Cable E1 for Router 2811
I am adding a router E1 in a 2811 and would like to know what type of connector should I use?
Can anyone help me?
Thank you.
You can consult one of these links:
https://learningnetwork.cisco.com/thread/11803
http://www.cisco.com/en/US/tech/tk713/tk628/technologies_tech_note09186a00800fb754.shtml
http://www.cisco.com/en/US/docs/interfaces_modules/port_adapters/install_upgrade/cables_and_attenuator/75-120ohm_cbl_e1_multichan_install/6728cabl.html
Here you can find required informations.
Regards.
Similar Messages
-
Using Cable for Router - Router connectivity
Can i use straight cable for Router to Router Back to Back connectivity? or does auto mdix command works on Router?
What I have read (and have seen in my experience) is that auto-mdix is enabled by default on the routing platforms. I would try the cable and see if it works. Worst that will happen is the communication will have issues. It's not going to "hurt" anything if it doesn't work.
When connected, do a "show interface Gi0/X transceiver properties". You will then see things like this that will tell you the MDIX status:
Administrative Speed: auto
Administrative Duplex: auto
Administrative Auto-MDIX: on
Administrative Power Inline: enable
Operational Speed: auto
Operational Duplex: auto
Operational Auto-MDIX: on
Media Type: 10/100/1000BaseTX
Hope that helps. -
Link/instructions for router+Airport Extreme +optus cable?
Can anyone out ther link me to simple instructions from
Old system - G5+dial up +Airport Extreme to
New System - G5 +Optus cable + Netgera wired router +Airport Extreme
Thanks
WokkaCan we assume your internet connection works when your Mac's ethernet port is cabled to one of the LAN ports on the Netgear router? If so, follow this user-contributed tips article for using your Airport Base Station as a wireless network access point in association with the Netgear router: ABS as a Wireless Access Point
-
Site-to-Site VPN btw Pix535 and Router 2811, can't get it work
Hi, every one, I spent couple of days trying to make a site-to-site VPN between PIX535 and router 2811 work but come up empty handed, I followed instructions here:
http://www.cisco.com/en/US/products/ps9422/products_configuration_example09186a0080b4ae61.shtml
#1: PIX config:
: Saved
: Written by enable_15 at 18:05:33.678 EDT Sat Oct 20 2012
PIX Version 8.0(4)
hostname pix535
interface GigabitEthernet0
description to-cable-modem
nameif outside
security-level 0
ip address X.X.138.132 255.255.255.0
ospf cost 10
interface GigabitEthernet1
description inside 10/16
nameif inside
security-level 100
ip address 10.1.1.254 255.255.0.0
ospf cost 10
access-list outside_access_in extended permit ip any any
access-list inside_nat0_outbound extended permit ip 10.1.0.0 255.255.0.0 10.20.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip any 10.1.1.192 255.255.255.248
access-list outside_cryptomap_dyn_60 extended permit ip any 10.1.1.192 255.255.255.248
access-list outside_1_cryptomap extended permit ip 10.1.0.0 255.255.0.0 10.20.0.0 255.255.0.0
pager lines 24
ip local pool cnf-8-ip 10.1.1.192-10.1.1.199 mask 255.255.0.0
global (outside) 10 interface
global (outside) 15 1.2.4.5
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 15 10.1.0.0 255.255.0.0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 X.X.138.1 1
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-MD5
crypto dynamic-map outside_dyn_map 20 set security-association lifetime seconds 28800
crypto dynamic-map outside_dyn_map 20 set security-association lifetime kilobytes 4608000
crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA
crypto dynamic-map outside_dyn_map 40 set security-association lifetime seconds 28800
crypto dynamic-map outside_dyn_map 40 set security-association lifetime kilobytes 4608000
crypto dynamic-map outside_dyn_map 60 match address outside_cryptomap_dyn_60
crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-MD5 ESP-3DES-SHA ESP-DES-MD5 ESP-DES-SHA
crypto dynamic-map outside_dyn_map 60 set security-association lifetime seconds 28800
crypto dynamic-map outside_dyn_map 60 set security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime seconds 28800
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime kilobytes 4608000
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set peer X.X.21.29
crypto map outside_map 1 set transform-set ESP-DES-SHA
crypto map outside_map 1 set security-association lifetime seconds 28800
crypto map outside_map 1 set security-association lifetime kilobytes 4608000
crypto map outside_map 65534 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp identity hostname
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption des
hash sha
group 1
lifetime 86400
crypto isakmp policy 20
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 3600
group-policy GroupPolicy1 internal
group-policy cnf-vpn-cls internal
group-policy cnf-vpn-cls attributes
wins-server value 10.1.1.7
dns-server value 10.1.1.7 10.1.1.205
vpn-tunnel-protocol IPSec l2tp-ipsec
default-domain value x.com
username sean password U/h5bFVjXlIDx8BtqPFrQw== nt-encrypted
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key secret1
radius-sdi-xauth
tunnel-group DefaultRAGroup ppp-attributes
authentication ms-chap-v2
tunnel-group cnf-vpn-cls type remote-access
tunnel-group cnf-vpn-cls general-attributes
address-pool cnf-8-ip
default-group-policy cnf-vpn-cls
tunnel-group cnf-vpn-cls ipsec-attributes
pre-shared-key secret2
isakmp ikev1-user-authentication none
tunnel-group cnf-vpn-cls ppp-attributes
authentication ms-chap-v2
tunnel-group X.X.21.29 type ipsec-l2l
tunnel-group X.X.21.29 ipsec-attributes
pre-shared-key SECRET
class-map inspection_default
match default-inspection-traffic
service-policy global_policy global
prompt hostname context
Cryptochecksum:9780edb09bc7debe147db1e7d52ec39c
: end
#2: Router 2811 config:
! Last configuration change at 09:15:32 PST Fri Oct 19 2012 by cnfla
! NVRAM config last updated at 13:45:03 PST Tue Oct 16 2012
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname LA-2800
crypto pki trustpoint TP-self-signed-1411740556
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1411740556
revocation-check none
rsakeypair TP-self-signed-1411740556
crypto pki certificate chain TP-self-signed-1411740556
certificate self-signed 01
3082023F 308201A8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31343131 37343035 3536301E 170D3132 31303136 32303435
30335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 34313137
34303535 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100F75F F1BDAD9B DE9381FD 165B5188 7EAF9685 CF15A317 1B424825 9C66AA28
C990B2D3 D69A2F0F D745DB0E 2BB4995D 73415AC4 F01B2019 84373199 C4BCF9E0
E599B86C 17DBDCE6 47EBE0E3 8DBC90B2 9B4E217A 87F04BF7 A182501E 24381019
A61D2C05 5404DE88 DA2A1ADC A81B7F65 C318B697 7ED69DF1 2769E4C8 F3449B33
35AF0203 010001A3 67306530 0F060355 1D130101 FF040530 030101FF 30120603
551D1104 0B300982 074C412D 32383030 301F0603 551D2304 18301680 14B56EEB
88054CCA BB8CF8E8 F44BFE2C B77954E1 52301D06 03551D0E 04160414 B56EEB88
054CCABB 8CF8E8F4 4BFE2CB7 7954E152 300D0609 2A864886 F70D0101 04050003
81810056 58755C56 331294F8 BEC4FEBC 54879FF5 0FCC73D4 B964BA7A 07D20452
E7F40F42 8B355015 77156C9F AAA45F9F 59CDD27F 89FE7560 F08D953B FC19FD2D
310DA96E A5F3E83B 52D515F8 7B4C99CF 4CECC3F7 1A0D4909 BD08C373 50BB53CC
659C4246 2CB7B79F 43D94D96 586F9103 9B4659B6 5C8DDE4F 7CC5FC68 C4AD197A 4EC322
quit
crypto isakmp policy 1
authentication pre-share
crypto isakmp key SECRET address X.X.138.132 no-xauth
crypto ipsec transform-set la-2800-trans-set esp-des esp-sha-hmac
crypto map la-2800-ipsec-policy 1 ipsec-isakmp
description vpn ipsec policy
set peer X.X.138.132
set transform-set la-2800-trans-set
match address 101
interface FastEthernet0/0
description WAN Side
ip address X.X.216.29 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no cdp enable
no mop enabled
crypto map la-2800-ipsec-policy
interface FastEthernet0/1
description LAN Side
ip address 10.20.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex full
speed auto
no mop enabled
ip nat inside source route-map nonat interface FastEthernet0/0 overload
access-list 10 permit X.X.138.132
access-list 99 permit 64.236.96.53
access-list 99 permit 98.82.1.202
access-list 101 remark vpn tunnerl acl
access-list 101 remark SDM_ACL Category=4
access-list 101 remark tunnel policy
access-list 101 permit ip 10.20.0.0 0.0.0.255 10.1.0.0 0.0.255.255
access-list 110 deny ip 10.20.0.0 0.0.0.255 10.1.0.0 0.0.255.255
access-list 110 permit ip 10.20.0.0 0.0.0.255 any
snmp-server community public RO
route-map nonat permit 10
match ip address 110
webvpn gateway gateway_1
ip address X.X.216.29 port 443
ssl trustpoint TP-self-signed-1411740556
inservice
webvpn install svc flash:/webvpn/svc.pkg
webvpn context gateway-1
title "b"
secondary-color white
title-color #CCCC66
text-color black
ssl authenticate verify all
policy group policy_1
functions svc-enabled
svc address-pool "WebVPN-Pool"
svc keep-client-installed
svc split include 10.20.0.0 255.255.0.0
default-group-policy policy_1
gateway gateway_1
inservice
end
#3: Test from Pix to router:
Active SA: 1
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1
1 IKE Peer: X.X.21.29
Type : user Role : initiator
Rekey : no State : MM_WAIT_MSG2
>>DEBUG:
Oct 22 12:07:14 pix535:Oct 22 12:20:28 EDT: %PIX-vpn-3-713902: IP = X.X.21.29, Removing peer from peer table failed, no match!
Oct 22 12:07:14 pix535 :Oct 22 12:20:28 EDT: %PIX-vpn-4-713903: IP = X.X.21.29, Error: Unable to remove PeerTblEntry
#4: test from router to pix:
LA-2800#sh crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id slot status
X.X.138.132 X.X.216.29 MM_KEY_EXCH 1017 0 ACTIVE
>>debug
LA-2800#ping 10.1.1.7 source 10.20.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.7, timeout is 2 seconds:
Packet sent with a source address of 10.20.1.1
Oct 22 16:24:33.945: ISAKMP:(0): SA request profile is (NULL)
Oct 22 16:24:33.945: ISAKMP: Created a peer struct for X.X.138.132, peer port 500
Oct 22 16:24:33.945: ISAKMP: New peer created peer = 0x488B25C8 peer_handle = 0x80000013
Oct 22 16:24:33.945: ISAKMP: Locking peer struct 0x488B25C8, refcount 1 for isakmp_initiator
Oct 22 16:24:33.945: ISAKMP: local port 500, remote port 500
Oct 22 16:24:33.945: ISAKMP: set new node 0 to QM_IDLE
Oct 22 16:24:33.945: ISAKMP: Find a dup sa in the avl tree during calling isadb_insert sa = 487720A0
Oct 22 16:24:33.945: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
Oct 22 16:24:33.945: ISAKMP:(0):found peer pre-shared key matching 70.169.138.132
Oct 22 16:24:33.945: ISAKMP:(0): constructed NAT-T vendor-rfc3947 ID
Oct 22 16:24:33.945: ISAKMP:(0): constructed NAT-T vendor-07 ID
Oct 22 16:24:33.945: ISAKMP:(0): constructed NAT-T vendor-03 ID
Oct 22 16:24:33.945: ISAKMP:(0): constructed NAT-T vendor-02 ID
Oct 22 16:24:33.945: ISAKMP:(0):Input = IKE_MESG_FROM_IPSEC, IKE_SA_REQ_MM
Oct 22 16:24:33.945: ISAKMP:(0):Old State = IKE_READY New State = IKE_I_MM1
Oct 22 16:24:33.945: ISAKMP:(0): beginning Main Mode exchange
Oct 22 16:24:33.945: ISAKMP:(0): sending packet to X.X.138.132 my_port 500 peer_port 500 (I) MM_NO_STATE
Oct 22 16:24:33.945: ISAKMP:(0):Sending an IKE IPv4 Packet.
Oct 22 16:24:34.049: ISAKMP (0:0): received packet from X.X.138.132 dport 500 sport 500 Global (I) MM_NO_STATE
Oct 22 16:24:34.049: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
Oct 22 16:24:34.049: ISAKMP:(0):Old State = IKE_I_MM1 New State = IKE_I_MM2
Oct 22 16:24:34.049: ISAKMP:(0): processing SA payload. message ID = 0
Oct 22 16:24:34.049: ISAKMP:(0): processing vendor id payload
Oct 22 16:24:34.049: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch
Oct 22 16:24:34.049: ISAKMP:(0): vendor ID is NAT-T v2
Oct 22 16:24:34.049: ISAKMP:(0): processing vendor id payload
Oct 22 16:24:34.049: ISAKMP:(0): vendor ID seems Unity/DPD but major 194 mismatch
Oct 22 16:24:34.053: ISAKMP:(0):found peer pre-shared key matching 70.169.138.132
Oct 22 16:24:34.053: ISAKMP:(0): local preshared key found
Oct 22 16:24:34.053: ISAKMP : Scanning profiles for xauth ...
Oct 22 16:24:34.053: ISAKMP:(0):Checking ISAKMP transform 1 against priority 1 policy
Oct 22 16:24:34.053: ISAKMP: encryption DES-CBC
Oct 22 16:24:34.053: ISAKMP: hash SHA
Oct 22 16:24:34.053: ISAKMP: default group 1
Oct 22 16:24:34.053: ISAKMP: auth pre-share
Oct 22 16:24:34.053: ISAKMP: life type in seconds
Oct 22 16:24:34.053: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
Oct 22 16:24:34.053: ISAKMP:(0):atts are acceptable. Next payload is 0
Oct 22 16:24:34.053: ISAKMP:(0):Acceptable atts:actual life: 0
Oct 22 16:24:34.053: ISAKMP:(0):Acceptable atts:life: 0
Oct 22 16:24:34.053: ISAKMP:(0):Fill atts in sa vpi_length:4
Oct 22 16:24:34.053: ISAKMP:(0):Fill atts in sa life_in_seconds:86400
Oct 22 16:24:34.053: ISAKMP:(0):Returning Actual lifetime: 86400
Oct 22 16:24:34.053: ISAKMP:(0)::Started lifetime timer: 86400.
Oct 22 16:24:34.053: ISAKMP:(0): processing vendor id payload
Oct 22 16:24:34.053: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch
Oct 22 16:24:34.053: ISAKMP:(0): vendor ID is NAT-T v2
Oct 22 16:24:34.053: ISAKMP:(0): processing vendor id payload
Oct 22 16:24:34.053: ISAKMP:(0): vendor ID seems Unity/DPD but major 194 mismatch
Oct 22 16:24:34.053: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
Oct 22 16:24:34.053: ISAKMP:(0):Old State = IKE_I_MM2 New State = IKE_I_MM2
Oct 22 16:24:34.057: ISAKMP:(0): sending packet to X.X.138.132 my_port 500 peer_port 500 (I) MM_SA_SETUP
Oct 22 16:24:34.057: ISAKMP:(0):Sending an IKE IPv4 Packet.
Oct 22 16:24:34.057: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
Oct 22 16:24:34.057: ISAKMP:(0):Old State = IKE_I_MM2 New State = IKE_I_MM3
Oct 22 16:24:34.181: ISAKMP (0:0): received packet from X.X.138.132 dport 500 sport 500 Global (I) MM_SA_SETUP
Oct 22 16:24:34.181: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
Oct 22 16:24:34.181: ISAKMP:(0):Old State = IKE_I_MM3 New State = IKE_I_MM4
Oct 22 16:24:34.181: ISAKMP:(0): processing KE payload. message ID = 0
Oct 22 16:24:34.217: ISAKMP:(0): processing NONCE payload. message ID = 0
Oct 22 16:24:34.217: ISAKMP:(0):found peer pre-shared key matching X.X.138.132
Oct 22 16:24:34.217: ISAKMP:(1018): processing vendor id payload
Oct 22 16:24:34.217: ISAKMP:(1018): vendor ID is Unity
Oct 22 16:24:34.217: ISAKMP:(1018): processing vendor id payload
Oct 22 16:24:34.217: ISAKMP:(1018): vendor ID seems Unity/DPD but major 55 mismatch
Oct 22 16:24:34.217: ISAKMP:(1018): vendor ID is XAUTH
Oct 22 16:24:34.217: ISAKMP:(1018): processing vendor id payload
Oct 22 16:24:34.217: ISAKMP:(1018): speaking to another IOS box!
Oct 22 16:24:34.221: ISAKMP:(1018): processing vendor id payload
Oct 22 16:24:34.221: ISAKMP:(1018):vendor ID seems Unity/DPD but hash mismatch
Oct 22 16:24:34.221: ISAKMP:received payload type 20
Oct 22 16:24:34.221: ISAKMP:received payload type 20
Oct 22 16:24:34.221: ISAKMP:(1018):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
Oct 22 16:24:34.221: ISAKMP:(1018):Old State = IKE_I_MM4 New State = IKE_I_MM4
Oct 22 16:24:34.221: ISAKMP:(1018):Send initial contact
Oct 22 16:24:34.221: ISAKMP:(1018):SA is doing pre-shared key authentication using id type ID_IPV4_ADDR
Oct 22 16:24:34.221: ISAKMP (0:1018): ID payload
next-payload : 8
type : 1
address : X.X.216.29
protocol : 17
port : 500
length : 12
Oct 22 16:24:34.221: ISAKMP:(1018):Total payload length: 12
Oct 22 16:24:34.221: ISAKMP:(1018): sending packet to X.X.138.132 my_port 500 peer_port 500 (I) MM_KEY_EXCH
Oct 22 16:24:34.221: ISAKMP:(1018):Sending an IKE IPv4 Packet.
Oct 22 16:24:34.225: ISAKMP:(1018):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
Oct 22 16:24:34.225: ISAKMP:(1018):Old State = IKE_I_MM4 New State = IKE_I_MM5
Oct 22 16:24:38.849: ISAKMP:(1017):purging node 198554740
Oct 22 16:24:38.849: ISAKMP:(1017):purging node 812380002
Oct 22 16:24:38.849: ISAKMP:(1017):purging node 773209335..
Success rate is 0 percent (0/5)
LA-2800#
Oct 22 16:24:44.221: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH...
Oct 22 16:24:44.221: ISAKMP (0:1018): incrementing error counter on sa, attempt 1 of 5: retransmit phase 1
Oct 22 16:24:44.221: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH
Oct 22 16:24:44.221: ISAKMP:(1018): sending packet to X.X.138.132 my_port 500 peer_port 500 (I) MM_KEY_EXCH
Oct 22 16:24:44.221: ISAKMP:(1018):Sending an IKE IPv4 Packet.
Oct 22 16:24:44.317: ISAKMP (0:1018): received packet from X.X.138.132 dport 500 sport 500 Global (I) MM_KEY_EXCH
Oct 22 16:24:44.317: ISAKMP:(1018): phase 1 packet is a duplicate of a previous packet.
Oct 22 16:24:44.321: ISAKMP:(1018): retransmission skipped for phase 1 (time since last transmission 96)
Oct 22 16:24:48.849: ISAKMP:(1017):purging SA., sa=469BAD60, delme=469BAD60
Oct 22 16:24:52.313: ISAKMP (0:1018): received packet from X.X.138.132 dport 500 sport 500 Global (I) MM_KEY_EXCH
Oct 22 16:24:52.313: ISAKMP:(1018): phase 1 packet is a duplicate of a previous packet.
Oct 22 16:24:52.313: ISAKMP:(1018): retransmitting due to retransmit phase 1
Oct 22 16:24:52.813: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH...
Oct 22 16:24:52.813: ISAKMP (0:1018): incrementing error counter on sa, attempt 2 of 5: retransmit phase 1
Oct 22 16:24:52.813: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH
Oct 22 16:24:52.813: ISAKMP:(1018): sending packet to X.X138.132 my_port 500 peer_port 500 (I) MM_KEY_EXCH
Oct 22 16:24:52.813: ISAKMP:(1018):Sending an IKE IPv4 Packet.
Oct 22 16:24:52.913: ISAKMP:(1018): phase 1 packet is a duplicate of a previous packet.
Oct 22 16:24:52.913: ISAKMP:(1018): retransmission skipped for phase 1 (time since last transmission 100)
Oct 22 16:25:00.905: ISAKMP (0:1018): received packet from X.X.138.132 dport 500 sport 500 Global (I) MM_KEY_EXCH
Oct 22 16:25:00.905: ISAKMP: set new node 422447177 to QM_IDLE
Oct 22 16:25:03.941: ISAKMP:(1018):SA is still budding. Attached new ipsec request to it. (local 1X.X.216.29, remote X.X.138.132)
Oct 22 16:25:03.941: ISAKMP: Error while processing SA request: Failed to initialize SA
Oct 22 16:25:03.941: ISAKMP: Error while processing KMI message 0, error 2.
Oct 22 16:25:12.814: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH...
Oct 22 16:25:12.814: ISAKMP (0:1018): incrementing error counter on sa, attempt 4 of 5: retransmit phase 1
Oct 22 16:25:12.814: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH
Oct 22 16:25:12.814: ISAKMP:(1018): sending packet to X.X.138.132 my_port 500 peer_port 500 (I) MM_KEY_EXCH
Oct 22 16:25:12.814: ISAKMP:(1018):Sending an IKE IPv4 Packet.
Oct 22 16:25:22.814: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH...
Oct 22 16:25:22.814: ISAKMP (0:1018): incrementing error counter on sa, attempt 5 of 5: retransmit phase 1
Oct 22 16:25:22.814: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH
Oct 22 16:25:22.814: ISAKMP:(1018): sending packet to X.X.138.132 my_port 500 peer_port 500 (I) MM_KEY_EXCH
Oct 22 16:25:22.814: ISAKMP:(1018):Sending an IKE IPv4 Packet.
Oct 22 16:25:32.814: ISAKMP:(1018): retransmitting phase 1 MM_KEY_EXCH...
Oct 22 16:25:32.814: ISAKMP:(1018):peer does not do paranoid keepalives.
Oct 22 16:25:32.814: ISAKMP:(1018):deleting SA reason "Death by retransmission P1" state (I) MM_KEY_EXCH (peer 70.169.138.132)
Oct 22 16:25:32.814: ISAKMP:(1018):deleting SA reason "Death by retransmission P1" state (I) MM_KEY_EXCH (peer 70.169.138.132)
Oct 22 16:25:32.814: ISAKMP: Unlocking peer struct 0x488B25C8 for isadb_mark_sa_deleted(), count 0
Oct 22 16:25:32.814: ISAKMP: Deleting peer node by peer_reap for X.X.138.132: 488B25C8
Oct 22 16:25:32.814: ISAKMP:(1018):deleting node 1112432180 error FALSE reason "IKE deleted"
Oct 22 16:25:32.814: ISAKMP:(1018):deleting node 422447177 error FALSE reason "IKE deleted"
Oct 22 16:25:32.814: ISAKMP:(1018):deleting node -278980615 error FALSE reason "IKE deleted"
Oct 22 16:25:32.814: ISAKMP:(1018):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL
Oct 22 16:25:32.814: ISAKMP:(1018):Old State = IKE_I_MM5 New State = IKE_DEST_SA
Oct 22 16:26:22.816: ISAKMP:(1018):purging node 1112432180
Oct 22 16:26:22.816: ISAKMP:(1018):purging node 422447177
Oct 22 16:26:22.816: ISAKMP:(1018):purging node -278980615
Oct 22 16:26:32.816: ISAKMP:(1018):purging SA., sa=487720A0, delme=487720A0
****** The PIX is also used VPN client access , such as Cicso VPN client 5.0, working fine ; Router is used as SSL VPN server, working too
I know there are lots of data here, hopefully these data may be useful for diagnosis purpose.
Any suggestions and advices are greatly appreciated.
SeanHi Sean,
Current configuration:
On the PIX:
crypto isakmp policy 5
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set peer X.X.21.29
crypto map outside_map 1 set transform-set ESP-DES-SHA
crypto map outside_map 1 set security-association lifetime seconds 28800
crypto map outside_map 1 set security-association lifetime kilobytes 4608000
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
access-list outside_1_cryptomap extended permit ip 10.1.0.0 255.255.0.0 10.20.0.0 255.255.0.0
tunnel-group X.X.21.29 type ipsec-l2l
tunnel-group X.X.21.29 ipsec-attributes
pre-shared-key SECRET
On the Router:
crypto isakmp policy 1
authentication pre-share
crypto map la-2800-ipsec-policy 1 ipsec-isakmp
description vpn ipsec policy
set peer X.X.138.132
set transform-set la-2800-trans-set
match address 101
access-list 101 permit ip 10.20.0.0 0.0.0.255 10.1.0.0 0.0.255.255
crypto ipsec transform-set la-2800-trans-set esp-des esp-sha-hmac
crypto isakmp key SECRET address X.X.138.132 no-xauth
Portu.
Please rate any helpful posts
Message was edited by: Javier Portuguez -
How do I set up Airport Extreme with cable modem and router?
Hi--
I'm having a house built and all of the wiring for TV, phone, and internet will be centralized in a closet. The cable modem can be placed there as well. In one room in the basement I want to use my Airport Extreme for my iMac and USB external hard drives. In another location of the basement, I'd like to set up a Time Capsule for another desktop and USB printer. If the cat5e comes out of the wall at each location, I "think" I need a router at the closet location. I also thought I might need an Airport Express upstairs on first or second floor to boost signal for my laptop. The house isn't that big so maybe that's overkill. So beyond the router question, do I want to set up a roaming network and have the Airport Express connected via ethernet or just wireless if the thought is that I need this? Finally, if I should connect cable modem to router to Airport Extreme, Time Capsule, etc., in what order and ports does the equipment get connected? Many thanks!!Welcome to the discussions, Forum Girl!
It would be best to position the cable modem and main router in the central location like the closet if possible. The other devices would connect via ethernet to the wall jacks in each room.
If you could setup a "roaming" wireless network as you mention, this will give you better wireless performance and coverage. This is the way commercial establishments like airports, businesses, etc. are configured for wireless.
The order of connection would go something like this: ethernet connection > cable modem >main router>devices. Devices could be computers, routers, a backup device, etc. Since the Extreme has only 3 LAN ports for ethernet connections, you will also need to plan to install an "ethernet switch" near the location of the main router to provide enough ethernet jacks. If you are planning to use DirectTV, etc or your audio/video devices require ethernet connections (most new products do for updates and extra features), be sure to plan for that as well.
Make sure that CAT5e or CAT6 wiring is run so you will be able to take advantage of faster gigabit speeds.
Finally, it would be a good idea to work with an IT specialist to go over your plans to make sure all the bases are covered. This would be money well spent. -
What is Request for Routing used for in SAP? How do you use this transaction?
Hi John,
Welcome to the forum.
Your service provider (i.e. whoever you pay your line rental to) can move the master socket within your house but won't be able to move the cable that comes into the house.
To do that, you need to contact Openreach directly via this web form (just say that you want to relocate the external wire from the underground duct coming into your house) and they'll be able to discuss any costs directly with them.
After that's done, you can then contact your service provider to get the socket moved to the cellar. At the moment, if you're with BT the cost of moving a socket is £130.00.
Thanks,
Stephanie
Stephanie
BTCare Community Manager
If you like a post, or want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side of the post. If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’. -
Maximum cable lengths for USB / FW / DVI & sVGA?
I've hunted around on the net and can't find any kind of definitive answer regarding maximum cable lengths for USB, Firewire 400/800 and DVI / sVGA monitors. Can anyone shed some light?
I'm about to shift my studio into a new room, and have the oppourtunity to stick my G5 and external drives into a corridor cupboard adjacent to where my studio is - in other words, noise free bliss! But....
...if I map out how far my computer monitors, keyboard and audio interface will be from the cupboard, and take into account the twists and turns involved in neat routing, I'm looking at a distance of about 10 meters. I need to know if any of these devices will be OK with such a long run of cable, and if not, if it's possible to achieve a good result using hubs or repeaters?
So, can anyone help me out with info on:
an Apogee Ensemble (Firewire 400)
an Apple keyboard (USB 2.0)
an LCD flatscreen (DVI)
and another LCD flatscreen (sVGA)
Many thanks!I was just researching the very same thing, though it does not sound like my studio setup will be as sweet as yours. Here are a few things I ran across:
FIREWIRE-
"The maximum cable length specified by the IEEE1394 standard is 4.5 meters. However, more recent tests have shown that certain high quality firewire cables can achieve longer lengths without significantly affecting transmission quality. Several manufacturers sell firewire cables longer than 5 meters (some up to 50 meters)."
~http://www.focusrite.com/answerbase/article.php?id=206
I found an example of a company who claims to sell a firewire cable of that length:
http://www.expansys.com/pf.aspx?i=102956
USB-
There is forum discussion on the topic I was reading yesterday:
http://www.everythingusb.com/forums/showthread.php?threadid=804
But don't go past the 11th post or so, they go off on another subject... the use of hubs & the words "active extension" in that post caught my eye. A quick google search came up with this site:
http://www.everythingusb.com/forums/showthread.php?threadid=804
There were a bunch sites with devices claiming to do this.
Finally I have this chart, which seems to support what what the articles say, without of course any other extension technology/solutions:
http://www.extron.com/company/article.aspx?id=dedigform10
I'm not making any claims at all about how true these sources are, I just have the same questions and decided to toss what I've been looking at into the discussion. Feel free anyone to jump in and tell me its all wrong - I'd love to hear whats right.
~sam -
I downloaded the Firmware for this Router (it's last been updated 2004, I'm not sure how much of a difference that makes). When I downloaded it it came as a BIN file. I opened it in my PowerISO and it said it said "The file format is invalid or unsupported." What can I do? Also when I get the proper file downloaded how do I upgrade it and also what might it change? Thanks.
Well try upgrading the firmware of the router & keep on holding tightly
the reset button in such a way that power light is blinking on the
router & then do a complete network power cycle i.e., unplug the power
cables from the modem & from the router & then plug in the power cable
to the modem first once all the lights are solid green you could plug
in the power cable to the router & check out it will definately work!!
Also,the advanced wireless settings to Beacon Interval=50,Frag
thres=2306 & Rts thres=2307 & then uncheck a Block Anonymous Internet
Requests & it will definately work!!! -
Comcast just replaced my cable modem/wireless router. All devices connect properly except my iPhone 4. It shows itself to be connected to the network, but it does not load any web page. Resetting the iPhone does not solve the problem. Any suggestions?
Thank you for your response.
I had rebooted the router (several times, actually), to no avail.
I do not know the answer to whether MAC filtering is enabled on the router. Have tried to find info about that, but unsuccessfully. Router is an Arris TG852G, supplied by Comcast. I would be surprised if MAC filtering were the issue, since in addition to the computer, we have successfully connected several other devices to the wifi, namely an iPad, a Android phone and a Kindle Fire - all able to access internet pages through the wifi, and all without a need to add the device to a MAC address whitelist. To add to the mystery, the Comcast tech was able to connect his iPhone 4 to my network and access web pages. He was unable to connect my iPhone, however, after trying for some time.
I seem to recall reading somewhere that an iPhone cannot connect to a wireless "n" router, only "b" or "g". The Arris router is described as a n/g/b compliant router, and as noted the Comcast tech was able to connect his iPhone, so don't know why that would be the issue here.
By the way, my iPhone does connect wirelessly to my network at home. This difficulty is at a second home.
Any other thoughts would be appreciated. -
Router 2811 and C2960 Switch Trunking Problem
Hi all
I got an problem with a trunking problem between Router 2811 and C2960 switch
In router 2811 - I created f0/0.1 10.65.20.1 (VLAN 1) and f0/0.48 10.65.23.1 (VLAN 48)
In C2960 - Vlan 1 10.65.20.30 , VLAN 48 10.65.23.30
Finally I can only ping VLAN 1 IP but fail to ping VLAN 48 IP, can help me how to troubleshoot it?
Hugo
Router 2811 Configuration:
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.65.20.1 255.255.255.0
interface FastEthernet0/0.48
encapsulation dot1Q 48
ip address 10.65.23.1 255.255.255.0
C2960 Configuration:
interface FastEthernet0/24
switchport mode trunk2811#sh vlans
Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.1
This is configured as native Vlan for the following interface(s) :
FastEthernet0/0
Protocols Configured: Address: Received: Transmitted:
IP 10.65.20.1 388873 262275
Other 0 1723
390760 packets, 71854310 bytes input
263998 packets, 53723195 bytes output
Virtual LAN ID: 48 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.48
Protocols Configured: Address: Received: Transmitted:
IP 10.65.23.1 0 0
Other 0 20
0 packets, 0 bytes input
20 packets, 1883 bytes output
2960_24#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/24 on 802.1q trunking 1
Gi0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/24 1-4094
Gi0/1 1-4094
Port Vlans allowed and active in management domain
Fa0/24 1,48
Gi0/1 1,48
Port Vlans in spanning tree forwarding state and not pruned
Fa0/24 1,48
Gi0/1 1,48 -
Cisco router 2811 doesnot respond to ciscoPingAvgRtt oid
Hi,
I was trying to get snmpwalk output for cisco 2811 router for OID "1.3.6.1.4.1.9.9.16.1.1.1.12" but I got NO Output
If I tried till 1.3.6.1.4.1.9.9.16 this shown the output but not for given OID.
That OID output is necessary as withiout this I can not get Round Trip time in HP OVPI tool.
Please help me to know what is wrong??
with regards,
NeenaCisco doesn't make these.
If you buy a remote controlled power socket that works for switches, it will work for routers, and anything else. -
Do Cisco router 2811 and Catalyst 3750 support SNMPv3?
Hi,
Do Cisco router 2811, IOS 12.4(20)Ti, and Catalyst 3750, IOS 12.2.(53)SE, support SNMPv3?
Attached file contains my SNMPv3 configurations and "show snmp" results. Would you please give me your advice? Thanks.
HughHugh
Certainly both the 2811 and the 3750 do support SNMPv3. So support for the feature is not an issue in your situation.
I have looked at the config that you attached and believe that it looks reasonable. You have not told us about the SNMP server that will communicate with these devices. So we have no way to know if the details of the configuration are correct.
Have you attempted to discover these devices with an SNMP server that is configured to use SNMPv3 and has this user and passwords configured? If it does not work my first suggestion would be to check to verify that the passwords configured are exactly the same on the clients and on the server (and perhaps re-configure the passwords just to be sure). If the passwords are not a problem my second suggestion would be to check and verify that the authentication and encryption parameters match between the server and the clients.
HTH
Rick -
I have a cable modem for my Time Capsule. Do I need a separate cable modem for my Airport Express? (I'm using it to "extend" my network and also for Air Play.)
No, you connect to your Time Capsule wirelessly to "Extend" the network..
See this Apple doc:
http://support.apple.com/kb/HT4259?viewlocale=en_US&locale=en_US -
Our company moved from on-premises Exchange 2003 to Office365 and only have 4 Exchange 2003 servers on-prem that we use for Routing email from application servers to Office365. We need to migrate these servers to Exchange 2010 then to Exchange 2013 and
only route email only. Is it possible to upgrade to Exchange 2010 by installing the transport Hub & Mailbox server options only? Our OAB and EWS services come from the CAS servers located on Office365 so we should not need a CAS server to set up Transport
rules or route mail would we? Any assistance with this would be greatly appreciated! - Thanks, DWB
DaveSince it is not internet facing we will not have to worry about configuring an Internet Domain Name when installing the first server, correct? in my planning I was going to
install the Exchange 2010 CAS/Mailbox/Transport Hub roles on one server, then upgrade it to Exchange 2013. Once this is completed I'll then install the 2 mailbox role servers in one Datacenter, and 3 more in our DRP DC. If something happens to the
primary Datacenter I would want it to fail over to the other site. For this I would have to install another CAS/mailbox server in the secondary DC. Would this plan sound about right? Since we moved to Office365 in 2010 I have not had a chance to deal with
actual servers except for the Exchange 2003 servers we still have on-premises. Each of these are located in 4 Regional offices along with single Windows 2008 R2 servers using only the IIS SMTP service for routing mail from on-prem application servers
and print/scanners which email back to the users. The plan is to move to a routing system which will provide both MTA and redundancy if one has an issue.
Dave -
LSMW for routing with standard batch input
Hello All,
I am trying to prepare one LSMW for routing upload for PP module. Routing data contains header data, operation data and master inspection characteristics data.
I have created three source structures viz. material- task list header, task header data, operation and inspection.
Header has been assigned to target structure BIMPL- Batch Input Structure for Allocation of Mat. to Task Lists,
Task header data source structure has been assigned to BIPKO- Batch Input Structure for Task List Header,
Operation source structure has been assigned to target structure BIPPO- Batch input structure for task list operation,
and inspection source structure has been assigned to BIPMK- Inspection characteristics for batch input of task lists.
Every source structure has been identified with an identifier value of which have been set as H, I,J,K for all source structures resp.
The excel file has been prepared as follows,
H MATNR WERKS PLNNR PLNAL
H 100045 1000 50000043 1
H 100045 1000 50000043 2
I MATNR WERKS PLNNR PLNAL VALID_FROM USAGE STATUS
I 100045 1000 50000043 1 01012000 1 1
I 100045 1000 50000043 2 01012000 1 1
I have mentioned here the combination of first two structures only. But it contains data of other two source structures as well (for identifier J & K).
The data from the excel is copied to the flat file and same is specified in LSMW in the step 'Specify file'.
In 'Assign file' step the flat file is assigned to all the four source structure.
Now at the time of reading data system is throwing me an error as 'Ensure field sequence is correct for data for mutiple source structures' Message no. /SAPDMC/LSMW_OBJ_060026
How to overcome this?
<removed by moderator> answers will be greatly appreciated........
Mimiri
Edited by: Thomas Zloch on Jul 11, 2011 10:16 AMHello ,
have you maintained this check box for the key fields"
LSMW>Maintain Source fields>double click on fieds : MATNR WERKS PLNNR PLNAL
Selection Parameter for "Import/Convert Data"-->Tick this check box
regards
Maybe you are looking for
-
Import fixed asset master data
When I try to import fixed asset master data from an excel file to the Sap Business, a problem that I cannot identify occurs, and as a result, data is not imported. The process runs normally, data is processed but at the end an informational message
-
Is there a keyboard shortcut to open a pop-up menu in Numbers 3?
I have lots of spreadsheets with cells formatted as popup menus. I am accustomed to tabbing from cell to cell, and then tapping the spacebar to open the pop-up menu to select an option. Now it appaers that the only way to open a pop-up menu in Number
-
SAP ME SDK 2.0 : Browse functionality in custom UI.
Dear Experts, I am new to the SAP ME SDK developement. I need to create a UI which has browse functionality like we have in activity maintainance and other places.. I am struggling to get it. I know the steps to create custom UI in ME using SDK 2.0 a
-
BEx Analyzer - Varaibles - messages
Hi, We have arequirement where when we execute a report a variable screen appears when the values does not match with the values in the master data then it has to shows error messages or or warning or some inforamtion while execute a report. Please c
-
Transferrin songs from an iPod
Is it possible to transfer songs from my iPod to iTunes on a friends computer? He recently bought an iPod nano and i was wondering if i could put all the songs i have on my laptop onto his computer. Any help on this would be greatly appreciated. Than