Controlling Cisco Router via SMS
Hi all!
I have a Cisco 2951 with EHWIC-3G-HSPA-U. So the thing that I want to do is to configure WAN interface to be up/down via receiving the proper SMS(I know that ehwic does support receiving/sending SMS). Already saw a Cisco official topic about EHWIC-3G-HSPA-U and haven't found anething related to my issue.
Can anyone explain me how to do it?
P.S. I think that it is neccesary to create an event and connect it to sms somehow but definitly have no idea how to do so.
There is an EEM policy located at this link that can be used to send CLI commands over SMS.
https://supportforums.cisco.com/document/12316801/commands-over-sms
Similar Messages
-
How do you reset the hp 6300 series ip address to connect toa new Cisco router?
I am running on Windows 7 64-bit and cannot get the printer to hook up to the new router and work on my Homegroup to share the printer. It shows a error code and says to troubleshoot. It won't hook up to the CISCO router via ethernet cable.
On the front of the printer: Setup > Network > Restore Defaults.
Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
I am employed by HP -
Help with Remote access VPN on Cisco router 3925 via Dialer Interface
Hi Everybody,
I need help for my work now, I appreciate if someone can fix my problem.I have a Cisco router 3925 and access Internet via PPPoE link. I want config VPN Remote Access and using software Cisco VPN client. But it doesn't work.. Here my config router :
HUNRE#show running-config
Building configuration...
Current configuration : 5515 bytes
! No configuration change since last restart
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname HUNRE
boot-start-marker
boot-end-marker
enable secret 5 $1$vEFw$rLfvLglzUgddCVwXDx03K.
enable password cisco
aaa new-model
aaa session-id common
crypto pki trustpoint TP-self-signed-1050416327
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1050416327
revocation-check none
rsakeypair TP-self-signed-1050416327
crypto pki certificate chain TP-self-signed-1050416327
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303530 34313633 3237301E 170D3134 30393235 31313534
31395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30353034
31363332 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CC79 74FCFABE 81183B70 5A9F4A53 EB609754 7D5F8587 9150B76E 3207A86E
5B65F9E9 6CDAC21A 6D69221D 1FF61632 14763308 43B2A1CC 8EE5ABAC EF07530E
3F0D35FE F08C955B 60B52B92 F8F54D53 DD6DD623 01F83493 02F9C49A F0C3483D
3B48A008 8D96700E 88924BFE DE00201B DE5965DE 32898CAD 9012AB55 76B6F39B
2D470203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14C3418C BC35F3D9 B26B2475 2BB5F826 060525AB B3301D06
03551D0E 04160414 C3418CBC 35F3D9B2 6B24752B B5F82606 0525ABB3 300D0609
2A864886 F70D0101 05050003 81810070 AC7C26C6 4606A551 1A3FD6C5 2A5AEAE8
35DAC86E F8885E26 51F6EEAE 7565D3AA D532C8F3 55F6656F D103F38C 8FBDE7F1
83E77143 76469040 7FEA41E8 14963DB3 F7F28EA0 C5F2F42C B186B75C AAB04900
15F9CB38 A16964F5 4E7B4378 35041AA8 AE8EC181 D58D6A62 676E286A 7B9D80E6
35A0B9FB FB76E976 3D2A19D7 006078
quit
ip name-server 210.245.1.253
ip name-server 210.245.1.254
ip cef
no ipv6 cef
multilink bundle-name authenticated
vpdn enable
vpdn-group 1
vpdn-group 2
license udi pid C3900-SPE100/K9 sn FOC1823839B
license boot module c3900 technology-package securityk9
username cisco privilege 15 secret 5 $1$aAjB$D3iLyPFTE7O1bHPnKSJcH0
username kdhong privilege 15 secret 5 $1$nfyX$FO1BPTabCUaE6uKQwpLT.1
redundancy
track 1 ip sla 1 reachability
track 2 ip sla 2 reachability
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp client configuration group VPN-HUNRE
key hunre
dns 8.8.8.8
domain hunre
pool IP-VPN
acl 199
max-users 100
crypto ipsec transform-set encrypt-method-1 esp-3des esp-sha-hmac
mode tunnel
crypto dynamic-map DYNMAP 1
set transform-set encrypt-method-1
crypto map VPN client configuration address respond
crypto map VPN 65535 ipsec-isakmp dynamic DYNMAP
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip mtu 1492
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
duplex auto
speed auto
interface GigabitEthernet0/1
description FPT
no ip address
ip tcp adjust-mss 1412
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface GigabitEthernet0/2
description Connect to CMC
no ip address
ip mtu 1442
ip nat outside
ip virtual-reassembly in
ip tcp adjust-mss 1412
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 2
no cdp enable
interface Dialer1
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname [USERNAME]
ppp chap password 0 [PASSWORD]
ppp pap sent-username [USERNAME] password 0 [PASSWORD]
ppp ipcp dns request
crypto map VPN
interface Dialer2
description Logical ADSL Interface 2
ip address negotiated
ip mtu 1442
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1344
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname [USERNAME]
ppp chap password 0 [PASSWORD]
ppp pap sent-username [USERNAME] password 0 [PASSWORD]
ppp ipcp address accept
no cdp enable
ip local pool IP-VPN 10.252.252.2 10.252.252.245
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 10 interface Dialer1 overload
ip nat inside source list 11 interface Dialer2 overload
ip nat inside source static 10.159.217.10 interface Dialer1
ip nat inside source list 199 interface Dialer1 overload
ip nat inside source static tcp 10.159.217.10 80 210.245.54.49 80 extendable
ip nat inside source static tcp 10.159.217.10 3389 210.245.54.49 3389 extendable
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.159.217.0 255.255.255.0 192.168.1.8
ip sla auto discovery
ip sla responder
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
access-list 10 permit any
access-list 11 permit any
access-list 101 permit icmp any any
access-list 199 permit ip any any
control-plane
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password cisco
transport input all
line vty 5 15
password cisco
transport input all
scheduler allocate 20000 1000
ntp master
end
However, I cannot ping interfac Dialer 1. I using Cisco vpn client software ver 5.0.07.0290.
Hopeful for your answers !
ThanksHi David Castro,
Thanks for your answer,
I configed following your guide, but it have not worked yet. I saw that I cannot ping IP gateway Internet . I using ADSL Internet and config PPPoE and my router receive IP from ISP. Here show ip int brief :
GigabitEthernet0/0 192.168.1.1 YES NVRAM up up
GigabitEthernet0/1 unassigned YES NVRAM up up
GigabitEthernet0/2 unassigned YES NVRAM up up
Dialer1 210.245.54.49 YES IPCP up up
Dialer2 101.99.7.73 YES IPCP up up
NVI0 192.168.1.1 YES unset up up
Virtual-Access1 unassigned YES unset up up
Virtual-Access2 unassigned YES unset up up
Virtual-Access3 unassigned YES unset up up
But I cannot ping Interface Dialer 1, so may be VPN is does not worked. Do you have some ideal ?
Thanks very much ! -
Setting PPPoE clients speed Via Cisco router
Hi i have a 7200 cisco router working as NAS (network access server) for PPPoE sessions , the clients connected DSLAMS and the Cisco connected to an AAA external Raduis server.
i want to set the user speed Via cisco router in a way which can be controlled in the Radius server , and not through the actual speed of the DSLAMS ports
Thanks alotHello Mohamed,
there is a feature called controlled subscriber bandwidth that may fit your needs:
see
http://www.cisco.com/en/US/docs/ios/bbdsl/configuration/guide/bba_con_sub_bdwth_ps6441_TSD_Products_Configuration_Guide_Chapter.html
it manipulates the ATM traffic parameters on a per user basis
these settings can be done on radius AV:
example:
The following example shows how to configure RADIUS attributes for a user profile for DBS:
[email protected] Password = "userpassword1", Service-Type = Outbound
Service-Type = Outbound,
Cisco-Avpair = "vpdn:tunnel-id=tunnel33",
Cisco-Avpair = "vpdn:tunnel-type=l2tp",
Cisco-Avpair = "vpdn:l2tp-tunnel-password=password2",
Cisco-Avpair = "vpdn:ip-addresses=172.16.0.0",
Cisco-Avpair = "atm:peak-cell-rate=155000",
Cisco-Avpair = "atm:sustainable-cell-rate=155000"
Hope to help
Giuseppe -
We have a need to netboot a PC with Linux via a Cisco router (I.E. PXEboot).
We have copied the PXE linux.cfg files to the Cisco router's flash, (Cisco 2821, IOS Advanced Security 15-1.2-T1).
We have setup the router as a TFTP server with defaulted path as tftp-server flash:tftpboot
From the pc's CMOS, we selected PXE boot.
With "debug ip packet detail", we can see the DHCP request from the PC.
We cannot however, get the router to download the Linux files to the PC.
Manually we tried:
c:\ tftp 10.0.0.1 get default - no go.
ANYONE have an idea????
Thanks
Frank/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";
mso-ansi-language:#0400;
mso-fareast-language:#0400;
mso-bidi-language:#0400;}
Hi Ash,
Thanks for the assistance.
The laptop is directly connected to the Cisco 2821 routers g0/0 interface.
The router is configured to be a DHCP server with the Cisco 2821 router IP address on g0/0 set in the DHCP configuration to be the default router. The router’s IP address is excluded from DHCP. (10.0.0.30)
If the laptop’s bios is set to PXE boot, it seems to receive an IP address from the router I.E. 10.0.0.1– verified by statically assigning another pc IP address 10.0.0.1– the 2nd pc receives an error of IP address conflict. Then set the second pc to obtain its’ IP address via DHCP, and while running debug ip packet detail on the router, I see the router running through the DHCP assignment process and finally assigns the 2nd pc 10.0.0.2.
So needless to say, I believe the DHCP setup is functioning correctly.
The problem we have at this point is nailing down the TFTP-server function running on the Cisco 2821 router.
We were able to create the directory tree on the Cisco 2821 routers flash and then copy the correct files into each directory within flash.
Using WinXP DOS prompt, tftp does not seem to function.
With debug ip packet detail running on the router and Wireshark running on the PC, we run from a DOS window c:\tftp 10.0.0.1 GET \default. No matter how we specify the path, end result is an error of some kind.
We watch debug and wireshark display the communications of the PC and router talking, but cannot seem to get the requested file.
Perhaps WinXP tftp server is flawed.
If we load TFTP32 and attempt to send and/or receive a file from flash, works fine.
The router tftp config is as:
tftp-server flash:/tftpboot/dsl/pxeboot.cfg
The actual files name is "default" and is found on the Cisco 2821 flash:/tftpboot/dsl/pxeboot.cfg directory.
No ACLs on the Cisco router and the router is pretty much right out of the box.
Firewall is disabled on both PCs.
Ping to/from the PC/router works fine.
Thanks again
Frank -
IDS shunning - IDS can't blocking via Cisco Router
Hello all.
I've configured IDS to shun with cisco router. I think all of setting fine, but IDS can't configure acl on the router via telnet.
Here is the output from ids using sh statistics networkAccess.
if you see the output, the state is Inactive.
Could you please let me know why the state is falling down inactive..
regards,
John.
IDS# sh statistics networkAccess
Current Configuration
AllowSensorShun = false
ShunMaxEntries = 250
NetDevice
Type = Cisco
IP = 192.168.1.10
NATAddr = 0.0.0.0
Communications = telnet
ShunInterface
InterfaceName = serial0/0
InterfaceDirection = in
State
ShunEnable = true
NetDevice
IP = 192.168.1.10
AclSupport = uses Named ACLs
State = Inactive <-- why???
IDS#This means the sensor had a problem either connecting to or reconfiguring the router.
What to do:
Configure network access to Disable Shunning and apply the changed config.
Now configure network access to Enable Shunning again and apply the changd config.
This will cause the network access controller to disconnect from the router and try to connect again.
Check the network access statistic and see if it is still inactive.
If it is then execute "show events past 00:10:00 to see all events in the past 10 minutes. Find the status event where you applied the change to Enable Shunning again, and start looking at the later events. Search for error or status events that might show what errors the network access controller was running in to.
Typical causes: Wrong username or password. Sensor is not able to telnet to the router because either the router is not reachable from the sensor IP, or the router does not have telnet enabled, or the router's access list prevents the sensor from connecting.
Other things you can check:
Create a service account on the sensor.
Login through the service account.
From the service account try to telnet to the router using the same username and password configured in the network access controller configuration on the sensor.
And see if you can get into the router.
You might also try running a sniffer between the router and sensor and monitor the connection. You can look for any error message coming back from the router, or at least see where in the connection the sensor is stopping. -
After installing the printer successfully on my desktop wireless through the cisco router I attempted to add my laptop a hp G60-635DX notebook. After installing the printer I got a message that a driver cannot be found! I called cisco and they offered online help for a $ 69.00 contract for 1 year! Looking for cheaper alternative!!!
Does the Asaro run DHCP? If so, turn off all access points except the one running DHCP and connect the printer. Then you can turn on the other APs.
Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
I am employed by HP -
Problems connecting to a Open Network via Wi-fi on Cisco Router
Hi everyone, I know I'm new here but I'm in need of your help, so if you can assist please do so as I cannot live without wi-fi and might have to go back to my nokia again if I can't sort this out.
Vodafone finally released the Iphone on their network in Ireland today and I've picked a 3gs up straight away.
At work I have a wi-fi network with a CISCO router (I have no access to the router as only IT do and they won't change anything to satisfy me and my Iphone anyways). This network has no encryption whatsoever and its free to join, you don't need any password or anything. My nokia at the start couldn't connect as it said that the network needed a pre shared key, this isn't true and in the end it was just change a setting to no auth required for it to log into the network and work perfectly.
Today I got to work and the Iphone can't connect to the network, just says it can't join the network. I cannot find anything about authentication on the settings of the phone nor can I work around this at all. I've had a Ipod touch for (the 2nd gen) for over 2 years and I gave up trying to set it up at work because I just couldn't find what was wrong with it, I ended up almost not using it other than when traveling or on the gym.
So first question is there any way I can access the authentication settings for wi-fi connections on the Iphone? Maybe its just a little change that is needed like the nokia.
Has anyone experienced this problem on a open network that they cannot join?
Any other sugestions? Anything really?
Thank you very much for your time guys, I would really really appreciate your help on this.
Regards,
Rod
PS: I've also tried to install the Iphone configuration utility however I don't know how to access the profiles on the phone, anyone can help with this so I can try the profile I've created?
I don't think it is going to work because the options available on the configuration utility are basicly the same available on the Iphone itself.
Anyone has any sugestion on how to solve this problem??? Thanks very much.Sun Mar 28 06:02:24 unknown Preferences[292] <Warning>: wifi handler: (null)
Sun Mar 28 06:02:27 unknown kernel[0] <Debug>: AppleBCMWLAN::setASSOCIATE() [configd]: lowerAuth = AUTHTYPE_OPEN, upperAuth = AUTHTYPE_NONE, key = CIPHER_NONE, flags = 0x0
Sun Mar 28 06:02:27 unknown configd[22] <Error>: WiFi:[//////////////////>: Failed to associate with Internet: 5
Sun Mar 28 06:02:27 unknown kernel[0] <Debug>: AppleBCMWLANJoinManager::join(): No such network: "Internet"
Sun Mar 28 06:02:27 unknown Preferences[292] <Warning>: WiFiManagerAssociationCallback: err(5), err(00000005)
This is what I get on the Iphone configuration utility debug console. I edited out just a couple of numbers in case this is sensitive information the company wouldn't want me to share.
Message was edited by: F-22 -
Not able to telnet or ssh to outside interface of ASA and Cisco Router
Dear All
Please help me with following question, I have set up testing lab, but still not work.
it is Hub and spoke site to site vpn case, connection between hub and spoke is metro-E, so we are using private ip for outside interface at each site.
Hub -- Juniper SRX
Spoke One - Cisco ASA with version 9.1(5)
spoke two - Cisco router with version 12.3
site to site vpn has been successful established. Customer would like to telnet/ssh to spoke's outside ip from Hub(using Hub's outside interface as source for telnet/ssh), or vise versa. Reason for setting up like this is they wants to be able to make configuration change even when site to site vpn is down. Sound like a easy job to do, I tried for a long time, search this forum and google too, but still not work.
Now I can successfully telnet/ssh to Hub SRX's outside interface from spoke (ASA has no telnet/ssh client, tested using Cisco router).
Anyone has ever done it before, please help to share your exp. Does Cisco ASA or router even support it?
When I tested it, of cause site to site vpn still up and running.
Thanks
YKHello YK,
On this case on the ASA, you should have the following:
CConfiguring Management Access Over a VPN Tunnel
If your VPN tunnel terminates on one interface, but you want to manage the ASA by accessing a different interface, you can identify that interface as a management-access interface. For example, if you enter the ASA from the outside interface, this feature lets you connect to the inside interface using ASDM, SSH, Telnet, or SNMP; or you can ping the inside interface when entering from the outside interface. Management access is available via the following VPN tunnel types: IPsec clients, IPsec LAN-to-LAN, and the AnyConnect SSL VPN client.
To specify an interface as a mangement-only interface, enter the following command:
hostname(config)# management access management_interface
where management_interface specifies the name of the management interface you want to access when entering the security appliance from another interface.
You can define only one management-access interface
Also make sure you have the pertinent configuration for SSH, telnet, ASDM and SNMP(if required), for a quick test you can enable on your lab Test:
SSH
- ssh 0 0 outside
- aaa authentication ssh console LOCAL
- Make sure you have a default RSA key, or create a new one either ways, with this command:
*crypto key generate rsa modulus 2048
Telnet
- telnet 0 0 outside
- aaa authentication telnet console LOCAL
Afterwards, if this works you can define the subnets that should be permitted.
On the router:
!--- Step 1: Configure the hostname if you have not previously done so.
hostname Router
!--- aaa new-model causes the local username and password on the router
!--- to be used in the absence of other AAA statements.
aaa new-model
username cisco password 0 cisco
!--- Step 2: Configure the router's DNS domain.
ip domain-name yourdomain.com
!--- Step 3: Generate an SSH key to be used with SSH.
crypto key generate rsa
ip ssh time-out 60
ip ssh authentication-retries 3
!--- Step 4: By default the vtys' transport is Telnet. In this case,
!--- Telnet and SSH is supported with transport input all
line vty 0 4
transport input All
*!--- Instead of aaa new-model, the login local command may be used.
no aaa new-model
line vty 0 4
login local
Let me know how it works out!
Please don't forget to Rate and mark as correct the helpful Post!
David Castro,
Regards, -
Remote access VPN with Cisco Router - Can not get the Internal Lan .
Dear Sir ,
I am doing Remote Access VPN through Cisco Router. Before the real deployment, I want to simulate it with GNS3.Need you help to complete the job .Please see the attachment for Scenario, Configuration and Ping status.
I am getting IP address when i connect through VPN client .But I can not ping to the internal lan -192.168.1.0.Need your help to sole the issue.
Below is the IP address of the device.
Local PC connect with Router -2 (Through MS Loopback) Router -2 Router-1 PC -01
IP Address :10.10.10.2 Mask : 255.255.255.0 F0/01
IP address:10.10.10.1
Mask:255.255.255.0 F0/0
IP Address :20.20.20.1
Mask :255.255.255.0
F0/1
IP address :192.168.1.3
Mask:255.255.255.0
F0/0
IP address :20.20.20.2
Mask :255.255.255.0
F0/1
IP address :192.168.1.1
Mask:255.255.255.0
I can ping from local PC to the network 10.10.10.0 and 20.20.20.0 .Please find the attach file for ping status .So connectivity is ok from my local PC to Remote Router 1 and 2.
Through Cisco remote vpn client, I can get connected with the VPN Router R1 (Please see the VPN Client pic.)But cannot ping the network 192.168.1.0
Need your help to fix the problem.
Router R2 Configuration :!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R2
boot-start-marker
boot-end-marker
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip tcp synwait-time 5
interface FastEthernet0/0
ip address 20.20.20.2 255.255.255.0
duplex auto
speed auto
interface FastEthernet0/1
ip address 10.10.10.1 255.255.255.0
duplex auto
speed auto
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
end
Router R1 Configuration :
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R1
boot-start-marker
boot-end-marker
aaa new-model
aaa authentication login USERAUTH local
aaa authorization network NETAUTHORIZE local
aaa session-id common
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
username vpnuser password 0 strongpassword
ip tcp synwait-time 5
crypto keyring vpnclientskey
pre-shared-key address 0.0.0.0 0.0.0.0 key cisco123
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp client configuration group remotevpn
key cisco123
dns 192.168.1.2
wins 192.168.1.2
domain mycompany.com
pool vpnpool
acl VPN-ACL
crypto isakmp profile remoteclients
description remote access vpn clients
keyring vpnclientskey
match identity group remotevpn
client authentication list USERAUTH
isakmp authorization list NETAUTHORIZE
client configuration address respond
crypto ipsec transform-set TRSET esp-3des esp-md5-hmac
crypto dynamic-map DYNMAP 10
set transform-set TRSET
set isakmp-profile remoteclients
crypto map VPNMAP 10 ipsec-isakmp dynamic DYNMAP
interface FastEthernet0/0
ip address 20.20.20.1 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map VPNMAP
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
ip local pool vpnpool 192.168.50.1 192.168.50.10
ip forward-protocol nd
ip route 10.10.10.0 255.255.255.0 FastEthernet0/0
no ip http server
no ip http secure-server
ip nat inside source list NAT-ACL interface FastEthernet0/0 overload
ip access-list extended NAT-ACL
deny ip 192.168.1.0 0.0.0.255 192.168.50.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended VPN-ACL
permit ip 192.168.1.0 0.0.0.255 192.168.50.0 0.0.0.255
control-plane
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
endDear All,
I am doing Remote Access VPN through Cisco Router. Before the real deployment, I want to simulate it with GNS3.Need you help to complete the job .
Please see the attachment for Scenario, Configuration and Ping status. I am getting IP address when i connect through VPN client .But I can not ping to the internal lan -192.168.1.0.Need your help to sole the issue.
Waiting for your responce .
--Milon -
I only have spotty access at best through m Apple TV to itunes, netflix and utube. I am Rogers subscriber (feel my pain) and am now using their CISCO DCP3825 router. Apple TV purchased this past Christmas. I am not using wireless. No issues prior to replacing my old router and Rogers modem to go to DCP3825.
Apple TV is up to date - updated by connecting to my Macbook Pro.
Rogers tech support was of no help - suggested I open some ports - where do I go for the list(s)?
Any help would be much approeciated.did this search for you
https://www.google.dk/search?client=opera&q=control+open+ports+on+cisco+router&s ourceid=opera&ie=utf-8&oe=utf-8&channel=suggest#client=opera&hs=N7P&channel=sugg est&sclient=psy-ab&q=+open+ports+on+cisco+router&oq=+open+ports+on+cisco+router& gs_l=serp.3..0i7l3.16726.16726.0.16996.1.1.0.0.0.0.49.49.1.1.0...0.0...1c.1.9.ps y-ab.olPaFzjSlmE&pbx=1&bav=on.2,or.r_cp.r_qf.&bvm=bv.45175338,d.bGE&fp=43d9a4347 e8aaeda&biw=1535&bih=773
this may be of intrest
http://www.tek-tips.com/viewthread.cfm?qid=1163449 -
How do I setup Airport Express to extend my CISCO router's wifi range?
Hi,
I am using CISCO EA4500 router for internet connection via wifi. I have Airport Express with me, which I want to use as extender of the wifi network. I setup the Airport Express as "Extend the wireless network", provided same base station name (CISCO), network name (JKS) and passwords.
However, I am not able to get it to work. Its gives me error saying network: unknown.
I have just 1 BHK flat, and even then the range is not enough to reach from my DR to BR. I tried using Airport Express as the base station as well. But the problem is again the range.
Help me please.
JayeshCan I do it other way around? I mean setup Airport as Base station and use Cisco to extend the wireless network?
I doubt that the Cisco router would be able to to wirelessly extend the AirPort network, since Apple uses proprietary settings that are designed to work with other Apple routers.
Also, when I am trying to use just Airport, I am not able to connect multiple devices at the same time
Sorry, but I don't know whether you have the AirPort connected to the Cisco router using an Ethernet cable....or.....whether you are saying that you have the AirPort connected directly to your modem using an Ethernet cable.
If the AirPort is connected directly to your modem.....what is the make and model number of this device?
Since you know that the Cisco router is working OK when you have it connected to your modem, things would be much simpler if you connect the AirPort to the Cisco router using an Ethernet cable. Can you do this? -
How do I set up my hp laserjet printer through Cisco router?
I'm using my HP Laserjet 4000TN printer for my entire network. I need to be able to use it with all my computers. So I usually plug it into the modem via Cat5 cord and it grabs an IP address which I add in System Preferences and I'm good to go. However, I recently had to change my network. I now use a DSL modem as basically a dumb hub. Which then goes into a Cisco 800 series router. From there I need to be able to plug my computer into that router and then see it on both of my computers. (What's the point of having a home network if you can't print from it from any computer on the network?)
I was told to assign it a static IP address of 192.168.7.5. However, when I do this on my computer it doesn't seem to be going through to the printer. Whenever I try to print a test page it does not work.
It is grabbing IP address 192.168.7.22. However, when I enter this as the printer on the computer it is also not printing a test page. Very frustrating. I am unsure if this is the perfect forum for this as obviously it's the Cisco router that has changed and therefore it's not really a Mac issue. But I am unsure where else to turn.
Any help would be greatly appreciated.
Thanks!I found the solution. I was using WEP encryption and I needed to be using WPA encryption.
-
How can i get the password of Cisco router ?
My Cisco router user name and password forgot. Can anyone help me to reset cisco router password ? Thanks.
Many routers can have a master reset done to them by finding the little hole/button on the back of the device and holding it down with your finger/a pen or something and counting to about 30. From there you will need to research what the default master password'/username is to enter the gateway .
I am not affiliated with Best Buy nor have I ever been employed by Best Buy. All of my thoughts and posts are of my own opinion and personal experience.
I may not always know the right answer, but I will always tell you what I do know. I also do free computer analysis and consultation via private message. -
Load Balancing 2 ISP connections on Cisco Router
Hi all,
I have a Cisco 3900 series Router with the following characteristics:
Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M2, RELEASE SOFTWARE (fc2)
I have two VDLS connections, my ISP cant really offer good speeds, so we have two connections of 3Mb/s each. (2x3Mbps).
Each link has its own modem and we get a /29 on each connection.
I have setup NAT on the router, but i am trying to use BOTH connections simultaneously. This is causing an issue for me. At the moment i am not able to use one of the connections for some reason.
I have re-created the very same scenario i have LIVE at the moment, in packet Tracer.
NOTE: uploading .pkt files is not allowed here, so i have uploaded it to http://192.210.197.186/DUAL_NAT.pkt
When trying to ping from one of the computers in the LAN (192.168.1.0/24) to a Loopback address on Router 4 ( 31.7.57.1) for example, i have 50% packet loss. I assume this is because one 50% of the packets are being routed via each connection.
Is there a practical way to solve this?
Please note that i am using the same NAT statements in both interfaces connected to the ISP, same ACL for the NAT statements as well.
Any advise is appreciated.
EzequielAn additional Note: The PKT Lab was done with the Packet Tracer Student Version, not the normal packet tracer version. Anyone yet?
Maybe you are looking for
-
Hi to all, I load every day a customer hierarchy from R/3 in Infoobject 0Cust_slaes and from today i have not any values in the hierarchy. After i run RSRV for 0cust_sales Hierarchies i got the following messge error : The INCFL flag in SID table is
-
X99S Gaming 7 - motherboard temp readings in fast boot?
Hi, odd question but does anyone elses motherboard error message display/temp sensor display not display the temperature if MSI fast boot is set in BIOS?
-
JKM DB2 400 column and table name 10 character limit
I am trying to set up CDC on an iSeries. I have successfully loaded data with the LKM SQL to Oracle, and now I want to set up CDC for the table and am trying to use "JKM DB2 400" . I get invalid token errors when I try to start journalizing, and it a
-
Display good receipt without migo
Hi expert, i have a Question: "Does anybody knows a Function module (BAPI) that display goods receipt like in the transaction MIGO?" I know there is a BAPI "BAPI_GOODSMVT_CREATE" but i want to display goods receipt and not to post it. Does anybody kn
-
Changing document date and posting date by SE16N
Hi All, an user has posted some customer documents (with tax codes) with wrong document date and posting date. I have to modify these data by se16n. In which tables I have to fill in? Thanks Gandalf