CCM 4.1(3) multiply T1s, PRI, routing with CMM card

Similar Messages

• IBook cannot connect to woreless router with airport card

  The Situation
  my iBook G3 dual usb cannot connect to my wireless router. The router is using wpa and wpa2 encryption and broadcasting on 802.11b and g, on channel 12. The SSID is broadcast, but the iBook airport card cannot see it. The card CAN see other networks in my area. My iMac Mini (spec OS X 10.5.5, airport built in) is connecting to the same router and can see the SSID, so its not the aerial.
  I select 'Other...' on the airport menu to connect, and type in my network name and the WPA2 Personal password. I then get the message: 'The Wireless Network <network> does not support the requested encryption method'
  So what's the problem? And how can I fix it?

  I'm having the same problem, but having been through the threads I'm getting nowhere!
  Running a 2001 dual USB G3 Ibook. Connects fine on home network via Airport Express, but will not connect to PC/Belkin wireless network at my Dad's place. Newer macs seem to connect fine - but not my old dear.
  It detects the network OK and prompts for a WPA password, but it is not recognised.
  The router is set up for WPA/WPA2-PSK (AES encryption)
  Tried turning the security protocols off on the router - still can't connect.
  Same circular "network settings have been changed by another application" if I try and use the IBook's network / airport wizards.
  My software is fully up to date - the ethernet connection works fine with the router.
  This is driving me insane!

• Isdn pri router

  When setting up connections to my branches using my pri router do I need to make each remote routers pri interface part of the same subnet ?

  Hi
  AFAIK you better keep them on the same subnet for better control and manageability.
  If this doesnt solve your purpose do revert back with more details..
  regds

• I am trying to connect a Windows 7 / 64 bit to an Epson printer on my Mac.  The printer is hooked into the Mac via USB; the Mac is networked to a Linksys wireless router with an ethernet cable, as is the Windows box. Any tips on how to do this?

  I am trying to connect a Windows 7 / 64 bit to an Epson printer on my Mac.  The printer is hooked into the Mac via USB; the Mac is networked to a Linksys wireless router with an ethernet cable, as is the Windows box. I installed the current Bonjour printer services software on the Windows machine, and separately installed the driver software for the Epson printer on the WIndows machine.  Running the bonjour wizard, I get an alert saying 'I don't have sufficient access to my computer to connect to the selected printer'.
  The printer has 'sharing' turned on from the Mac end; this works with a Powerbook via the wireless connection.  Sharing is also turned on in the Windows printer control panel for this printer (under properties).  The Mac is a G5 running 10.5.8.  When I try to print a page from the Windows machine it gets hung in the print queue.
  Any advice how to proceed would be appreciated!
  thx,

  I am trying to connect a Windows 7 / 64 bit to an Epson printer on my Mac.  The printer is hooked into the Mac via USB; the Mac is networked to a Linksys wireless router with an ethernet cable, as is the Windows box. I installed the current Bonjour printer services software on the Windows machine, and separately installed the driver software for the Epson printer on the WIndows machine.  Running the bonjour wizard, I get an alert saying 'I don't have sufficient access to my computer to connect to the selected printer'.
  The printer has 'sharing' turned on from the Mac end; this works with a Powerbook via the wireless connection.  Sharing is also turned on in the Windows printer control panel for this printer (under properties).  The Mac is a G5 running 10.5.8.  When I try to print a page from the Windows machine it gets hung in the print queue.
  Any advice how to proceed would be appreciated!
  thx,

• My wife and i have an iPhone 5 6.1.2 firmware.. We both are having horrible wifi signals.  We have done everything we can.. What update will fix this? I get full bars on my iPad 2 through my whole house.. Be standing right beside the router with iPhone NO

  My wife and i have an iPhone 5 6.1.2 firmware.. We both are having horrible wifi signals.  We have done everything we can.. What update will fix this? I get full bars on my iPad 2 through my whole house.. Be standing right beside the router with iPhones and it cuts in and out.. Drops from 3 wifi bars to 1

  I am having the same problem with brand new Ipad Mini at my house.
  It connects to the WiFi fine - but will not pull an IP address in DHCP mode, or if I set all the IP info statically - it still will not get any network access.
  This doesn't look like a WiFi issue, as it does connect and is seen by the WiFi Access Point.  All the normal WiFi fix stuff doesn't help.
  - Using a Dlink DAP-2553 which is less than 2 months old. 
  Other devices connect fine, including Ipad 2.
  This same Mini worked fine at another house and also connected to a mobile hotspot fine....so seems to be some weird IP issue with maybe this Access Point or maybe the older Router that I have (older Netgear)?
  I am actually a network engineer and still have not been able to find a solution.  Both the Ipad Mini and the Dlink WAP have the latest firmware loaded.
  Wondering if anyone has found a solution to this problem.

• Having trouble setting up a linksys WRT54GS router with v...

  Having trouble setting up a linksys WRT54GS router with verizon DSL using a westell 6100F modem. the modem works fine by its self  but the router will not connect  to the internet when installed like the cd tells you to.
  online help and phone help has been less than helpful,  anyone have any Ideas?

  Ok I found " Installing the liksys wireless router with a westell 6100 modem" in the verizon troubleshooting guides. printed the instructions so I would'nt forget. step 1 open your web browser and enter http://192.168.1.1 in the address field.  PROBLEM it comes up with a login screen that I don't know how to sign into. tried the obvious stuff. cannot get past the login screen. I knew this sounded to easy to be true. anyone have any ideas? 

• How to extend a wifi network of third party router with TC 4th generation?

  After searching the communities for a while, I did not find a definitive answer on the following question:
  - I recently bought a 4th generation Time Capsule 2TB (MD0322/A), that I also want to use as an extension for our existing wifi network.
  - This wifi network is maintained by a Sitecom Wireless 300N XR Gigabit Router. Router is set to work over 2.4 GHz (B+G+N) because of several non-N-wifi devices in the network. The channel in use is currently 11.
  - This router provides so called WDS functionality, i.e. the ability for other wifi access points to act as a seamless extension of the basic wifi network (using the same SSID).
  - The security settings in the router are WPA2 Mixed, with a password in plain ASCII.
  - There seems to be no way to set different security levels for WDS-connections versus normal AP (access point) connections. If WDS is enabled, the security settings of the AP-mode are extended to the WDS connection.
  I have set the Sitecom router to enable WDS, and added the MAC-address of the TC in the configuration of this router.
  When configuring the Time Capsule, with Airport Utility 5.5.3, I can select the option to use TC to extend an existing network, and I can select the network of choice using the WPA personal or WPA/WPA personal security. However, the TC does not succeed in extending the network, and reports this back. If I manually configure the TC and select the network of choice, Airport Utility reports back that the selected network cannot be extended.
  I have read several times in other posts that Time Capsule can only connect to third party routers via WDS using WEP-authentication, but these posts were quite old. I was wondering if this is still the case, or that Apple has updated this functionality in newer versions of TC, and thus there could exist a trick to connect to a WDS using WPA.
  I really would appreciate suggestions
  Bram Bos

  gilles13 wrote:
  I have a mac and pc (win7) both are connected thru a network with wifi and allready two access pt.
  Airport can not be used to extend a WiFi created by a non-Apple box.
  You need to turn off the radio in the router (shut down the existing WiFi).  Purchase TWO Airport Express units.  Connect one to the router with an Ethernet cable.  Configure that one as your primary WiFi network and then use the second Express as the extender.
  You need to locate the second Express where it receives a decent WiFi signal.  Too far away and it has nothing to extend.  Too close and it doesn't buy you anything.  Before you plug in the second Express, check to see where the primary WiFi disappears completely.  My personal WAG is that you want to locate the second Express 2/3 the distance to that point.
  If you use Airport Utility to configure the units, it's a snap.  In fact, if you configure the primary first and the extender second, AU will default to exactly the settings that you want.
  By the way, I refereed to the Express because it's less expensive than the Extreme and you didn't indicate any need for the Extreme features.

• How can I set up a guest access point with a Time Capsule and an Airport Extreme? I am using a Telus router with the Time Capsule used as a wireless access point (bridge mode). I don't want the guest access point to have access to my network.

  How can I set up a guest access point with a Time Capsule and an Airport Extreme? I am using a Telus router with the Time Capsule used as a wireless access point (bridge mode). I don't want the guest access point to have access to my network.

  The Guest Network function of the Time Capsule and AirPort Extreme cannot be enabled when the device is in Bridge Mode. Unfortunately, with another router...the Telus...upstream on your network, Bridge Mode is indicated as the correct setting for all other routers on the network.
  If you can replace the Telus gateway with a simple modem (that performs no routing functions), you should be able to configure either the Time Capsule or the AirPort Extreme....whichever is connected to the modem....to provide a Guest Network.

• I recently replaced my dead airport router with a netgear91-5g router and synced it successfully to my Lexmark Pro 915 printer and my computer and yet when I try to print wirelessly I get the message: "printer not connected; printer offline".

  I recently replaced my dead airport router with a Netgear91-5g router and synced it successfully to my Lexmark Pro 915 printer and my computer; yet when I try to print wirelessly I get the message: "printer not connected; printer offline". Lexmark support verified that my printer was connected to the new router and the problem was with the computer's printer configuration and they could reconfigure it online if I paid for their "Premium Support" services ($119 for one year, 3 fixes). I declined, feeling sure that this is something I could do if I knew how. Could it be an incompatability issue with OS 10.8.3?

  You saved me $$$ that I can ill afford on my fixed income. I was very unhappy with the "support" from Lexmark... what a rip off!  Thank you dwb!

• Can you use an external antenna with the 4G LTE Router with Voice?

  I live in a black hole of cell service - very rural, in a valley surrounded by trees, no DSL, no cable, no other options except satellite internet which I did for 15 years and will never do again. My current data setup is a Pantech UML290 USB modem connected to a Cellphone-Mate full band outdoor Omni 3G/4G antenna on the roof. I just ordered an amplifier to boost the 4G LTE connection. The modem is plugged into a Cradlepoint MBR900 router, which then provides my home internet (way more than 10 devices, and mostly wired).
  Is there a way to add the antenna and amplifier setup to the broadband router with voice so I can be assured of the signal? If so, could I then use this router to feed the Cradlepoint and continue using multiple wired devices?
  I was set to order this router last night, but the CSR through chat told me that you cannot attach antenna to the router with voice - only to the one with data. This really doesn't make any sense to me, but she was firm about it. If I can attach, can I use the cables I have or will I need a different adapter?
  There is so little information about this particular router. My current setup is doing fairly well, but I would love the option to drop my landline and increase signal strength for both voice and data. With no antenna, the modem gets around -125 db, and can't connect at all. With the antenna mounted on the roof, and routed through the Cradlepoint, I consistently get -85 db. 4G LTE speeds are around 15-19 Mb/s down and very inconsistent 2.5-4.0 Mb/s up. However, the 4G drops and resets multiple times a day, so I usually sacrifice the speed to get a more stable 4.5-5 Mb/s down and 0.5 Mb/s up through forced 3G.
  Voice calls are spotty if received at all, and frequently drop immediately if there is any connection. And of course, the data limit has been a nightmare. I could potentially save some money by porting my landline to Verizon, but not if there is no way to boost the signals. The Omni antenna will boost all, but not sure if there's any way to route the existing antenna setup to feed both the voice and data sides, or if it would be enough to allow me to do this. This router also says it's 4G LTE only, but the specs on the antenna they sell say it boosts 3G for failover, so not sure if it will grab anything else. Any help or advice GREATLY appreciated! Thanks for reading through the whole thing.

  No, not directly. You would need to transfer your data from your iPad to your Mac and then back it up to an external drive.
  Pete

• Frustrated - Can't connect to router with laptop after disconnect, other devices work fine.

  I have a RevI Actiontec router with dual antennas(not sure of firmware as I am not at home). My wife can be on her laptop all day, then when I come home with my IPad, it make her lose connection to the router. The router still connects to my iPhone 4 and iPad (both with iOS 6.0.1), but she is unable to connect to router at all. Everything continues to function normally on my Apple devices, so we are still connected to the internet. I have a laptop as well, and when this is happening, both of the laptops stop connecting, but the apple devices and our Toshiba TV and BluRay players continue to function normally. As a temp fix, I disconnect internet from my iPad and restart the router. It works until we try to run both at the same time.
  I am mildly computer literate, though I know little about network setups beyond security, MAC filtering, and other slightly advanced setup stuff.
  This is really frustrating and seems to be getting worse. We used it like this in our new house for several months before this started happening.

  Also check to make sure neither of the devices are set to use a static IP address.
  If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.
  "All knowledge is worth having."

• ITunes Library set up on NetGear R6100 router with ReadyShare from USB port?

  Can the iTunes Library be set up on a NetGear R6100 router with it's NetGear ReadyShare feature. from a USB thumb drive or USB hard drive attached to the one available R6100 router's USB 2.0 port?
  I have read the Apple forum post about a similar question for the more advanced NetGear R7000 router, which says it can work there.  Unlike some of the other sibling Netgear routers that do not have ReadyShare, my R6100 does, which leads me to believe that it should work, since its the same technology (they both have a router USB port with ReadyShare). It just appears that the documentation is very limited. The other post said to format the USB drive to the Apple format (HFS+), rather than Fat32, get the Mac or Apple to see the iTunes directory located on the router's USB port.
      I'd like to know if anyone has had any luck using the ReadyShare.feature on their R6100 for sharing their iTunes library to the same iTunes account on different devices (laptop, PC, AppleTV, iPod, etc).  My Apple TV has recently acquired a problem of not being able to detect the iTunes library on my PC, aftert a recent iTunes update, but that's another problem that the forums show a lot of people having.  So I figured that since my R6100 router has the ability to share media over the network, I would try to move my iTunes library there, hopefully to make it easier to access by my Apple TV, and make it unnecessary to have my PC running when I watch my purchased iTunes movies, that are stored in that library.  Interestingly, my movie and TV show files are stored in my iTunes Music folder under the "Movies" and "TV Shows" subdirectories (folders). The way it is set up now, if I'm watching a HD movie purchased from iTunes with my Apple TV, the movie stops playing as soon as my PC is shut down, which confirms to me that the large movie files are being pulled from there to my Apple TV. 

  Oh groan, not another conspiracy theory.  No, it's a lot more likely Apple and Netgear and the dozens of other manufacturers haven't gotten together with the thousands users who have come up with hundreds of thousands of ways of rigging things up and tested each and every one of them.  I am confident if Apple were out to mess things up for you they could have come up with something a lot more devious.
  Did you do a web search for this?  With a Google search specifying Netgear with this error I found:
  ReadySHARE USB Hard drive access issue from a Mac Computer (Time Machine or iTunes not working properly)
  - Able to see USB hard drive content but unable to write to USB hard drive connected to router's Readyshare port from Mac computer.
  - Error that says  "The iTunes application could not be opened. Unknown error 13008"
  http://kb.netgear.com/app/answers/detail/a_id/22763/~/readyshare-usb-hard-drive- access-issue-from-a-mac-computer-%28time-machine-or
  In fact it is almost certain that it is an issue of that particular model router and the drive formats it can use.

• Wireless Router with USB + External Hard Drive = Time Capsule?

  So I bought a TP-Link WR710N wireless router http://www.tp-link.com/en/products/details/?model=TL-WR710N which seems to support external storage in its USB port. I tried with various storage media and it kinda works. The bad thing is that it only sees NTFS drives. I tried an external hard drive formated for Windows and a USB stick, also formated for Windows and it discovered them. But when I tried my external hard drive which is formatted as Mac OS Extended (Journaled), which I was using for Time Machine, it couldn't see it. Neither the TP-Link software, nor the Time Machine software.
  Is there any way I could use this router with this hard drive for wireless backing up with Time Machine NOT buying extra equipment (NAS, AirPort Extreme or Time Capsule) ?
  Thanks.

  m3adi3c wrote:
  Is there any way I could use this router with this hard drive for wireless backing up with Time Machine NOT buying extra equipment (NAS, AirPort Extreme or Time Capsule) ?
  Thanks.
  No
  Take it back and get a Time Capsule or keep it and buy a regular external drive and connect it to the Mac directly.

• How To Use Your Own Router with Out Loosing Verizon's FIOS Services

  How to use your own router with Verizon’s FIOS Service
  First, you need a basic understanding of how FIOS works but unfortunately there are two types of FIOS systems out there. All of the systems utilize a fiber optic cable to bring TV, phone and internet to your location over one optic cable. In addition these systems provide interactivity including widgets, remote DVR, movies on demand and so forth via an IP (Internet Protocol) signal.  Your STB (Set Tip Box) requires both a video and IP signal. The IP signal is necessary for all of the aforementioned interactivity.  The fiber cable terminates at the Optical Network Terminal or ONT for short.  The ONT converts the optics into a digital signal that can be utilized by ones equipment.  From the ONT your video, phone and internet are provided to the location.  This is where things can differ as the internet signal can be provided via a coaxial (MoCA or Multimedia over Coax Alliance) or RJ45 Cat5 (Ethernet) cable.  It is important to identify and understand the differences of these two setups.  In my case I have my internet entering via Ethernet cable, which in my humble opinion makes things a heck of a lot easier.
  How does one tell the difference? In most cases it’s rather simple; just look at the Verizon’s router WAN (Wide Area Network) Port.  Does it have a RJ45 (Ethernet) or Coax (TV cable Cord) going to it? If the router’s WAN port doesn’t have a coaxial connector then one will need to convert the MoCA signal into a usable Ethernet signal that routers understand. The easiest way is to use Verizon’s router as a bridge. In this method the Verizon’s router simply converts the signal and passes it along to your own router. The challenge is to try to maintain the interactivity that FIOS TV provides. Because of this one needs to supply the IP routed signal back to the FIOS router.  There are multiple methods for doing this and I would recommend investigates which one make the most sense.   
  In my particular case the IP signal was provided by Ethernet.  Again there are various ways of installing one’s own router. The hardest is to utilize Verizon’s router as a bridge.  This setup requires configuring Verizon’s router as a bridge and also creating a VLAN (Virtual Local Area Networks). In addition one needs to set up their own router so it will work with the various routing tables and networks. For me this is too complex for the average person and it can be difficult to trouble shoot if something goes wrong. Please consider that Verizon will not support utilizing third party routers.   
  The easier method is to request an Ethernet signal (if you don’t already have one) from their ONT.  I would highly recommend getting your hands on a NIM or Network Interface Module. This device is used to convert Ethernet to Coaxial so it can be fed back to your STBs.  These can be purchased online and Verizon technicians can be a valuable resource with these sorts of acquisition.  At the very least they can point you to the right direction.  Once you have a NIM the rest is rather simple.
  Log into the current Verizon Router.
  Located the router’s MAC address and copy it down.
  Go to the port forwarding section and copy down the Applied Rules. 
  Example:  
  Network Computer/Device: 192.168.1.100:63145
  Application & Ports Forward:  Application UDP Any -> 6347  
  Note: There may be up to three entries for each one of your Set Top Boxes.
  Look at your current device list, typically found on the home screen. Copy down your STB MAC and IP address.
  Example:
  IP-STB1
  Connection Type: Ethernet
  * IP Address: 192.168.1.100
  IP Address Allocation: DHCP
  *MAC Address:                07:73:fFe:ad:8b:3f
  * Things you will need to write down
  Go to the network section and look for the main Ethernet connection.  Select this and then select more setting, typically found at the bottom. Release the current lease.
  Remove the Verizon router
  Install your router
  Connect the NIM by plugging in an Ethernet from one of the routers LAN (Local Area Network) ports to your NIM. Then connect the coax cable, the same cable that was used by Verizon router.
  Set you DHCP routing IP pool to accommodate Verizon’s STB IP’s  (note their IP’s start at 192.168.1.100)
  Go to DHCP section and reserve the STB IP’s by inserting the IP’s and MAC addresses. This shall ensure that nothing else utilizes the same IPs as the STBs thereby preventing IP address conflict.  
  Add the port forwards from Step 5 above.
  Clone Verizon’s Mac Address utilizing the info from step 2
  Finish setting up the router in typical fashion.
  Unplug and re-plugin your STB’s and test functionality.  It’s best to try using a widget or Movie on demand function.
  Note: if the new router can net get an internet signal contact Verizon’s support and have them release the IP and reset the ONT.  
  EVERYTHING should be working at this point.

   3 Go to the port forwarding section and copy down the Applied Rules. 
  Example:  
  Network Computer/Device: 192.168.1.100:63145
  Application & Ports Forward:  Application UDP Any -> 6347  
  Note: There may be up to three entries for each one of your Set Top Boxes.G
  Your display obviously is not like mine as mine does not dosplay the port associated with the ip address
  whatever, the STB's start at 192.168.1.100 and icement by 1 for each
  the port addr's will be 63145 alo incrementing by 1
  there is 1 entry for each in my pf list
  however each ip addr also has a port entry starting at 35000 also incrementing by 1 for each ip addr
  For some unknow reason these are duplicated e.g I appear to have 11 entries exaactly the same for each stb and as the fios services rules have no action switc there is nowhere to delete the extraneous garbage.
  Why do you clone the mac addr??

• RA VPN into ASA5505 behind C871 Router with one public IP address

  Hello,
  I have a network like below for testing remote access VPN to ASA5505 behind C871 router with one public IP address.
  PC1 (with VPN client)----Internet-----Modem----C871------ASA5505------PC2
  The  public IP address is assigned to the outside interface of the C871. The  C871 forwards incoming traffic UDP 500, 4500, and esp to the outside  interface of the ASA that has a private IP address. The PC1 can  establish a secure tunnel to the ASA. However, it is not able to ping or  access PC2. PC2 is also not able to ping PC1. The PC1 encrypts packets  to PC2 but the ASA does not to PC1. Maybe a NAT problem? I understand  removing C871 and just use ASA makes VPN much simpler and easier, but I  like to understand why it is not working with the current setup and  learn how to troubleshoot and fix it. Here's the running config for the C871 and ASA. Thanks in advance for your help!C871:
  version 15.0
  no service pad
  service timestamps debug datetime msec localtime
  service timestamps log datetime msec localtime
  service password-encryption
  hostname router
  boot-start-marker
  boot-end-marker
  enable password 7 xxxx
  aaa new-model
  aaa session-id common
  clock timezone UTC -8
  clock summer-time PDT recurring
  dot11 syslog
  ip source-route
  ip dhcp excluded-address 192.168.2.1
  ip dhcp excluded-address 192.168.2.2
  ip dhcp pool dhcp-vlan2
     network 192.168.2.0 255.255.255.0
     default-router 192.168.2.1
  ip cef
  ip domain name xxxx.local
  no ipv6 cef
  multilink bundle-name authenticated
  password encryption aes
  username xxxx password 7 xxxx
  ip ssh version 2
  interface FastEthernet0
  switchport mode trunk
  interface FastEthernet1
  interface FastEthernet2
  interface FastEthernet3
  interface FastEthernet4
  description WAN Interface
  ip address 1.1.1.2 255.255.255.252
  ip access-group wna-in in
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip nat outside
  ip virtual-reassembly
  duplex auto
  speed auto
  no cdp enable
  interface Vlan1
  no ip address
  interface Vlan2
  description LAN-192.168.2
  ip address 192.168.2.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly
  interface Vlan10
  description router-asa
  ip address 10.10.10.1 255.255.255.252
  ip nat inside
  ip virtual-reassembly
  ip forward-protocol nd
  no ip http server
  no ip http secure-server
  ip nat inside source list nat-pat interface FastEthernet4 overload
  ip nat inside source static 10.10.10.1 interface FastEthernet4
  ip nat inside source static udp 10.10.10.2 500 interface FastEthernet4 500
  ip nat inside source static udp 10.10.10.2 4500 interface FastEthernet4 4500
  ip nat inside source static esp 10.10.10.2 interface FastEthernet4
  ip route 0.0.0.0 0.0.0.0 1.1.1.1
  ip route 10.10.10.0 255.255.255.252 10.10.10.2
  ip route 192.168.2.0 255.255.255.0 10.10.10.2
  ip access-list standard ssh
  permit 0.0.0.0 255.255.255.0 log
  permit any log
  ip access-list extended nat-pat
  deny   ip 192.168.2.0 0.0.0.255 192.168.100.0 0.0.0.255
  permit ip 192.168.2.0 0.0.0.255 any
  ip access-list extended wan-in
  deny   ip 192.168.0.0 0.0.255.255 any
  deny   ip 172.16.0.0 0.15.255.255 any
  deny   ip 10.0.0.0 0.255.255.255 any
  deny   ip 127.0.0.0 0.255.255.255 any
  deny   ip 169.255.0.0 0.0.255.255 any
  deny   ip 255.0.0.0 0.255.255.255 any
  deny   ip 224.0.0.0 31.255.255.255 any
  deny   ip host 0.0.0.0 any
  deny   icmp any any fragments log
  permit tcp any any established
  permit icmp any any net-unreachable
  permit udp any any eq isakmp
  permit udp any any eq non500-isakmp
  permit esp any any
  permit icmp any any host-unreachable
  permit icmp any any port-unreachable
  permit icmp any any packet-too-big
  permit icmp any any administratively-prohibited
  permit icmp any any source-quench
  permit icmp any any ttl-exceeded
  permit icmp any any echo-reply
  deny   ip any any log
  control-plane
  line con 0
  exec-timeout 0 0
  logging synchronous
  no modem enable
  line aux 0
  line vty 0 4
  access-class ssh in
  exec-timeout 5 0
  logging synchronous
  transport input ssh
  scheduler max-task-time 5000
  end
  ASA:
  ASA Version 9.1(2)
  hostname asa
  domain-name xxxx.local
  enable password xxxx encrypted
  xlate per-session deny tcp any4 any4
  xlate per-session deny tcp any4 any6
  xlate per-session deny tcp any6 any4
  xlate per-session deny tcp any6 any6
  xlate per-session deny udp any4 any4 eq domain
  xlate per-session deny udp any4 any6 eq domain
  xlate per-session deny udp any6 any4 eq domain
  xlate per-session deny udp any6 any6 eq domain
  passwd xxxx encrypted
  names
  ip local pool vpn-pool 192.168.100.10-192.168.100.35 mask 255.255.255.0
  interface Ethernet0/0
  switchport trunk allowed vlan 2,10
  switchport mode trunk
  interface Ethernet0/1
  switchport access vlan 2
  interface Ethernet0/2
  shutdown
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  shutdown
  interface Vlan1
  no nameif
  no security-level
  no ip address
  interface Vlan2
  nameif inside
  security-level 100
  ip address 192.168.2.2 255.255.255.0
  interface Vlan10
  nameif outside
  security-level 0
  ip address 10.10.10.2 255.255.255.252
  ftp mode passive
  clock timezone UTC -8
  clock summer-time PDT recurring
  dns server-group DefaultDNS
  domain-name xxxx.local
  object network vlan2-mapped
  subnet 192.168.2.0 255.255.255.0
  object network vlan2-real
  subnet 192.168.2.0 255.255.255.0
  object network vpn-192.168.100.0
  subnet 192.168.100.0 255.255.255.224
  object network lan-192.168.2.0
  subnet 192.168.2.0 255.255.255.0
  access-list no-nat-in extended permit ip 192.168.2.0 255.255.255.0 192.168.100.0 255.255.255.0
  access-list vpn-split extended permit ip 192.168.2.0 255.255.255.0 any
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  nat (inside,outside) source static lan-192.168.2.0 lan-192.168.2.0 destination static vpn-192.168.100.0 vpn-192.168.100.0 no-proxy-arp route-lookup
  object network vlan2-real
  nat (inside,outside) static vlan2-mapped
  route outside 0.0.0.0 0.0.0.0 10.10.10.1 1
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  aaa authentication ssh console LOCAL
  aaa authentication http console LOCAL
  http server enable
  http 192.168.2.0 255.255.255.0 inside
  http 10.10.10.1 255.255.255.255 outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec security-association pmtu-aging infinite
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-256-SHA
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set reverse-route
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ca trustpool policy
  crypto ikev1 enable outside
  crypto ikev1 policy 30
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh 192.168.2.0 255.255.255.0 inside
  ssh 10.10.10.1 255.255.255.255 outside
  ssh timeout 20
  ssh version 2
  ssh key-exchange group dh-group1-sha1
  console timeout 0
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  anyconnect-essentials
  group-policy vpn internal
  group-policy vpn attributes
  dns-server value 8.8.8.8 8.8.4.4
  vpn-tunnel-protocol ikev1
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value vpn-split
  default-domain value xxxx.local
  username xxxx password xxxx encrypted privilege 15
  tunnel-group vpn type remote-access
  tunnel-group vpn general-attributes
  address-pool vpn-pool
  default-group-policy vpn
  tunnel-group vpn ipsec-attributes
  ikev1 pre-shared-key xxxx
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect ip-options
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny 
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip 
    inspect xdmcp
    inspect icmp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:40c05c90210242a42b7dbfe9bda79ce2
  : end

  Hi,
  I think, that you want control all outbound traffic from the LAN to the outside by ASA.
  I suggest some modifications as shown below.
  C871:
  interface Vlan2
  description LAN-192.168.2
  ip address 192.168.2.2 255.255.255.0
  no ip nat inside
  no ip proxy-arp
  ip virtual-reassembly
  ip access-list extended nat-pat
  no deny ip 192.168.2.0 0.0.0.255 192.168.100.0 0.0.0.255
  no permit ip 192.168.2.0 0.0.0.255 any
  deny ip 192.168.2.0 0.0.0.255 any
  permit ip 10.10.10.0 0.0.0.255 any
  ASA 5505:
  interface Vlan2
  nameif inside
  security-level 100
  ip address 192.168.2.1 255.255.255.0
  Try them out and response.
  Best regards,
  MB