11
ip address 192.168.11.1 255.255.255.0
ip access-group DSL_ACCESSLIST in
ip nat inside
ip virtual-reassembly in
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
ppp authentication pap callin
ppp pap sent-username xxxxxx password 0 xxxxxx
ppp ipcp route default
ip forward-protocol nd
no ip http server
no ip http secure-server
ip nat inside source list DSL_ACCESSLIST interface Dialer1 overload
ip access-list extended DSL_ACCESSLIST
permit ip 192.168.0.0 0.0.255.255 any
control-plane
line con 0
password xxxxxx
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
password xxxxxx
login
transport input all
scheduler allocate 20000 1000
end
Router#
Router#
Router#
Access Point Configuration
ap#
ap#
ap#
sh run
Building configuration...
Current configuration : 2603 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap
enable secret 5 $1$JxdQ$a2/00bWJuhUKP9QLC94YD/
no aaa new-model
dot11 syslog
dot11 ssid Cisco_Kamran_A
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 1045081417161C5A555C7A7B
dot11 ssid Cisco_Kamran_BGN
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 020D05561907017015165949
username Cisco password 7 14341B180F0B
bridge irb
interface Dot11Radio0
description 802.11bgn radio
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
broadcast-key change 3600
ssid Cisco_Kamran_BGN
antenna gain 0
station-role root
bridge-group 11
bridge-group 11 subscriber-loop-control
bridge-group 11 block-unknown-source
no bridge-group 11 source-learning
no bridge-group 11 unicast-flooding
bridge-group 11 spanning-disabled
interface Dot11Radio1
description 802.11a radio
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid Cisco_Kamran_A
antenna gain 0
no dfs band block
channel dfs
station-role root
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface GigabitEthernet0.10
description 802.11a bridge
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
interface GigabitEthernet0.11
description 802.11bgn bridge
encapsulation dot1Q 11
no ip route-cache
bridge-group 11
bridge-group 11 subscriber-loop-control
bridge-group 11 block-unknown-source
no bridge-group 11 source-learning
no bridge-group 11 unicast-flooding
bridge-group 11 spanning-disabled
interface BVI1
ip address dhcp client-id GigabitEthernet0
no ip route-cache
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
no activation-character
line vty 0 4
login local
end
ap#
ap#
ap#Hi Stepehen,
Did the configuration as per your advice but i am getting the below mentioned error which i have highlighted it in red. Please advice what needs to be done.
Home
Re: 1941W configuration help needed
created by Stephen Rodriguez in Getting Started with Wireless - View the full discussion
conf t
interface Dot11Radio0
no ssid Cisco_Kamran_BGN
no encryption mode ciphers aes-ccm
exit
interface Dot11Radio1
no encryption mode ciphers aes-ccm
no ssid Cisco_Kamran_A
exit
dot11 ssid Cisco_Kamran_A
vlan 10
dot11 ssid Cisco_Kamran_BGN
vlan 11
exit
interface Dot11Radio0
encryption vlan 11 mode ciphers aes
ssid Cisco_Kamran_BGN
exit
interface dot11radio0.1
encapsulation dot1q 1 native
bridge-group 1
interface dot11radio 0.11
encapsulation dot1q 11
bridge-group 11
Configuration of subinterfaces and main interface
within the same bridge group is not permitted
exit
interface Dot11Radio1
encryption vlan 10 mode ciphers aes-ccm
ssid Cisco_Kamran_A
interface dot11radio1.1
encapsulation dot1q 1 native
bridge-group 1
interface dot11radio1.10
encapuslation dot1q 10
bridge-group 10
Configuration of subinterfaces and main interface
within the same bridge group is not permitted
end
wr
Reply to this message by going to Home
Start a new discussion in Getting Started with Wireless at Home -
Email Router Not Configured after IFD Installation on CRM2013 Server
After implementation of IFD on CRM2013 Server when we configure the Email Router the token service error will show during load the data in Email Router.
Kindly help me to resolve this issue
Thanks & Regards,
Mohit Sharma
email: [email protected]Hi Upen,
Thanks for your response. It is a 64 bit machine and the setup is also 64 bit.
I would like to mention some points related to my deployment scenario:
We have a Windows server 2008 R2 Standard edition on Server machine.
I have a .net website appliaction deployed and running on this.
One of our third party vendor is developing Cold fusion application.
This Cold fusion application will be integrated in our .net website.
Deployment and configuration of Cold Fusion application and server wil be done by Third Party vendor.
I need to install Cold fusion and give access to Third party.
Issue when I install cold Fusion using default settings, my .net Website does not get loaded.
In Mozila and Chrome Browser I get blank Page with only Background image given in Body tab of page is getting displayed.
In IE Browser Page with background image given in Body tab of plus this text ' <script> src="" 'is getting displayed.
Regards,
Sarfaraj Shaikh -
Need configuration help on producing dial tone
Hello Experts,
I have a Cisco 2921 router with VWIC3-2MFT-T1/E1 card. On this card we have T1-CAS digital line connected. We have been provided with a set of DID numbers. We have a requirement where, when we dial a DID, the router should provide a dial tone, and should allow the user to dial to extension numbers. Not sure if this is feasible. If at all possible, will need to some configuration help.
Thanks
ArabindaSure it's possible. What's the T1 connected to? The router will offer two-stage dialing (aka dial tone) when the incoming POTS dial-peer does not have the 'direct-inward-dial' command on it. The router will accept any input and search for an outbound dial-peer (or ephone-dn for locally registered DNs) to match. Be careful if the T1 is connected to the PSTN as this is a toll fraud risk. You need to use CoR to reign in what outbound dial-peers are available to it.
Dial Peer Basics:
http://www.cisco.com/en/US/tech/tk652/tk90/technologies_tech_note09186a008010ae1c.shtml
Class of Restrictions:
http://www.cisco.com/en/US/tech/tk652/tk90/technologies_configuration_example09186a008019d649.shtml
Please remember to rate helpful responses and identify helpful or correct answers. -
Problem with Cisco 3250 mobile router WMIC configuration
I have two 3250 mobile routers, and each one has 2 WMICs, 1 MARC and 1 4-port FEMIC. WIC1 seems to be the AP since its FE port connects to the FE0/0 or MARC, and WIC2 seems to be the bridge since its FE0 connects to FEMIC's FE2/3. The IOS version of router is 12.4(2)T3, and IOS version of both WMIC is 12.2(15).
I configured two routers in the following way (similar configuration as the police car example in the 3200 router software configuration guide):
1. Router1's WIC2 (bridge) acts as WGB, and router2's WIC2 (bridge) acts as root bridge.
2. Router2 is the DHCP server also.
3. WIC1 of each router is configured as root AP.
During my testing, the following scenarios happened:
1. WIC2 of both router can successfully associated.
2. Wired client can get IP address from router2 when it is pluged into either router's FE ports.
3. Wirless client can associate with the bridge connection, i.e. connected to the wirless bridge connection. (Weired! Can bridge work as a AP?)
4. Wireless client can't stably associate with WIC1 of either router, which is supposed to work as AP. A lot of authentication and deauthentication messages are flushing in the console. IP address can be leased, however, Ping was not successful.
My question is:
1. Why did this kind of problem happen?
2. How should i configure each WIC to achieve the set up of wireless client associate with AP and routers communicate through bridge?
3. Is my understanding on 3200 router wrong?
Thanks a lot for reply!Hello,
i have the same problem with router CISCO861W-GN-E-K9. Version 12.4(22r)YB5, RELEASE SOFTWARE (fc1)
Can someone help?
Thank you.
Here is my config for internal AP and router. -
Router is configured; Windows XP desktop cannot get a full conneciton...
I recently reinstalled my XP desktop because it was acting strange and did the same with my wireless adaptor. I am sure that my wireless router is configured correctly, however I have typed in all in athetificaiton information for the adaptor and now I am getting the message "validating indetiy". Any reason why I should be getting this? I cannot get the status to change no matter what I do, even reinstalling will not change it.
Any help would be appreciated.
Brad TwayGo to the router's setup page. Disable wireless security and try the connection. Re-enable it afterwards.
-
Hi, I have a power Mac G5 with an airport card, MAc OS X 10.5.8, Wireless card is Airport Extreme ( 0x14E4,0x4E ) and I am having a hard time connecting to my regular NETGEAR router. PLS Help,
Thanks,
MishcadolaI spent 2750 $ for my 24" iMac (price for my region)...
And the perfect world of Steve Jobs still close, but never we've been in there! -
CRM Email Router & Email Configuration
Hi All,
I have some question related email router & email configuration in MS CRM 2015. I test using gmail account for both CRM email and contact email (different gmail account).
1. I try send from my gmail to CRM directly, the result is the email not received in CRM. but if I try from CRM to my gmail using email activities first, after email received in my gmail inbox and reply back the email, I have received new email activities
in CRM. my question is why the email not received if I try to send directly?
2. what is email server profile use for? is there any article/link is easy to understand?
thanks.hi Erro,
why I asked is to check if email router machine account is added into the priv user group.
http://msdn.microsoft.com/en-us/library/hh550195(v=crm.6).aspx
regards
Jithesh -
I am trying to connect a NetGear Wifi Range Extender to my existing Wifi. I have an Airport Extreme Base Station and I am also connected to a Vonage Phone Router. Any help would be appreciated?
The Apple update Firmware for my Airport Extreme Base Station does not update for some reason? Help?
Additionally, I have an older version Airport Express that does not update with the newer Airport Utility Version 6.3 and asks me to download 5.6 to update? Is this worth it?
ThanksThe netgear is not going to work very well.. and not at all unless it is universal wireless extender.. you cannot use WDS method.
If it does support universal wireless then make sure the airport uses a rational SMB compatible wireless name.. not an apple name which is 35 characters long with spaces and illegal characters like apostrophe.
So nice AE name.. AEwifi and actually while you are trying.. fruitlessly to do this.. use AE24ghz and AE5ghz (so different names on the different bands)
Assuming your AE is gen3 or greater.
You should also fix the wireless channel at least for 2.4ghz since the netgear is probably only going to repeat 2.4ghz so use channel 11, as a trial.
And use no wireless security as a test.. if that works.. then use WPA1 & 2.. as often old equipment using WPA2 is not compatible.
If it fails with simple name.. fixed channel and no security. Sorry it is not compatible at all.. it happens.
If your AE is G wireless or earlier model.. really the time has come for replacement.
If your Express is G wireless model it is not supported.. and is too old to bother with expect I guess if you want to run audio to a speaker.
You must use older 5.6 utility to do this.. so do you have a computer running older OS.. up to Mountain Lion it is easy to install with a bit of manipulation.. later is much harder .. or windows computer anywhere or available to you. -
I have the iPhone 4 recently became weak Wi-Fi where I can not use the Internet only when sitting Bejjani router, Can anyone help me in solving this problem please
iPhone 4, iOS 7.0.3There's a whole lot to read in your post, and frankly I have not read it all.
Having said that, this troubleshooting guide should help:
http://support.apple.com/kb/TS1538
In particular, pay attention to the mobile device support sections near the bottom, assuming you have already done the items above it.
Maybe you are looking for
-
Delete files from APPLICATION SERVER?
Hi All, I am creating the files in application server with folder name as /interface/freeway/ and filename as PO concatenating with sy-datum and sy-uzeit. Ex file name now is /interface/freeway/PO20081201064120.csv Now my req is i need to delete file
-
My wife and I have seperate iphones (5's) that my son set up for us two years ago. He used one account saying we could share the purchased music. We have never purchased music or paid for apps in the two years since. About a year ago I had a iPad fro
-
QuickTime VR Panorama doesn't play correctly from a webpage
http://www.nps.gov/features/glac/gallery/082105b.htm is supposed to play a QuickTime VR Panorama (082105suelake.mov). It contains the following <embed> tags: <embed src="../video/panoramas/082105suelake.mov" width="600" height="465" autoplay="true"
-
Restoring backed up information onto new iPhone?
My old iPhone 4s got stolen but was backed up by iTunes. I bought a new one today and when it asked me if I wanted to restore information from another iPhone onto my new one, I accidently restored my brothers iPhone onto mine rather than mine. I was
-
[SOLVED]802.1x wired setup
I've just installed arch today with my only linux experience prior being ubuntu, and I've hit my first snag. My university uses secured wired connections with PEAP and MSCHAPv2. I've found this forum post related to my problem: http://bbs.archlinux.o