Can't telnet on WAN interface, ping is ok

Similar Messages

• Can only telnet from other switches to a SG300 switch. Also can't access web interface.

  For whatever reason I can telnet from another switch to the SG300 switch but not directly to the switch. I also can't access the web interface or ping the switch. Any help would be appreciated. Here is the running config
  config-file-header
  WasteWaterSG30010MPP
  v1.3.5.58 / R750_NIK_1_35_647_358
  CLI v1.0
  set system mode switch
  file SSD indicator encrypted
  ssd-control-start
  ssd config
  ssd file passphrase control unrestricted
  no ssd file integrity control
  ssd-control-end xxxxxxxxxxxxxxxxxxxxxxxx
  vlan database
  default-vlan vlan 2
  exit
  vlan database
  vlan 2,75,200,999
  exit
  voice vlan id 200
  voice vlan oui-table add  ________
  voice vlan oui-table add _phone_____________
  voice vlan oui-table add ___________________
  voice vlan oui-table add ______________
  voice vlan oui-table add
  voice vlan oui-table add ___________
  voice vlan oui-table add ___
  voice vlan oui-table add ______________
  hostname WasteWaterSG30010MPP
  line console
  exec-timeout 0
  exit
  line telnet
  password 382fda4a4a26e6637edac0eb8b8ba4581087d32d encrypted
  exit
  line console
  password 382fda4a4a26e6637edac0eb8b8ba4581087d32d encrypted
  exit
  enable password level 15 encrypted 382fda4a4a26e6637edac0eb8b8ba4581087d32d
  username admin password encrypted 382fda4a4a26e6637edac0eb8b8ba4581087d32d privi
  lege 15
  snmp-server location XXXXXXXX
  snmp-server community String1 ro view Default
  sntp server 172.16.2.1
  ip telnet server
  interface vlan 2
   ip address 172.16.2.23 255.255.255.0
   no ip address dhcp
  interface gigabitethernet1
   storm-control broadcast enable
   storm-control broadcast level 10
   storm-control include-multicast
   port security max 10
   port security mode max-addresses
   port security discard trap 60
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
   macro description ip_phone_desktop
   !next command is internal.
   macro auto smartport dynamic_type unknown
  interface gigabitethernet2
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet3
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet4
   storm-control broadcast enable
   storm-control broadcast level 10
   storm-control include-multicast
   port security max 10
   port security mode max-addresses
   port security discard trap 60
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
   macro description ip_phone_desktop
   !next command is internal.
   macro auto smartport dynamic_type unknown
  interface gigabitethernet5
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet6
   spanning-tree portfast
   switchport mode access
  interface gigabitethernet7
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet8
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet9
   spanning-tree link-type point-to-point
   switchport trunk allowed vlan add 75,200,999
   switchport trunk native vlan 2
   macro description switch
   !next command is internal.
   macro auto smartport dynamic_type switch
  interface gigabitethernet10
   spanning-tree link-type point-to-point
   switchport trunk allowed vlan add 75,200,999
   switchport trunk native vlan 2
   macro description switch
   !next command is internal.
   macro auto smartport dynamic_type switch
  exit

  A member of which VLAN ID is that device from which you trying to reach that switch?
  Is that device directly connected to switch WasteWaterSG30010MPP? If yes, to which port?
  If you are connecting from different VLAN than VLAN2, are you using routing between VLANs? Where is that routing device connected to?
  > I also have another switch that connects to the network through this switch and am able to telnet to it.
  that second switch member of same VLAN 2? Or management is part of different VLAN?
  ..too few information to be able to give you final answer.

• HH3::Enable ping response on WAN interface- there ...

  HH3::Enable ping response on WAN interface- there must be an easier way!!
  only way I've managed to get this working is to connect an old Buffalo Airstation via Ethernet, enable Ping response on its WAN interface and then assign the Buffalos WAN IP to the DMZ in the HH3
  DISCLAIMER: although I work in the industry I do not work for BT and any opinions given are purely my own.

  Apple's website is acting up.
  Open AirPort Utility on your Mac
  Click on the Time Capsule icon, then click Edit
  Click the Base Station tab at the top of the window
  Enter a check mark in the box next to Allow Setup over WAN
  Click Update
  If you do not see this option, the Time Capsule is not acting as the router for the network....another device is performing routing duties.

• Cisco RV180 VLAN tagging WAN interface

  Is there by any chance in the future firmware update that this product (RV180) will be able to support VLAN tagging on WAN interface like the Cisco's RV315W router? ISP in Singapore (Singtel) and Malaysia(Unifi) (http://klseet.com/index.php/mikrotik/mikrotik-rb750-750g/setup-for-unifi) requires certain type of vlan tagging on the WAN interface for it to work. 
  Is there any workaround to this?

  I tried with only two vlans and set the DHCP active only for the office "vlan2". Computers receive the correct ip but some of them won't register on the network, i tried to set the ip manualy on the computers but that computer will still be isolated.
  Ex: computer A receives ip 192.168.10.25, Subnet 255.255.255.0, Gateway 192.168.10.1, for 2-3 minutes i can access the router on 192.168.10.1 and the internet, after a random time interval the gateway won't even respond to ping.It's not from firewall related issues as i set to accept all both incoming and outgoing. If i set a manual ip corresponding to vlan1 "default" everything works.It's like that computer is isolated so i believe it has to do with the asignment of Tagged, untagged and Excluded settings on the vlans.

• Multiple DMVPN Instances on Same WAN Interface

  Hi Folks,
  Is it possible to run Multiple DMVPN Instances on a single WAN Interface ? Can we for example configure 3 Tunnels on a Router using one same WAN Interface but running separate EIGRP Instances for each Tunnel ? Kindly let me know , Alioune

  Hi Alioune,
  Yes you can create DMVPN as you said with one WAN interface that is possible..... you can have multiple tunnel interfaces pointed to a WAN interface as the source interface which resides in public zone..... with different public ip's as the destination tunnel...
  interface Tunnel1
  description ** A-VPN Tunnel **
  bandwidth 100000
  ip vrf forwarding red
  ip address 10.0.252.2 255.255.255.252
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip mtu 1500
  load-interval 60
  tunnel source GigabitEthernet0/0 (WAN Interface)
  tunnel destination  1.1.1.1
  tunnel protection ipsec profile dmvpn
  interface Tunnel1
  description ** B-VPN Tunnel **
  bandwidth 100000
  ip vrf forwarding red
  ip address 10.0.252.5 255.255.255.252
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip mtu 1500
  load-interval 60
  tunnel source GigabitEthernet0/0 (WAN Interface)
  tunnel destination  2.1.1.1
  tunnel protection ipsec profile dmvpn
  like the above..... shown sample...
  Please rate if the given information helps!!!

• Can't configure both WAN ports on 1811 with SDM

  Hi,
  We recently procured an 1811 router to replace a SOHO linksys at a store we service. We needed redundant WAN interfaces to use the DSL as a backup to the main cable connection, and a Linksys RV082, while doing the job when it actually worked, died repeatedly. We decided after looking at the 1811's feature set to just get the Cisco and be done with it and not monkey with SOHO gear anymore.
  Where I'm having difficulty is SDM won't let me configure both WAN interfaces from the GUI, it only allows me to configure one. I have it configured, and the router is working nicely in the test lab but I need to get that other interface configured and failover enabled before I can put this thing into production.
  What am I doing wrong? Do I need to suck it up and learn IOS?
  Thanks,
  Todd Phipps
  Certco, Inc.

  I ended up figuring out the IOS commands to enable one fastethernet port as a primary and the other one as a backup (running both cable and DSL for redundancy; it's a grocery store that runs electronic transactions over IP so 100% availability is a must).
  The trouble I was running into in SDM is that while it would allow me to configure one WAN port through the GUI, the config options for the second one were grayed out. Now that both are configured through IOS the edit buttons for both WAN interfaces appear normally in SDM. It's almost as if Cisco didn't want users to be able to configure both interfaces graphically for initial setup.
  Now just to test it at the site before the store opens to see if the failover works...
  Todd

• Advice on constructi​ng a test engine and formatting a spreadshee​t test file to perform command line interface testing on a product through telnet or serial interface

  Advice on constructing a test engine and formatting a spreadsheet test file to perform command line interface testing on a range of products through telnet or serial interface and output pass/fail results.

  Hello j. smith,
  TestStand gives you the ability to create "sequence files" which are lists of tests to be run sequentially or in parallel. These tests can be written in any language: LabVIEW VIs, C/C++ DLLs, EXEs, ActiveX objects, .NET Assemblies, etc.
  You can run your TestStand sequence files from a command-line prompt using the following syntax:
  \bin\SeqEdit.exe" /quit -run
  This will launch the TestStand Sequence Editor (and optionally prompt you for TestStand login information if you have this configured), run your sequence file, then exit.
  If you're using the TestStand process model, it can output your results to a report file or database if you configure this. To use a TestStand process mo
  del to execute your sequence file, use the following syntax:
  \bin\SeqEdit.exe" /quit -runEntryPoint
  Here's an example:
  C:\>"C:\Program Files\National Instruments\TestStand 3.0\bin\SeqEdit.exe" /quit -runEntryPoint "Single Pass" "C:\Program Files\National Instruments\TestStand 3.0\Examples\Demo\C\computer.seq"
  Note that multiple sequences and sequence files can be specified on the command line.
  TestStand supports remote sequence execution using DCOM (Distributed COM), which is an east way to remotely execute tests. But as for running tests or commands through a telnet or serial interface, you would have need to check Windows documentation on how to execute command-line remotely like this.
  David Mc.
  NI Applications Engineer

• Add Additional IP Addresses to WAN Interface on SRP527W

  Hi,
  Can anyone tell me how to add an additional IP addresses to the WAN interface on a SRP527W.
  We are connecting to an ISP which assigns us a static IP address with our ADSL account. We also have another 2 additional WAN IP addresses that we have purchased from out ISP and wish to add them as Aliases to the WAN interface and use for other services. I would also like to use those additional IP addresses to create port forwards to our internal network.
  I cannot find how to do this in the manual any where and any help would be much appreciated.
  Regards
  Craig

  Hi Craig,
  Unfortunately, this is not possible with the SRP520.
  [For others reading this thread, this is possible with the SRP540]
  Regards,
  Andy

• RV120W WAN interface doesn't automatically re-enable after WAN connection is restored

  I found that RV120W WAN interface doesn't automatically re-enable after a cable pull and re-plug.  I have to go into the Status->System Summary and click the "Enable" button.  Is this normal on this router?  Can I prevent that from happening? I would hope this is NOT normal as this would mean that I would have to be on-site and login to the web interface to re-enable it after a power failure or WAN link loss.

  Tekliu,
  Thanks for the response. But, as I mentioned in my prior post, this is, unfortunately, the designed behavior for this device, at least with a static IP and no ISP login. Cisco Small Business Customer Support was clear on this and didn't even open a ticket. I asked that they submit a feature request to change this behavior in a future release. Of course, they couldn't make any promises.
  One possible source of confusion is the different circumstances that can occur. In my testing, the interface does come back up automatically on a soft reboot. It also comes back up automatically if both the RV120W and the upstream (WAN) device are power cycled together. I believe this is because the upstream device comes up much faster and is up before the RV120W. The case we are talking about is when the upstream device is cycled or the cable is pulled while the RV120W stays up. In this case, the WAN port remains disabled until you manually select the button on the status page.
  Thanks again for following up on this.

• DHCP disable on WAN interface

  Hello,
  I have a cisco router 1721, IOS 12.4(25a)
  I enabled dhcp server for my local LAN, and I setup my WAN interface as dhcp interface.
  My ISP told me that my router is acting as dhcp server on WAN interface...and is not good for them. Can I stop my cisco router from sending dhcp offers on WAN interface, but send dhcp offers for my local LAN ?
  ip dhcp pool LOCAL
     import all
     network 192.168.1.0 255.255.255.0
     dns-server 193.x.x.x
     default-router 192.168.1.222
     domain-name appt.ro
     lease infinite
  ip dhcp pool host1
     host 192.168.1.11 255.255.255.0
     client-identifier 0100.0ee8.e23d.94
  interface FastEthernet0
  mac-address 0019.66b3.d689
  ip address dhcp
  ip nat outside
  ip virtual-reassembly
  speed auto
  full-duplex
  FastEthernet0 is my WAN interface.
  Thanks!

  I imagine that clients on the WAN side are sending requests with a GIADDR field that matches your DHCP pool's scope.  In that case, the router would handout an address.  You could add an ACL to the WAN interface to block incoming udp/68 packets:
  access-list 101 deny udp any any eq 68access-list 101 permit ip any any!interface FastEthernet0 ip access-group 101 in
  That should prevent the router from seeing the client requests while still being able to get server responses.

• Can not access ASAs inside interface via VPN tunnels

  Hi there,
  I have a funny problem.
  I build up a hub and spoke VPN, with RAS Client VPN access for the central location.
  All tunnels and the RAS VPN access are working fine.
  I use the tunnels for Voip, terminal server access and a few other services.
  The only problem I have is, that I could not access the inside IP address of any of my ASAs, neither via tunnels nor via RAS VPN access. No telnet access and no ping reach the inside interfaces.
  No problem when I connect to the interface via a host inside the network.
  All telnet statments in the config are ending with the INSIDE command.
  On most of the ASAs the 8.2 IOS is running on one or two ASAs the 8.0(4).
  For the RAS client access I use the Cisco 5.1 VPN client.
  Did anybody have any suggestions?
  Regards
  Marcel

  Marcel,
  Simply add on the asas you want to administer through the tunnels
  management-access
  http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2027985
  for asa5505
  management-access inside
  for all others if you have management interface management0/0 defined then:
  management-access management
  then you may need to allow the source , for example if RA VPN pool network is 10.20.20.0/24 then you tell asa that network cann administer asa and point access to inside, but sounds you have this part already.
  telnet 10.20.20.0 255.255.255.0 inside
  http 10.20.20.0 255.255.255.0 inside
  same principle for l2l vpns
  Regards

• Waas Expresss need to be supported on 2 Wan Interfaces

  Dear Team,
  We have 1941 Router on our branch side currently its not supporting to enable the WAAS on our two wan interfaces.
  Current Image: 15.1
  Planning to upgrade to 15.2
  My current IOS is  c1900-universalk9-mz.SPA.151-4.M3.bin and Kindly suggest whether c1900-universalk9-mz.SPA.152-4.M1.bin image will support to enable the waas on 2 wan interfaces?
  Thanks in advance
  Regards,
  Ranjith

  Hi,
  We can enable Waasfeture on 2 two interfaces in 15.2 3T cisco ios.
  Regards,
  Ranjith

• RV180 DHCP IPv4 client working on WAN interface?

  Hi,
  Does the Cisco RV180 firewall/router support DHCP client on the WAN interface? This is specifically mentioned on the DHCPv6 client, however, it is not mentioned for the IPv4 client. I'd like to set it up using my cable modem in bridged mode connecting it to the WAN interface on the RV180? So I'd get the IP address from my ISP.
  Thanks,
  Niels
  Sent from Cisco Technical Support iPad App

  Hello Niels,
  The RV180W certainly can pick up a DHCP address from your ISP on the WAN interface, through a bridged modem. In fact, this is the default configuration. Of course, you can also change your connection type to a static IP address or PPPoE connection profile (DSL).
  All of our Small Business routers are definately capable of this confiugartion. Personally, I currently use a RV180W with a cable connection. The RV180W picked up the public IP address from my ISP just fine.
  All the best,
  -David Aguilar
  Cisco Small Business Support Center
  1-866-606-1866

• Does the RV042 have IP Aliases for WAN interface?

  Hi All
  We have a Small Business RV042 router, and have many Internet servers in our Internal and DMZ networks behind the router.
  In our old GTA firewall, we were able to add IP aliases to our external (WAN) interface.   That is, our WAN interface can have many IP addresses besides the main IP address, e.g., 209.118.52.226, 209.118.52.227, 209.118.52.228, 209.118.52.229, etc. 
  209.118.52.226 is the main IP for the WAN interface.
  209.118.52.227 is for our web server 1, e.g., www.example.com
  209.118.52.228 is for our web server 2, e.g.  support.example.com
  209.118.52.229 is for our sftp server, e.g. sftp.example.com
  And then we create 'tunnels' to forward incoming traffic for 209.118.52.227 to our www.example.com residing in our DMZ or Internal network, etc.
  Now, is this possible with the RV042 router?    The only thing we found in RV042 is Forwarding (port range forward) but that does allow us to have IP aliases for the WAN interface.   It seems that we can only route service defined traffic or port defined traffic meant for only 1 WAN IP to our internal servers behind the router.
  Actually, we had bought the RVS4000 earlier and then upgraded to the RV042 hoping that it will have what we want.
  If the RV042 does not have IP alias for WAN interface, what is the lowest Cisco router model that has it?
  Thank you very much in anticipation.
  cmgui

  Thank you tekliu
  Yes, 1-to-NAT can do most of what we want.   But it is not able to direct only certain port traffic from the external WAN IP to the internal LAN IP?   
  For example, if we create a 1-to-1 NAT 192.168.41.50 =>
  209.118.52.227, it basically opens all the traffic allowed in the Firewall to go from
  209.118.52.227  to  192.168.168.41.50.  
  If we only want to allow say https, ie. tcp port 443, traffic to go from
  209.118.52.227  to  192.168.41.50, it is not possible.  Or is it? 

• How can I have an english interface to labview if the package is in german

  Hi ,
  I'm a student that makes a project in Germany using labview ... the problem is that my german is not that good , and the labview is in german so here is my question :
  how can I have an  english interface to labview if the package is in german (labview 7 )
  Any help would be apprecieted.

  The only way to really have everything in English is to install an English version of LabVIEW.  You may want to talk to your local NI sales representative about the possibility of getting a different version.
  Doug M
  Applications Engineer
  National Instruments
  For those unfamiliar with NBC's The Office, my icon is NOT a picture of me