Netmeeting / h323 behind Cisco 806 SoHo router?
Searching has not lead me to the knowledge I seek! Anyone know?
Seeking to accept inbound Netmeeting calls through a Cisco 806 SoHo router, running NAT and firewall featureset.
I seem to have it running, but I get no video. The connect time seems to take too long as well.
Code snip if it is of any use:
ip inspect name myfw h323 timeout 3600
ip nat inside source static tcp 10.10.10.11 1731 interface Ethernet1 1731
ip nat inside source static tcp 10.10.10.11 1720 interface Ethernet1 1720
ip nat inside source static tcp 10.10.10.11 1503 interface Ethernet1 1503
ip nat inside source static tcp 10.10.10.11 522 interface Ethernet1 522
ip nat inside source static tcp 10.10.10.11 389 interface Ethernet1 389
access-list 111 permit tcp any any eq 22
access-list 111 permit tcp any any eq 389
access-list 111 permit tcp any any eq 522
access-list 111 permit tcp any any eq 1503
access-list 111 permit tcp any any eq 1720
access-list 111 permit tcp any any eq 1731
access-list 111 permit udp any any eq 1719
Any ideas?
Which Cisco IOS version are you using? Is it by any chance less than 12.0.7T. There is a bug CSCdp37366 in the IOS versions before 12.0.7T with the featureset CBAC due to which the H323 calls dont work properly with no video display. Upgrading the IOS to 12.0.7T and above should help solve the problem.
Similar Messages
-
Cant ping behind cisco router (site2site vpn)
Dears;
After configure site to site vpn between cisco router and fortigate firewall,
site A : 10.0.0.0/24 behind fortigate
site B: 10.10.10.0/24 behind cisco router
the tunnel is up and I can ping 10.0.0.1 from site B and can ping 10.10.10.1 from site A but I cant ping any ip inside 10.0.0.0/24 form site B or network 10.10.10.0/24 from site A
my cisco router configuration is
Current configuration : 2947 bytes
! No configuration change since last restart
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
boot-start-marker
boot-end-marker
enable secret 4 EE103as6FtdocdBefpgugX6P9eGaDKDyBvwz7AywH5Q
no aaa new-model
memory-size iomem 10
clock timezone cairo 2 0
crypto pki token default removal timeout 0
ip source-route
ip dhcp excluded-address 192.168.16.1
ip dhcp excluded-address 10.10.10.1 10.10.10.10
ip dhcp pool GUEST
network 192.168.16.0 255.255.255.0
default-router 192.168.16.1
dns-server 8.8.8.8 8.8.4.4
ip dhcp pool LAN
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 8.8.8.8 8.8.4.4
ip cef
controller VDSL 0
ip ssh version 2
crypto isakmp policy 10
encr aes
hash sha256
authentication pre-share
group 5
crypto isakmp key 6 *********** address 4.x.x.x no-xauth
crypto ipsec transform-set myset esp-aes esp-sha256-hmac
crypto map kon-map 10 ipsec-isakmp
set peer 4.x.x.x
set transform-set myset
set pfs group5
match address 105
interface Ethernet0
no ip address
no fair-queue
interface ATM0
no ip address
ip mtu 1452
ip tcp adjust-mss 1452
no atm ilmi-keepalive
interface ATM0.1 point-to-point
ip flow ingress
pvc 0/35
encapsulation aal5snap
pppoe-client dial-pool-number 1
interface FastEthernet0
switchport mode trunk
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
switchport access vlan 2
no ip address
interface FastEthernet3
no ip address
interface Vlan1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface Vlan2
ip address 192.168.16.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
ppp authentication chap pap callin
ppp chap hostname
ppp chap password 0
ppp pap sent-username
crypto map kon-map
ip forward-protocol nd
no ip http server
no ip http secure-server
ip nat inside source list 100 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
access-list 100 deny ip 10.10.10.0 0.0.0.255 10.0.0.0 0.0.0.255
access-list 100 permit ip 10.10.10.0 0.0.0.255 any
access-list 100 permit ip 192.168.16.0 0.0.0.255 any
access-list 105 permit ip 10.10.10.0 0.0.0.255 10.0.0.0 0.0.0.255
banner motd ^C^C
end
when ping from cisco router
konsuler#ping 10.0.0.27 source vlan1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.27, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.1
Success rate is 0 percent (0/5)
help pleaseThank you karsten
I can ping interface of router from remote site but cant ping any device behind the router and can ping firewall interface but cant ping any device behind the firewall
-counters in
# sh crypto ipsec sa
increased only while ping 10.0.0.1 or 10.10.10.1 from both sides
r#show crypto session detail
Crypto session current status
Code: C - IKE Configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal, T - cTCP encapsulation
X - IKE Extended Authentication, F - IKE Fragmentation
Interface: Dialer1
Uptime: 00:03:12
Session status: UP-ACTIVE
Peer: 4.x.x.x port 500 fvrf: (none) ivrf: (none)
Phase1_id: 4.x.x.x
Desc: (none)
IKEv1 SA: local 6.x.x.x/500 remote 4.x.x.x/500 Active
Capabilities:(none) connid:2001 lifetime:22:39:59
IPSEC FLOW: permit ip 10.10.10.0/255.255.255.0 10.0.0.0/255.255.255.0
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 9 drop 0 life (KB/Sec) 4605776/3407
Outbound: #pkts enc'ed 14 drop 0 life (KB/Sec) 4605775/3407 -
Transfer of VLANs through Cisco SOHO router 78 G.SHDSL
Hi,
I have one switch with more VLANs. I need to transfer these Vlans to secondary site through routers Cisco SOHO router 78 G.SHDSL. This situatioin is in attachment.
I'm not sure if this is possible, because this router has only common ethernet ports.
Probably I would need trunk ports on this router.
Could you please help me to specify, which device could replace Cisco SOHO router 78?
Thank you.
Best regards,
VladislavMy guess is that either ifIndex.2 or .3 corresponds to your SHDSL interface. You should walk ifDescr to confirm.
-
Airport Time capsule behind cisco router download speed
My airport time capsule is connected to the internet in bridge mode via a cisco router.
The cisco router provides a 99Mbps download speed. However, when I " bridge" my time capsule in between (wired) the speed slows down to 9 Mbps.
I have already tried to assign a static DHCP IP to my time capsules MAC address and disabled DMZ for that specific IP address, but am failing to get the speed up to par.
Any suggestions?I have used Time capsule 1.5 year behind a copperjet modem on ADSL, no problems.
Changed provider and am connected by cable with new cisco modem including router.
So the set up looks like:
internet>cisco modem/router>airport time capsule>macbook pro
The cisco modem without airport time capsule is working ok: when logged in speed is 99 Mbps as it should be (wired and wireless)
Connecting cisco router with UTP cable to time capsule and time capsule with UTP to macbook slows down speed to 9 Mbps
(time capsule in bridgemode)
Specs:
Macbook pro OSX yosemite
Airport Time capsule 2TB 2013 (v 7.7.3)
Cisco modem/router:EPC3928 -
Time Capsule behind Cisco WRVS4400N
I have tried adding a time capsule to my existing network, but after setting it up and doing the manual setup, the Time Capsule couldn't be reached by any MAC just Windows PC.
TC is behind a Cisco WRVS4400N connecting by ethernet cable. Always when I try to connect a MAC to it I got a connection failed error. I followed some post here doing a hard reset and setting TC up as Internet (Off -Bridge Mode) and wireless OFF with no success.I have used Time capsule 1.5 year behind a copperjet modem on ADSL, no problems.
Changed provider and am connected by cable with new cisco modem including router.
So the set up looks like:
internet>cisco modem/router>airport time capsule>macbook pro
The cisco modem without airport time capsule is working ok: when logged in speed is 99 Mbps as it should be (wired and wireless)
Connecting cisco router with UTP cable to time capsule and time capsule with UTP to macbook slows down speed to 9 Mbps
(time capsule in bridgemode)
Specs:
Macbook pro OSX yosemite
Airport Time capsule 2TB 2013 (v 7.7.3)
Cisco modem/router:EPC3928 -
Trying to Download a Software Image to Cisco 2800 series router through TFTP Using the tftpdnld ROMmon Command
and I am getting an Error , I cant figure out what I am doing wrong. I have also pasted my display down here can someone help me out, thanks in advance, I am still new to this utility.
My questions are How do you direct this utility to point to the desktop or the TFTP folder
does FE_PORT: Fast Ethernet 0 imply or point to Fa0/0 on my router
My router is suppose to have 10.0.0.3 255.0.0.0
Gateway of 10.0.0.1 255.0.0.0
My TFTP Server 10.0.0.2 255.0.0.0
How do I get the MAC address of the Router or the TFTP Server and which one is required?
my Ethernet port is 100Mb/Sec I cant tell whether it is full duplex or not so How do i set this FE_SPEED_MODE: Auto???
=====================================================================================
rommon 10 >
rommon 10 > set
PS1=rommon ! >
FE_PORT=0
WARM_REBOOT=
RET_2_RTS=20:35:55 UTC Thu Sep 25 2014
BSI=0
RET_2_RCALTS=
RANDOM_NUM=1600357627
?=0
IP_ADDRESS=10.0.0.3
IP_SUBNET_MASK=255.0.0.0
DEFAULT_GATEWAY=10.0.0.1
TFTP_SERVER=10.0.0.2
TFTP_FILE=
rommon 11 > TFTP_FILE=c2800nm-adventerprisek9-mz.124-24.T4
rommon 12 > TFTP_CHECKSUM=0
rommon 13 > SET
monitor: command "SET" not found
rommon 14 > set
PS1=rommon ! >
FE_PORT=0
WARM_REBOOT=
RET_2_RTS=20:35:55 UTC Thu Sep 25 2014
BSI=0
RET_2_RCALTS=
RANDOM_NUM=1600357627
IP_ADDRESS=10.0.0.3
IP_SUBNET_MASK=255.0.0.0
DEFAULT_GATEWAY=10.0.0.1
TFTP_SERVER=10.0.0.2
?=0
TFTP_FILE=c2800nm-adventerprisek9-mz.124-24.T4
TFTP_CHECKSUM=0
rommon 15 > tftpdnld
IP_ADDRESS: 10.0.0.3
IP_SUBNET_MASK: 255.0.0.0
DEFAULT_GATEWAY: 10.0.0.1
TFTP_SERVER: 10.0.0.2
TFTP_FILE: c2800nm-adventerprisek9-mz.124-24.T4
TFTP_VERBOSE: Progress
TFTP_RETRY_COUNT: 18
TFTP_TIMEOUT: 7200
TFTP_CHECKSUM: No
TFTP_MACADDR: 30:37:a6:49:35:a8
FE_PORT: Fast Ethernet 0
FE_SPEED_MODE: Auto
Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on flash: will be lost!
Do you wish to continue? y/n: [n]: y
ARP: address resolution for 10.0.0.2 timed out.
ARP failed with failure code 1. TFTP transfer aborted.
TFTP: Operation terminated prematurely.
rommon 16 > " not found
rommon 17 >FE_SPEED_MODE=2
variable name contains illegal (non-printable) characters
rommon
rommon 18 > set
PS1=rommon ! >
FE_PORT=0
WARM_REBOOT=
RET_2_RTS=20:35:55 UTC Thu Sep 25 2014
BSI=0
RET_2_RCALTS=
RANDOM_NUM=1600357627
IP_ADDRESS=10.0.0.3
IP_SUBNET_MASK=255.0.0.0
DEFAULT_GATEWAY=10.0.0.1
TFTP_SERVER=10.0.0.2
TFTP_FILE=c2800nm-adventerprisek9-mz.124-24.T4
TFTP_CHECKSUM=0
?=0
rommon 19 > tftpdnld [ur]
usage: tftpdnld [-hr]
Use this command for disaster recovery only to recover an image via TFTP.
Monitor variables are used to set up parameters for the transfer.
(Syntax: "VARIABLE_NAME=value" and use "set" to show current variables.)
"ctrl-c" or "break" stops the transfer before flash erase begins.
The following variables are REQUIRED to be set for tftpdnld:
IP_ADDRESS: The IP address for this unit
IP_SUBNET_MASK: The subnet mask for this unit
DEFAULT_GATEWAY: The default gateway for this unit
TFTP_SERVER: The IP address of the server to fetch from
TFTP_FILE: The filename to fetch
The following variables are OPTIONAL:
TFTP_VERBOSE: Print setting. 0=quiet, 1=progress(default), 2=verbose
TFTP_RETRY_COUNT: Retry count for ARP and TFTP (default=18)
TFTP_TIMEOUT: Overall timeout of operation in seconds (default=7200)
TFTP_CHECKSUM: Perform checksum test on image, 0=no, 1=yes (default=1)
TFTP_MACADDR: The MAC address for this unit
FE_PORT: 0= (default), 1
FE_SPEED_MODE: 0=10/hdx, 1=10/fdx, 2=100/hdx, 3=100/fdx,
5=Auto (default)
TFTP_DESTINATION: The flash destination device for the file
flash:(default), usbflash0:, usbflash1:
Command line options:
-h: this help screen
-r: do not write flash, load to DRAM only and launch image
rommon 20 > tftpdnld
IP_ADDRESS: 10.0.0.3
IP_SUBNET_MASK: 255.0.0.0
DEFAULT_GATEWAY: 10.0.0.1
TFTP_SERVER: 10.0.0.2
TFTP_FILE: c2800nm-adventerprisek9-mz.124-24.T4
TFTP_VERBOSE: Progress
TFTP_RETRY_COUNT: 18
TFTP_TIMEOUT: 7200
TFTP_CHECKSUM: No
TFTP_MACADDR: 30:37:a6:49:35:a8
FE_PORT: Fast Ethernet 0
FE_SPEED_MODE: Auto
Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on flash: will be lost!
Do you wish to continue? y/n: [n]: y
ARP: address resolution for 10.0.0.2 timed out.
ARP failed with failure code 1. TFTP transfer aborted.
TFTP: Operation terminated prematurely.
rommon 21 >What I notice in the original post is this error
ARP: address resolution for 10.0.0.2 timed out.
which says that the router is looking for the 10.0.0.2 server but not getting response to its arp request. Can the original poster clarify for us how the device that has the image file is connected to the router that has the problem? Also what kind of device is 10.0.0.2? Is it a PC running TFTP server software or is it something else?
HTH
Rick -
Hello all.
I have just set up a new cisco DPQ3925 wireless router that Optus sent me to be able to access the higher speed internet I have signed up for.
I have a 4th gen apple extreme that I want to use to extend the wifi but when I try to update the settings via the airport utility I get a message that says it cannot do so, and to check it is in range and the wifi is set up correctly. I'm not experienced with these things but I can't think what I have done wrong.
Is anybody able to help me please.You cannot use the AE to extend wireless from a non apple router such as your cisco modem router.. they are not compatible..
You need to tie to the two devices together either with ethernet or something like EOP adapters.. They are about $120 and you can price match in officeworks. -
Strange issue - unable to establish PPP with Cisco 887 VAG router on one particular ADSL line
I have a strange problem that I’m struggling to get to the bottom of with my ISP and wondered if anyone could help.
We have a site with an older Cisco 877 ADSL router which was working happily until a few weeks ago when the connection dropped suddenly (out-of-hours at 2am if that’s of any significance – made me think most likely something carrier/ISP related?) When connectivity was lost, the router could sync with the BT exchange (we are in the UK) but could not establish PPP.
We logged fault with our ISP – after some to’ing and fro’ing, they passed it onto BT and their engineers visited site, they fixed “a line fault” (we don’t get much detail on what was actually fixed) but we still could not establish connectivity – same thing, solid CD light but no PPP.
So, we replaced the router with another 877 – same again, solid CD but no PPP. We replaced all the cables and microfilter etc but no difference.
We tried a different Cisco router (a newer Cisco 887VAG) which, as I understand, uses a different modem chipset but no matter – PPP could still not be established. We tested this router on another ADSL line with the same ISP and it worked without issue, using the same ADSL account details, it was able to establish connectivity. So we figured this must still be a BT/ISP issue.
Since then we’ve had BT out again twice but they say there is no fault. The ISP say there is no issue with them. But we still cannot establish ADSL connectivity on this line, despite having tried 3 different ADSL routers and despite the fact the routers work with the same account details on another ADSL line.
The 887VAG router we have currently connected has 3G backup so that is keeping us going in the meantime and also means I can login to the router remotely to check on the ADSL status.
But I’m struggling to pinpoint where the problem may lie. Strangely, if I turn on PPP negotiation and authentication debug then I’m not actually seeing any output from it at all?
Yet, the ATM interface is up and shows packets being sent and received:
ATM0 is up, line protocol is up
Hardware is MPC ATMSAR, address is bc16.6596.9b00 (bia bc16.6596.9b00)
MTU 1600 bytes, sub MTU 1600, BW 704 Kbit/sec, DLY 520 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ATM, loopback not set
Keepalive not supported
Encapsulation(s): AAL5
4 maximum active VCs, 1024 VCs per VP, 1 current VCCs
VC Auto Creation Disabled.
VC idle disconnect time: 300 seconds
Last input 00:00:28, output 00:00:07, output hang never
Last clearing of "show interface" counters 6d23h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: Per VC Queueing
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
23886 packets input, 1676964 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
56469 packets output, 4418592 bytes, 0 underruns
0 output errors, 0 collisions, 6 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
Does anyone have any ideas on where the problem may be and what more I can do to troubleshoot and provide the relevant evidence to our ISP (assuming it is an ISP/BT issue though the fact the same router works ok with the exact same details etc would seem to indicate it must be their issue!)Hi Jody,
thanks for the suggestions. Here's what I see from the ppp debugs (but I'm not sure how to interpret?)
Jan 6 14:50:22.838: pppoe_send_padi:
contiguous pak, size 74
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 FF FF
FF FF FF FF BC 16 65 96 9B 00 88 63 11 09 00 00
00 10 01 01 00 00 01 03 00 08 0C 00 00 01 00 00
04 A3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 ...
Jan 6 14:50:22.878: PPPoE 0: I PADO R:0030.8810.000b L:bc16.6596.9b00 0/38 ATM0.1
contiguous pak, size 71
BC 16 65 96 9B 00 00 30 88 10 00 0B 88 63 11 07
00 00 00 33 01 03 00 08 0C 00 00 01 00 00 04 A3
01 02 00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73
2D 62 61 73 2D 42 32 32 36 45 34 37 30 39 45 30
31 34 5A 01 01 00 00
Jan 6 14:50:24.885: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:50:35.125: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:50:45.364: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:50:55.603: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:51:05.843: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:51:16.114: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:51:26.353: [0]PPPoE 0: O PADT R:0000.0000.0000 L:0000.0000.0000 0/38 ATM0.1
contiguous pak, size 74
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 00
00 00 00 00 00 00 00 00 00 00 88 63 11 A7 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 ...
Jan 6 14:51:46.576: pppoe_send_padi:
contiguous pak, size 74
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 FF FF
FF FF FF FF BC 16 65 96 9B 00 88 63 11 09 00 00
00 10 01 01 00 00 01 03 00 08 0C 00 00 01 00 00
04 A3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 ...
Jan 6 14:51:46.608: PPPoE 0: I PADO R:0030.8810.000b L:bc16.6596.9b00 0/38 ATM0.1
contiguous pak, size 71
BC 16 65 96 9B 00 00 30 88 10 00 0B 88 63 11 07
00 00 00 33 01 03 00 08 0C 00 00 01 00 00 04 A3
01 02 00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73
2D 62 61 73 2D 42 32 32 36 45 34 37 30 39 45 30
31 34 5A 01 01 00 00
Provider wouldn't have bumped us from ADSL to VDSL - but here's the output of show controller vdsl 0:
Controller VDSL 0 is UP
Daemon Status: Up
XTU-R (DS) XTU-C (US)
Chip Vendor ID: 'BDCM' 'IFTN'
Chip Vendor Specific: 0x0000 0x71C8
Chip Vendor Country: 0xB500 0xB500
Modem Vendor ID: 'CSCO' ' '
Modem Vendor Specific: 0x4602 0x0000
Modem Vendor Country: 0xB500 0x0000
Serial Number Near: FCZ1111C08V C887VAG 15.2(4)M
Serial Number Far:
Modem Version Near: 15.2(4)M
Modem Version Far: 0x71c8
Modem Status: TC Sync (Showtime!)
DSL Config Mode: AUTO
Trained Mode: G.992.1 (ADSL) Annex A
TC Mode: ATM
Selftest Result: 0x00
DELT configuration: disabled
DELT state: not running
Trellis: ON ON
SRA: disabled disabled
SRA count: 0 0
Bit swap: enabled enabled
Bit swap count: 1 8
Line Attenuation: 54.5 dB 31.5 dB
Signal Attenuation: 54.5 dB 0.0 dB
Noise Margin: 6.7 dB 11.0 dB
Attainable Rate: 2132 kbits/s 888 kbits/s
Actual Power: 16.7 dBm 12.7 dBm
Total FECC: 546 0
Total ES: 6 0
Total SES: 0 0
Total LOSS: 0 0
Total UAS: 486 486
Total LPRS: 0 0
Total LOFS: 0 0
Total LOLS: 0 0
Full inits: 14
Failed full inits: 1
Short inits: 0
Failed short inits: 1
Firmware Source File Name (version)
VDSL user config flash:vdsl.bin-A2pv6C035d_d23j (10)
Modem FW Version: 110802_1752-4.02L.03.A2pv6C035d.d23j
Modem PHY Version: A2pv6C035d.d23j
Vendor Version:
DS Channel1 DS Channel0 US Channel1 US Channel0
Speed (kbps): 0 1664 0 704
SRA Previous Speed: 0 0 0 0
Previous Speed: 0 1600 0 736
Total Cells: 0 2786872 0 0
User Cells: 0 68 0 0
Reed-Solomon EC: 0 546 0 0
CRC Errors: 0 9 0 0
Header Errors: 0 10 0 0
Interleave (ms): 0.00 8.00 0.00 8.00
Actual INP: 0.00 1.12 0.00 1.28
Training Log : Stopped
Training Log Filename : flash:vdsllog.bin
And here's the output from the ATM and dialer interfaces:
interface ATM0
no ip address
ip flow ingress
no atm ilmi-keepalive
end
interface ATM0.1 point-to-point
ip flow ingress
pvc 0/38
pppoe-client dial-pool-number 2
end
interface Dialer2
description OUTSIDE
ip address negotiated
ip access-group firewall in
ip mtu 1492
ip flow ingress
ip nat outside
ip inspect DEFAULT100 out
ip virtual-reassembly in
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap callin
ppp chap hostname ###removed###
ppp chap password ###removed###
no cdp enable
crypto map dcvpn
end
As I say though, config-wise, everything should be correct - the same router works fine on another line (which should also confirm the authentication details are correct - at least in as far as it matches what the ISP have on their RADIUS)
Any further thoughts? -
How to bridge a linksys cisco E1200 series router?
I have recently purchased a linksys cisco E1200 series router and would like to know how to bridge the connection to my xbox
purchase 881w, get rid of linksys. That should do it.
Sent from Cisco Technical Support iPad App -
Successmaker program not working behind Cisco SA520
My customer is a small school in British Columbia. They have used the Successmaker program (written by Pearson Education) to teach numeracy and literacy skills. Since installing a SA520 the teachers are saying that Successmaker does not work properly.
I am at my wits end.
I have disabled content filtering for the SA520, I have disabled IDS on the SA520. I am using the default outbound firewall rule allowing inside addresses access anywhere on the Internet, and I have created an inbound firewall rule allowing all traffic and all services from the Successmaker server IP address that their tech support gave us.Their app is still unable to work properly.
What am I missing?
Before the SA520 was installed the school was using PAT to map different ports on the public IP on the school cable modem to inside addresses. The whole school was a big DMZ, and any port scanning would have reached into their network. The port mappings were never communicated to the Successmaker folks, so I doubt they were ever relevant to the issue. The Successmaker App is web based, and according to their tech support uses "transfer encoding:chunked" technology. I read up on this and it dates back pre Web 2.0 (pre flash, pre silverlight, pre basically the silicon chip). It is discussed in RFC 2616, the SA520 is Linux based, not IOS based. Does that mean that it does not understand RFC2616? I doubt it, and even if it didn't understand RFC 2616 surely all the steps I have taken above would blow a hole the size of a barn door through the firewall?
If this weren't a school would not be as emotionally connected as I am to their situation. Without this firewall they will be without much protection at all.
Can you help?
Message was edited by: dirkventer - I added the feedback received from Successmaker tech support. It suggests that the Cisco SA520 may be a problem, something I don't want to believe.Hi Quendale
I'm sorry to say that putting a student computer in the DMZ didn't resolve the issue.
In setting up the DMZ I made the following changes -
1) I confirmed that the Option interface was in DMZ mode, and that it had a static IP on a new subnet.
2) We also configured the DMZ DHCP to assign addresses in the subnet, using the firewall DMZ IP as default gateway, and using the firewall DMZ IP as DNS server.
3) I created a default firewall rule allowing all outbound traffic from the DMZ to the Internet, and created a firewall rule allowing all inbound traffic from the Successmaker server on the Internet (insecure) zone to the DMZ.
4) I confirmed that IPS was off for the DMZ (Default) and that the content filter exception for the DMZ was still disabled.
The same problem occurred, which makes me believe that the reason for the application not working in the LAN zone had nothing to do with IPS or content filtering. As far as the firewall rule goes, the impact of the inbound rule seems to have been the same - i.e. ineffectual.
Connecting the PC running successmaker directly to the school cable modem works.
The possibility that the application in question has traffic blocked because of a RFC (2616?) governing the way get and post requests should be formatted would still exist so long as integrity/compliance checking of packets is something that cannot be bypassed via the firewall configuration. Suffice it to say that the application appears dated and uses nothing of web 2.0. One of the options available to my customer is the purchase of the Web 2.0 version of successmaker ($600/seat), but they are only prepared to explore this option if the indications are that the older application, not the firewall is at fault. Pearson Education support swears blindly that thousands of BC school children continue to use the old app behind Cisco firewalls. I don't deny that the possibility exists that the Pearson support technician is stretching the truth, having an older application that has ceased to function with more sophisticated firewalls because RFC violations in packet formatting have become significant would doubtless present a solid easy-sell for their upgraded version, which is expensive, especially for a school. -
Cisco Model 870 router for home office connected to WRT160NL wireless router for personal use
I am using a Cisco Model 870 router for home office. I just bought a WRT160NL wireless router for home use. I setup the personal wireless router off the personal port of the 870 and can connect with my PC but not with my MAC machines. It can see the Network but when it asks me for passwords, it says they are wrong, which after several attempts I know they are correct.
The new router is setup as WPA2 personal. Can you advise?
Cisco Account Manager- ServicesI think I answered my own question. I tried downloading something on my desktop and checked my cellular usage afterwards didn't go up so it's using my home internet and not my data plan.
-
CWLMS 3.1 : CiscoView of Cisco 7606-S Router
Hi Friend,
I am facing some issue with CiscoView of 7606-S router.
Please find the attachment for more details.
In figure, The RED Marked LAN port appears GREEN when viewed through CiscoWorks but physically on Cisco 7606-S router, no such port exists at all.
Also besides this, we have 3 fiber ports and 2 RJ-45 port on Cisco router visible through CiscoView, but physically on Cisco router 2 Fiber and 2 RJ-45 port are present.
first fiber port is up and connected whereas when seen through CiscoWorks, it shows 3rd fiber port as green.you can not display your 7600 in ciscoview, the most probably reason is that a device package is needed to do this. do the following:
1. Download the device package from the link (Cat6000IOS.cv50.v29-1.zip, Cat6000IOS.cv50.v29-1.readme)
http://www.cisco.com/cgi-bin/apps/vwplan/cvresult.cgi?product_class=Routers&product=Internet+Router+7600+IOS&application=All+Versions
2. Go to Common Services > Software Center > Device Update, then select CiscoView > click on 'Check for updates' > select 'Enter Server Path' and enter the path where you downloaded the files > continue the instructions to
install it.
This will probably need to restart ciscoworks to apply the changes. -
Could Cisco 1701 ADSL Router supports WIC-1ENET Card.
Hi,
I need advise as to if a Cisco 1701 ADSL router could support WIC-1ENET Card.
My 1701 Router has WIC 0 as ADSL and WIC 1 as ISDN, could the ADSL card be replaced by a WIC-1ENET. I noticed ,that the cards seems to be rivet onto the back of the Router and not connected with SCREWS as other routers would posses.
Could someone advised as to how i can have this router supports 2 Ethernet NICs or what could be your recommendations?
Thank you,
Cisco End User.Hello,
the WIC-1ENET is supported on the 1701, but, AFAIK, only in slot 0.
It does not support 2 WIC-1ENET cards, only the 1720, 1750, and 1751 do, with a specific IOS release, check out this info from CCO:
WIC-1ENET- Support for two Ethernet WICs
The Ethernet WIC (WIC-1ENET) provides the capability to deploy additional Ethernet port(s) in a Cisco 1700 series routers. The initial release of the WIC-1ENET supported only one WIC-1ENET card in a 1700 router. The new IOS 12.2(2)XJ release offers the option of deploying up to two WIC-1ENET adapters in a Cisco 1720, 1750, or 1751 router. A total of three Ethernet ports can be configured. A typical application that requires three Ethernet ports involves using the built-in 10/100 Fast Ethernet port for LAN segment. One of the WIC-1ENET port could be used for high-speed broadband DSL or cable modem connection. The second WIC-1ENET port could be used for a DMZ (demilitarized zone) environment for deploying public Web servers or FTP servers. Hardware modification is not necessary to use the capability of IOS 12.2(2)XJ. The new IOS software is compatible with WIC-1ENET adapters already installed in 1700 series routers.
HTH,
GP -
Hi at all,
I need your experience with this device! I will implement a remote connection to a customer.
Following constellation:
My PC --> Our ISDN NTBA --> provider --> Phone System customer --> S0 --> ISDN 801 Router --> End Device
My problem is when I call the phone number with my mobile phone the call takes place, the router brings up the channel and hold this for a few seconds.
The he kick me out than he can´t speak with my end device.
When I do this with my remote pc nothing happens only this.
He hangs up and I must restart this application to do the next attempt. How can I fix this problem?
The debug isdn q931 shows this:
00:34:24: ISDN BR0 Q931: RX <- SETUP pd = 8 callref = 0x01
Sending Complete
Bearer Capability i = 0x8890
Standard = CCITT
Transer Capability = Unrestricted Digital
Transfer Mode = Circuit
Transfer Rate = 64 kbit/s
Channel ID i = 0x8A
Calling Party Number i = 0x0083, 'xxxxxxx'
Plan:Unknown, Type:Unknown
Called Party Number i = 0x80, '69'
Plan:Unknown, Type:Unknown
00:34:24: %DIALER-6-BIND: Interface BR0:2 bound to profile Di1
00:34:103079215104: %LINK-3-UPDOWN: Interface BRI0:2, changed state to up
00:34:24: ISDN BR0 Q931: TX -> CALL_PROC pd = 8 callref = 0x81
Channel ID i = 0x8A
00:34:24: ISDN BR0 Q931: RX <- CONNECT_ACK pd = 8 callref = 0x01
Channel ID i = 0x8A
00:34:24: ISDN BR0 Q931: TX -> ALERTING pd = 8 callref = 0x81
00:34:24: ISDN BR0 Q931: RX <- RELEASE_COMP pd = 8 callref = 0x01
Cause i = 0x85D1 - Invalid call reference value
00:34:24: ISDN BR0 Q931: TX -> CONNECT pd = 8 callref = 0x81
00:34:24: %ISDN-6-CONNECT: Interface BRI0:2 is now connected to xxxxxxxx
00:34:24: %LINK-3-UPDOWN: Interface BRI0:2, changed state to down
00:34:24: %DIALER-6-UNBIND: Interface BR0:2 unbound from profile Di1
00:34:24: ISDN BR0 Q931: RX <- RELEASE_COMP pd = 8 callref = 0x01
Cause i = 0x85D1 - Invalid call reference value
00:34:24: ISDN BR0 Q931: L3_Go: L3_GetUser_NLCB returned NULL cid 0x0 cr 0x81 ev 0x5A ces 1 -- Message ignored
00:34:24: ISDN BR0 Q931: RX <- RELEASE_COMP pd = 8 callref = 0x01
Cause i = 0x85D1 - Invalid call reference value
00:34:24: ISDN BR0 Q931: L3_Go: L3_GetUser_NLCB returned NULL cid 0x0 cr 0x81 ev 0x5A ces 1 -- Message ignored
00:34:27: ISDN BR0 Q931: RX <- DISCONNECT pd = 8 callref = 0x01
Cause i = 0x8090 - Normal call clearing
Facility i = 0x91A11302029372020122300AA1053003020100820101
- ETSI Supplementary Service, Invoke, AOC-D Charging Units: 0
00:34:27: ISDN BR0 Q931: RX <- RELEASE_COMP pd = 8 callref = 0x01
And this is my configuration on the Cisco 801 ISDN Router:
sh run
Building configuration...
Current configuration : 1539 bytes
version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname customer
boot-start-marker
boot system flash c800-y6-mw.123-3i.bin
boot-end-marker
logging buffered 4096 debugging
enable secret 5 $1$4sbt$qMDQoozleDqJstTzC2P8I1
username admin password 7 01000505571F0303
aaa new-model
aaa authentication login default local
aaa authentication ppp default local
aaa session-id common
ip subnet-zero
no ip domain lookup
isdn switch-type basic-net3
interface Ethernet0
description connection
ip address 192.168.1.254 255.255.255.0
no keepalive
interface BRI0
description connected to Dial-inPC (ISDN)
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-net3
isdn incoming-voice data
isdn answer1 12
isdn send-alerting
isdn sending-complete
isdn static-tei 0
interface Dialer0
description connected to Dial-inPC (ISDN)
ip unnumbered Ethernet0
encapsulation ppp
no ip split-horizon
dialer pool 1
peer default ip address pool test
no cdp enable
ppp authentication chap
ppp multilink
router rip
version 2
network 192.168.1.0
no auto-summary
ip local pool test 192.168.1.10 192.168.1.11
ip classless
no ip http server
dialer-list 1 protocol ip permit
line con 0
exec-timeout 0 0
transport preferred all
transport output all
stopbits 1
line vty 0 4
transport preferred all
transport input all
transport output all
no rcapi server
end
I hope anyone have or had this constellation too with a solution that works.
Many Thanks in advance,
MarioHi at all,
We found a solution for this Problem !!
We always and always got this error:
%PQUICC-1-LOSTCARR: Unit 0, lost carrier. Transceiver problem?
The problem was the cable! The following pin-out is required:
1 ----- 1
2 ----- 2
3 ----- 6
4 ----- 5
5 ----- 4
6 ----- 3
7 ----- 7
8 ----- 8
We used this and the fault has disappeared!!
The only problem that still exists:
After the first connection the router must be rebooted because otherwise no more additional session is established.
Thanks for all answers.
Regards,
Mario -
MPLS CE support on Cisco 2800 ISR router
Hi all, could I ask you for some hints about MPLS CE support on Cisco 2800 ISR router today? I`m finding restrictions and recommendations for feature implementation. Do you have any cisco web site about them?
Thank you for your advice and/or hints.
PeterThanks for an answer. I need to use multi-VPN model on CE router, but with QoS on one physical CE-PE connection (e.g. Frame-Relay DLCI).However, all VPNs on CE router must be secured for each one. The solution is Multi-VRF service feature, but, however, with multi-DLCI model on Frame-Relay and QoS per DLCI. Now, I`m finding a scenario to provide multi-VPN model on CE router with single-DLCI model and single QoS per one DLCI for all VPNs. And that, MPLS CE feature on C2800 could be used, if possible.
So, I don`t know more about MPLS CE on C2800 and I don`t know make a result to propsed solution...
Maybe you are looking for
-
Multiple gateways for different Traffic on ASA 5510 firewall
Hello, My network atthe moment is set up as: WAN, with three sites Site 1 Site 2 Site 3 Site 1 is behind a non-Cisco firewall, which is connected to the internet via a Frame Relay link (using a Cisco 1721 router). We host a number of servers on the I
-
NOOB Question - Cannot seem to get the output in a text or CSV file - Please help!!
I was able to put together a script which finds members of a certain AD group, filters down the users, and then calculates the number of days till a password reset is needed. I am able to get on screen exactly what i am looking for, but cannot seem
-
Using Flash Catalyst to create components in Flash Builder
Hi, Apologies if this is a obvious question, but I wanted to solve the one way catalyst --> flash builder nightmare (there is no better word in my opinion) and create a number of basic components in catalyst (rather than an entire site), import them
-
Search "my profile" shows everything but, need to change profile apparently to "cut and paste"
One would think there would be a simple button allowing access to a personal profile. Certainly can't find one, search brings up thousands of answers, none relevant. Apparently have to copy lines of code to "cut and paste" in my emails. Do not unders
-
Hi All, I am using File Upload Component for Uploading file in JSFF , But it is not working My code is like bellow //variables private UploadedFile upFile; private RichInputFile fileupload; //--Getters public UploadedFile getUpFile() { return upFile;