How access Office LAN via Cisco Router & Switches HELP!!

Similar Messages

• Setting PPPoE clients speed Via Cisco router

  Hi i have a 7200 cisco router working as NAS (network access server) for PPPoE sessions , the clients connected DSLAMS and the Cisco connected to an AAA external Raduis server.
  i want to set the user speed Via cisco router in a way which can be controlled in the Radius server , and not through the actual speed of the DSLAMS ports
  Thanks alot

  Hello Mohamed,
  there is a feature called controlled subscriber bandwidth that may fit your needs:
  see
  http://www.cisco.com/en/US/docs/ios/bbdsl/configuration/guide/bba_con_sub_bdwth_ps6441_TSD_Products_Configuration_Guide_Chapter.html
  it manipulates the ATM traffic parameters on a per user basis
  these settings can be done on radius AV:
  example:
  The following example shows how to configure RADIUS attributes for a user profile for DBS:
  [email protected] Password = "userpassword1", Service-Type = Outbound
       Service-Type = Outbound,
       Cisco-Avpair = "vpdn:tunnel-id=tunnel33",
       Cisco-Avpair = "vpdn:tunnel-type=l2tp",
       Cisco-Avpair = "vpdn:l2tp-tunnel-password=password2",
       Cisco-Avpair = "vpdn:ip-addresses=172.16.0.0",
       Cisco-Avpair = "atm:peak-cell-rate=155000",
       Cisco-Avpair = "atm:sustainable-cell-rate=155000"
  Hope to help
  Giuseppe

• How to Recover Password on Cisco 2960 Switch?

  How to Recover Password on Cisco 2960 Switch? Who knows, please tell me the detail steps, thank you very much!

  You can find the detail steps on this article, hope can solve your problem.
  http://www.briefingwire.com/pr/how-to-recover-password-on-cisco-2960-switch
  and as I research, the WS-C2960X-48TS-L on sale on 3anetwork.com now, get a quote for the big discount.
  WS-C2960X-48TS-L
  http://www.3anetwork.com/cisco-ws-c2960x-48ts-l-price_p1542.html

• PXE boot via Cisco router

  We have a need to netboot a PC with Linux via a Cisco router (I.E. PXEboot).
  We have copied the PXE linux.cfg files to the Cisco router's flash, (Cisco 2821, IOS Advanced Security 15-1.2-T1).
  We have setup the router as a TFTP server with defaulted path as tftp-server flash:tftpboot
  From the pc's CMOS, we selected PXE boot.
  With "debug ip packet detail", we can see the DHCP request from the PC.
  We cannot however, get the router to download the Linux files to the PC.
  Manually we tried:
  c:\ tftp 10.0.0.1 get default - no go.
  ANYONE have an idea????
  Thanks
  Frank

  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin:0in;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:10.0pt;
  font-family:"Times New Roman";
  mso-ansi-language:#0400;
  mso-fareast-language:#0400;
  mso-bidi-language:#0400;}
  Hi Ash,
  Thanks for the assistance.
  The laptop is directly connected to the Cisco 2821 routers g0/0 interface.
  The router is configured to be a DHCP server with the Cisco 2821 router IP address on g0/0 set in the DHCP configuration to be the default router. The router’s IP address is excluded from DHCP. (10.0.0.30)
  If the laptop’s bios is set to PXE boot, it seems to receive an IP address from the router I.E. 10.0.0.1– verified by statically assigning another pc IP address 10.0.0.1– the 2nd pc receives an error of IP address conflict. Then set the second pc to obtain its’ IP address via DHCP, and while running debug ip packet detail on the router, I see the router running through the DHCP assignment process and finally assigns the 2nd pc 10.0.0.2.
  So needless to say, I believe the DHCP setup is functioning correctly.
  The problem we have at this point is nailing down the TFTP-server function running on the Cisco 2821 router.
  We were able to create the directory tree on the Cisco 2821 routers flash and then copy the correct files into each directory within flash.
  Using WinXP DOS prompt, tftp does not seem to function.
  With debug ip packet detail running on the router and Wireshark running on the PC, we run from a DOS window c:\tftp 10.0.0.1 GET \default. No matter how we specify the path, end result is an error of some kind.
  We watch debug and wireshark display the communications of the PC and router talking, but cannot seem to get the requested file.
  Perhaps WinXP tftp server is flawed.
  If we load TFTP32 and attempt to send and/or receive a file from flash, works fine.
  The router tftp config is as:
  tftp-server flash:/tftpboot/dsl/pxeboot.cfg
  The actual files name is "default" and is found on the Cisco 2821 flash:/tftpboot/dsl/pxeboot.cfg directory.
  No ACLs on the Cisco router and the router is pretty much right out of the box.
  Firewall is disabled on both PCs.
  Ping to/from the PC/router works fine.
  Thanks again
  Frank

• IDS shunning - IDS can't blocking via Cisco Router

  Hello all.
  I've configured IDS to shun with cisco router. I think all of setting fine, but IDS can't configure acl on the router via telnet.
  Here is the output from ids using sh statistics networkAccess.
  if you see the output, the state is Inactive.
  Could you please let me know why the state is falling down inactive..
  regards,
  John.
  IDS# sh statistics networkAccess
  Current Configuration
  AllowSensorShun = false
  ShunMaxEntries = 250
  NetDevice
  Type = Cisco
  IP = 192.168.1.10
  NATAddr = 0.0.0.0
  Communications = telnet
  ShunInterface
  InterfaceName = serial0/0
  InterfaceDirection = in
  State
  ShunEnable = true
  NetDevice
  IP = 192.168.1.10
  AclSupport = uses Named ACLs
  State = Inactive <-- why???
  IDS#

  This means the sensor had a problem either connecting to or reconfiguring the router.
  What to do:
  Configure network access to Disable Shunning and apply the changed config.
  Now configure network access to Enable Shunning again and apply the changd config.
  This will cause the network access controller to disconnect from the router and try to connect again.
  Check the network access statistic and see if it is still inactive.
  If it is then execute "show events past 00:10:00 to see all events in the past 10 minutes. Find the status event where you applied the change to Enable Shunning again, and start looking at the later events. Search for error or status events that might show what errors the network access controller was running in to.
  Typical causes: Wrong username or password. Sensor is not able to telnet to the router because either the router is not reachable from the sensor IP, or the router does not have telnet enabled, or the router's access list prevents the sensor from connecting.
  Other things you can check:
  Create a service account on the sensor.
  Login through the service account.
  From the service account try to telnet to the router using the same username and password configured in the network access controller configuration on the sensor.
  And see if you can get into the router.
  You might also try running a sniffer between the router and sensor and monitor the connection. You can look for any error message coming back from the router, or at least see where in the connection the sensor is stopping.

• Problem installing hp 8600 plus to laptop after installing wireless on desktop via cisco router!

  After installing the printer successfully on my desktop wireless through the cisco router I attempted to add my laptop a hp G60-635DX notebook. After installing the printer I got a message that a driver cannot be found! I called cisco and they offered online help for a $ 69.00 contract for 1 year! Looking for cheaper alternative!!!

  Does the Asaro run DHCP?  If so, turn off all access points except the one running DHCP and connect the printer.  Then you can turn on the other APs.
  Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
  I am employed by HP

• Unable to Access Company LAN via VPN

  Hello,
  I have a ASA 5505 that I have been using to test run the IPSec VPN connection after studying the different configs and running through the ASDM I keep getting the same issue that I can't receive any traffic.
  The company LAN is on a 10.8.0.0 255.255.0.0 network, I have placed the VPN clients in 192.168.10.0 255.255.255.0 network, the 192 clients can't talk to the 10.8 network.
  On the Cisco VPN client I can see lots of sent packets but none received.
  I think it could be to do with the NAT but from the examples I have seen I believe it should work.
  I have attached the complete running-config, as I could well have missed something.
  Many Thanks for any help on this...
  FWBKH(config)# show running-config           
  : Saved
  ASA Version 8.2(2)
  hostname FWBKH
  domain-name test.local
  enable password XXXXXXXXXXXXXXX encrypted
  passwd XXXXXXXXXXXXXXXX encrypted
  names
  name 9.9.9.9 zscaler-uk-network
  name 10.8.50.0 inside-network-it
  name 10.8.112.0 inside-servers
  name 17.7.9.10 fwbkh-out
  name 10.8.127.200 fwbkh-in
  name 192.168.10.0 bkh-vpn-pool
  interface Vlan1
  nameif inside
  security-level 100
  ip address fwbkh-in 255.255.0.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address fwbkh-out 255.255.255.248
  interface Vlan3
  nameif vpn
  security-level 100
  ip address 192.168.10.1 255.255.255.0
  interface Ethernet0/0
  interface Ethernet0/1
  switchport access vlan 2
  interface Ethernet0/2
  shutdown
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown    
  interface Ethernet0/7
  shutdown
  banner login Trespassers will be Shot, Survivors will be Prosecuted!!!!
  banner motd Trespassers will be Shot, Survivors will be Prosecuted!!!!
  banner asdm Trespassers will be Shot, Survivors will be Prosecuted!!!!
  boot system disk0:/asa822-k8.bin
  ftp mode passive
  dns server-group DefaultDNS
  domain-name test.local
  object-group service DM_INLINE_TCP_2 tcp
  port-object eq www
  port-object eq https
  object-group service DM_INLINE_UDP_1 udp
  port-object eq 4500
  port-object eq isakmp
  object-group protocol DM_INLINE_PROTOCOL_1
  protocol-object ip
  protocol-object icmp
  protocol-object udp
  access-list inside_access_in extended permit tcp 10.8.0.0 255.255.0.0 any object-group DM_INLINE_TCP_2 log warnings inactive
  access-list inside_access_in extended permit ip inside-network-it 255.255.255.0 any inactive
  access-list inside_access_in extended permit tcp 10.8.0.0 255.255.0.0 host zscaler-uk-network eq www
  access-list inside_access_in extended permit ip inside-servers 255.255.255.0 any log warnings
  access-list USER-ACL extended permit tcp 10.8.0.0 255.255.0.0 any eq www
  access-list USER-ACL extended permit tcp 10.8.0.0 255.255.0.0 any eq https
  access-list outside_nat0_outbound extended permit ip bkh-vpn-pool 255.255.255.0 10.8.0.0 255.255.0.0
  access-list outside_access_in extended permit udp any host fwbkh-out object-group DM_INLINE_UDP_1 log errors inactive
  access-list inside_nat0_outbound extended permit object-group DM_INLINE_PROTOCOL_1 10.8.0.0 255.255.0.0 any
  access-list inside_nat0_outbound_1 extended permit ip 10.8.0.0 255.255.0.0 bkh-vpn-pool 255.255.255.0
  access-list UK-VPN-USERS_splitTunnel extended permit ip 10.8.0.0 255.255.0.0 bkh-vpn-pool 255.255.255.0
  access-list UK-VPN-USERS_splitTunnel extended permit ip inside-servers 255.255.255.0 bkh-vpn-pool 255.255.255.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  mtu vpn 1500
  ip local pool UK-VPN-POOL 192.168.10.10-192.168.10.60 mask 255.255.255.0
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-631.bin
  no asdm history enable
  arp timeout 14400
  nat-control  
  global (inside) 1 interface
  global (outside) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound_1
  nat (inside) 1 10.8.0.0 255.255.0.0 dns
  nat (outside) 0 access-list outside_nat0_outbound outside
  access-group inside_access_in in interface inside
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 17.7.9.10 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa authentication ssh console LOCAL
  http server enable
  http 10.8.0.0 255.255.0.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ca trustpoint BKHFW
  enrollment self
  subject-name CN=FWBKH
  crl configure
  crypto ca certificate chain BKHFW
  certificate fc968750
      308201dd 30820146 a0030201 020204fc 96875030 0d06092a 864886f7 0d010105
      05003033 310e300c 06035504 03130546 57424b48 3121301f 06092a86 4886f70d 
      ccc6f3cb 977029d5 df42515f d35c0d96 798350bf 7472725c fb8cd64d 514dc9cb
      7f05ffb9 b3336388 d55576cc a3d308e1 88e14c1e 8bcb13e5 c58225ff 67144c53 f2
    quit
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 30
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh 10.8.0.0 255.255.0.0 inside
  ssh timeout 30
  ssh version 2
  console timeout 0
  dhcpd auto_config outside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  group-policy UK-VPN-USERS internal
  group-policy UK-VPN-USERS attributes
  dns-server value 10.8.112.1 10.8.112.2
  vpn-tunnel-protocol IPSec svc
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value UK-VPN-USERS_splitTunnel
  default-domain value test.local
  address-pools value UK-VPN-POOL
  group-policy DfltGrpPolicy attributes
  vpn-tunnel-protocol webvpn
  username admin password XXXXXXXXXXXXXXXXX encrypted privilege 15
  username karl password XXXXXXXXXXXXXXX encrypted privilege 15
  tunnel-group UK-VPN-USERS type remote-access
  tunnel-group UK-VPN-USERS general-attributes
  address-pool UK-VPN-POOL
  default-group-policy UK-VPN-USERS
  tunnel-group UK-VPN-USERS ipsec-attributes
  pre-shared-key *****
  tunnel-group IT-VPN type remote-access
  tunnel-group IT-VPN general-attributes
  address-pool UK-VPN-POOL
  default-group-policy UK-VPN-USERS
  tunnel-group IT-VPN ipsec-attributes
  pre-shared-key *****
  class-map ALLOW-USER-CLASS
  match access-list USER-ACL
  class-map type inspect http match-all ALLOW-URL-CLASS
  match not request header from regex ALLOW-ZSGATEWAY
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map type inspect http ALLOW-URL-POLICY
  parameters
  class ALLOW-URL-CLASS
    drop-connection
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny 
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip 
    inspect xdmcp
    inspect ip-options
  policy-map ALLOW-USER-URL-POLICY
  class ALLOW-USER-CLASS
    inspect http
  service-policy global_policy global
  service-policy ALLOW-USER-URL-POLICY interface inside
  prompt hostname context
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:00725d3158adc23e6a2664addb24fce1
  : end

  Hi Karl,
  Please make the following changes:
  ip local pool VPN_POOL_UK_USERS 192.168.254.1-192.168.254.254
  access-list inside_nat0_outbound_1 extended permit ip 10.8.0.0 255.255.0.0 192.168.254.0 255.255.255.0
  no nat (outside) 0 access-list outside_nat0_outbound outside
  access-list UK-VPN-USERS_SPLIT permit 10.8.0.0 255.255.0.0
  group-policy UK-VPN-USERS attributes
  split-tunnel-network-list value UK-VPN-USERS_SPLIT
  no access-list UK-VPN-USERS_splitTunnel extended permit ip 10.8.0.0 255.255.0.0 bkh-vpn-pool 255.255.255.0
  no access-list UK-VPN-USERS_splitTunnel extended permit ip inside-servers 255.255.255.0 bkh-vpn-pool 255.255.255.0
  access-list inside_access_in extended permit ip 10.8.0.0 255.255.255.0 192.168.254.0 255.255.255.0
  management-access inside
  As you can see, I did create a new pool, since you already have an interface in the 192.168.10.0/24 network, which does affect the VPN clients.
  Once you are done, connect the client and try:
  ping 10.8.127.200
  Does it work?
  Try to ping other internal IPs as well.
  Let me know how it goes.
  Portu.
  Please rate any helpful posts
  Message was edited by: Javier Portuguez

• SKY modem/router can't allow to access my TC via Finder? Please help

  Hi
  I am looking for some help to set my TC so I can access it from anywhere. I know it can be done by enabling WAN under "file sharing". However I got TC set in bridge mode at this moment so I can't enable WAN protocol under "file sharing". WAN appears as a option once I change TC "bridge mode" option to "Share public IP address" etc but then my internet connection is dead. Of course I need to mention here that I got Netgear modem/router with enabled UnPN connected to TC via WAN port. I guess I need set this modem/router first. I am just trying to get access to TC from anywhere by Go/Connect to server.
  How can I achieve that?
  Thanks

  Are you using proxy?
  If your using proxy it refuse to access the localhost.

• Cannot print to printer on ethernet lan via wireless router

  Hi,
  Apple Macbook connected via Airport running class A network 10.0.0.X, which is connected to a Netgear 4 port router running class C network 192.168.0.X. Also on this class C network is a LAN network printer and a Windows PC. The Netgear router is connected to the internet and the Apple Macbook can connect to the internet and can ping the printer connected to the Netgear router, but when it sends a print job to this printer, the response is "Printer is busy. Will Retry in 30 seconds"
  The windows PC can print to the network printer (both connected to the same netgear router) just fine.
  the Macbook is running 10.4.11.
  Please help.. and thanks in advance!

  Network Printer Troubleshooting
  Ping printer: If you have the printers IP address open Terminal (Applications/Utilities) and at the prompt type: ping {printerIP}. You will get a reply or failure.
  If you haven't done so already, try resetting the printing system.
  OS X Mavericks: Reset the printing system  also Yosemite

• [SOLVED] How to forward lan traffic from router to openvpn client....

  Hi all,
  I have maybe a strange situation. I recently started testing a VPN service on my home network. Ideally I would like most of my home machines to connect through this VPN. I am using it for both privacy and to circumvent geo-restricted sites. I have a router, Asus WL-500gp which is running the Tomato Firmware, and I did first attempt to setup OpenVPN on it which did work but didn't provide very much bandwidth due to probably not having enough processing power to deal with the encryption and the compression involved. I was only able to get about 5Mbit down when normally I get approx 30+ so this was not an acceptable performance hit.
  I then decided to try setting up the VPN on my media server which is running Arch(of course). This was easily accomplished and is working extremely well with approx 25Mbs down. An acceptable performance hit. Now, as it stands only this machine is running through the VPN, the rest of the machines are still connecting to the net normally through the router. Is there a way to have other devices on my lan also get forwarded through the VPN on my Arch server. I do realize I could run my server as a router but I would rather leave the tomato router for that as it works well and is easy to setup whereas I suspect it may be complicated to setup on Arch. Is it possible to configure the tomato to forward certain IP's(my wired network is all static ip's) or even MAC's to the media server rather than the ISP. I suspect it can be done with some new routes added in but I am not that familiar with routing tables to figure it out.
  So for example my tomato router is on ip 192.168.1.1, media server is on 192.168.1.2, xbmc 1 is on 192.168.1.3, xbmc 2 is on 192.168.1.4 etc. So say I would also like to have xbmc 1 and 2 go through the VPN as well. Is there a relatively simple way to accomplish this? I am thinking something along the lines of having the tomato forward request from IP 192.168.1.3-192.168.1.4 to 192.168.1.2(rather than the default gateway), then on the server tell it to forward these request to tun0(the VPN's network device).
  Any thoughts? Anyone done something like this?
  Thanks,
  Kevin
  Last edited by ould (2012-12-26 13:29:59)

  Xyne wrote:
  My first thought was to just set the server up as a router, but then I got to the part where you reject the idea. If you change your mind, you may find my recent notes on configuring something similar useful.
  I'm pretty much a networking noob so I may be way off, but I would try the following. Here I'm assuming that the lan and vpn interfaces on the server are eth0 and tun0, respectively. These commands are adapted from the aforementioned notes.
  On the server:
  # Enable IP forwarding.
  echo 1 > /proc/sys/net/ipv4/ip_forward
  # Allow postrouting to tun0. You may want to use "-s" here to strictly limit forwarding to IPs on your LAN.
  iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
  # Enable forwarding from the LAN to the VPN (and back via related and established connections).
  # Again, you may want to use "-s".
  iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
  iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  After that, I think  you can you just need to set the server as the default gateway on the other machines. I am not familiar with the Tomato firmware, but I would expect there to be some easy way to do it there.
  You probably want the router to return the VPN's DNS servers instead of your ISP's DNS servers if you use DHCP on the LAN.
  Thank you very mach! It's has been useful for me when i wanna connect my VBox mashines to do my lab)

• How to create tunnel in cisco router

  Please give me command wise configuration about creating tunnel in router as:
  tunnel ip address:-
  destination ip
  source ip:-
  any other command

  Hello Sunil,
  I guess what Jed wants to stress is that prior to IOS 12.2(8)T, a tunnel interface would not go down even if the underlying physical connection would go down. As of IOS 12.2(8)T, you can configure keepalives on the tunnel interface, which cause the interface to go down when the keepalives are missed.
  Check this document for details:
  Cisco IOS Software Releases 12.2 T
  Generic Routing Encapsulation (GRE) Tunnel Keepalive
  http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087cec.html
  As for the tunnel configuration itself, in addition to a basic GRE tunnel as mentioned in the post above, there are additional ways to configure a tunnel. In the links below, you find many configuration examples:
  Generic Routing Encapsulation (GRE)
  Introduction
  http://www.cisco.com/en/US/customer/tech/tk827/tk369/tk287/tsd_technology_support_sub-protocol_home.html
  IPSec Negotiation/IKE Protocols
  Configuration Examples and TechNotes
  http://www.cisco.com/en/US/customer/tech/tk583/tk372/tech_configuration_examples_list.html
  Regards,
  GNT

• Wake ON LAN via WRV200 Router

  This feature exists on an XFXboard.  Their tech support says there is a way to connect to the board.  Ping will not work as there is no IP address when off.  Linksys tech is suggesting that one must disable the software firewall and other things that are questionble to me.  In search of guidance

  check out this link
  http://www.ezlan.net/WOL.html

• I have an airport extreme i am trying to add to an existing netowrk as an access point not as a router, any help is appreciated as i don't know much about networking.

  At my work we have a modem and router to network 8 different pc's- all hard wired. My boss wants me to add an airport extreme so that he can get wireless connection on mobile devices. when i plug in the airport it creates a new network and i need to be able to connect to the existing network and not have the routers compete. is there a way to make the airport an access point instead? maybe by adding it to the exisiting router instead of one of the workstations?

  When you introduced the AirPort Extreme, you had a condition where you have two routers in series. The simpliest solution is to reconfigure the downstream router (in this case the Extreme) as a bridge. This will allow the upstream router to provide the required NAT & DHCP services to all network clients regardless of which router they are connected to.
  To reconfigure the Extreme as a bridge, you will use the AirPort Utility. (Note: I will provide the steps for using AirPort Utility v5.x)
  AirPort Utility > Select the AirPort > Manual Setup
  Internet > Internet Connection tab > Connection Sharing = Off (Bridge Mode)

• HT4946 I have an Ipod 4s that is locked due to my wife trying the wrong passcode to many times. I cannot access my phone via ITunes. Please help!

  Please help me access my locked IPhone 4s! Thanks!

  Here's a list of specific error codes & there resolution:
  http://support.apple.com/kb/TS3694
  Try recovery mode again, as outlined in the first article I gave you. Make sure there are no Firewalls turned on or any Anti-Virus software running. If it errors out again, pay attention to any code shown.

• Remote Command Tool for Cisco Routers/Switches

  Is anyone aware of any tools or scripts out there which allow preconfigured commands to be remotely run again Cisco Router/Switches and display the output result?
  I'm looking for a tool which I can give our Service Desk personnel that will allow them to select from a list of commands enter a target IP Address of a router/switch and then the tool will display the vlan table or the running config of a particular switch-port so they can see if its configured on the correct data vlan or its missing its voice vlan etc.
  For example a Service Desk Operator needs to check what vlan a switch-port is on. So they open the tool, enter the switches IP address and the port number and select an option like "display a switch-ports vlan" and the tool will login into the switch in the background run a show command on the switch and then output the result.
  Thanks.

  Check out rConfig. You will be able to run multiple instances of it i.e. one instance for your standard configuration backups and another for more specific configuration downloads info like show vlan bri commands etc for service desk staff to view.
  You could also use the IOS menu function and create menus or role based access on each of your devices for your users.
  Regards
  Stephen
  ==========================
  http://www.rConfig.com 
  A free, open source network device configuration management tool, customizable to your needs!
  - Always vote on an answer if you found it helpful