Cisco 857 setup

Similar Messages

• I am loosing configuration when I power off my Cisco 857 router

  I bought new Cisco 857 router from the shop. Router must have been used before as I couln't go in with default username/password cisco/cisco.
  Well I followed instruciton and reset password to username and password. Now I finally connected to the Cisco CP express over my IE browser.
  I found out that somebody was using a router from the shop so this is why I coun't log to it in the first place. Anyway problem is that when I changed configuration and applied settings it remembers it until I power it off. When I power it on again it remembers all settings from that shop.
  It reverts everything back: IP address, previous level 15 account and password - everything like after password reset.
  I tried it again and it again lost settings. So I found following instruction:
  http://www.cisco.com/en/US/products/hw/routers/ps233/products_tech_note09186a00800a65a5.shtml
  I followed it and changed again all settings on the router. My settings are again lost after power off/on. I noticed that when I do first bit it does show
  0x2102 not 0x2142 like they think that is password reset mode.
  Here is my output from Hyper Terminal:
  =============================
  Cisco#enableCisco#show startUsing 3359 out of 131072 bytes!version 12.4no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Cisco!boot-start-markerboot-end-marker!logging buffered 51200 warningsenable secret 5 $1$hpKF$Rc1tl6r45J8iHG7EN5jSk.!no aaa new-model!crypto pki trustpoint TP-self-signed-3185909327 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3185909327 revocation-check none rsakeypair TP-self-signed-3185909327!!crypto pki certificate chain TP-self-signed-3185909327 certificate self-signed 01 nvram:IOS-Self-Sig#5.cerdot11 syslogno ip dhcp use vrf connectedip dhcp excluded-address 10.10.10.1!ip dhcp pool ccp-pool   import all   network 10.10.10.0 255.255.255.248   default-router 10.10.10.1   lease 0 2!!ip cefno ip domain lookupip domain name molinary.com!!!username admin privilege 15 secret 5 $1$jD3j$r6ROikgGsIlcMTGjkxFQ6.username username privilege 15 password 0 password!!archive log config  hidekeys!!!!!interface ATM0 no ip address shutdown no atm ilmi-keepalive dsl operating-mode auto!interface ATM0.1 point-to-point description $ES_WAN$ ip nat outside ip virtual-reassembly pvc 0/38  encapsulation aal5mux ppp dialer  dialer pool-member 1 !!interface FastEthernet0!interface FastEthernet1!interface FastEthernet2!interface FastEthernet3!interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$ ip address 10.10.10.1 255.255.255.248 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452!interface Dialer0 ip address dhcp encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap pap callin ppp chap hostname [email protected] ppp chap password 0 netgear01 ppp pap sent-username [email protected] password 0 netgear01!ip forward-protocol nd!ip http serverip http access-class 23ip http authentication localip http secure-serverip http timeout-policy idle 60 life 86400 requests 10000ip nat inside source list 1 interface ATM0.1 overload!access-list 1 remark INSIDE_IF=Vlan1access-list 1 remark CCP_ACL Category=2access-list 1 permit 10.10.10.0 0.0.0.7dialer-list 1 protocol ip permitno cdp run!control-plane!banner exec ^C% Password expiration warning.-----------------------------------------------------------------------Cisco Configuration Professional (Cisco CP) is installed on this deviceand it provides the default username "cisco" for  one-time use. If you havealready used the username "cisco" to login to the router and your IOS imagesupports the "one-time" user option, then this username has already expired.You will not be able to login to the router with this username after you exitthis session.It is strongly suggested that you create a new username with a privilege levelof 15 using the following command.username <myuser> privilege 15 secret 0 <mypassword>Replace <myuser> and <mypassword> with the username and password youwant to use.-----------------------------------------------------------------------^Cbanner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C!line con 0 login local no modem enableline aux 0line vty 0 4 privilege level 15 login local transport input telnet ssh!scheduler max-task-time 5000endCisco#Cisco#Cisco#Cisco#Cisco#Cisco#Cisco#Cisco#Cisco#show versionCisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2010 by Cisco Systems, Inc.Compiled Fri 22-Jan-10 14:46 by prod_rel_teamROM: System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARECisco uptime is 20 minutesSystem returned to ROM by power-onSystem image file is "flash:c850-advsecurityk9-mz.124-15.T12.bin"This product contains cryptographic features and is subject to UnitedStates and local country laws governing import, export, transfer anduse. Delivery of Cisco cryptographic products does not implythird-party authority to import, export, distribute or use encryption.Importers, exporters, distributors and users are responsible forcompliance with U.S. and local country laws. By using this product youagree to comply with applicable laws and regulations. If you are unableto comply with U.S. and local laws, return this product immediately.A summary of U.S. laws governing Cisco cryptographic products may be found at:http://www.cisco.com/wwl/export/crypto/tool/stqrg.htmlIf you require further assistance please contact us by sending email [email protected] 857 (MPC8272) processor (revision 0x400) with 59392K/6144K bytes of memory.Processor board ID FCZ140792J5MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x104 FastEthernet interfaces1 ATM interface128K bytes of non-volatile configuration memory.20480K bytes of processor board System flash (Intel Strataflash)Configuration register is 0x2102Cisco#Cisco#Cisco#Cisco#endTranslating "end"% Unknown command or computer name, or unable to find computer addressCisco#reloadProceed with reload? [confirm]*Mar  1 01:19:27.786: %SYS-5-RELOAD: Reload requested  by username on console. Reload Reason: Reload Command.System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARETechnical Support: http://www.cisco.com/techsupportCopyright (c) 2006 by cisco Systems, Inc.C850 series (Board ID: 2-149) platform with 65536 Kbytes of main memoryBooting flash:/c850-advsecurityk9-mz.124-15.T12.binSelf decompressing the image : ############################################## [OK]              Restricted Rights LegendUse, duplication, or disclosure by the Government issubject to restrictions as set forth in subparagraph(c) of the Commercial Computer Software - RestrictedRights clause at FAR sec. 52.227-19 and subparagraph(c) (1) (ii) of the Rights in Technical Data and ComputerSoftware clause at DFARS sec. 252.227-7013.           cisco Systems, Inc.           170 West Tasman Drive           San Jose, California 95134-1706Cisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2010 by Cisco Systems, Inc.Compiled Fri 22-Jan-10 14:46 by prod_rel_teamImage text-base: 0x8002007C, data-base: 0x814E7240This product contains cryptographic features and is subject to UnitedStates and local country laws governing import, export, transfer anduse. Delivery of Cisco cryptographic products does not implythird-party authority to import, export, distribute or use encryption.Importers, exporters, distributors and users are responsible forcompliance with U.S. and local country laws. By using this product youagree to comply with applicable laws and regulations. If you are unableto comply with U.S. and local laws, return this product immediately.A summary of U.S. laws governing Cisco cryptographic products may be found at:http://www.cisco.com/wwl/export/crypto/tool/stqrg.htmlIf you require further assistance please contact us by sending email [email protected] 857 (MPC8272) processor (revision 0x400) with 59392K/6144K bytes of memory.Processor board ID FCZ140792J5MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x104 FastEthernet interfaces1 ATM interface128K bytes of non-volatile configuration memory.20480K bytes of processor board System flash (Intel Strataflash)no ip dhcp use vrf connected               ^% Invalid input detected at '^' marker.SETUP: new interface NVI0 placed in "shutdown" statePress RETURN to get started!*Mar  1 00:00:03.952: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0  State changed to: Initialized*Mar  1 00:00:03.960: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0  State changed to: Enabled*Mar  1 00:00:07.244: %LINK-3-UPDOWN: Interface FastEthernet0, changed state toup*Mar  1 00:00:08.413: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up*Mar  1 00:00:08.821: %SYS-5-CONFIG_I: Configured from memory by console*Mar  1 01:19:27.072: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up*Mar  1 01:19:27.352: %SYS-5-RESTART: System restarted --Cisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2010 by Cisco Systems, Inc.Compiled Fri 22-Jan-10 14:46 by prod_rel_team*Mar  1 01:19:27.352: %SNMP-5-COLDSTART: SNMP agent on host Cisco is undergoinga cold start*Mar  1 01:19:27.436: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF*Mar  1 01:19:27.436: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF*Mar  1 01:19:27.540: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to down*Mar  1 01:19:28.072: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up*Mar  1 01:19:28.484: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up*Mar  1 01:19:28.484: %LINK-5-CHANGED: Interface ATM0, changed state to administratively down*Mar  1 01:19:28.848: %LINK-5-CHANGED: Interface NVI0, changed state to administratively down*Mar  1 01:19:28.932: %LINK-3-UPDOWN: Interface FastEthernet3, changed state toup*Mar  1 01:19:28.936: %LINK-3-UPDOWN: Interface FastEthernet2, changed state toup*Mar  1 01:19:28.940: %LINK-3-UPDOWN: Interface FastEthernet1, changed state toup*Mar  1 01:19:29.484: %LINEPROTO-5-UPDOWN: Line protocol on Interface ATM0, changed state to down*Mar  1 01:19:29.932: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet3, changed state to down*Mar  1 01:19:29.936: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet2, changed state to down*Mar  1 01:19:29.940: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changed state to down*Mar  1 01:19:29.948: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to upAuthorized access only!===========================================
  Please help me as I am stuck and can't go any further....

  Hi David White,
  Alternatively, after password recovery you can modify the configuration to be what you want, and then issue:
     write memory
  to save the configuration.  You can then verify that your changes have been saved to the startup config by issuing:
     show startup-config"
  The only good thing is that when I switch off a router it erase configuration except my new password which I created after password reset. Everything else is getting vanished (ADSL settings, DHCP, routing ) everything. Even new admin accounts I created.
  Well have a question to your above comments. I am new in Cisco so please put as much detail as you can for me to understand. When you say modify configuration do you mean to go to Cisco CP Express graphical interface and then connect router to hyper terminal and execute above commands?
  Why router doesn't remember this anyway. There must be some option to change in configuration to make thing permanent when I hit apply changes in Cisco CO Express otherwise it is pointless to heve it.
  Phillip
  write memory
  is
  copy running-config startup-config"
  Can't this be done via Cisco CP Express or set up router to copy this every time I change this in graphical interface rather going to command line to achnoledge it?
  I understand your concern about this router and somebodie's configuration details as you want things to be un-used when you buy them - true. ADSL details belongs to the shop which sold me the router so that is why I don't make a big problem about this. We take most of hardware from this shop and have discount and many good deals with them so I think they have been just testing it and forgot to erease their config. It might be that someone has returned router to the shop and they have repaired it and tested it.
  I hope this is a normal behaviour of this router as I have option to replace it in case this is a fault.
  Could you please write me step by step guide how can I make changed options stay permanently on router?
  thank you
  Dragan

• ISE cannot push the profile to the cisco network setup assistant?

  We have tried a few android devices with version 4.2+ but still got the error message ‘Unable to download profile.(Have you logged into the guest portal?)’ as shown at the bottom picture.
  In fact, we are connecting the devices to an open SSID which performs MAC filtering, then redirect to CWA and login with AD credentials,
  then redirect to Google play store and can successfully download the network setup assistant.
  Could you please advise the possible reasons that would cause this error message and make ISE cannot push the profile to the cisco network setup assistant?

  Here's a snipit from the Android spw.log.  I see that there is an error trying to verify the hostname.  Is it possible that this is caused by a non-trusted certificate?  I'm using the self-signed cert built into ISE.  I have an entry in the public DNS for guest.domain.com that resolves to the IP of my ISE server accessible from the guest subnet.  I'm allowing all traffic from the guest VLAN to the ISE vlan on the firewall and all traffic to/from the ISE server in the provisioning ACL I have applied by ISE on the WLC during native supplicant provisioning.  I know that guests can communicate with the ISE server since regular guest portal redirection works, just not the network setup assistant.  I've renamed the domain to domain.com in this snipit.
  2014.07.20 23:44:48 INFO:verion :4.4.4 SDK Level : 19
  2014.07.20 23:44:48 INFO:State :START
  2014.07.20 23:44:48 INFO:Starting Discovery
  2014.07.20 23:44:48 INFO:Starting ISEDiscoveryAsynchTask
  2014.07.20 23:44:48 INFO:DHCP Stringipaddr 192.168.30.110 gateway 192.168.30.1 netmask 255.255.255.0 dns1 208.67.222.222 dns2 208.67.220.220 DHCP server 192.168.30.1 lease 3600 seconds
  2014.07.20 23:44:48 INFO:DHCP ipaddress192.168.30.110
  2014.07.20 23:44:48 INFO:DHCP gateway192.168.30.1
  2014.07.20 23:44:48 INFO:Discoverng ISE http return code :200
  2014.07.20 23:44:48 INFO:ISEServer =guest.domain.com
  2014.07.20 23:44:48 INFO:session =0516a8c000001932f37acc53
  2014.07.20 23:44:48 INFO:Discovered using gateway :18786496
  2014.07.20 23:44:48 INFO:Discovered ise server = guest.domain.com
  2014.07.20 23:44:48 INFO:Discovered client mac = 5C-0A-5B-FC-37-0F
  2014.07.20 23:44:48 INFO:Server:Key=guest.domain.com:0516a8c000001932f37acc53
  2014.07.20 23:44:48 INFO:Downloading config fromguest.domain.com
  2014.07.20 23:44:48 INFO:checkServerTrusted call
  2014.07.20 23:44:48 INFO:checkServerTrusted call
  2014.07.20 23:44:48 ERROR:DownloadprofileAsynchTask
  2014.07.20 23:44:48 ERROR:java.io.IOException: Hostname 'guest.domain.com' was not verified
  2014.07.20 23:44:48 ERROR:Hostname 'guest.domain.com' was not verified
  2014.07.20 23:44:48 INFO:Internal system error.
  On the ISE side, here is the snippet of logs during the same time as when the android network setup assistant was run.
  2014-07-20 23:41:38,586 INFO   [DefaultQuartzScheduler_Worker-6][] cisco.cpm.infrastructure.utils.NodeGroupFWUtil -:::::- Applied Firewall rules for node group.
  2014-07-20 23:42:35,251 INFO   [AbandonedTransactionReaper][] com.cisco.epm.db.AbandonedTransactionReaper -:::::- In AbandonedTransactionReaper :  MaxActive : 20
  0 CurrentActive : 0 MaxIdle : 200 MinIdle : 0 CurrentIdle : 2
  2014-07-20 23:42:39,394 INFO   [AbandonedTransactionReaper][] com.cisco.epm.db.AbandonedTransactionReaper -::::PDPInitialization:- In AbandonedTransactionReaper
  :  MaxActive : 200 CurrentActive : 0 MaxIdle : 200 MinIdle : 0 CurrentIdle : 0
  2014-07-20 23:42:49,765 INFO   [DataSourceListener Thread][] api.services.persistance.dao.DistributionDAO -:::::- In DAO getRepository method for HostConfig Type
  : ACTIVE
  2014-07-20 23:42:56,805 INFO   [PDP-Heartbeats-0][] com.cisco.cpm.clustering.MnTClient -::::pdpha:- Removing session 0516a8c00000196f2a95cc53
  2014-07-20 23:42:56,806 WARN   [PDP-Heartbeats-0][] cpm.nsf.session.impl.SystemStateManager -::::pdpha:- Session 0516a8c00000196f2a95cc53 not found at complete
  2014-07-20 23:43:35,441 INFO   [portal-http-844314][] cisco.epm.license.flexlm.FlexlmFileHandler -:::::- Is License Valid for seId [1] = true
  2014-07-20 23:43:35,441 INFO   [portal-http-844314][] com.cisco.epm.license.LicensingManager -:::::- License is valid [true] for SeriveType [1]
  2014-07-20 23:43:35,750 WARN   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- --- GuestPortalUtils: Una
  ble to determine language. Defaulting to English
  2014-07-20 23:43:35,768 WARN   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- --- GuestPortalUtils: Una
  ble to determine language. Defaulting to English
  2014-07-20 23:43:35,768 INFO   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- initializing page definit
  ion
  2014-07-20 23:43:35,769 INFO   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- Created guest theme page
  def
  2014-07-20 23:44:18,090 WARN   [portal-http-844315][] cisco.cpm.guestportal.actions.SelfProvisioningAction -:test:0516a8c000001932f37acc53::guest:- ***BYOD Regi
  stration Data***
  macAddress: 5C:0A:5B:FC:37:0F
  portalUser: test
  authStoreName: Internal Users
  authStoreGuid: 78954c30-e0f0-11e3-af67-005056bf4689
  2014-07-20 23:44:18,113 INFO   [portal-http-844315][] com.cisco.epm.jms.AQMessgeHandler -:test:0516a8c000001932f37acc53::guest:- Publishing message for event [T
  xnCommit / commit] and message class[class com.cisco.epm.pap.api.transaction.Transaction]
  2014-07-20 23:44:18,167 WARN   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- --- GuestPortalUtils
  : Unable to determine language. Defaulting to English
  2014-07-20 23:44:18,168 INFO   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- initializing page de
  finition
  2014-07-20 23:44:18,169 INFO   [portal-http-844315][] cisco.cpm.guestportal.utils.CoAExecutorService -:test:0516a8c000001932f37acc53::guest:- Issue CoA reauth i
  n 2000 milliseconds for sessionName 0516a8c000001932f37acc53
  2014-07-20 23:44:18,171 WARN   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- --- GuestPortalUtils
  : Unable to determine language. Defaulting to English
  2014-07-20 23:44:18,172 INFO   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- initializing page de
  finition
  2014-07-20 23:44:18,173 INFO   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -:test:0516a8c000001932f37acc53::guest:- Created guest theme
  page def
  2014-07-20 23:44:20,171 INFO   [pool-19-thread-4][] cisco.cpm.guestportal.utils.CoAReauthTask -:test:0516a8c000001932f37acc53::guest:- Running CoAReauthTask for
   _sessionName 0516a8c000001932f37acc53
  2014-07-20 23:44:20,194 INFO   [pool-19-thread-4][] cisco.cpm.guestportal.utils.CoAReauthTask -:test:0516a8c000001932f37acc53::guest:- Issue Local CoA for sessi
  on 0516a8c000001932f37acc53
  2014-07-20 23:44:50,768 INFO   [ContainerBackgroundProcessor[StandardEngine[Catalina]]][] cpm.admin.infra.action.SessionCounterListener -:::::- sessionDestroyed
  - deducted one session from counter - Session ID - 0FFE9C73C9209D4EE2534558CB8F723B - Session Count - 0
  2014-07-20 23:46:58,502 INFO   [portal-http-844315][] cisco.epm.license.flexlm.FlexlmFileHandler -:::::- Is License Valid for seId [1] = true
  2014-07-20 23:46:58,502 INFO   [portal-http-844315][] com.cisco.epm.license.LicensingManager -:::::- License is valid [true] for SeriveType [1]
  2014-07-20 23:46:58,693 WARN   [portal-http-844315][] cisco.cpm.guestportal.utils.GuestPortalUtils -::0516a8c000001932f37acc53::guest:- --- GuestPortalUtils: Una
  ble to determine language. Defaulting to English
  2014-07-20 23:46:58,702 INFO   [portal-http-844315][] cisco.cpm.provisioning.cache.FlowStateCacheManager -::0516a8c000001932f37acc53::guest:- Deleted old flow st
  ate session with device id 5C-0A-5B-FC-37-0F

• Cisco Network Setup Assistant Unable to install the certificate on Android KitKat

  Greetings,
  I'm having issues with deploying the CA. Although the Cisco app fails, the user cert (but no CA) appears to install and is accessible during wifi setup. I am running the latest version of Cisco Network Setup Assistant 1.2.42. The phone is running Android KitKat 4.4.4, not rooted, running stock T-Mobile rom. I'm able to authenticate with the guest side, and get as far as Installing Certificates... Reference the screen shots attached. 
  Error message cisco Network Setup Assistant: "Unable to install the certificate. Exit the application and run it again to continue to the installation."
  I have ran the application several times, it keeps returning to this same message.
  After failure of the Cisco app, I noticed there is a certificate manager with CA cert and key, and than subsequently one new key continues to loop after until I cancel (also in screenshots).
  I have tried decryption, removing all security, and clearing credentials, yet the problem persists. Any help is appreciated. 

  Greetings,
  I'm having issues with deploying the CA. Although the Cisco app fails, the user cert (but no CA) appears to install and is accessible during wifi setup. I am running the latest version of Cisco Network Setup Assistant 1.2.42. The phone is running Android KitKat 4.4.4, not rooted, running stock T-Mobile rom. I'm able to authenticate with the guest side, and get as far as Installing Certificates... Reference the screen shots attached. 
  Error message cisco Network Setup Assistant: "Unable to install the certificate. Exit the application and run it again to continue to the installation."
  I have ran the application several times, it keeps returning to this same message.
  After failure of the Cisco app, I noticed there is a certificate manager with CA cert and key, and than subsequently one new key continues to loop after until I cancel (also in screenshots).
  I have tried decryption, removing all security, and clearing credentials, yet the problem persists. Any help is appreciated. 

• Cisco Network Setup Assistant with WIndows8

                     Hi, I'm trying to provisioning on Windows 8(Surface pro)
  When the Cisco Network setup Assistant is on, it asks 'network password' while the ssid is wpa2-enterprise.
  and I configured as it is on NSP.
  Is it a bug ??

  Hi,
  What version of ise are you on, also what is the windows native supplicant provisioning version? See if the release notes for 1.2 meet your current design.
  http://www.cisco.com/en/US/docs/security/ise/1.2/release_notes/ise12_rn.html#wp378491
  Thanks,
  Tarik Admani
  *Please rate helpful posts*

• ADSL2 on Cisco 857

  Hello Experts
  My home broadband has just been upgraded to ADSL2 and my cisco 857 doesn't recognise the ADSL line anymore.
  Its got 12.4(6). The wan interface is reads ATMoPOTS.
  Some forums say that the Firmware needs upgrading. Some say the IOS needs upgrading. one of the Cisco links says only HWIC on the 857s support ADSL2. But its a fixed router - not modular. The only built-in WAN port is ATMoPOTS.
  Could anyone provide me with the right advise ASAP please ? We all know how it is without internet access at home !
  many thanks
  Arav

  Thank you very much. Is there a way I can cancel this thread ?
  Cheers
  Arav

• Does Cisco 857 router support Easy VPN?!!

  Hi,
  I've a Cisco 857 router with a 12.4(6)T IOS.
  I want to configure it to act as an Easy VPN server, to allow my remote clients -using cisco vpn clients- to access the internal resourses behind the router.
  Is it applicable with this router model?!!
  thanks and regards,
  Ala

  Ala, upsolutely, you would probably need advance k9 security image, check at software advisory tools and slect software features for your platform.
  sofware advisory
  http://tools.cisco.com/Support/Fusion/FusionHome.do
  857 Models See table 3 Software feature
  http://www.cisco.com/en/US/prod/collateral/routers/ps380/ps6195/product_data_sheet0900aecd8028a9a9_ps380_Products_Data_Sheet.html
  HTH
  Rgds
  Jorge

• VPN client to CISCO 857

  Hello,
  I would like to know if CISCO 857 allows remote software Cisco VPN clients aside from site to site VPN. I heard that all VPN cisco cable devices allow cisco VPN client software connections, is that true?
  Thanks a lot for your help
  Juan Manuel

  Juan,
  Allow me to explain a bit further to clarify some of the terminologies used which might cause confusion.
  Cisco VPN router can terminate the following types of tunnels.
  a. Lan to Lan tunnels
  b. Dynamic Lan to Lan tunnels
  c. VPN clients terminations
  d. Easy VPN clients terminations
  a & b, are very similar
  c & d, are very similar
  except - option c uses the VPN clients (software) installed on the PC or a MAC systems
  Option d, uses hardware to connect to the IOS routers. You can use a Cisco Router or a PIX firewall or a 3002 or ASA to connect to the Cisco router which would be acting as an IOS Easy VPN server. And the device connecting to the Easy VPN server is called as a Easy VPN client.
  Hope this explains the terminologies a bit more in detail.
  To answer your question, Security Feature does allow support for Easy VPN client and server.
  And what you are trying to accomplish is option c. So, the security feature option should work out well for you.
  Hope this explains your queries.
  Rate this post, if it helps!!
  Thanks
  Gilbert

• Configuring cisco 857 for BM39

  I know that I'm doing something wrong. Tried to follow example in appnote
  http://www.novell.com/coolsolutions/appnote/7971.html
  but once I turn on the "crypto map static-map" - I can no longer ping the
  router from a PC connected to the router. I'm preparing a Cisco-857 as my
  first attempt to run a site-to-site vpn using BorderManager v3.9.
  I'm pasting the relevant portions of the cisco config below. Would greatly
  appreciate your advice.
  TIA....Gregg
  ip dhcp excluded-address 192.168.255.1
  ip dhcp pool sdm-pool
  import all
  network 192.168.255.0 255.255.255.248
  default-router 192.168.255.1
  lease 0 2
  crypto isakmp policy 1
  encr 3des
  authentication pre-share
  lifetime 28800
  crypto isakmp key xx-my-key-xx address 192.168.19.13 255.255.255.252
  crypto ipsec transform-set vpn-wvtwp esp-3des esp-sha-hmac
  crypto map static local-address Vlan1
  crypto map static 1 ipsec-isakmp
  set peer 192.168.19.13
  set security-association lifetime seconds 7200
  set transform-set vpn-wvtwp
  match address vpn-static1
  interface ATM0
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip route-cache flow
  no atm ilmi-keepalive
  dsl operating-mode auto
  interface FastEthernet0
  interface FastEthernet1
  interface FastEthernet2
  interface FastEthernet3
  interface Vlan1
  description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
  ip address 192.168.19.14 255.255.255.252 secondary
  ip address 192.168.255.1 255.255.255.248
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip route-cache flow
  ip tcp adjust-mss 1452
  crypto map static-map
  ip route 172.16.0.0 255.255.248.0 192.168.19.13
  ip route 192.168.0.0 255.255.0.0 192.168.19.13
  ip access-list extended vpn-static1
  permit ip 192.168.255.0 0.0.0.7 172.16.0.0 0.0.7.255
  permit ip 192.168.255.0 0.0.0.7 192.168.0.0 0.0.255.255

  Gregg,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://support.novell.com/forums/faq_general.html
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Port Forwarding for PcANYWHERE on Cisco 857

  Does anybody have a step by step guide on how to open and direct a port on the CISCO 857 router to allow remote operation using PcANYWHERE?
  I have access to my Cisco 857 SDM but cannot work it out.

  Excuse ingnorance but need more info.
  Where do I type this statement? Where would I type PC ip address so Router knows to direct PcAnywhere port enquiries to correct PC on the network.

• EA3500 Cisco Connect Setup problem?

  So i recently resetted my Linksys EA3500 and i lost the CD so i download the Cisco Connect for the EA3500.I connected my EA3500 using the ethernet cable to my laptop,run the setup,and then on 25% it said that no wireless routers were found.I already connected it using an ethernet cable i dont understand why it is still not found.What should i do?

  Hi geraldicg , make sure that the wireless switch on your computer is turned on. I recommend that you try another laptop (if available). If no luck, configure the router manually by accessing 192.168.1.1 or myrouter.local. Check this out: 
  Title: Accessing your Linksys Smart Wi-Fi Account through a web browser  

• Cisco 857 & 877 differences?

  I am looking to replace a Cisco 837 ADSL router for one of the newer 850 or 870 series ADSL routers and can't find a definitive list of features between the 2 platforms. Can some one point me to a URL that compares the features between the two or maybe just list what the 877 has over the 857?
  Thanks
  Andy

  Thanks for that Ankur.
  After a bit more searching (I haven't quite got the hang of the new format website...) I did find that comparison page.
  I have come to the conclusion that both the 857 and the 877 are very similar products (with some memory upgrade limitations with the 850 series). However the 850 series only has Advanced Security IOS available whilst the 870 has Advanced Security and Advanced IP Services. Adv. IP Services seems to have OSPF but Advanced Security doesn't. Can anyone confirm this?
  Thanks
  Andy

• Cisco 5512 setup

  Hi Guys,
  Here is my basic setup
  I have an ASA 5512 gig0 connects to the internet
  G1 connects to the inside on 192.168.35.254 then plugs direct into a switch.
  I'm confused on the setup to get the IPS running. do i need to set the IPS in the same range as my inside interface? and also what do i set the IPS gateway to 192.168.35.254 my inside ASA interface?
  Once this is done done a need to setup a rule within the MPF to foward all traffic to it?
  Thanks
  James.

  Also check these helpful ASA IPS config  links
  http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/modules_ips.pdf
  http://itzecurity.blogspot.co.uk/2013/12/configuring-cisco-asa-ips-module.html
  p://www.cisco.com/c/en/us/td/docs/security/asa/asa84/asdm64/configuration_guide/asdm_64_config/modules_ips.pdf
  http://www.cisco.com/c/en/us/td/docs/security/ips/7-1/configuration/guide/cli/cliguide71/cli_asa_ips.html

• VPN between WRVS4400N and CISCO 857 router

  Hi ALL,
  Am trying to VPN the two and have setup the WRVS4400N side using IPSec (seems easy enough). Has anyone any experience on the 857 router side? Would you kindly show how that can be configured? Or just point me to any good source doing it will be good too. Thanks!

  ip nat inside source route-map nonat interface FastEthernet0 overload
  access-list 110 deny ip 10.20.10.0 0.0.0.255 10.10.10.0 0.0.0.255
  access-list 110 permit ip 10.20.10.0 0.0.0.255 any
  route-map nonat permit 10
  match ip address 110
  or better (if you have for example the IP public 1.2.3.5)
  ip nat pool 1.2.3.5 1.2.3.5 1.2.3.5 prefix-length 30
  ip nat inside source list nat-to-internet pool 1.2.3.5 overload
  ip access-list extended nat-to-internet
  deny   ip 10.20.10.0 0.0.0.255 10.10.10.0 0.0.0.255
  permit ip 10.20.10.0 0.0.0.255 any
  deny   ip any any

• Cisco Connect setup stuck at 90% Linksys E900

  Hi,
  Today evening i had to restart my routers settings and I also formatted (don't know if it's a good word in english, i mean recovering operating system) my disk and now i can't install Cisco Connection Again on my laptop (win8). The setup process is always stuck at 90% (after few or more minutes there's message that configurating failed...),  what's wierd is that i can explore the internet and use settings of router in web browser ( http://192.168.1.1 ) when setup is stuck. After getting "FAIL message" i cant use internet anymore.
  I beg for your help! ;<
  Thanks in advance.

  Do you want to use the Cisco Connect software? If not, then you can always go for manual troubleshooting. Linksys designe cisco connect as a tool to help manage the router. If you need to use it, I suggest that you download the software from the linksys website and start all over again. Before you run the software, reset the router first for 10 seconds, reboot the router and once it's ready run cisco connect.
  Just make sure that you do not have any firewalls enabled or antivirus software that may interfere with the setup process. Again if you don't need the software jsut go with manual troubleshooting. You always have different options.