Can a Cisco 2600 router do PPTP,L2TP, and IPSec?

General question.

2600 supports L2TP and PPTP with MPPE with an IP PLUS version, and IPsec with a firewall version.

Similar Messages

Can a Cisco 881 router create an L2TP/IPsec tunnel via NAT to Windows 2008?

Hi
Was anyone successfull in setting up an L2TP/IPsec tunnel through NAT-T against a Windows 2008/ R2 RRAS server? I am using an 881 router and the layout is someting like this:
Client -> 881 -> NAT -> internet -> Windows 2008 RRAS
The tunnel goes form the 881 to the Windows server (not from the client...).
Thanks
Roland

Hi Federico
Thanks for your help! Much appreciated.
In my case this should be transparent to the client - I would like not to initiate the connection from the client.
Does that makes sense? I am considering L2TP because Windows 2008 R2 doesn't support IPSec tunnels through NAT (2008 R2 being the responder and the Cisco router the initiator of the IPSec connection).
Regards
Roland

Cisco 2600 router with 4A/S module can be terminal server

I have a cisco 2600 router with 4A/S module, can it become the terminal server? If yes, which kind of octal cable should I choose to connect to other cisco routers console ports? Thanks a lot

The commands mean that R1's console is connected using the first RJ-45 cable and is available on port 2001, R2's console is connected using the second RJ-45 cable and is available on port 2002 and so on. Remember that the ports are numbered as 2000 plus the line number. Hence, the first port is 2001. If you have more than eight devices and have connected a second CAB-OCTAL-ASYNC cable then you need to add a similar configuration line with the port numbers starting from 2009 till 2016.
In your configuration u configured 9 ports. So please add second cable for another 8 ports.
To connect to the console of a device, telnet to the terminal server router's loopback address and specify the port number associated to the device. For example, to connect to console of router R1 (from our example) type telnet 192.168.12.1 2001 in the Run dialog box from your PC.
For further information click the below url
http://www.cisco.com/public/technotes/smbsa/en/us/internet/config_cisco_router_term_server.html#trouble

Need driver or app for ms life cam 3.0 tried to get one off the internet. cisco wireless router software said malware and virus threat. Is it safe for mac?

need driver or app for ms life cam 3.0 tried to get one off the internet. cisco wireless router software said malware and virus threat. Is it safe for mac? is this software try to protect my pc or is it A threat to macs to.

There are a number of extremly dubious sites which claim to offer Drivers for common Hardware, but actually are phishing for identies and credit card numbers and candidates to join a bot-net.
Make absolutely certain you load drivers ONLY from the manufacturer's web site.

CISCO 2600 Router Flash Image

Hi guys and gals. Not pay attentiong while performing an update, I mistakingly confirmed an erasure of the flash system on my 2600 series router. The dreaded rommon> is returned on reboot. I tried to download the image files from Cisco.com but the password security issues they do not have is preventing me from doing it. If anyone has a copy please help.
Thanks
Wade

No image to send but I can tell you that if you send a blank e-mail to [email protected] from the e-mail address you registered your CCO profile to Cisco will automatically reset your password and e-mail it to you in a few minutes (usually).
Hope this helps.
Please remember to rate all replies

NEED URGENT HELP ON MY CISCO 2600 ROUTER.

This machine 2C66378: 0
2C66398: 0
2C663B8: 0
2C663D8: 0
2C663F8: F
2C66418: AB1234CD FFFFFFFE C
2C66438: 0
2C66458: 2C668E0 F
2C66478: AB1234CD FFFFFFFE C
2C66498: 4
2C664B8: 2C677E0 4
2C664D8: 2C684E0 4
2C664F8: 2C691E0 4
2C66518: 2B65160 4
2C66538: 2B64460 4
2C66558: 2B63760 4
========= 2C667B8: 2B73E20 4
2C667D8: 2B73120 4
2C667F8: 2B72420 4
2C66818: 2B71720 4
2C66838: 2B70A20 4
2C66858: 2B6FD20 4
2C66878: 2B6F020 4
2C66898: 2B6E320 F
2C668B8: AB1234CD FFFFFFFE C
2C668D8: E
2C668F8: 2B057A2 4
2C66918: 2B01D8A 9
2C66938: 2CD38C2 4
2C66958: 2CCF4AA 4
2C66978: 2CCF9AA 0
2C66998: 0
========== 2C6632C: 0
2C6634C: 0
2C6636C: 0
2C6638C: 0
2C663AC: 0
2C663CC: 0
2C663EC: 0
Then it says is giving me hard time. The problem with it is that it keeps on rebooting. I have tried to even load another IOS. But it is not working out. It is bringing this output......========= Dump bp = 2C66478 ======================
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0 FD0110D
0 0 800261A4 2C66478 2C183EC 8000001
1 175C7D59 70600180 DCBE0B00 C164 0 100 2C664A
0 0 0 0 0 0 FD0110D
0 0 800261C8 2C668B8 2C6642C 8000020
1 A35C1E12 15A 8000F9F4 2C67160 0 15A 8000F9F
0 15A 8000F9F4 2C67E60 0 15A 8000F9F
0 40 8000F9F4 2C68B60 0 40 8000F9F
0 0 8000F9F4 2B657E0 0 0 8000F9F
0 0 8000F9F4 2B64AE0 0 0 8000F9F
0 0 8000F9F4 2B63DE0 0 0 8000F9F
0 0 8000F9F4 2B630E0 0 0 8000F9F
Dump bp->next = 2C668B8 ======================
0 0 8000F9F4 2B737A0 0 0 8000F9F
0 0 8000F9F4 2B72AA0 0 0 8000F9F
0 0 8000F9F4 2B71DA0 0 0 8000F9F
0 0 8000F9F4 2B710A0 0 0 8000F9F
0 0 8000F9F4 2B703A0 0 0 8000F9F
0 0 8000F9F4 2B6F6A0 0 0 8000F9F
0 0 8000F9F4 2B6E9A0 0 0 8000F9F
0 0 0 0 0 0 FD0110D
0 3000000 80026214 2C670F8 0 300040
1 8DB14C70 0 8300FECE 2B050C2 0 0 8300FEC
0 0 300FECE 2B05E82 0 0 300FFC
0 0 8300FFC4 2B01ECA 0 0 8300FEC
0 0 300FFC4 2CCF22A 0 0 300FFC
0 0 8300FFC4 2CCF72A 0 0 8300FFC
0 0 0 0 0 0
0 0 0 0 0 0 0
Dump bp->previous = 2C6642C =====================
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
(Software forced reload.) Pliz help.

This does not look good. Boot into rommon. Use the "verify flash:c2600*.bin" command to check the integrity of the image.
If this issue impacts your production environment contact TAC for a quick resolution.
HTH
--Leon

HT201210 Iphone 5 can not save my router of 2.4ghz and does not connect more than 3 minutes but Iphone 4s has not that problem in the same router.

My iphone 5 is not saving my unlocked router. My router is linksys and is 2.4 ghz, My other devices such as iphone 4s and ipad2 have not had that problem with router. My iphone 5 connects hardly to my router but does not stay connected more than 3 minutes within the range.

Try rebooting your router by removing all power from it for about 15 seconds.

Cisco-Linksys Router and no PPPOA Option for Conne...

Hi all!
New here and just hoping to get some here!
We are using a BT Business hub Router and it is having a few issues with wireless connectivity, so I would like to use another router to see if it is our equipment or if it is the router itself.
I have a Cisco Linksys E1000 Router and after looking at the BT router I can see that the connection type is set to PPPOA with a username and password. I do know the username and password so that isnt an issue, however on the Cisco router there is no option for PPPOA, the only options are:
Static IP, DHCP, PPPoE, PPTP, L2TP, and BigPond
There is a connection in the back of the cisco router for the ADSL cable, I was just wondering if there is a way to work around this?
Thanks very much!!

I am sure you will get help there when someone has time.
You can always find the latest postings on the Business Forum using this link.
http://business.forums.bt.com/t5/forums/recentpostspage/post-type/message
There are some useful help pages here, for BT Broadband customers only, on my personal website.
BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

Can't apply policy route-map on C3750 stack vlan interface

Hi All.
I've come up with this problem and i could see some people have had the same issue. I've tried to overlook and check other replies but it didn't help me. So I'm hoping someone could spot the problem. Here are the details:
2 x WS-C3750G-24T-E in stack
Cisco IOS Software, C3750 Software (C3750-ADVIPSERVICESK9-M), Version 12.2(46)SE, RELEASE SOFTWARE (fc2)
switch#sh sdm prefe
The current template is "desktop IPv4 and IPv6 routing" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses:                  1.5K
number of IPv4 IGMP groups + multicast routes:    1K
number of IPv4 unicast routes:                    2.75K
    number of directly-connected IPv4 hosts:        1.5K
    number of indirect IPv4 routes:                 1.25K
number of IPv6 multicast groups:                  1.125k
number of directly-connected IPv6 addresses:      1.5K
number of indirect IPv6 unicast routes:           1.25K
number of IPv4 policy based routing aces:         0.25K
number of IPv4/MAC qos aces:                      0.5K
number of IPv4/MAC security aces:                 0.5K
number of IPv6 policy based routing aces:         0.25K
number of IPv6 qos aces:                          0.5K
number of IPv6 security aces:                     0.5K
There are 2 ISPs, G1/0/1 and G2/0/1. After creating a route-map i can apply a policy route-map to Vlan5 and it accepts without any errors. But when you do sh run vlan5 the command is not there, it's not applied.
Any help will be appretiated.
Thanks.

Hi Jon.
Thanks for your reply. I didn't put those configs as they're basic without use of VRF and WCCP. Also i've checked or tried to find the list of unsupported commands and didn't see them in that list. See config below with some extras:
track 11 rtr 1 reachability
track 22 rtr 2 reachability
ip routing
no ip dhcp use vrf connected
interface GigabitEthernet1/0/1
description ISP1
no switchport
ip address 9.9.9.2 255.255.255.252
no ip proxy-arp
no ip mroute-cache
speed 100
duplex full
ipv6 address 2B01:4B8:0:3::2/64
ipv6 ospf 1 area 0
no mdix auto
no cdp enable
interface GigabitEthernet2/0/1
description ISP2
no switchport
ip address 9.9.9.5 255.255.255.252
ip ospf cost 10000
speed 1000
duplex full
ipv6 address 2B01:4B8:0:7::2/64
ipv6 enable
ipv6 ospf cost 10000
ipv6 ospf 1 area 0
interface Vlan5
description Company Ext Subnet
ip address 9.9.8.1 255.255.255.128
no ip proxy-arp
no ip mroute-cache
ipv6 address 2B01:4B8:1:22::1/64
ipv6 ospf 1 area 15
access-list 111 permit tcp any any eq www
route-map pbr1 permit 10
match ip address 111
set interface GigabitEthernet2/0/1 GigabitEthernet1/0/1
route-map pbr1 permit 20
set interface GigabitEthernet1/0/1 GigabitEthernet2/0/1
route-map pbr2 permit 10
match ip address 111
set ip next-hop verify-availability 9.9.9.6 1 track 11
set ip next-hop 9.9.9.1
route-map pbr2 permit 20
set ip next-hop verify-availability 9.9.9.1 1 track 22
set ip next-hop 9.9.9.6
I've tried to apply both policies pbr1 and pbr2, it allowed to do that without errors but at the end it wasn't there.
Cheers,

Ethernet port 0/0 on Cisco 2600 unable to access NM-ESW-16 ports

Is it possible to config the E0/0 port on the Cisco 2600 router to access the FE ports on the on-board NM-ESW-16? There is only one Ethernet port on the router.

Thanks for the reply. However, we are unclear how to accomplish this. I tried the no switchport mode command on a FE port on the switch. Afterwards, I tried to assign an IP adddress and mask to the port. The switch responded saying that an IP address cannot be applied to a L2 port. What I need to understand is how to re-assign a L2 port as a L3 port. Thanks for any added help.
kjjscharff

Cisco 891FW Router - Web Gui

Hey guys,
Bare with me, as I am Cisco newbie and not too familiar with their setups.
I essentially want to be able to use the web interface of the router to configure VPNs, port forwards, etc. and not use CLIs.
Just got a Cisco 891FW Router for a client and want to pre-setup everything, but I couldn't seem to get into the web interface of the router. After finding out (correct me if I am wrong) that it is disabled by default, so you will have to use console to configure it.
So with the cable console I was provided, I used putty and got into that interface (this is where I lack experience in use). Referring to this guide (http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf005.pdf), I tried to enable the Web GUI of the router.
So the commands I ran are:
Router(config)# ip http server
Router(config)# ip http authentication aaa
Router(config)# aaa authentication login default local
I connected a ethernet cable from one of the LAN ports to my laptop and it got an IP address (192.168.15.100). I opened my web browser and put in http://<router name>, and nothing; even tried 192.168.15.1 as I figured that would be the web interface since I got a .15 address.
Did I miss a step or am I following the wrong guide? I am not too familiar with Cisco routers (beside you basic home/small business ones with the WebGUI enabled by default) so if you guys can show me a guide specific to my model, or give me a step-by-step on how to enable the web interface that would be appreciated.
Thanks for any help

Hi,
I'm a little rusty as I always use the CLI and only ever disable the web interface :), but your config looks a little weird.
Try this:
(config)#ip http server
(config)#ip http authentication local
(config)#username jbenoza privilege 15 secret 0 cisco
(config)#wri
Enter the IP address of the router (which will be the default gateway of the DHCP address you were provided) in the web browser and this will allow you to connect.
If you still experience issues, please post the output of a show run as there may be further configurations necessary.

Cisco 2600 series router and cable modems

Hi everyone, I am just about to get started preparing for my CCNA... I am looking to pick up some used Cisco 2600 series routers to set up a home lab. I am wondering if it is possible to connect a cable modem directly to a 2600 series router? If so, do I need a certain type of WIC? I want to go from my cable modem, to a router, to my switch. Thanks in advance!

Hi,
Yes you can, using the Ethernet port on the cable modem, you can connect the cable modem to the router 2600, and the 2600 comes with builtin ethernet or fastethernet (according to your platform).
HTH,
Mohammed Mahmoud.

Cisco DSL-Router 876W: VPN with Apple Builtin PPTP??

Hello
I spoke last week to someone about the VPN Problems with several Firewalls and Routers. I hate it to use VPN Tracker, Cisco VPN Client or IP Securitas. I would like to use only the builtin VPN Clients of the Apple OS X.
He suggest me to use Cisco 876 Router. That VPN should support the builtin VPN Client of Apple. Has some member of this forum testet this Router and get the VPN working?
I tried to contact Cisco here in Switzerland, but they have nearly any know-how of Apple Products
Who can help me?
Regards
Gérard

Hello
We had installed the Cisco Router with the VPN Server.
It is possible to make a connection with the builtin PPTP Client of Apple. The Connection is very instable. It disconnect every X minutes.
Ferther I am not able to use all the Apple Remote Desktop funktion. So I see the ARD Client at the VPN Site. Im am able to see which Program is running and are also able to update the ARD Client.
But the Control and Show Funktion off ARD ist not working.
So this solution ist not useable to do Remote Maintanance
Has someone the same problems or an idea why it is not working
Regard
Gérard

I have a Cisco wireless router. Can I buy an Airport Express plug in booster for a distant part of my house or do I need an Airport Extreme base station instead to make the Airport Express plug in booster work?

Can I buy an Airport Express plug-in wifi signal booster to connect to a Cisco wireless router, or do I have to buy an Airport Extreme base station to make the Airport Express plug-in work?

You would need either an AirPort Extreme or an AirPort Express connected to the Cisco router, with a permanent Ethernet cable connection.
Configure the Extreme or Express that is connected to the Cisco router to "create a wireless network".
Then, you could add an AirPort Express to "extend a wireless network" to provide more wireless coverage for the network that the Extreme or Express would be creating.
Remember that the Express can only "extend" the quality of signal that it receives, so it must be located where it can receive a strong signal from the "main" AirPort.
If you don't need the Cisco wireless signal, you could turn it off.....or use that network for guests or something similar.
The bottom line here......you always need two Apple routers if you want to extend the network wirelessly.

Cisco 1941 Router-on-a-Stick w/ 11VLANs trunked to a Cisco 2960: Can Ping a device in another VLAN, that device cannot ping back

Cisco 1941 Router-on-a-Stick w/ 11VLANs trunked to a Cisco 2960: From the Switch I can Ping a device in another VLAN, that device cannot ping back. Some devices can ping devices in other VLANs and the device in the other VLAN can successfully return the Ping. Have a look at the attached diagram.
Router Config:
show run
Building configuration...
Current configuration : 7224 bytes
! Last configuration change at 09:05:48 EDT Wed Aug 6 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname ROUTER
boot-start-marker
boot-end-marker
no aaa new-model
clock timezone EDT -8 0
ip cef
ip name-server 8.8.8.8
no ipv6 cef
multilink bundle-name authenticated
license udi pid CISCO1941/K9
object-group network Net_Obj_Group1
description This network group allows all 10.0.0.0 and Email Forwarder server through to the Plt PCs
205.191.0.0 255.255.0.0
10.0.0.0 255.0.0.0
object-group network Net_Obj_Group2
description This Network Group includes the Host IPs allowed through the Plant Router
host 10.194.28.23
host 10.194.28.25
host 10.194.28.26
host 10.194.28.27
host 10.194.28.28
host 10.194.28.29
host 10.194.28.37
host 10.194.28.39
host 10.194.28.40
host 10.194.28.70
host 10.194.28.130
host 10.194.28.131
host 10.194.28.132
host 10.194.28.133
host 10.194.28.134
host 10.194.28.135
host 10.194.28.136
host 10.194.28.137
host 10.194.28.138
host 10.194.28.139
host 10.194.28.140
host 10.194.28.141
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description Port Ge0/0 to IT Enterprise network Switch GE1/0/38
ip address 10.194.28.111 255.255.255.0
ip access-group 105 in
ip access-group 106 out
ip nat outside
ip virtual-reassembly in
shutdown
duplex full
speed auto
no mop enabled
interface GigabitEthernet0/1
description Port to Plant PCN-K/L24 Sw1 Port 0/24
no ip address
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1.102
description Port to VLAN 102
encapsulation dot1Q 102
ip address 192.168.102.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.104
description Port to VLAN 104
encapsulation dot1Q 104
ip address 192.168.104.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.105
description Port to VLAN 105
encapsulation dot1Q 105
ip address 192.168.105.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.106
description Port to VLAN 106
encapsulation dot1Q 106
ip address 192.168.106.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.107
description Port to VLAN 107
encapsulation dot1Q 107
ip address 192.168.107.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.111
description Port to VLAN 111
encapsulation dot1Q 111
ip address 192.168.111.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.117
description Port to VLAN 117
encapsulation dot1Q 117
ip address 192.168.117.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.121
description Port to VLAN 121
encapsulation dot1Q 121
ip address 192.168.121.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.125
description Port to VLAN 125
encapsulation dot1Q 125
ip address 192.168.125.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.150
description Port to to VLAN 150
encapsulation dot1Q 150
ip address 192.168.150.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.999
description Port to VLAN 999
encapsulation dot1Q 999
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip forward-protocol nd
ip http server
no ip http secure-server
ip nat inside source static 192.168.102.201 10.194.28.23
ip nat inside source static 192.168.121.201 10.194.28.25
ip nat inside source static 192.168.106.251 10.194.28.26
ip nat inside source static 192.168.107.245 10.194.28.27
ip nat inside source static 192.168.102.251 10.194.28.28
ip nat inside source static 192.168.150.201 10.194.28.29
ip nat inside source static 192.168.107.179 10.194.28.37
ip nat inside source static 192.168.111.201 10.194.28.39
ip nat inside source static 192.168.105.201 10.194.28.40
ip nat inside source static 192.168.106.21 10.194.28.70
ip nat inside source static 192.168.107.146 10.194.28.130
ip nat inside source static 192.168.107.156 10.194.28.131
ip nat inside source static 192.168.107.161 10.194.28.132
ip nat inside source static 192.168.107.181 10.194.28.133
ip nat inside source static 192.168.107.191 10.194.28.134
ip nat inside source static 192.168.106.202 10.194.28.135
ip nat inside source static 192.168.106.212 10.194.28.136
ip nat inside source static 192.168.117.190 10.194.28.137
ip nat inside source static 192.168.117.100 10.194.28.138
ip nat inside source static 192.168.106.242 10.194.28.139
ip nat inside source static 192.168.125.100 10.194.28.140
ip nat inside source static 192.168.125.99 10.194.28.141
ip nat outside source static 10.194.28.23 10.194.28.23
ip nat outside source static 10.194.28.25 10.194.28.25
ip nat outside source static 10.194.28.26 10.194.28.26
ip nat outside source static 10.194.28.27 10.194.28.27
ip nat outside source static 10.194.28.28 10.194.28.28
ip nat outside source static 10.194.28.29 10.194.28.29
ip nat outside source static 10.194.28.37 10.194.28.37
ip nat outside source static 10.194.28.39 10.194.28.39
ip nat outside source static 10.194.28.40 10.194.28.40
ip nat outside source static 10.194.28.70 10.194.28.70
ip nat outside source static 10.194.28.130 10.194.28.130
ip nat outside source static 10.194.28.131 10.194.28.131
ip nat outside source static 10.194.28.132 10.194.28.132
ip nat outside source static 10.194.28.133 10.194.28.133
ip nat outside source static 10.194.28.134 10.194.28.134
ip nat outside source static 10.194.28.135 10.194.28.135
ip nat outside source static 10.194.28.136 10.194.28.136
ip nat outside source static 10.194.28.137 10.194.28.137
ip nat outside source static 10.194.28.138 10.194.28.138
ip nat outside source static 10.194.28.139 10.194.28.139
ip nat outside source static 10.194.28.140 10.194.28.140
ip nat outside source static 10.194.28.141 10.194.28.141
ip route 0.0.0.0 0.0.0.0 10.194.28.1
access-list 105 permit ip object-group Net_Obj_Group1 object-group Net_Obj_Group2
access-list 106 permit ip object-group Net_Obj_Group2 object-group Net_Obj_Group1
dialer-list 1 protocol ip permit
control-plane
banner login ^CC
Login banner for Plant Router #01^C
banner motd ^CC
MOTD Banner for Plant Router^C
line con 0
password XXXXXXXXX
logging synchronous
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password XXXXXXXXX
logging synchronous
login
transport input all
scheduler allocate 20000 1000
ntp server 10.199.100.92
end
Switch Config:
sh ru
Building configuration...
Current configuration : 6513 bytes
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime localtime show-timezone
service password-encryption
hostname K24Sw01
boot-start-marker
boot-end-marker
no aaa new-model
clock timezone EDT -5
clock summer-time EDT recurring
udld aggressive
crypto pki trustpoint TP-self-signed-593746944
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-593746944
revocation-check none
rsakeypair TP-self-signed-593746944
4B58BCE9 44
quit
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
interface FastEthernet0
no ip address
interface GigabitEthernet0/1
description Trunk port for vlans 105, 111, 125 and 999 from K24Sw01 port Ge0/1 to P22Sw01 port Ge0/24
switchport trunk allowed vlan 105,111,125,999
switchport mode trunk
interface GigabitEthernet0/2
description Trunk port for vlans 150 and 999 from K24Sw01 port Ge0/2 to N25Sw01 port Ge0/26
switchport trunk allowed vlan 150,999
switchport mode trunk
interface GigabitEthernet0/3
description Trunk port for vlans 102, 104, 106, 107, 117 and 999 from K24Sw01 port Ge0/3 to K28Sw01 port Ge0/26
switchport trunk allowed vlan 102,104,106,107,117,999
switchport mode trunk
interface GigabitEthernet0/4
description Trunk port for vlans 102, 106, 107 and 999 from K24Sw01 port Ge0/4 to H23Sw01 port Ge0/26
switchport trunk allowed vlan 102,106,107,999
switchport mode trunk
interface GigabitEthernet0/5
description Trunk port for vlans 121, 125 and 999 from K24Sw01 port Ge0/5 to M21Sw01 port Ge0/24
switchport trunk allowed vlan 121,125,999
switchport mode trunk
interface GigabitEthernet0/6
description OPEN
spanning-tree portfast
interface GigabitEthernet0/7
description OPEN
spanning-tree portfast
interface GigabitEthernet0/8
description OPEN
spanning-tree portfast
interface GigabitEthernet0/9
description OPEN
spanning-tree portfast
interface GigabitEthernet0/10
description VLan 102 access port
switchport access vlan 102
spanning-tree portfast
interface GigabitEthernet0/11
description - VLan 104 access port
switchport access vlan 104
spanning-tree portfast
interface GigabitEthernet0/12
description - VLan 105 access port
switchport access vlan 105
spanning-tree portfast
interface GigabitEthernet0/13
description - VLan 106 access port
switchport access vlan 106
spanning-tree portfast
interface GigabitEthernet0/14
description - VLan 107 access port
switchport access vlan 107
spanning-tree portfast
interface GigabitEthernet0/15
description - VLan 111 access port
switchport access vlan 111
spanning-tree portfast
interface GigabitEthernet0/16
description - VLan 117 access port
switchport access vlan 117
spanning-tree portfast
interface GigabitEthernet0/17
description - VLan 121 access port
switchport access vlan 121
spanning-tree portfast
interface GigabitEthernet0/18
description - VLan 125 access port
switchport access vlan 125
spanning-tree portfast
interface GigabitEthernet0/19
description - VLan 150 access port
switchport access vlan 150
spanning-tree portfast
interface GigabitEthernet0/20
description - VLan 999 access port
switchport access vlan 999
spanning-tree portfast
interface GigabitEthernet0/21
description OPEN
spanning-tree portfast
interface GigabitEthernet0/22
description OPEN
spanning-tree portfast
interface GigabitEthernet0/23
description OPEN
spanning-tree portfast
interface GigabitEthernet0/24
description From ROUTER Gw ge0/1
switchport trunk allowed vlan 102,104-107,111,117,121,125,150,999
switchport mode trunk
interface GigabitEthernet0/25
interface GigabitEthernet0/26
interface Vlan1
no ip address
no ip route-cache
shutdown
interface Vlan102
ip address 192.168.102.253 255.255.255.0
interface Vlan104
no ip address
no ip route-cache
interface Vlan105
no ip address
no ip route-cache
interface Vlan106
no ip address
no ip route-cache
interface Vlan107
no ip address
no ip route-cache
interface Vlan111
no ip address
no ip route-cache
interface Vlan117
no ip address
no ip route-cache
interface Vlan121
no ip address
no ip route-cache
interface Vlan125
no ip address
no ip route-cache
interface Vlan150
no ip address
no ip route-cache
interface Vlan999
no ip address
no ip route-cache
ip default-gateway 192.168.102.1
ip http server
ip http secure-server
snmp-server engineID local 00000009020000019634C2C0
snmp-server community public RO
snmp-server location
snmp-server contact
banner motd ^CCC ADMIN USE ONLY! ^C
line con 0
session-timeout 10
password xxxxxx
logging synchronous
login
stopbits 1
line vty 0 4
session-timeout 10
password xxxxxxx
login
line vty 5 15
session-timeout 10
password xxxxxxxx
login
ntp server 10.199.100.92
end
K24Sw01#

HI Mark,
Here is the my config:
Create sub-interfaces, set 802.1Q trunking protocol and ip address on each sub-interface
Router(config)#interface f0/0
Router(config-if)#no shutdown
(Note: The main interface f0/0 doesn’t need an IP address but it must be turned on)
Router(config)#interface f0/0.10
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
Router(config-subif)#interface f0/0.20
Router(config-subif)#encapsulation dot11 20
Router(config-subif)#ip address 192.168.20.1 255.255.255.0
(Note: In the “encapsulation dot1q 10″ command, 10 is the VLAN ID this interface operates in)
Configure VLAN
Switch(config)#vlan 10
Switch(config-vlan)#name SALES
Switch(config-vlan)#vlan 20
Switch(config-vlan)#name TECH
Set ports to access mode & assign ports to VLAN
Switch(config)#interface range fa0/1
Switch(config-if)#no shutdown
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 15
Switch(config-if)#interface range fa0/3
Switch(config-if)#no shutdown
Switch(config-if)#switchport mode access
Switch(config-if)# switchport access vlan 20
Switch(config-if)#interface range fa0/5
Switch(config-if)#no shutdown
Switch(config-if)#switchport mode trunk
1. Please check all your port are up.
2. Check the config once again.
3. Make sure the swicth and router connection port configured as trunk and it should be up.
This config is working for me,
Regards
Dont forget to rate helpful posts.

Can a Cisco 2600 router do PPTP,L2TP, and IPSec?

Similar Messages

Maybe you are looking for