Configuración Inicial router Cisco 2901
Estimados, antes que nada, disculpen mi ignorancia.
Tengo el siguiente escenario, y quiero comenzar a reemplazar algunos equipos.
Tengo un RV042 conectado a Internet y a un switch 3COM.
Quiero reemplazar estos equipos por un Cisco 2901 y un switch SG500.
No he utilizado antes IOS de Cisco, y quiero comenzar configurando lo básico. Salida a Internet. Luego necesitaria agregar VPNs, pero sería un segundo paso.
Estuve leyendo sobre ACL y las tablas de ruteo, pero no logro hacer funcionar. Puedo pinguear los equipos pero no logro navegar.
En este momento he vuelto a empezar y tengo el router reseteado de fabrica.
Pueden guiarme?
Gracias
Gracias por tu respuesta.
Lo primero que me pregunto es, a diferencia de los routers convencionales, uno configura ciertos parametros:
IP publica, mascara de red, puerta de enlace (se supone que es el gateway conectado a la fibra) y los dns del ISP.
Cuando voy a configurar las interfaces de red en IOS, como especifico estos datos?
Yo defino lo siguiente:
Int G 0/1
IP Ad 190.111.249.X 255.255.255.252
desc Internet
Int G 0/0
IP Ad 192.168.1.1 255.255.255.0
desc LAN
Desde ahí como configuro la salida a internet?
Cual es la ip que debo configurar en la interface de internet, una propia para la interface que apunte al equipo que tiene la fibra?
Como seria una regla basica de Nateo para salir a internet?
Segui tutoriales, configure tal cual leia, y aun asi no lograba navegar.
Gracias por la ayuda que puedan brindarme.
Similar Messages
-
What's wrong? Verify and compare Cisco 2901 config after loading old config from Cisco 2801
Hi Cisco Community / Friends,
I am new to this site though I have cisco account for many years. I am a CCNA ,I passed my certification on January 2013 I seldom use and utilized my skills on networking becuase of my type of work. I am Project Eng'r working in a System integrator company . Anyway, I would like to ask assistance on the configurations of my Cisco router for this gov't projects.. Here's the situation.
We have a new project for the VSAT Comm'n of Coast Watch Station , The VSAT was installed 7 years ago. The VSAT was only used for a year by this Gov't agency because of subscription issue. Now, they wants to revive and use their VSAT facilities for the Coast watch monitoring. Now, some of this routers are working up to now and for some site are already defective so I need to replace the old 2801 router with a new equivalent model which is Cisco 2901. My plan was just to load the old config into the new Cisco 2901 router. However, after loading it to the new router, I am a little worried because I've got some errors received. I load the old config by copying the old files, edit it in notepad, and load the config using Secure CRT (terminal emulator). When I copy the old config of cisco 2801 to new router cisco 2901 , below are the command not recognized on Cisco 2901. What's wrong ? What are these commands for?
Appreciate your comments and help on this matter.. Thank You very much
Note: I Attached the original config from Cisco 2801 and the other file is the config after I load the config file to Cisco 2901.
(Errors see below)
CWS_4_Pandami(config-erm)#mmi polling-interval 60
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config-erm)#no mmi auto-configure
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config-erm)#no mmi pvc
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config-erm)#mmi snmp-timeout 180
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config-if)#interface GigabitEthernet0/1
CWS_4_Pandami(config-if)# description ===CWS4 SAT Modem===
CWS_4_Pandami(config-if)# bandwidth 256
CWS_4_Pandami(config-if)# ip address 192.168.42.1 255.255.255.0
CWS_4_Pandami(config-if)# duplex auto
CWS_4_Pandami(config-if)# speed auto
CWS_4_Pandami(config-if)# priority-group 1
^
% Invalid input detected at '^' marker.
CWS_4_Pandami(config)#access-list 100 permit ip any any dscp cs5
CWS_4_Pandami(config)#priority-list 1 protocol ip high list 100
^
% Invalid input detected at '^' marker.Hi
From Cisco's website:
The Modem Management Interface (MMI) is software that enables auto-provisioning for the Cisco 827 routers. The MMI uses a fixed PVC to communicate with the Proxy Element (PE) residing on the digital subscriber line access multiplexer (DSLAM). Using MMI, the Cisco 827 router updates the running image and downloads the prescribed configuration using a configuration file or configuration values in a provisioning information database.
The customer premise equipment (CPE) can be automatically configured using the Cisco DSL CPE download, but it can be configured only with the image provisioning feature.
So because this is your device, you don't want to use MMI anyways.
And "priority-list" is QoS. Probably that QoS-command is old and removed, because now QoS is configured using class-maps and policy-maps. -
Is Cisco 2901 router suffering from the heartbleed problem?
I am not quite familiar with networking product. So may be this is a stupid question.
We have recently bought a Cisco 2901 router.
http://www.cisco.com/c/en/us/products/routers/2901-integrated-services-router-isr/index.html
We checked the cisco heartbleed info page.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
But Cisco 2901 is not listed neither in "Vulnerable products" or "Products Confirmed Not Vulnerable".
So, is Cisco 2901 vulnerable or not?
Or does it depend on the firmware version? How to check?Just to add to the above. It actually say's that IOS is NOT affected.
The following Cisco products have been analyzed and are not affected by this vulnerability:
Cisco 1000 Series Connected Grid Routers
Cisco 200 Series Smart Switches
Cisco 300 Series Managed Switches
Cisco 500 Series Stackable Managed Switche
<<<<<<<<SNIPPED>>>>>>>>>
Cisco Identity Service Engine (ISE)
Cisco Insight Reporter
Cisco Integrated Management Controller (IMC)
Cisco Intelligent Automation for Cloud
Cisco IOS XR
Cisco IOS
Cisco IP Communicator
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed -
Problem: IPv6 w/ PPPoE on Cisco 2901
Folks: I have this Cisco 2901 configured with PPPoE and IPv6 and connect it through a CO (DSLAM) to an Actiontec xDSL router. PPPoE connections are on FE0/0/0, through virtual template.
The Actiontec router gets NA and PD addresses succesfully and LAN PC connected to Actiontec router can surf the IPv6 Internet w/ no problem. However, Cisco 2901 can't reach the Actiontec router by its NA or TA public IPv6 address. A 'stupid' workaround is to manually add a route w/ the virtual access. It is stupid cuz each new connection will bring up a different virtual acess.
I guess this is a bug on 2901, but want to confirm with you guys first. Now the whole config:
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname AEI_SV_Cisco_2091
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
no aaa new-model
ipv6 unicast-routing
ipv6 dhcp pool HE
prefix-delegation pool HE-48
address prefix 2001:470:1F05:7A::/64
ipv6 cef
ip dhcp pool default
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 10.10.10.1
ip dhcp pool dslam1
network 10.11.11.0 255.255.255.0
default-router 10.11.11.1
dns-server 10.11.11.1
ip domain name yourdomain.com
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip cef
multilink bundle-name authenticated
vpdn enable
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-3962993046
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3962993046
revocation-check none
rsakeypair TP-self-signed-3962993046
crypto pki certificate chain TP-self-signed-3962993046
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33393632 39393330 3436301E 170D3131 31313232 31363132
31335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39363239
39333034 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E6AF 1640A998 F13E9F8B EB9E404C F0D6E105 8DE05E45 9C9C525A 5AAEAF59
456A4578 1C0E283C 39B3751D 3F362D64 13FACD69 A92C31BA 6D2EEFBE 52BCC70C
73359968 2F76B830 A978BD5F 9A86903F C12BB00B C35C47D1 BADBE727 773E205D
A839969D FE3854B3 26E93F21 63DC4E57 D4C44821 FBE88BAA 4A1D5565 DA416138
3A7D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14BA6DEA 79E4742D 4878C88E D014C7A3 8022546A FE301D06
03551D0E 04160414 BA6DEA79 E4742D48 78C88ED0 14C7A380 22546AFE 300D0609
2A864886 F70D0101 05050003 818100CE C6732F7E 6AB385C5 5BF4E241 BE179F5D
E7C5CC78 2BFB33EC 3181D4D2 90981D2B 1106205F A3C5FEE8 E78A013B ABF3F5E0
52772A22 F3A0A24C C4F62DDB E2E6A21D AC75772B 6FEC9323 3DFC4165 CC645E62
5C8F5842 18B8DF5B C3E3C39C EBB60D3E E7ADA89B A72FB468 92F77F0A A33B5591
F5048271 F074C64E 38291F93 848F09
quit
license udi pid CISCO2901/K9 sn FCZ15489123
username admin privilege 15 secret 5 $1$.CdN$d0DXERD9PqUtu6XPilTv/.
username chap password 0 chap
bba-group pppoe global
virtual-template 1
sessions max limit 256
interface Tunnel0
description Hurricane Electric IPv6 Tunnel Broker
no ip address
ipv6 address 2001:470:1F04:7A::2/64
ipv6 enable
tunnel source 173.13.177.215
tunnel mode ipv6ip
tunnel destination 72.52.104.74
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip nat allow-static-host
ip nat enable
ip virtual-reassembly in
shutdown
duplex auto
speed auto
ipv6 enable
ipv6 dhcp server HE1
interface GigabitEthernet0/1
ip address 173.13.177.215 255.255.255.240
ip nat outside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/0/0
ip address 10.11.11.1 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
ipv6 address 2001:470:1F05:7A::1/64
ipv6 enable
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ipv6 dhcp server HE
pppoe enable group global
interface FastEthernet0/0/1
no ip address
shutdown
duplex auto
speed auto
interface Virtual-Template1
mtu 1492
ip unnumbered FastEthernet0/0/0
ip nat inside
ip nat enable
ip virtual-reassembly in
ipv6 enable
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
no ipv6 nd ra suppress
ipv6 dhcp server HE
peer default ip address dhcp-pool dslam1
peer default ipv6 pool HE
ppp authentication chap
no routing dynamic
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat source list 1 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 173.13.177.222
access-list 1 permit any
ipv6 route ::/0 Tunnel0
ipv6 local pool test 2001:470:7007::/48 64
ipv6 local pool HE-48 2001:470:8008::/48 64
control-plane
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
privilege level 15
login local
transport preferred none
transport input all
transport output all
line vty 5 15
privilege level 15
login local
transport preferred none
transport input all
transport output all
scheduler allocate 20000 1000
end
See both IPv4 and IPv6 are using virtual template to get PPPoE work. Everything's working fairly well on IPv4. I can ping from cisco to the 10.11.11.x address on Actiontec router. But with IPv6, I can't ping 2001:470:1f05:7a:: address on Actiontec router. The correct route through virtual-access is not installed, or the F0/0/0 interface doesn't pass the IPv6 traffic to the corresponding virtual access interface:
AEI_SV_Cisco_2091#sh ipv6 route
IPv6 Routing Table - default - 7 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, I1 - ISIS L1, I2 - ISIS L2
IA - ISIS interarea, IS - ISIS summary, D - EIGRP, EX - EIGRP external
ND - Neighbor Discovery, l - LISP
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
S ::/0 [1/0]
via Tunnel0, directly connected
C 2001:470:1F04:7A::/64 [0/0]
via Tunnel0, directly connected
L 2001:470:1F04:7A::2/128 [0/0]
via Tunnel0, receive
C 2001:470:1F05:7A::/64 [0/0]
via FastEthernet0/0/0, directly connected (this sounds correct, but I'm not able to reach client from this interface)
L 2001:470:1F05:7A::1/128 [0/0]
via FastEthernet0/0/0, receive
S 2001:470:8008::/64 [1/0]
via FE80::21F6:88C4:497E:6F9C, Virtual-Access2.2
L FF00::/8 [0/0]
via Null0, receive
Can some help? Thanks!
HenryHi,
The 'bug' i described above seems to apply only to packets the router generates itself. I tested it by creating a temporary subnet. Even though i had no end-to-end connectivity i could see packets matching the outbound acl which were created from a host on that subnet.
Carsten -
Enable Web gui on Cisco 2901 ISR running IOS 15...
I have recently purchased a Cisco 2901 Integrated Service Router that is running IOS 15... and need some help activating the WEB GUI Interface. I have read some documentation and have not had any luck. Some detailed instructions for the command line would be great if someone has the time to help.
ThanksHi,
It looks as though there is not a Web GUI available for the 2901. However, Cisco does provide a tool called Cisco Configuration Professional, which provides tools to configure routers. It provides options for configuring many different functions in Cisco routers. You can follow the steps laid out in this article: http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_configuration_professional/guides/CiscoCPqsg.html
This gives a great overview of how to install and start using Configuration Professional. I hope this helps, and please feel free to respond with any further questions. I will certainly do my best to answer them!
Garrett -
Connectivity issues between Cisco 2901 and Cisco SG300-52
Hello,
I am having some serious connectivity issues between the hosts in my LAN.
My LAN is based on a Cisco 2901 router and a Cisco SG300-52 port switch.
The issue that has been happening is that connections between hosts on the LAN (remote desktop, extended ping, etc) is very unstable, at some point I can see a 35% lost packets on an extended ping. This happens at any time of the day and from any host.
All hosts are on the same Vlan(default Vlan) and on the same subnet. Some hosts have fixed IP addresses (servers and network equipment) and others obtain their IP address trough a DHCP reservation established on the router (reserved with the MAC address of every host).
I can provide further details if needed, because this issue is very serious and I would really appreciate any insight or support.
Many thanks in advanced.
Sair Amer
EDIT: After doing every test we could think of, we finally found the reason behind this problem.
It turns out that the switch has problems handling communications between clients at different speeds, because most of the hosts connected were working at 100 Mbps but the servers were working at 1000 Mbps (and the communication between host and servers wasn't stable).
After manually setting the speed on all ports to 100 Mbps the problems have stopped.
Many thanks for you help on this issue.Building configuration...
Current configuration : 4123 bytes
! Last configuration change at 12:06:16 PCTime Sat Jul 19 2014 by ccp
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Foninsa
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 $1$BDbJ$HN3VP8nmywrGB55RCxPd30
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
clock timezone PCTime -4 0
clock summer-time PCTime date Apr 6 2003 2:00 Oct 12 2003 12:00
no ip cef
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.151 192.168.1.255
ip dhcp pool FONINSA
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4
ip dhcp pool Laptop-Sporta-Wifi
host 192.168.1.10 255.255.255.0
ip name-server 8.8.8.8
ip name-server 8.8.4.4
no ipv6 cef
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-213585710
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-213585710
revocation-check none
rsakeypair TP-self-signed-213585710
crypto pki certificate chain TP-self-signed-213585710
certificate self-signed 01
30820229 30820192
quit
license udi pid CISCO2901/K9 sn
license boot module c2900 technology-package securityk9
username ccp privilege 15 password
redundancy
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
ip address 190.196.21.98 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static tcp 192.168.1.3 21 190.196.21.98 21 extendable
ip nat inside source static tcp 192.168.1.3 80 190.196.21.98 80 extendable
ip nat inside source static udp 192.168.1.8 1194 190.196.21.98 1194 extendable
ip nat inside source static tcp 192.168.1.4 3389 190.196.21.98 3389 extendable
ip nat inside source static tcp 192.168.1.9 3389 190.196.21.98 10000 extendable
ip nat inside source static tcp 192.168.1.3 3389 190.196.21.98 20000 extendable
ip route 0.0.0.0 0.0.0.0 190.196.21.97
access-list 1 permit 192.168.1.0 0.0.0.255
control-plane
line con 0
password $
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 5
access-class 23 in
privilege level 15
password #
transport input telnet ssh
no scheduler allocate
end -
How to open a port for CCTV on Router Cisco DDR2201v1
Hello, I want to know how could I configure a Router Cisco DDR2201v1 for watching my CCTV System from anywhere with a internet connection. I already try to open a port in the NAT virtual server configuration but it didn't work. Could you help me please? Thanks
Can anybody tell me what's wrong with this configuration.Hi.
Welcome to Cisco Home Community.
Please follow this link, https://supportforums.cisco.com/ for the correct product category.
Thanks. -
I can't retrieve usm and vacm tables from router cisco 2800. Help please!!
Hi, I'm doing some tests in a router cisco 2800 using snmp in versions 2c and 3. I configured views and communities for version 2c and user, groups and views for version3; I suppose that the vacm and usm parameters involved in the groups, views are stored internally in usm, vacm tables. I wanted to check if the parameters I configured were inside the tables, but when I tried to retrieve all those values through get table or get next commands, I obtained the answer "end of mib view" in the application I'm using (SNMP J MANAGER) and also in wireshark where the requests are sent but the responses contain the OIDs belonging to the tables but with the value end of mib view.
I know for experience doing the tests, that "end of mib view" is obtained in a response when you try to request a OID that is outside of the view being used by a community. But the last thing I did was create a community related to a view with access to internet included. Later, I used that community (comlectura) in version 2c to retrieve those values of usmtable (1.3.6.1.6.3.15.1.2.2 ) and vacmtable (inside of 1.3.6.1.6.3.16.1) and nothing.
These are some commands I configured in the router:
snmp-server group readonly v3 auth read readview
snmp-server group writeonly v3 auth write writeview
snmp-server view readview internet included
snmp-server view writeview internet included
snmp-server view viewcomlectura mib-2 included
snmp-server view viewcomlectura2 system included
snmp-server community comlectura view readview RO
snmp-server community comlectura2 view viewcomlectura2 RO
snmp-server trap-source FastEthernet0/1
I think the cause of this error perhaps is because these tables don't exist in the CISCO MIB, but I don't thinks cisco devices ONLY have cisco mibs (
1.3.6.1.4.1.9) inside of them, because I can make request with OIDs of mib-2 branches. Anyway, please someone that can guide me in this problem. Thanks in advance.You cannot use Mavericks. Ask a friend who still runs windows or any Mac OS except Mavericks to bring their laptop and help you out.
Or plug in a USB drive for instance and create a bootable version of any previous version of OSX since 10.5.x -10.8 all of which will work fine.
Or dual boot to windows where the latest airport utility is still 5.6 -
How I can see the capacity of processor on router cisco?
Hello.
Please help me, is possible to see the capacity of router cisco's processor in MHz o GHz, thans for your help.what router do you have?
-
I HAVE A CISCO ROUTER 2900 SERIES:
SERIAL #: FCZ163377PL
PRODUCT TYPE (Model Number): 2911
SOFTWARE VERSION: 15.1(4) M4
BRIEF PROBLEM DESCRIPTION: I WOULD LIKE TO CONFIGURE A VPN USING ROUTER CISCO 2900, BUT IT DOSENT RECOGNIZE A VPN COMMAND. CAN YOU HELP?Here is an example of configuring Sub-interface on the router
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.20.10.1 255.255.255.0
RIP
http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfrip.html
router rip
network x.x.x.x.
Route Redistribution
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009487e.shtml
HTH -
Discussion Jabber on Notebooks and Cisco 2901 gateway
At work we now have Cisco Jabber clients on notebooks. Internal connections are now possible, allthought with great latency because the central "master" resides a thousand kilometers thru europe away behind a VPN-connection. As a country subsidiary a local cisco 2901 should connect to the telephony as a gateway...
- How is the general architecture of cisco collaboration?
- Is it correct to look at our cisco 2901 like a local domain-controller in windows-network?Hi
Thx for the answer. To figure it out more clear on a top-level:
We are sitting in the south of europe and our master resides up in North. Using Jabber clients on notebooks a telephony-call to customers in our country will go throught vpn-tunnel up north to u-turn and come down to our cisco2901 which is connected to legacy telephony-(ISDN-)wires and finally to customers...
Is this a recommended architecture? -
Cisco SSL-VPN / webvpn with Cisco 2901 IOS 15.3.3M
Dear Community,
I have a strange issue that I am hoping some of you will be able to assist with.
I am running an environment with the following specifications
Cisco ISR G2 2901 with IOS 15.3.3M
Security Licence enabled
Data Licence enabled
VPN Licence enabled
Cisco ISR G2 2951 with IOS 15.3.3M
Security Licence enabled
Data Licence enabled
SM with ESX server.
Desktop Environment
Windows XP SP3
Internet Explorer 8
Desktop Environment 2
Windows 8
Internet Explorer 10
I have a ESX server set up with a web page on the 2951. The 2901 unit has a SSL VPN / web vpn service set up on it to allow the Desktop Environments to connect to the 2951 web page. The Desktop Environments are not allowed to directly connect to the 2951 router that is why the SSL-VPN / web vpn is used.
This system was initially working with IOS 15.2.4M2 however an update of the IOS was required and now the VPN does not fully function correctly.
PROBLEM: Now the webvpn interface loads with the welcome screen and login. After logging in it has a screen with a link to the webpage on the 2951. When I try open this webpage on the 2951 and the SSL-VPN starts to build I only get half my web page. There seems to be a problem where I only get half a page loading or just a blank page with just HTML headers. I have tried changing the page to just HTML but it still does not display properly. This is with Internet Explorer ( all versions ). With firefox there are no problems but I cannot run this browser as my environment will not allow it.
If anyone can assit me here it would really make my day.
Thanks,
WillCan anyone help with this ?
-
Now we have a cisco router 2901/k9 with universal ios (NOT C2901-CME-SRST/K9), we would like to configure CME on that device
so i want to know what additional parts/license we need to install on it? Thanks!Hi Terry,
you can refer the ordering guide
http://www.cisco.com/en/US/partner/prod/collateral/voicesw/ps6788/vcallcon/ps4625/cme_ordering_guide.pdf
You need to have licenses for phones and seat license.All the CME licenses are honour based
you can also refer DOC
https://supportforums.cisco.com/docs/DOC-26706
regds,
aman -
Cisco 2901-CME-SRST and ISM-SRE-300-K9 No Package already installed?
Good Morning Everybody,
I'm installing a new CME router with CUE.
But, the ISM-SRE-300-K9 is empty, I don't if it's normal.
I try to install two different packages :
Version 8.5.1
cue-installer.sme.8.5.1
cue-vm-full-k9.sme.8.5.1.prt1
cue-vm-installer-k9.sme.8.5.1.prt1
cue-vm-k9.sme.8.5.1.key
cue-vm-k9.sme.8.5.1.pkg
cue-vm-k9.sme.8.5.1.pkg.install.sre
cue-vm-k9.sme.8.5.1.pkg.install.sre.header
cue-vm-langpack.sme.8.5.1.pkg
Version 8.6.1
cue-installer.SPA.sme.8.6.1
cue-vm-full-k9.SPA.sme.8.6.1.prt1
cue-vm-installer-k9.SPA.sme.8.6.1.prt1
cue-vm-k9.SPA.sme.8.6.1.key
cue-vm-k9.SPA.sme.8.6.1.pkg
cue-vm-k9.SPA.sme.8.6.1.pkg.install.sre
cue-vm-k9.SPA.sme.8.6.1.pkg.install.sre.header
cue-vm-langpack.sme.8.6.1.pkg
Without success...
I try with two differents FTP server (Linux and Windows), connection and session seems ok with Wireshark, but, module go to loop, without installation success.
Different try :
Version 8.5.1
==========
Router#$0 status
Service Module is Cisco ISM0/0
Service Module supports session via TTY line 67
Service Module is trying to recover from error
Service Module heartbeat-reset is enabled
Service Module is in fail open
Service Module status is not available
Module resource information:
CPU Frequency: 1068 MHz
Memory Size: 493 MB
Disk 0 Size: 4110 MB
Install of ftp://*****:*****@10.10.80.68/Downloads/cue-vm-k9.sme.8.5.1.pkg in progress
Install status : Waiting for file request
Local Partition Info - (0 apps)
=====================
Retrieving partition information
Router#
Feb 16 06:04:22.583: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:29:03.839: %SYS-5-CONFIG_I: Configured from console by vty0 (10.10.80.68)
Feb 16 06:29:19.915: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:30:01.283: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:30:21.711: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:30:42.143: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:31:02.571: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:31:22.995: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP Registration Request
Feb 16 06:31:22.999: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:31:43.419: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:32:03.843: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:32:45.275: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:33:05.699: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:33:26.119: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:33:46.543: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:34:06.979: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP Registration Request
Feb 16 06:34:06.983: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:34:27.399: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:34:47.831: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:35:29.263: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:35:49.687: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:36:10.119: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:36:30.563: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:36:50.983: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP Registration Request
Feb 16 06:36:50.987: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:37:11.467: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:37:31.887: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:38:13.399: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:38:33.815: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Feb 16 06:38:54.243: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File RequestConnection closed by foreign host.
Version 8.6.1
==========
Router#[email protected]/Downloads/cue-vm-k9.SPA.sme.8.6.1.pkg
Proceed with installation? [no]: yes
Feb 16 07:16:21.235: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP Registration Request
Loading Downloads/cue-vm-k9.SPA.sme.8.6.1.pkg.install.sre !
[OK - 38648/4096 bytes]
No local store partition
Following languages are available for installation.
# SKU Language Code Language Name
1 ARA ar_SA CUE Voicemail Arabic
2 DAN da_DK CUE Voicemail Danish
3 DEU de_DE CUE Voicemail German
4 ENG en_GB CUE Voicemail UK English
5 ENU en_US CUE Voicemail US English
6 ESO es_CO CUE Voicemail Latin American Spanish
7 ESP es_ES CUE Voicemail European Spanish
8 ESM es_MX CUE Voicemail Mexican Spanish
9 FRC fr_CA CUE Voicemail Canadian French
10 FRA fr_FR CUE Voicemail European French
11 HUN hu_HU CUE Voicemail Hungarian
12 ITA it_IT CUE Voicemail Italian
13 HBR iw_IL CUE Voicemail Hebrew
14 JPN ja_JP CUE Voicemail Japanese
15 KOR ko_KR CUE Voicemail Korean
16 NLD nl_NL CUE Voicemail Dutch
17 NOR no_NO CUE Voicemail Norwegian
18 PTB pt_BR CUE Voicemail Brazilian Portuguese
19 PTG pt_PT CUE Voicemail Portuguese
20 RUS ru_RU CUE Voicemail Russian
21 SVE sv_SE CUE Voicemail Swedish
22 TUR tr_TR CUE Voicemail Turkish
23 CHS zh_CN CUE Voicemail Simplified Chinese (PRC)
24 ZHH zh_HK CUE Voicemail Hong Kong Chinese
25 CHT zh_TW CUE Voicemail Traditional Chinese (Taiwan)
You can install upto 5 language(s) on this platform.
Please select the language(s) you want to install by entering the language number(s)
Languages can be entered as comma separated or space separated list
Example: 1,3 would select 'CUE Voicemail Arabic' and 'CUE Voicemail German'
Enter languages:4
Following languages will be installed on the system:
CUE Voicemail UK English
Do you want to continue with the selected options?(y/n):y
Router#
Feb 16 07:16:50.579: %SM_INSTALL-6-INST_RESET: ISM0/0 is reset for software installation.
Feb 16 07:17:11.235: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP Registration Request
Feb 16 07:17:11.239: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
===========================
on the service-module ism0/0 session
===========================
Initializing memory. Please wait...
Memory initialization OK. Continue...
Feb 16 07:25:08.683: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
DDR Memory 0512 MB detected
Genuine Intel(R) processor 1.06GHz
BIOS ISM 2.6, BIOS Build date: 10/16/2009
System now booting...
Authenticating boot loader....
Primary Boot Loader Authenticated - booting....
Please enter '***' to change boot configuration:
Detect and Initialze network device
Backup current platform configurations....
SRE step 1 - SM registration...
SRE step 2 - SM requests key file info...
!!! Opcode Error - Get a wrong RBIP frame !!!
Feb 16 07:25:29.259: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP Registration Request
Feb 16 07:25:29.263: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Time-out from RBIP response wait loop
SRE step 3 - SM stores registration info...
Updating flash with bootloader configuration.
Please wait .............. done.
SRE step 4 - SM downloads key-file...
!!! Opcode Error - Get a wrong RBIP frame !!!
Writing keyfile to flash Size 891
writing complete.
SRE step 5 - SM requests installer info...
Feb 16 07:25:49.791: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
SRE step 6 - SM stores installer info...
Updating flash with bootloader configuration.
Please wait .............. done.
SRE step 7 - SM now downloads installer
|
!!! Opcode Error - Get a wrong RBIP frame !!!
Feb 16 07:26:10.343: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Requestdone.
SRE step 8 - SM requests tcl header file info...
!!! Opcode Error - Get a wrong RBIP frame !!!
Feb 16 07:26:52.919: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Time-out from RBIP response wait loop
SRE step 9 - SM now downloads the tcl header file
|
!!! Opcode Error - Get a wrong RBIP frame !!!
TCL header file downloaded completely size: 691
SRE step 10 - SM requests tcl file info...
Feb 16 07:27:13.467: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File Request
Time-out from RBIP response wait loop
SRE step 11 - SM now downloads the tcl file
!!! Opcode Error - Get a wrong RBIP frame !!!
Feb 16 07:27:34.011: %SM_INSTALL-6-INST_RBIP: ISM0/0 received msg: RBIP File RequestTCL file downloaded completely size: 691
SRE step 12 - SM now boots Installer
Verifying ...
Corrupted netboot image detected
done.
Starting Kernel.
loop ....
I have no idea to solve my problem...
If anybody have suggestion, should be great.
Have a nice day !
Thanks
FabHi,
I try that. From this guide :
http://www.cisco.com/en/US/docs/voice_ip_comm/unity_exp/rel3_0/installation/guide/upg3boot.pdf
with windows xp tftpd32
computer config : 192.168.1.4/24
ftp server 192.168.1.3 /24
Router int g0/0 192.168.1.1 255.255.255.0 + ip route 192.168.1.2 255.255.255.255 ism 0/0
ISM :
ServicesEngine boot-loader> show config
IP addr: 192.168.1.2
Netmask: 255.255.255.0
TFTP server : 192.168.1.4
GW IP addr: 192.168.1.1
Default Boot: disk
Bootloader Version: 2.1.18
Bootloader Name: bootloader
Default Helper-file: cue-installer.sme.8.5.1
Default bootloader: primary
From Computer :
C:\Documents and Settings\f>ping 192.168.1.2 -t
Pinging 192.168.1.2 with 32 bytes of data:
Reply from 192.168.1.2: bytes=32 time<1ms TTL=126
Icmp from ism to computer: no response.
from ism to router int g0/0 : no response too.
router to ism (boot-loader): ok
pc to ism (boot-loader) : ok
So when I try "boot helper" , the request tftp didn't come to my computer.
ServicesEngine boot-loader> boot helper
Loading tftp://192.168.1.4/cue-installer.sme.8.5.1 ...
ServicesEngine boot-loader>
Thank you for your help. -
Cisco 877 router - Cisco IP phone won't register with SIP provider
Hi all,
I'm having a problem with a Cisco SPA504G phone not registering with the SIP carrier over the Internet. We've recently rolled out a Cisco 877 router onto a new NBN business connection and can't get the pre-configured IP phone to register.
When we tested the phone with the NBN-provided Netgear router, it worked fine, as it did with the previous Cisco 1841 router we were using on a different link.
The way it's setup is using VLANs to define the internal subnets, which are then assigned to the physical interfaces (since the 887 doesn't allow IP assignments to the interfaces directly).
VLAN 100 is the internal network and has a SBS2011 server – assigned to F0 – IP range is 192.168.1.0
VLAN 200 is the guest network and has Internet access only – assigned to F1 – IP range is 10.1.1.0
VLAN 500 is the WAN network and connects to the NBN upstream box – assigned to F3 – external IP address assigned by DHCP
I've been playing around with access lists, nat rules, basically everything in my limited Cisco knowledge to try and figure this out, but to no avail. I have even configured what I believe is unrestricted access to IP, UDP and TCP outbound and inbound to all VLANs and still can't get it to register.
Tried isolating the issue by creating a new VLAN and assigning it to the spare interface and basically allowing everything in and out, but still no luck.
The problem has to be something on the router – probably some small line of config I haven’t removed or added.
I am going to pull my hair out soon, so would really appreciate some assistance from the Cisco gurus out there.
My client has just purchased about 10 of these handsets from their provider so I need to fix this ASAP. The guy who provided them wasn't very helpful, and basically said I'm on my own once we tested using the NBN-provided Netgear router.
Happy to post my config as well.
Please help!!!!Current configuration : 4912 bytes
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Router1
boot-start-marker
boot-end-marker
no aaa new-model
memory-size iomem 10
crypto pki token default removal timeout 0
no ip source-route
ip dhcp excluded-address 10.1.1.1
ip dhcp pool GUEST
network 10.1.1.0 255.255.255.0
dns-server 10.1.1.1 203.50.2.71 139.130.4.4
default-router 10.1.1.1
ip cef
no ip domain lookup
ip domain name network.local
ip name-server 192.168.1.123
ip name-server 203.23.53.12
ip name-server 197.12.32.86
ip name-server 8.8.8.8
no ipv6 cef
license udi pid CISCO887VA-K9 sn FGL171220XY
username admin privilege 15 secret 5 $1$aNsm$N1BCQYkoi8gnURyvloYEX/
controller VDSL 0
interface Ethernet0
no ip address
shutdown
interface ATM0
no ip address
no atm ilmi-keepalive
bridge-group 10
pvc 8/35
interface FastEthernet0
description NAC - Internal network
switchport access vlan 100
no ip address
interface FastEthernet1
description NAC - Guest network
switchport access vlan 200
no ip address
interface FastEthernet2
no ip address
shutdown
interface FastEthernet3
description **** WAN Port ****
switchport access vlan 500
no ip address
interface Vlan1
no ip address
bridge-group 10
hold-queue 100 out
interface Vlan100
description NAC - Internal Vlan
ip address 192.168.1.1 255.255.255.0
ip access-group IN-100 in
ip access-group OUT-100 out
ip nat inside
ip virtual-reassembly in
interface Vlan200
description NAC - Guest Vlan
ip address 10.1.1.1 255.255.255.0
ip access-group IN-200 in
ip access-group OUT-200 out
ip nat inside
ip virtual-reassembly in
interface Vlan500
description **** WAN Vlan ****
ip address dhcp
ip nat outside
no ip virtual-reassembly in
no ip forward-protocol nd
ip http server
ip http access-class 23
ip http secure-server
ip dns server
ip nat inside source list NAT-100 interface Vlan500 overload
ip nat inside source list NAT-200 interface Vlan500 overload
ip nat inside source static tcp 192.168.1.123 25 interface Vlan500 25
ip nat inside source static tcp 192.168.1.123 443 interface Vlan500 443
ip nat inside source static tcp 192.168.1.123 3389 interface Vlan500 3399
ip nat inside source static tcp 192.168.1.123 80 interface Vlan500 80
ip nat inside source static tcp 192.168.1.123 4125 interface Vlan500 4125
ip nat inside source static tcp 192.168.1.124 3389 interface Vlan500 3390
ip nat inside source static tcp 192.168.1.123 987 interface Vlan500 987
ip nat inside source static tcp 192.168.1.123 1723 interface Vlan500 1723
ip route 0.0.0.0 0.0.0.0 55.234.52.43
ip access-list extended IN-100
permit udp any any range bootps bootpc
deny ip 10.1.1.0 0.0.0.255 any
permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended IN-200
permit udp any any range bootps bootpc
permit ip 10.1.1.0 0.0.0.255 any
ip access-list extended NAT-100
deny ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255
permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended NAT-200
deny ip 10.1.0.0 0.0.255.255 10.1.0.0 0.0.255.255
permit ip 10.1.1.0 0.0.0.255 any
ip access-list extended OUT-100
permit udp any range bootps bootpc any
deny ip 10.1.1.0 0.0.0.255 any
permit ip any 192.168.1.0 0.0.0.255
ip access-list extended OUT-200
permit udp any range bootps bootpc any
deny ip 10.1.1.0 0.0.0.255 192.168.1.0 0.0.0.255
permit ip any 10.1.1.0 0.0.0.255
access-list 23 permit 59.23.164.52
access-list 23 permit 192.168.1.0 0.0.0.255
access-list 23 permit 10.1.1.0 0.0.0.255
access-list 23 permit 120.146.0.0 0.0.255.255
access-list 23 permit 149.185.12.0 0.0.0.255
access-list 23 permit 110.44.28.0 0.0.0.255
access-list 23 permit 110.44.26.0 0.0.0.255
access-list 23 permit 103.25.212.0 0.0.0.255
access-list 23 permit any
bridge 10 protocol ieee
banner motd ^C
* Authorized personnel only! *
^C
line con 0
login local
no modem enable
line aux 0
line vty 0 4
password password01
login local
transport input all
end
Maybe you are looking for
-
Can not Delete Data in SEM-BCS
Dear Expert, I do the following steps : 1. Created Consolidation groups in workbench ( I was not assigned it to anywhere) 2. Save. 3. Deleted Consol group above. 4. WHen i tried to save, There are errors that said "The data model contains inconsisten
-
How can I create a new standard tab set?
I have a tab set right now with one tab in it. How can I create a new tab set in an existing page with different tabs in it? Thanks.....
-
Problem with RFC adapter (JCO Exception RFC logon failure)
Hi , I have SOAP to RFC scenario. Scenario with same configuration (RFC adapter) is working in QA system.but when I have transported to PRODUCTION system it is showing com.sap.aii.af.ra.ms.api.DeliveryException: RfcAdapter: receiver channel has stati
-
LDAP Configuraton: Is it possible to block 2500 users??
Hello experts, we are running an EP with about 2500 users. The database for all users is the Protal´s DB sofar. However we would like to use the company´s AD for retreiving user data. Now, the users in the portal database have more o less the same Lo
-
Hi, All: I am trying to migrate a application coded by VC++ to TestStand+CVI. This application opens multiple serial com ports and send commands to test targets, and get responses from these targets. The VC++ application creates multiple thread,