Cisco 857 setup
This post needs to go across a few forums but I will start here first.
I have an 857W router which I want to replace my home ADSL router with.
I can setup the ADSL / routing no problem but I am struggling to find a good resource on setting up the wireless.
Can anyone guide me to some basic setup guides to securing the wireless on this box.
Thanks
You can find some good all round examples:-
http://www.cisco.com/en/US/docs/routers/access/800/850/software/configuration/guide/enetintr.html
Similar Messages
-
I am loosing configuration when I power off my Cisco 857 router
I bought new Cisco 857 router from the shop. Router must have been used before as I couln't go in with default username/password cisco/cisco.
Well I followed instruciton and reset password to username and password. Now I finally connected to the Cisco CP express over my IE browser.
I found out that somebody was using a router from the shop so this is why I coun't log to it in the first place. Anyway problem is that when I changed configuration and applied settings it remembers it until I power it off. When I power it on again it remembers all settings from that shop.
It reverts everything back: IP address, previous level 15 account and password - everything like after password reset.
I tried it again and it again lost settings. So I found following instruction:
http://www.cisco.com/en/US/products/hw/routers/ps233/products_tech_note09186a00800a65a5.shtml
I followed it and changed again all settings on the router. My settings are again lost after power off/on. I noticed that when I do first bit it does show
0x2102 not 0x2142 like they think that is password reset mode.
Here is my output from Hyper Terminal:
=============================
Cisco#enableCisco#show startUsing 3359 out of 131072 bytes!version 12.4no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Cisco!boot-start-markerboot-end-marker!logging buffered 51200 warningsenable secret 5 $1$hpKF$Rc1tl6r45J8iHG7EN5jSk.!no aaa new-model!crypto pki trustpoint TP-self-signed-3185909327 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3185909327 revocation-check none rsakeypair TP-self-signed-3185909327!!crypto pki certificate chain TP-self-signed-3185909327 certificate self-signed 01 nvram:IOS-Self-Sig#5.cerdot11 syslogno ip dhcp use vrf connectedip dhcp excluded-address 10.10.10.1!ip dhcp pool ccp-pool import all network 10.10.10.0 255.255.255.248 default-router 10.10.10.1 lease 0 2!!ip cefno ip domain lookupip domain name molinary.com!!!username admin privilege 15 secret 5 $1$jD3j$r6ROikgGsIlcMTGjkxFQ6.username username privilege 15 password 0 password!!archive log config hidekeys!!!!!interface ATM0 no ip address shutdown no atm ilmi-keepalive dsl operating-mode auto!interface ATM0.1 point-to-point description $ES_WAN$ ip nat outside ip virtual-reassembly pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 !!interface FastEthernet0!interface FastEthernet1!interface FastEthernet2!interface FastEthernet3!interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$ ip address 10.10.10.1 255.255.255.248 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452!interface Dialer0 ip address dhcp encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap pap callin ppp chap hostname [email protected] ppp chap password 0 netgear01 ppp pap sent-username [email protected] password 0 netgear01!ip forward-protocol nd!ip http serverip http access-class 23ip http authentication localip http secure-serverip http timeout-policy idle 60 life 86400 requests 10000ip nat inside source list 1 interface ATM0.1 overload!access-list 1 remark INSIDE_IF=Vlan1access-list 1 remark CCP_ACL Category=2access-list 1 permit 10.10.10.0 0.0.0.7dialer-list 1 protocol ip permitno cdp run!control-plane!banner exec ^C% Password expiration warning.-----------------------------------------------------------------------Cisco Configuration Professional (Cisco CP) is installed on this deviceand it provides the default username "cisco" for one-time use. If you havealready used the username "cisco" to login to the router and your IOS imagesupports the "one-time" user option, then this username has already expired.You will not be able to login to the router with this username after you exitthis session.It is strongly suggested that you create a new username with a privilege levelof 15 using the following command.username <myuser> privilege 15 secret 0 <mypassword>Replace <myuser> and <mypassword> with the username and password youwant to use.-----------------------------------------------------------------------^Cbanner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C!line con 0 login local no modem enableline aux 0line vty 0 4 privilege level 15 login local transport input telnet ssh!scheduler max-task-time 5000endCisco#Cisco#Cisco#Cisco#Cisco#Cisco#Cisco#Cisco#Cisco#show versionCisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2010 by Cisco Systems, Inc.Compiled Fri 22-Jan-10 14:46 by prod_rel_teamROM: System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARECisco uptime is 20 minutesSystem returned to ROM by power-onSystem image file is "flash:c850-advsecurityk9-mz.124-15.T12.bin"This product contains cryptographic features and is subject to UnitedStates and local country laws governing import, export, transfer anduse. Delivery of Cisco cryptographic products does not implythird-party authority to import, export, distribute or use encryption.Importers, exporters, distributors and users are responsible forcompliance with U.S. and local country laws. By using this product youagree to comply with applicable laws and regulations. If you are unableto comply with U.S. and local laws, return this product immediately.A summary of U.S. laws governing Cisco cryptographic products may be found at:http://www.cisco.com/wwl/export/crypto/tool/stqrg.htmlIf you require further assistance please contact us by sending email [email protected] 857 (MPC8272) processor (revision 0x400) with 59392K/6144K bytes of memory.Processor board ID FCZ140792J5MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x104 FastEthernet interfaces1 ATM interface128K bytes of non-volatile configuration memory.20480K bytes of processor board System flash (Intel Strataflash)Configuration register is 0x2102Cisco#Cisco#Cisco#Cisco#endTranslating "end"% Unknown command or computer name, or unable to find computer addressCisco#reloadProceed with reload? [confirm]*Mar 1 01:19:27.786: %SYS-5-RELOAD: Reload requested by username on console. Reload Reason: Reload Command.System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARETechnical Support: http://www.cisco.com/techsupportCopyright (c) 2006 by cisco Systems, Inc.C850 series (Board ID: 2-149) platform with 65536 Kbytes of main memoryBooting flash:/c850-advsecurityk9-mz.124-15.T12.binSelf decompressing the image : ############################################## [OK] Restricted Rights LegendUse, duplication, or disclosure by the Government issubject to restrictions as set forth in subparagraph(c) of the Commercial Computer Software - RestrictedRights clause at FAR sec. 52.227-19 and subparagraph(c) (1) (ii) of the Rights in Technical Data and ComputerSoftware clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706Cisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2010 by Cisco Systems, Inc.Compiled Fri 22-Jan-10 14:46 by prod_rel_teamImage text-base: 0x8002007C, data-base: 0x814E7240This product contains cryptographic features and is subject to UnitedStates and local country laws governing import, export, transfer anduse. Delivery of Cisco cryptographic products does not implythird-party authority to import, export, distribute or use encryption.Importers, exporters, distributors and users are responsible forcompliance with U.S. and local country laws. By using this product youagree to comply with applicable laws and regulations. If you are unableto comply with U.S. and local laws, return this product immediately.A summary of U.S. laws governing Cisco cryptographic products may be found at:http://www.cisco.com/wwl/export/crypto/tool/stqrg.htmlIf you require further assistance please contact us by sending email [email protected] 857 (MPC8272) processor (revision 0x400) with 59392K/6144K bytes of memory.Processor board ID FCZ140792J5MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x104 FastEthernet interfaces1 ATM interface128K bytes of non-volatile configuration memory.20480K bytes of processor board System flash (Intel Strataflash)no ip dhcp use vrf connected ^% Invalid input detected at '^' marker.SETUP: new interface NVI0 placed in "shutdown" statePress RETURN to get started!*Mar 1 00:00:03.952: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Initialized*Mar 1 00:00:03.960: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Enabled*Mar 1 00:00:07.244: %LINK-3-UPDOWN: Interface FastEthernet0, changed state toup*Mar 1 00:00:08.413: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up*Mar 1 00:00:08.821: %SYS-5-CONFIG_I: Configured from memory by console*Mar 1 01:19:27.072: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up*Mar 1 01:19:27.352: %SYS-5-RESTART: System restarted --Cisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2010 by Cisco Systems, Inc.Compiled Fri 22-Jan-10 14:46 by prod_rel_team*Mar 1 01:19:27.352: %SNMP-5-COLDSTART: SNMP agent on host Cisco is undergoinga cold start*Mar 1 01:19:27.436: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF*Mar 1 01:19:27.436: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF*Mar 1 01:19:27.540: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to down*Mar 1 01:19:28.072: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up*Mar 1 01:19:28.484: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up*Mar 1 01:19:28.484: %LINK-5-CHANGED: Interface ATM0, changed state to administratively down*Mar 1 01:19:28.848: %LINK-5-CHANGED: Interface NVI0, changed state to administratively down*Mar 1 01:19:28.932: %LINK-3-UPDOWN: Interface FastEthernet3, changed state toup*Mar 1 01:19:28.936: %LINK-3-UPDOWN: Interface FastEthernet2, changed state toup*Mar 1 01:19:28.940: %LINK-3-UPDOWN: Interface FastEthernet1, changed state toup*Mar 1 01:19:29.484: %LINEPROTO-5-UPDOWN: Line protocol on Interface ATM0, changed state to down*Mar 1 01:19:29.932: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet3, changed state to down*Mar 1 01:19:29.936: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet2, changed state to down*Mar 1 01:19:29.940: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changed state to down*Mar 1 01:19:29.948: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to upAuthorized access only!===========================================
Please help me as I am stuck and can't go any further....Hi David White,
Alternatively, after password recovery you can modify the configuration to be what you want, and then issue:
write memory
to save the configuration. You can then verify that your changes have been saved to the startup config by issuing:
show startup-config"
The only good thing is that when I switch off a router it erase configuration except my new password which I created after password reset. Everything else is getting vanished (ADSL settings, DHCP, routing ) everything. Even new admin accounts I created.
Well have a question to your above comments. I am new in Cisco so please put as much detail as you can for me to understand. When you say modify configuration do you mean to go to Cisco CP Express graphical interface and then connect router to hyper terminal and execute above commands?
Why router doesn't remember this anyway. There must be some option to change in configuration to make thing permanent when I hit apply changes in Cisco CO Express otherwise it is pointless to heve it.
Phillip
write memory
is
copy running-config startup-config"
Can't this be done via Cisco CP Express or set up router to copy this every time I change this in graphical interface rather going to command line to achnoledge it?
I understand your concern about this router and somebodie's configuration details as you want things to be un-used when you buy them - true. ADSL details belongs to the shop which sold me the router so that is why I don't make a big problem about this. We take most of hardware from this shop and have discount and many good deals with them so I think they have been just testing it and forgot to erease their config. It might be that someone has returned router to the shop and they have repaired it and tested it.
I hope this is a normal behaviour of this router as I have option to replace it in case this is a fault.
Could you please write me step by step guide how can I make changed options stay permanently on router?
thank you
Dragan -
ISE cannot push the profile to the cisco network setup assistant?
We have tried a few android devices with version 4.2+ but still got the error message ‘Unable to download profile.(Have you logged into the guest portal?)’ as shown at the bottom picture.
In fact, we are connecting the devices to an open SSID which performs MAC filtering, then redirect to CWA and login with AD credentials,
then redirect to Google play store and can successfully download the network setup assistant.
Could you please advise the possible reasons that would cause this error message and make ISE cannot push the profile to the cisco network setup assistant?Here's a snipit from the Android spw.log. I see that there is an error trying to verify the hostname. Is it possible that this is caused by a non-trusted certificate? I'm using the self-signed cert built into ISE. I have an entry in the public DNS for guest.domain.com that resolves to the IP of my ISE server accessible from the guest subnet. I'm allowing all traffic from the guest VLAN to the ISE vlan on the firewall and all traffic to/from the ISE server in the provisioning ACL I have applied by ISE on the WLC during native supplicant provisioning. I know that guests can communicate with the ISE server since regular guest portal redirection works, just not the network setup assistant. I've renamed the domain to domain.com in this snipit.
2014.07.20 23:44:48 INFO:verion :4.4.4 SDK Level : 19
2014.07.20 23:44:48 INFO:State :START
2014.07.20 23:44:48 INFO:Starting Discovery
2014.07.20 23:44:48 INFO:Starting ISEDiscoveryAsynchTask
2014.07.20 23:44:48 INFO:DHCP Stringipaddr 192.168.30.110 gateway 192.168.30.1 netmask 255.255.255.0 dns1 208.67.222.222 dns2 208.67.220.220 DHCP server 192.168.30.1 lease 3600 seconds
2014.07.20 23:44:48 INFO:DHCP ipaddress192.168.30.110
2014.07.20 23:44:48 INFO:DHCP gateway192.168.30.1
2014.07.20 23:44:48 INFO:Discoverng ISE http return code :200
2014.07.20 23:44:48 INFO:ISEServer =guest.domain.com
2014.07.20 23:44:48 INFO:session =0516a8c000001932f37acc53
2014.07.20 23:44:48 INFO:Discovered using gateway :18786496
2014.07.20 23:44:48 INFO:Discovered ise server = guest.domain.com
2014.07.20 23:44:48 INFO:Discovered client mac = 5C-0A-5B-FC-37-0F
2014.07.20 23:44:48 INFO:Server:Key=guest.domain.com:0516a8c000001932f37acc53
2014.07.20 23:44:48 INFO:Downloading config fromguest.domain.com
2014.07.20 23:44:48 INFO:checkServerTrusted call
2014.07.20 23:44:48 INFO:checkServerTrusted call
2014.07.20 23:44:48 ERROR:DownloadprofileAsynchTask
2014.07.20 23:44:48 ERROR:java.io.IOException: Hostname 'guest.domain.com' was not verified
2014.07.20 23:44:48 ERROR:Hostname 'guest.domain.com' was not verified
2014.07.20 23:44:48 INFO:Internal system error.
On the ISE side, here is the snippet of logs during the same time as when the android network setup assistant was run.
2014-07-20 23:41:38,586 INFO [DefaultQuartzScheduler_Worker-6][] cisco.cpm.infrastructure.utils.NodeGroupFWUtil -:::::- Applied Firewall rules for node group.
2014-07-20 23:42:35,251 INFO [AbandonedTransactionReaper][] com.cisco.epm.db.AbandonedTransactionReaper -:::::- In AbandonedTransactionReaper : MaxActive : 20
0 CurrentActive : 0 MaxIdle : 200 MinIdle : 0 CurrentIdle : 2
2014-07-20 23:42:39,394 INFO [AbandonedTransactionReaper][] com.cisco.epm.db.AbandonedTransactionReaper -::::PDPInitialization:- In AbandonedTransactionReaper
: MaxActive : 200 CurrentActive : 0 MaxIdle : 200 MinIdle : 0 CurrentIdle : 0
2014-07-20 23:42:49,765 INFO [DataSourceListener Thread][] api.services.persistance.dao.DistributionDAO -:::::- In DAO getRepository method for HostConfig Type
: ACTIVE
2014-07-20 23:42:56,805 INFO [PDP-Heartbeats-0][] com.cisco.cpm.clustering.MnTClient -::::pdpha:- Removing session 0516a8c00000196f2a95cc53
2014-07-20 23:42:56,806 WARN [PDP-Heartbeats-0][] cpm.nsf.session.impl.SystemStateManager -::::pdpha:- Session 0516a8c00000196f2a95cc53 not found at complete
2014-07-20 23:43:35,441 INFO [portal-http-844314][] cisco.epm.license.flexlm.FlexlmFileHandler -:::::- Is License Valid for seId [1] = true
2014-07-20 23:43:35,441 INFO [portal-http-844314][] com.cisco.epm.license.LicensingManager -:::::- License is valid [true] for SeriveType [1]
2014-07-20 23:43:35,750 WARN [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- --- GuestPortalUtils: Una
ble to determine language. Defaulting to English
2014-07-20 23:43:35,768 WARN [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- --- GuestPortalUtils: Una
ble to determine language. Defaulting to English
2014-07-20 23:43:35,768 INFO [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- initializing page definit
ion
2014-07-20 23:43:35,769 INFO [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- Created guest theme page
def
2014-07-20 23:44:18,090 WARN [portal-http-844315][] cisco.cpm.guestportal.actions.SelfProvisioningAction -:test:0516a8c000001932f37acc53::guest:- ***BYOD Regi
stration Data***
macAddress: 5C:0A:5B:FC:37:0F
portalUser: test
authStoreName: Internal Users
authStoreGuid: 78954c30-e0f0-11e3-af67-005056bf4689
2014-07-20 23:44:18,113 INFO [portal-http-844315][] com.cisco.epm.jms.AQMessgeHandler -:test:0516a8c000001932f37acc53::guest:- Publishing message for event [T
xnCommit / commit] and message class[class com.cisco.epm.pap.api.transaction.Transaction]
2014-07-20 23:44:18,167 WARN [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- --- GuestPortalUtils
: Unable to determine language. Defaulting to English
2014-07-20 23:44:18,168 INFO [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- initializing page de
finition
2014-07-20 23:44:18,169 INFO [portal-http-844315][] cisco.cpm.guestportal.utils.CoAExecutorService -:test:0516a8c000001932f37acc53::guest:- Issue CoA reauth i
n 2000 milliseconds for sessionName 0516a8c000001932f37acc53
2014-07-20 23:44:18,171 WARN [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- --- GuestPortalUtils
: Unable to determine language. Defaulting to English
2014-07-20 23:44:18,172 INFO [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- initializing page de
finition
2014-07-20 23:44:18,173 INFO [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- Created guest theme
page def
2014-07-20 23:44:20,171 INFO [pool-19-thread-4][] cisco.cpm.guestportal.utils.CoAReauthTask -:test:0516a8c000001932f37acc53::guest:- Running CoAReauthTask for
_sessionName 0516a8c000001932f37acc53
2014-07-20 23:44:20,194 INFO [pool-19-thread-4][] cisco.cpm.guestportal.utils.CoAReauthTask -:test:0516a8c000001932f37acc53::guest:- Issue Local CoA for sessi
on 0516a8c000001932f37acc53
2014-07-20 23:44:50,768 INFO [ContainerBackgroundProcessor[StandardEngine[Catalina]]][] cpm.admin.infra.action.SessionCounterListener -:::::- sessionDestroyed
- deducted one session from counter - Session ID - 0FFE9C73C9209D4EE2534558CB8F723B - Session Count - 0
2014-07-20 23:46:58,502 INFO [portal-http-844315][] cisco.epm.license.flexlm.FlexlmFileHandler -:::::- Is License Valid for seId [1] = true
2014-07-20 23:46:58,502 INFO [portal-http-844315][] com.cisco.epm.license.LicensingManager -:::::- License is valid [true] for SeriveType [1]
2014-07-20 23:46:58,693 WARN [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- --- GuestPortalUtils: Una
ble to determine language. Defaulting to English
2014-07-20 23:46:58,702 INFO [portal-http-844315][] cisco.cpm.provisioning.cache.FlowStateCacheManager -::0516a8c000001932f37acc53::guest:- Deleted old flow st
ate session with device id 5C-0A-5B-FC-37-0F -
Cisco Network Setup Assistant Unable to install the certificate on Android KitKat
Greetings,
I'm having issues with deploying the CA. Although the Cisco app fails, the user cert (but no CA) appears to install and is accessible during wifi setup. I am running the latest version of Cisco Network Setup Assistant 1.2.42. The phone is running Android KitKat 4.4.4, not rooted, running stock T-Mobile rom. I'm able to authenticate with the guest side, and get as far as Installing Certificates... Reference the screen shots attached.
Error message cisco Network Setup Assistant: "Unable to install the certificate. Exit the application and run it again to continue to the installation."
I have ran the application several times, it keeps returning to this same message.
After failure of the Cisco app, I noticed there is a certificate manager with CA cert and key, and than subsequently one new key continues to loop after until I cancel (also in screenshots).
I have tried decryption, removing all security, and clearing credentials, yet the problem persists. Any help is appreciated.Greetings,
I'm having issues with deploying the CA. Although the Cisco app fails, the user cert (but no CA) appears to install and is accessible during wifi setup. I am running the latest version of Cisco Network Setup Assistant 1.2.42. The phone is running Android KitKat 4.4.4, not rooted, running stock T-Mobile rom. I'm able to authenticate with the guest side, and get as far as Installing Certificates... Reference the screen shots attached.
Error message cisco Network Setup Assistant: "Unable to install the certificate. Exit the application and run it again to continue to the installation."
I have ran the application several times, it keeps returning to this same message.
After failure of the Cisco app, I noticed there is a certificate manager with CA cert and key, and than subsequently one new key continues to loop after until I cancel (also in screenshots).
I have tried decryption, removing all security, and clearing credentials, yet the problem persists. Any help is appreciated. -
Cisco Network Setup Assistant with WIndows8
Hi, I'm trying to provisioning on Windows 8(Surface pro)
When the Cisco Network setup Assistant is on, it asks 'network password' while the ssid is wpa2-enterprise.
and I configured as it is on NSP.
Is it a bug ??Hi,
What version of ise are you on, also what is the windows native supplicant provisioning version? See if the release notes for 1.2 meet your current design.
http://www.cisco.com/en/US/docs/security/ise/1.2/release_notes/ise12_rn.html#wp378491
Thanks,
Tarik Admani
*Please rate helpful posts* -
Hello Experts
My home broadband has just been upgraded to ADSL2 and my cisco 857 doesn't recognise the ADSL line anymore.
Its got 12.4(6). The wan interface is reads ATMoPOTS.
Some forums say that the Firmware needs upgrading. Some say the IOS needs upgrading. one of the Cisco links says only HWIC on the 857s support ADSL2. But its a fixed router - not modular. The only built-in WAN port is ATMoPOTS.
Could anyone provide me with the right advise ASAP please ? We all know how it is without internet access at home !
many thanks
AravThank you very much. Is there a way I can cancel this thread ?
Cheers
Arav -
Does Cisco 857 router support Easy VPN?!!
Hi,
I've a Cisco 857 router with a 12.4(6)T IOS.
I want to configure it to act as an Easy VPN server, to allow my remote clients -using cisco vpn clients- to access the internal resourses behind the router.
Is it applicable with this router model?!!
thanks and regards,
AlaAla, upsolutely, you would probably need advance k9 security image, check at software advisory tools and slect software features for your platform.
sofware advisory
http://tools.cisco.com/Support/Fusion/FusionHome.do
857 Models See table 3 Software feature
http://www.cisco.com/en/US/prod/collateral/routers/ps380/ps6195/product_data_sheet0900aecd8028a9a9_ps380_Products_Data_Sheet.html
HTH
Rgds
Jorge -
Hello,
I would like to know if CISCO 857 allows remote software Cisco VPN clients aside from site to site VPN. I heard that all VPN cisco cable devices allow cisco VPN client software connections, is that true?
Thanks a lot for your help
Juan ManuelJuan,
Allow me to explain a bit further to clarify some of the terminologies used which might cause confusion.
Cisco VPN router can terminate the following types of tunnels.
a. Lan to Lan tunnels
b. Dynamic Lan to Lan tunnels
c. VPN clients terminations
d. Easy VPN clients terminations
a & b, are very similar
c & d, are very similar
except - option c uses the VPN clients (software) installed on the PC or a MAC systems
Option d, uses hardware to connect to the IOS routers. You can use a Cisco Router or a PIX firewall or a 3002 or ASA to connect to the Cisco router which would be acting as an IOS Easy VPN server. And the device connecting to the Easy VPN server is called as a Easy VPN client.
Hope this explains the terminologies a bit more in detail.
To answer your question, Security Feature does allow support for Easy VPN client and server.
And what you are trying to accomplish is option c. So, the security feature option should work out well for you.
Hope this explains your queries.
Rate this post, if it helps!!
Thanks
Gilbert -
Configuring cisco 857 for BM39
I know that I'm doing something wrong. Tried to follow example in appnote
http://www.novell.com/coolsolutions/appnote/7971.html
but once I turn on the "crypto map static-map" - I can no longer ping the
router from a PC connected to the router. I'm preparing a Cisco-857 as my
first attempt to run a site-to-site vpn using BorderManager v3.9.
I'm pasting the relevant portions of the cisco config below. Would greatly
appreciate your advice.
TIA....Gregg
ip dhcp excluded-address 192.168.255.1
ip dhcp pool sdm-pool
import all
network 192.168.255.0 255.255.255.248
default-router 192.168.255.1
lease 0 2
crypto isakmp policy 1
encr 3des
authentication pre-share
lifetime 28800
crypto isakmp key xx-my-key-xx address 192.168.19.13 255.255.255.252
crypto ipsec transform-set vpn-wvtwp esp-3des esp-sha-hmac
crypto map static local-address Vlan1
crypto map static 1 ipsec-isakmp
set peer 192.168.19.13
set security-association lifetime seconds 7200
set transform-set vpn-wvtwp
match address vpn-static1
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.19.14 255.255.255.252 secondary
ip address 192.168.255.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
ip tcp adjust-mss 1452
crypto map static-map
ip route 172.16.0.0 255.255.248.0 192.168.19.13
ip route 192.168.0.0 255.255.0.0 192.168.19.13
ip access-list extended vpn-static1
permit ip 192.168.255.0 0.0.0.7 172.16.0.0 0.0.7.255
permit ip 192.168.255.0 0.0.0.7 192.168.0.0 0.0.255.255Gregg,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://support.novell.com/forums/faq_general.html
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://support.novell.com/forums/ -
Port Forwarding for PcANYWHERE on Cisco 857
Does anybody have a step by step guide on how to open and direct a port on the CISCO 857 router to allow remote operation using PcANYWHERE?
I have access to my Cisco 857 SDM but cannot work it out.Excuse ingnorance but need more info.
Where do I type this statement? Where would I type PC ip address so Router knows to direct PcAnywhere port enquiries to correct PC on the network. -
EA3500 Cisco Connect Setup problem?
So i recently resetted my Linksys EA3500 and i lost the CD so i download the Cisco Connect for the EA3500.I connected my EA3500 using the ethernet cable to my laptop,run the setup,and then on 25% it said that no wireless routers were found.I already connected it using an ethernet cable i dont understand why it is still not found.What should i do?
Hi geraldicg , make sure that the wireless switch on your computer is turned on. I recommend that you try another laptop (if available). If no luck, configure the router manually by accessing 192.168.1.1 or myrouter.local. Check this out:
Title: Accessing your Linksys Smart Wi-Fi Account through a web browser -
Cisco 857 & 877 differences?
I am looking to replace a Cisco 837 ADSL router for one of the newer 850 or 870 series ADSL routers and can't find a definitive list of features between the 2 platforms. Can some one point me to a URL that compares the features between the two or maybe just list what the 877 has over the 857?
Thanks
AndyThanks for that Ankur.
After a bit more searching (I haven't quite got the hang of the new format website...) I did find that comparison page.
I have come to the conclusion that both the 857 and the 877 are very similar products (with some memory upgrade limitations with the 850 series). However the 850 series only has Advanced Security IOS available whilst the 870 has Advanced Security and Advanced IP Services. Adv. IP Services seems to have OSPF but Advanced Security doesn't. Can anyone confirm this?
Thanks
Andy -
Hi Guys,
Here is my basic setup
I have an ASA 5512 gig0 connects to the internet
G1 connects to the inside on 192.168.35.254 then plugs direct into a switch.
I'm confused on the setup to get the IPS running. do i need to set the IPS in the same range as my inside interface? and also what do i set the IPS gateway to 192.168.35.254 my inside ASA interface?
Once this is done done a need to setup a rule within the MPF to foward all traffic to it?
Thanks
James.Also check these helpful ASA IPS config links
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/modules_ips.pdf
http://itzecurity.blogspot.co.uk/2013/12/configuring-cisco-asa-ips-module.html
p://www.cisco.com/c/en/us/td/docs/security/asa/asa84/asdm64/configuration_guide/asdm_64_config/modules_ips.pdf
http://www.cisco.com/c/en/us/td/docs/security/ips/7-1/configuration/guide/cli/cliguide71/cli_asa_ips.html -
VPN between WRVS4400N and CISCO 857 router
Hi ALL,
Am trying to VPN the two and have setup the WRVS4400N side using IPSec (seems easy enough). Has anyone any experience on the 857 router side? Would you kindly show how that can be configured? Or just point me to any good source doing it will be good too. Thanks!ip nat inside source route-map nonat interface FastEthernet0 overload
access-list 110 deny ip 10.20.10.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list 110 permit ip 10.20.10.0 0.0.0.255 any
route-map nonat permit 10
match ip address 110
or better (if you have for example the IP public 1.2.3.5)
ip nat pool 1.2.3.5 1.2.3.5 1.2.3.5 prefix-length 30
ip nat inside source list nat-to-internet pool 1.2.3.5 overload
ip access-list extended nat-to-internet
deny ip 10.20.10.0 0.0.0.255 10.10.10.0 0.0.0.255
permit ip 10.20.10.0 0.0.0.255 any
deny ip any any -
Cisco Connect setup stuck at 90% Linksys E900
Hi,
Today evening i had to restart my routers settings and I also formatted (don't know if it's a good word in english, i mean recovering operating system) my disk and now i can't install Cisco Connection Again on my laptop (win8). The setup process is always stuck at 90% (after few or more minutes there's message that configurating failed...), what's wierd is that i can explore the internet and use settings of router in web browser ( http://192.168.1.1 ) when setup is stuck. After getting "FAIL message" i cant use internet anymore.
I beg for your help! ;<
Thanks in advance.Do you want to use the Cisco Connect software? If not, then you can always go for manual troubleshooting. Linksys designe cisco connect as a tool to help manage the router. If you need to use it, I suggest that you download the software from the linksys website and start all over again. Before you run the software, reset the router first for 10 seconds, reboot the router and once it's ready run cisco connect.
Just make sure that you do not have any firewalls enabled or antivirus software that may interfere with the setup process. Again if you don't need the software jsut go with manual troubleshooting. You always have different options.
Maybe you are looking for
-
Arranging Objects In Adobe Edge
I desinged a stage in Muse with different objects. I opened those objets as a stage in Edge Animate. I created a text box in Edge that I want arranged to the front of everything. When I right click on the text box the options to arrange it are greyed
-
How to send DTMF via JMF?
Hi All, I have developed a SIP Client with Applet. Now, I would like to send DTMF (RFC 2833) via JMF over RTP. Does any have sample code? Please help me with your valuable feedback. Thanks, ARIF
-
I have a HP Pavilion dv6t 2300 laptop. Few days ago, the laptop suddenly stopped running with power issue. I bought a new battery thinking it was a battery issue. When I plug in the battery, AC led light won't turn on and the laptop won't charge. Soo
-
BW Currency Conversion with rate of next year
Hi, I need to show cumulated values of previous year(PYTD) converted with the exchange rate of the current year (e.g. Jan 06 value converted with Jan 07, Feb 06 with Feb 07 etc.). I can't upload the converted value, because the rate (monthly average)
-
Display popup window when closing "X" web browser
Hi All - how I can display a popup window when user press "X" from web browser. I know how to create popups windows but where I can code the popup window when the user close the browser? e.g. I press at the top right the web browser "X" to close the