P2P Blocking is disabled in cisco 881 W router
Hi
We are facing an issue with the communication between wireless clients in same subnet .These users are not able to ping each other in cisco 881 W wireless router.
But we can do in this router to disable this P2P blocking.
Well I would use a static on the AP, but if you depending on IOS dhcp to be reliable, then maybe you need to setup a Mac reservation for the AP. It would be after to just set a static on the AP. Since you know your environment will grow, it might be better that you start setting them to static. IOS dhcp isn't 100% reliable as you have already experienced.
Sent from Cisco Technical Support iPad App
Similar Messages
-
Cisco 881 ISR IPSec VPN Tunnel does not pass traffic from the vlan.
I have a cisco 881 ISR Router with a site-to-site IPsec vpn tunnel to a mikrotik device on the other end (I inherited this from my client). The tunnel is constructed properly and is up, however traffic does not pass or get routed to the FA4 interface. I see in my packet captures that it hits the vlan1 interface (vlans are required on the L2 ports) and does not pass to the tunnel.
This is my configuration:
141Kerioth#sh config
Using 3763 out of 262136 bytes
! Last configuration change at 01:02:41 UTC Mon May 26 2014 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 141Kerioth
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
aaa new-model
141Kerioth#do wr mem
^
% Invalid input detected at '^' marker.
141Kerioth#wr mem
Building configuration...
[OK]
141Kerioth#sh run
Building configuration...
Current configuration : 5053 bytes
! Last configuration change at 01:38:06 UTC Mon May 26 2014 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 141Kerioth
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
aaa new-model
aaa authentication login default local
aaa authentication ppp default local
aaa session-id common
memory-size iomem 10
crypto pki trustpoint TP-self-signed-580381394
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-580381394
revocation-check none
rsakeypair TP-self-signed-580381394
crypto pki certificate chain TP-self-signed-580381394
certificate self-signed 01
30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 35383033 38313339 34301E17 0D313430 35323231 38323333
365A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3538 30333831
33393430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
B001A012 2CA6970C 0648798B 2A786704 84F2D989 83974B19 9B4287F2 4503D2C9
173F23C4 FF34D160 202A7565 4A1CE08B 60B3ADAE 6E19EE6E 9CD39E72 71F9650E
930F22FE C4441F9C 2D7DD420 71F75DFC 3CCAC94E BA304685 E0E62658 A3E8D01C
D01D7D6A 5AF0B0E6 3CF6AF3A B7E51F83 9BF6D38E 65254E1F 71369718 ADADD691
02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
23041830 168014D6 24878F12 1FFADF2F 537A438E 6DD7FB6B D79E4130 1D060355
1D0E0416 0414D624 878F121F FADF2F53 7A438E6D D7FB6BD7 9E41300D 06092A86
4886F70D 01010505 00038181 00771667 FCA66002 8AB9E5FB F210012F C50B586F
9A9640BB 45B4CEFD 030A38C0 E610AAC8 B41EF3C4 E55810F9 B2C727CF C1DEFCF1
0846E7BC 1D95420E 5DADB5F8 EFE7EB37 B5433B80 4FF787D4 B1F2A527 06F065A4
00522E97 A9D2335C E83C4AE1 E68D7A41 9D0046A7 ADCC282B 7527F84D E71CC567
14EF37EA 15E57AD0 3C5D01F3 EF
quit
ip dhcp excluded-address 10.0.16.1
ip dhcp pool ccp-pool
import all
network 10.0.16.0 255.255.255.0
default-router 10.0.16.1
dns-server 8.8.8.8
lease 0 2
ip domain name kerioth.com
ip host hostname.domain z.z.z.z
ip name-server 8.8.8.8
ip name-server 4.2.2.2
ip cef
no ipv6 cef
license udi pid CISCO881-K9 sn FTX180483DD
username admin privilege 15 secret 4 CmmfIy.RPySmo4Q2gEIZ2jlr3J.bTBAszoe5Bry0z4c
username meadowbrook privilege 0 password 0 $8UBr#Ux
username meadowbrook autocommand exit
policy-map type inspect outbound-policy
crypto isakmp policy 1
encr 3des
authentication pre-share
group 5
crypto isakmp key 141Township address z.z.z.z
crypto isakmp keepalive 10
crypto ipsec transform-set TS esp-3des esp-sha-hmac
mode tunnel
crypto map mymap 10 ipsec-isakmp
set peer z.z.z.z
set transform-set TS
match address 115
interface Loopback0
no ip address
interface Tunnel1
no ip address
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface FastEthernet4
description $FW_OUTSIDE_WAN$
ip address 50.y.y.y 255.255.255.240
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map mymap
interface Vlan1
description $ETH_LAN$
ip address 10.0.16.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 115 interface Vlan1 overload
ip nat inside source list 199 interface FastEthernet4 overload
ip nat inside source route-map nonat interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 50.x.x.x
access-list 110 deny ip 10.0.16.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 110 permit ip 10.0.16.0 0.0.0.255 any
access-list 115 permit ip 10.0.16.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 144 permit icmp host c.c.c.c host 10.0.1.50
access-list 144 permit icmp host p.p.p.p host 10.0.16.105
access-list 199 permit ip a.a.a.a 0.0.0.255 any
no cdp run
route-map nonat permit 10
match ip address 100
line con 0
no modem enable
line aux 0
line vty 0 4
access-class 1 in
exec-timeout 30 0
privilege level 15
transport preferred ssh
transport input ssh
line vty 5 15
access-class 23 in
privilege level 15
transport input telnet ssh
cns trusted-server all-agents x.x.x.x
cns trusted-server all-agents hostname
cns trusted-server all-agents hostname.domain
cns id hardware-serial
cns id hardware-serial event
cns id hardware-serial image
cns event hostname.domain 11011
cns config initial hostname.domain 80
cns config partial hostname.domain 80
cns exec 80
endWhy do you have following command on the PIX?
crypto map outside_map 40 set transform-set 165.228.x.x
Also you have this transform set on the PIX:
crypto ipsec transform-set 10.112.60.0 esp-aes-256 esp-sha-hmac
This does not match the transfor set on the router:
crypto ipsec transform-set tritest esp-3des esp-md5-hmac
Where are you using the access-list/route-map
101 ? -
Need help with cisco 881 configuration.
Hi, I have cisco 881 wireless router, and I need to configure this as a switch, I have dhcp server in network 192.168.12.254, and I need that cisco wifi and lan clients get IP addresses from existing dhcp server.
I connect wire from network (with dhcp server) to FastEthernet0, create vlan interface (192.168.12.10 255.255.255.0), described vlan on other FastEthernet interfaces, so LAN clients get IP addresses from my dhcp server without problems, but how to do the same with wifi clients?Follow this support doc because you need to trunk the AP to the router and specify the vlan the wireelss clients will be on.
https://supportforums.cisco.com/docs/DOC-16145
Here is a doc that guides you through multiple vlans/subnets on access points:
https://supportforums.cisco.com/docs/DOC-14496
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Hello,
I've searched a few forums and tried to use some of suggestions (and that's why the config is so big and probably messed up ;-)
The network is very simple: (Computers behind NAT + Windows 2008 Server with PPTP -> Cisco 881 -> DSL) and (near) everything works perfectly.
It is not posible to connect from outside to W2008 PPTP (stops at "connecting..."), what is even more interesting you can not connect from inside to any of PPTP servers located on the Internet (this stops at "veryfying user name & password")
Please check the configuration, and thanks in advance!
Greetings,
Adrian
config
ip dhcp excluded-address 192.168.100.1 192.168.100.29
ip dhcp excluded-address 192.168.100.100 192.168.100.254
ip dhcp pool Logmar
import all
network 192.168.100.0 255.255.255.0
dns-server 194.204.159.1 192.204.152.34
default-router 192.168.100.1
ip cef
no ip bootp server
ip domain name logmar
ip name-server 194.204.159.1
ip name-server 194.204.152.34
ip port-map user-rserial port tcp 33600 list 3 description rserial
ip inspect tcp reassembly queue length 1024
no ipv6 cef
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-any SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any VOIP
match protocol sip-tls
match protocol sip
match protocol pptp
match class-map SDM_GRE
class-map type inspect imap match-any ccp-app-imap
match invalid-command
class-map type inspect match-any pptp
match protocol pptp
match class-map SDM_GRE
class-map type inspect match-any ccp-cls-protocol-p2p
match protocol edonkey signature
match protocol gnutella signature
match protocol kazaa2 signature
match protocol fasttrack signature
match protocol bittorrent signature
class-map type inspect match-any SDM_TELNET
match access-group name SDM_TELNET
class-map type inspect match-any SDM_HTTP
match access-group name SDM_HTTP
class-map type inspect match-any SDM_SHELL
match access-group name SDM_SHELL
class-map type inspect match-any SDM_SSH
match access-group name SDM_SSH
class-map type inspect match-any SDM_HTTPS
match access-group name SDM_HTTPS
class-map type inspect match-any sdm-mgmt-cls-0
match class-map SDM_TELNET
match class-map SDM_HTTP
match class-map SDM_SHELL
match class-map SDM_SSH
match class-map SDM_HTTPS
class-map type inspect match-any SDM_AH
match access-group name SDM_AH
class-map type inspect match-any CCP-Voice-permit
match protocol h323
match protocol skinny
match protocol sip
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol h323
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
match class-map SDM_GRE
match protocol pptp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-all sdm-cls--1
match class-map VOIP
match access-group name VOIP
class-map type inspect match-any SDM_IP
match access-group name SDM_IP
class-map type inspect match-any SDM_ESP
match access-group name SDM_ESP
class-map type inspect match-any SDM_EASY_VPN_SERVER_TRAFFIC
match protocol isakmp
match protocol ipsec-msft
match class-map SDM_AH
match class-map SDM_ESP
class-map type inspect match-all SDM_EASY_VPN_SERVER_PT
match class-map SDM_EASY_VPN_SERVER_TRAFFIC
class-map type inspect gnutella match-any ccp-app-gnutella
match file-transfer
class-map type inspect ymsgr match-any ccp-app-yahoo-otherservices
match service any
class-map type inspect msnmsgr match-any ccp-app-msn-otherservices
match service any
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-any ccp-cls-protocol-im
match protocol ymsgr yahoo-servers
match protocol msnmsgr msn-servers
match protocol aol aol-servers
class-map type inspect aol match-any ccp-app-aol-otherservices
match service any
class-map type inspect match-all ccp-protocol-pop3
match protocol pop3
class-map type inspect match-any pptp-traffic
match access-group name pptp
match access-group name SDM_GRE
match access-group name pptp-out
class-map type inspect pop3 match-any ccp-app-pop3
match invalid-command
class-map type inspect kazaa2 match-any ccp-app-kazaa2
match file-transfer
class-map type inspect match-all ccp-protocol-p2p
match class-map ccp-cls-protocol-p2p
class-map type inspect msnmsgr match-any ccp-app-msn
match service text-chat
class-map type inspect ymsgr match-any ccp-app-yahoo
match service text-chat
class-map type inspect match-all ccp-protocol-im
match class-map ccp-cls-protocol-im
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect http match-any ccp-app-httpmethods
match request method bcopy
match request method bdelete
match request method bmove
match request method bpropfind
match request method bproppatch
match request method connect
match request method copy
match request method delete
match request method edit
match request method getattribute
match request method getattributenames
match request method getproperties
match request method index
match request method lock
match request method mkcol
match request method mkdir
match request method move
match request method notify
match request method options
match request method poll
match request method propfind
match request method proppatch
match request method revadd
match request method revlabel
match request method revlog
match request method revnum
match request method save
match request method search
match request method setattribute
match request method startrev
match request method stoprev
match request method subscribe
match request method trace
match request method unedit
match request method unlock
match request method unsubscribe
class-map type inspect edonkey match-any ccp-app-edonkey
match file-transfer
match text-chat
match search-file-name
class-map type inspect http match-any ccp-http-blockparam
match request port-misuse im
match request port-misuse p2p
class-map type inspect edonkey match-any ccp-app-edonkeydownload
match file-transfer
class-map type inspect aol match-any ccp-app-aol
match service text-chat
class-map type inspect match-all ccp-protocol-imap
match protocol imap
class-map type inspect edonkey match-any ccp-app-edonkeychat
match search-file-name
match text-chat
class-map type inspect http match-any ccp-http-allowparam
match request port-misuse tunneling
class-map type inspect fasttrack match-any ccp-app-fasttrack
match file-transfer
class-map type inspect match-all ccp-protocol-http
match protocol http
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map type inspect p2p ccp-action-app-p2p
class type inspect edonkey ccp-app-edonkeychat
log
allow
class type inspect edonkey ccp-app-edonkeydownload
log
allow
class type inspect fasttrack ccp-app-fasttrack
log
allow
class type inspect gnutella ccp-app-gnutella
log
allow
class type inspect kazaa2 ccp-app-kazaa2
log
allow
policy-map type inspect im ccp-action-app-im
class type inspect aol ccp-app-aol
log
allow
class type inspect msnmsgr ccp-app-msn
log
allow
class type inspect ymsgr ccp-app-yahoo
log
allow
class type inspect aol ccp-app-aol-otherservices
log
reset
class type inspect msnmsgr ccp-app-msn-otherservices
log
reset
class type inspect ymsgr ccp-app-yahoo-otherservices
log
reset
policy-map global-policy
policy-map type inspect http ccp-action-app-http
class type inspect http ccp-http-blockparam
log
allow
class type inspect http ccp-app-httpmethods
log
allow
class type inspect http ccp-http-allowparam
log
allow
policy-map type inspect imap ccp-action-imap
class type inspect imap ccp-app-imap
log
policy-map type inspect pop3 ccp-action-pop3
class type inspect pop3 ccp-app-pop3
log
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
service-policy http ccp-action-app-http
class type inspect ccp-protocol-imap
inspect
service-policy imap ccp-action-imap
class type inspect ccp-protocol-pop3
inspect
service-policy pop3 ccp-action-pop3
class type inspect ccp-protocol-p2p
inspect
service-policy p2p ccp-action-app-p2p
class type inspect ccp-protocol-im
inspect
service-policy im ccp-action-app-im
class type inspect ccp-insp-traffic
inspect
class type inspect CCP-Voice-permit
inspect
class type inspect pptp-traffic
pass
class type inspect SDM_GRE
pass
class class-default
pass
policy-map type inspect ccp-permit
class type inspect SDM_EASY_VPN_SERVER_PT
pass
class type inspect pptp-traffic
pass
class class-default
drop
policy-map type inspect sdm-policy-sdm-cls--1
class type inspect sdm-cls--1
pass
class type inspect pptp-traffic
pass
class class-default
drop
policy-map type inspect sdm-permit-ip
class type inspect SDM_IP
pass
class type inspect pptp-traffic
pass
class class-default
drop log
zone security out-zone
zone security in-zone
zone security ezvpn-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-out-zone-in-zone source out-zone destination in-zone
service-policy type inspect sdm-policy-sdm-cls--1
zone-pair security sdm-zp-in-ezvpn1 source in-zone destination ezvpn-zone
service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-out-ezpn1 source out-zone destination ezvpn-zone
service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-ezvpn-out1 source ezvpn-zone destination out-zone
service-policy type inspect sdm-permit-ip
zone-pair security sdm-zp-ezvpn-in1 source ezvpn-zone destination in-zone
service-policy type inspect sdm-permit-ip
interface Null0
no ip unreachables
interface FastEthernet0
switchport mode trunk
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description $FW_OUTSIDE$$ETH-WAN$
ip address 83.0.201.122 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip verify unicast reverse-path
ip flow ingress
ip nat outside
ip virtual-reassembly
zone-member security out-zone
duplex auto
speed auto
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.100.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
zone-member security in-zone
ip tcp adjust-mss 1452
ip local pool SDM_POOL_3 192.168.100.200 192.168.100.210
ip forward-protocol nd
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool logmar 192.168.100.1 192.168.100.254 netmask 255.255.255.0
ip nat inside source list 4 interface FastEthernet4 overload
ip nat inside source static tcp 192.168.100.100 1723 interface FastEthernet4 1723
ip nat inside source list pptp-out interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 83.0.201.121 permanent
ip access-list extended SDM_AH
remark CCP_ACL Category=1
permit ahp any any
ip access-list extended SDM_ESP
remark CCP_ACL Category=1
permit esp any any
ip access-list extended SDM_GRE
remark CCP_ACL Category=0
permit gre any any
ip access-list extended SDM_HTTP
remark CCP_ACL Category=0
permit tcp any any eq www
ip access-list extended SDM_HTTPS
remark CCP_ACL Category=0
permit tcp any any eq 443
ip access-list extended SDM_IP
remark CCP_ACL Category=1
permit ip any any
ip access-list extended SDM_SHELL
remark CCP_ACL Category=0
permit tcp any any eq cmd
ip access-list extended SDM_SSH
remark CCP_ACL Category=0
permit tcp any any eq 22
ip access-list extended SDM_TELNET
remark CCP_ACL Category=0
permit tcp any any eq telnet
ip access-list extended VOIP
remark CCP_ACL Category=128
permit ip any host 192.168.100.100
ip access-list extended pptp
remark CCP_ACL Category=1
permit gre any any
permit tcp any host 192.168.100.100 eq 1723
permit ip any host 192.168.100.100
ip access-list extended pptp-out
remark CCP_ACL Category=2
permit tcp any any eq 1723
permit gre any any
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.100.0 0.0.0.255
access-list 2 remark Auto generated by SDM Management Access feature
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.100.0 0.0.0.255
access-list 3 remark CCP_ACL Category=1
access-list 4 remark CCP_ACL Category=2
access-list 4 permit 192.168.100.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 102 remark Auto generated by SDM Management Access feature
access-list 102 remark CCP_ACL Category=1
access-list 102 permit ip 192.168.100.0 0.0.0.255 any
access-list 106 remark CCP_ACL Category=0
no cdp runI've deleted all (well at least part concerning PPTP access ;-) configuration and written it from scratch...
Heh, I do not understand WHY configuring Cisco is such a pain while doing same thing in ALL other routers is easier, far more predictable, and not at all less secure
Below is ACL & policy-map-related part of my config - hope this helps.
class-map type inspect match-any SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any cpp-cls-inside
match protocol pptp
match class-map SDM_GRE
match access-group name SDM_GRE
class-map type inspect imap match-any ccp-app-imap
match invalid-command
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol h323
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
match class-map SDM_GRE
match protocol pptp
match protocol skinny
match protocol sip
match protocol sip-tls
match access-group name SDM_GRE
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect gnutella match-any ccp-app-gnutella
match file-transfer
class-map type inspect ymsgr match-any ccp-app-yahoo-otherservices
match service any
class-map type inspect msnmsgr match-any ccp-app-msn-otherservices
match service any
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect aol match-any ccp-app-aol-otherservices
match service any
class-map type inspect pop3 match-any ccp-app-pop3
match invalid-command
class-map type inspect kazaa2 match-any ccp-app-kazaa2
match file-transfer
class-map type inspect msnmsgr match-any ccp-app-msn
match service text-chat
class-map type inspect ymsgr match-any ccp-app-yahoo
match service text-chat
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect http match-any ccp-app-httpmethods
match request method bcopy
match request method bdelete
match request method bmove
match request method bpropfind
match request method bproppatch
match request method connect
match request method copy
match request method delete
match request method edit
match request method getattribute
match request method getattributenames
match request method getproperties
match request method index
match request method lock
match request method mkcol
match request method mkdir
match request method move
match request method notify
match request method options
match request method poll
match request method propfind
match request method proppatch
match request method revadd
match request method revlabel
match request method revlog
match request method revnum
match request method save
match request method search
match request method setattribute
match request method startrev
match request method stoprev
match request method subscribe
match request method trace
match request method unedit
match request method unlock
match request method unsubscribe
class-map type inspect edonkey match-any ccp-app-edonkey
match file-transfer
match text-chat
match search-file-name
class-map type inspect http match-any ccp-http-blockparam
match request port-misuse im
match request port-misuse p2p
class-map type inspect edonkey match-any ccp-app-edonkeydownload
match file-transfer
class-map type inspect aol match-any ccp-app-aol
match service text-chat
class-map type inspect edonkey match-any ccp-app-edonkeychat
match search-file-name
match text-chat
class-map type inspect http match-any ccp-http-allowparam
match request port-misuse tunneling
class-map type inspect fasttrack match-any ccp-app-fasttrack
match file-transfer
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map type inspect p2p ccp-action-app-p2p
class type inspect edonkey ccp-app-edonkeychat
log
allow
class type inspect edonkey ccp-app-edonkeydownload
log
allow
class type inspect fasttrack ccp-app-fasttrack
log
allow
class type inspect gnutella ccp-app-gnutella
log
allow
class type inspect kazaa2 ccp-app-kazaa2
log
allow
policy-map type inspect im ccp-action-app-im
class type inspect aol ccp-app-aol
log
allow
class type inspect msnmsgr ccp-app-msn
log
allow
class type inspect ymsgr ccp-app-yahoo
log
allow
class type inspect aol ccp-app-aol-otherservices
log
reset
class type inspect msnmsgr ccp-app-msn-otherservices
log
reset
class type inspect ymsgr ccp-app-yahoo-otherservices
log
reset
policy-map global-policy
policy-map type inspect ccp-inspect
class type inspect SDM_GRE
pass
class type inspect ccp-invalid-src
drop log
class type inspect ccp-insp-traffic
inspect
class class-default
pass
policy-map type inspect pop3 ccp-action-pop3
class type inspect pop3 ccp-app-pop3
log
policy-map type inspect http ccp-action-app-http
class type inspect http ccp-http-blockparam
log
allow
class type inspect http ccp-app-httpmethods
log
allow
class type inspect http ccp-http-allowparam
log
allow
policy-map type inspect ccp-inside
class type inspect SDM_GRE
pass
class type inspect cpp-cls-inside
inspect
class class-default
drop
policy-map type inspect ccp-permit
class class-default
drop
policy-map type inspect imap ccp-action-imap
class type inspect imap ccp-app-imap
log
zone security out-zone
zone security in-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security cp-zp-out-in source out-zone destination in-zone
service-policy type inspect ccp-inside
interface Null0
no ip unreachables
interface FastEthernet0
switchport mode trunk
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description $FW_OUTSIDE$$ETH-WAN$
ip address 83.0.201.122 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip verify unicast reverse-path
ip flow ingress
ip nat outside
ip virtual-reassembly
zone-member security out-zone
duplex auto
speed auto
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.100.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
zone-member security in-zone
ip tcp adjust-mss 1452
ip local pool SDM_POOL_3 192.168.100.200 192.168.100.210
ip forward-protocol nd
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool logmar 192.168.100.1 192.168.100.254 netmask 255.255.255.0
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp 192.168.100.100 1723 interface FastEthernet4 1723
ip route 0.0.0.0 0.0.0.0 83.0.201.121 permanent
ip access-list extended SDM_GRE
remark CCP_ACL Category=0
permit gre any any
ip access-list extended SDM_HTTP
remark CCP_ACL Category=0
permit tcp any any eq www
ip access-list extended SDM_HTTPS
remark CCP_ACL Category=0
permit tcp any any eq 443
ip access-list extended SDM_SHELL
remark CCP_ACL Category=0
permit tcp any any eq cmd
ip access-list extended SDM_SSH
remark CCP_ACL Category=0
permit tcp any any eq 22
ip access-list extended SDM_TELNET
remark CCP_ACL Category=0
permit tcp any any eq telnet
logging trap debugging
logging 192.168.100.100
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.100.0 0.0.0.255
access-list 1 permit any
access-list 2 remark Auto generated by SDM Management Access feature
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.100.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 102 remark Auto generated by SDM Management Access feature
access-list 102 remark CCP_ACL Category=1
access-list 102 permit ip 192.168.100.0 0.0.0.255 any
no cdp run -
Can I block or disable Bookmarks Sync on one computer later, after setting it up?
If I set up synchronisation for bookmarks etc for several computers with an account on the Firefox server, can I later block or disable sync for one of the computers without having to remove the program option altogether from my browser? I presume I can(?) uninstall it altogether if I don't want it later??
A related question -- can I set up to sync different things for different computers?1. Give her a separate user account on your computer. If you have a backup copy of the library, you can restore it.
2. If you encounter a 90-day waiting period, click here and ask the iTunes Store staff if they'll remove it.
(125941) -
IPhone 3GS blocked and disabled
Hi everyone
I got an iPhone 3GS but it's blocked and disabled, I don't know why it's blocked I just bought it like that because it was cheap, anyway I forgotten my password and now it's disabled, I can I get it working without losing any of my photo, music, apps ect..
I just really need to get my photos off it then I don't mind what i do with it after
PLEASE HELP ME!!Contact Orange and find out their requirements for removing the SIM lock.
Only the carrier to whom the device is locked can officially unlock it. -
Hello
I'm having some trouble configuring a cisco 881. I'm building a lab where I connect 2 cisco 881 through the fe4 interface (Wan port), and then connect to each router a PC, at interface fe0 (Lan port). The idea was to establish connection and implementing a static route between the 2 routers.
As a default the 881 has dhcp enabled on VLAN1 (10.10.10.0/24). So I set the pc's to get Ip's automatically. On Router A, I changed the dhcp pool so that I had a different network (11.10.10.0/24). So I have PC1 (11.10.10.2) connected to Router A on interface fa0. Router A connects to Router B through the fe4 interfaces (WAN ports). And PC2 (10.10.10.0/24) connects to Router B on fa0 interface.
I assigned an ip address to fe4 on Router A (192.168.10.1/24) and an ip address to fe4 on Router B (192.168.10.2/24).
At last I configured the static routes on both routers.
On Router A : ip route 10.10.10.0 255.255.255.0 192.168.10.2
On Router B : ip route 11.10.10.0 255.255.255.0 192.168.10.1
With everything configured I tested the connections.
PC 1 to its gateway: successful
PC 1 to 192.168.10.2: successful
PC1 to the gateway of PC2(10.10.10.1/24): successful
PC 1 to PC 2: failed
PC 2 to its gateway: successful
PC 2 to 192.168.10.1: successful
PC2 to the gateway of PC1(11.10.10.1/24): successful
PC 1 to PC 2: failed
Well this is the scenario. I really don’t understand the problem. I thing I did everything right, but I simply don’t get the result. Is there an error with my configuration or is this simply not doable?
Thanks a lot.Have you checked that the firewalls are turned off? If you can ping the far side, that tells me you have a default gateway configured on the workstation and that the far side router has a route back to you. The only thing left would be firewalls need to be turned off on the workstations.
HTH,
John
*** Please rate all useful posts *** -
I am having issues with my popup blocker blocking a site, but my popup blocker is disabled.
I am trying to access this site for my college class. It asks me to disable my popup blocker for access to the site, which I have done, but it still blocks my access to the site. I used Firefox last semester and I did not have any problems, do you have any advice? I did go in and make sure that the popup blocker was disabled, and then restarted my browser, but I do not know what else I should try. *Please note that I could very well be doing something wrong......but any advice you could give me would be great! I really do not want to use Internet Explorer if I do not have too, I love Firefox so much better! Thanks for taking time out of your day to help me :)
CamiHi Cami, in your system details it seems you have MySearchDial extension inactive, maybe the problem is there. MySearchDial is malicious software(browser hijacker), see if you have it in your win 7 and uninstall it (Start button > Control Panel > Programs > Programs and Features > Uninstall.)
see also :
* http://www.mysearchdial.com/removal-instructions/
* http://malwaretips.com/blogs/mysearchdial-toolbar-removal/
also '''delete''' in your [http://kb.mozillazine.org/Profile_folder_-_Firefox#Windows profile folder] the [http://kb.mozillazine.org/User.js_file User.js file] you have.
The user.js file '''does not exist by default'''. If you create the file, forget it, if you have not create the file then delete the User.js file, to see if the problem goes away (some programs create and write in the file also).
thank you -
Hi All,
I set up enable password as well as telnet password on cisco 881-k9.
with the same password :kadd2013
no username confugured
when i saved the config , i was unable to login again using the same password i configuredDid it just ask for password? Could have you gotten white space in the password? Try to enter the password with a space after it. Either that or a typo. Did you have caps lock enabled?
Daniel Dib
CCIE #37149
Please rate helpful posts. -
Hi,
I am configuring staic L2TPv3 on Cisco 881. According to the feature navigator it is supported and I can configure without any problem. The L2TPv3 session seems to be UP but apparently there is no data I can send accross this L2TPv3 tunnel.
Anyone can give suggestion ?
thanks in advance.Please post on WAN, Routing and Switching community.
Shelley. -
"P2P Blocking" with different Flexconnect APs
Hello,
Does the "P2P Blocking" feature work for clients connected to different Flexconnect APs?
In my case, apparently it doesn't work.
We have 2 APs in Flexconnect Mode, an SSID with the "P2P Blocking" option set to drop and when we connect a client to one of the APs and another client to the other AP, these clients have visibility between them.
Is that possible?
Thank you.I think when this feature (P2P blocking) was added, there were no concept of interface groups, etc to map multiple vlan to same SSID. When additional features added the original P2P blocking was not optimized to work in all these scenario.
This is a one feature I am not trusting well. I think it has drawbacks like what you found. Haven't tested in detail, but heard lots of issues with this feature.
Open a TAC & confirm with them what is the expected behaviour in your situation
HTH
Rasika -
Hi, I need to provide a router to connect Internet circuit and run IPsec to MPLS network. Circuit is 10Mbps.
What is the max a Cisco 881 can handle if running IPsec?
Also, if you are aware of any branch router (1941) which allows connection to future 4G LTE please let me know.Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
The attachment notes 25 Mbps for an 800 series, but that would be unidirectional and w/o IPSec. -
Strange issue - unable to establish PPP with Cisco 887 VAG router on one particular ADSL line
I have a strange problem that I’m struggling to get to the bottom of with my ISP and wondered if anyone could help.
We have a site with an older Cisco 877 ADSL router which was working happily until a few weeks ago when the connection dropped suddenly (out-of-hours at 2am if that’s of any significance – made me think most likely something carrier/ISP related?) When connectivity was lost, the router could sync with the BT exchange (we are in the UK) but could not establish PPP.
We logged fault with our ISP – after some to’ing and fro’ing, they passed it onto BT and their engineers visited site, they fixed “a line fault” (we don’t get much detail on what was actually fixed) but we still could not establish connectivity – same thing, solid CD light but no PPP.
So, we replaced the router with another 877 – same again, solid CD but no PPP. We replaced all the cables and microfilter etc but no difference.
We tried a different Cisco router (a newer Cisco 887VAG) which, as I understand, uses a different modem chipset but no matter – PPP could still not be established. We tested this router on another ADSL line with the same ISP and it worked without issue, using the same ADSL account details, it was able to establish connectivity. So we figured this must still be a BT/ISP issue.
Since then we’ve had BT out again twice but they say there is no fault. The ISP say there is no issue with them. But we still cannot establish ADSL connectivity on this line, despite having tried 3 different ADSL routers and despite the fact the routers work with the same account details on another ADSL line.
The 887VAG router we have currently connected has 3G backup so that is keeping us going in the meantime and also means I can login to the router remotely to check on the ADSL status.
But I’m struggling to pinpoint where the problem may lie. Strangely, if I turn on PPP negotiation and authentication debug then I’m not actually seeing any output from it at all?
Yet, the ATM interface is up and shows packets being sent and received:
ATM0 is up, line protocol is up
Hardware is MPC ATMSAR, address is bc16.6596.9b00 (bia bc16.6596.9b00)
MTU 1600 bytes, sub MTU 1600, BW 704 Kbit/sec, DLY 520 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ATM, loopback not set
Keepalive not supported
Encapsulation(s): AAL5
4 maximum active VCs, 1024 VCs per VP, 1 current VCCs
VC Auto Creation Disabled.
VC idle disconnect time: 300 seconds
Last input 00:00:28, output 00:00:07, output hang never
Last clearing of "show interface" counters 6d23h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: Per VC Queueing
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
23886 packets input, 1676964 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
56469 packets output, 4418592 bytes, 0 underruns
0 output errors, 0 collisions, 6 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
Does anyone have any ideas on where the problem may be and what more I can do to troubleshoot and provide the relevant evidence to our ISP (assuming it is an ISP/BT issue though the fact the same router works ok with the exact same details etc would seem to indicate it must be their issue!)Hi Jody,
thanks for the suggestions. Here's what I see from the ppp debugs (but I'm not sure how to interpret?)
Jan 6 14:50:22.838: pppoe_send_padi:
contiguous pak, size 74
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 FF FF
FF FF FF FF BC 16 65 96 9B 00 88 63 11 09 00 00
00 10 01 01 00 00 01 03 00 08 0C 00 00 01 00 00
04 A3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 ...
Jan 6 14:50:22.878: PPPoE 0: I PADO R:0030.8810.000b L:bc16.6596.9b00 0/38 ATM0.1
contiguous pak, size 71
BC 16 65 96 9B 00 00 30 88 10 00 0B 88 63 11 07
00 00 00 33 01 03 00 08 0C 00 00 01 00 00 04 A3
01 02 00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73
2D 62 61 73 2D 42 32 32 36 45 34 37 30 39 45 30
31 34 5A 01 01 00 00
Jan 6 14:50:24.885: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:50:35.125: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:50:45.364: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:50:55.603: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:51:05.843: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:51:16.114: OUT PADR from PPPoE Session
contiguous pak, size 85
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 30
88 10 00 0B BC 16 65 96 9B 00 88 63 11 19 00 00
00 33 01 03 00 08 0C 00 00 01 00 00 04 A3 01 02
00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73 2D 62
61 73 2D 42 32 32 36 45 ...
Jan 6 14:51:26.353: [0]PPPoE 0: O PADT R:0000.0000.0000 L:0000.0000.0000 0/38 ATM0.1
contiguous pak, size 74
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 00 00
00 00 00 00 00 00 00 00 00 00 88 63 11 A7 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 ...
Jan 6 14:51:46.576: pppoe_send_padi:
contiguous pak, size 74
00 01 09 00 AA AA 03 00 80 C2 00 07 00 00 FF FF
FF FF FF FF BC 16 65 96 9B 00 88 63 11 09 00 00
00 10 01 01 00 00 01 03 00 08 0C 00 00 01 00 00
04 A3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 ...
Jan 6 14:51:46.608: PPPoE 0: I PADO R:0030.8810.000b L:bc16.6596.9b00 0/38 ATM0.1
contiguous pak, size 71
BC 16 65 96 9B 00 00 30 88 10 00 0B 88 63 11 07
00 00 00 33 01 03 00 08 0C 00 00 01 00 00 04 A3
01 02 00 1F 62 72 61 73 2D 72 65 64 37 2E 6C 73
2D 62 61 73 2D 42 32 32 36 45 34 37 30 39 45 30
31 34 5A 01 01 00 00
Provider wouldn't have bumped us from ADSL to VDSL - but here's the output of show controller vdsl 0:
Controller VDSL 0 is UP
Daemon Status: Up
XTU-R (DS) XTU-C (US)
Chip Vendor ID: 'BDCM' 'IFTN'
Chip Vendor Specific: 0x0000 0x71C8
Chip Vendor Country: 0xB500 0xB500
Modem Vendor ID: 'CSCO' ' '
Modem Vendor Specific: 0x4602 0x0000
Modem Vendor Country: 0xB500 0x0000
Serial Number Near: FCZ1111C08V C887VAG 15.2(4)M
Serial Number Far:
Modem Version Near: 15.2(4)M
Modem Version Far: 0x71c8
Modem Status: TC Sync (Showtime!)
DSL Config Mode: AUTO
Trained Mode: G.992.1 (ADSL) Annex A
TC Mode: ATM
Selftest Result: 0x00
DELT configuration: disabled
DELT state: not running
Trellis: ON ON
SRA: disabled disabled
SRA count: 0 0
Bit swap: enabled enabled
Bit swap count: 1 8
Line Attenuation: 54.5 dB 31.5 dB
Signal Attenuation: 54.5 dB 0.0 dB
Noise Margin: 6.7 dB 11.0 dB
Attainable Rate: 2132 kbits/s 888 kbits/s
Actual Power: 16.7 dBm 12.7 dBm
Total FECC: 546 0
Total ES: 6 0
Total SES: 0 0
Total LOSS: 0 0
Total UAS: 486 486
Total LPRS: 0 0
Total LOFS: 0 0
Total LOLS: 0 0
Full inits: 14
Failed full inits: 1
Short inits: 0
Failed short inits: 1
Firmware Source File Name (version)
VDSL user config flash:vdsl.bin-A2pv6C035d_d23j (10)
Modem FW Version: 110802_1752-4.02L.03.A2pv6C035d.d23j
Modem PHY Version: A2pv6C035d.d23j
Vendor Version:
DS Channel1 DS Channel0 US Channel1 US Channel0
Speed (kbps): 0 1664 0 704
SRA Previous Speed: 0 0 0 0
Previous Speed: 0 1600 0 736
Total Cells: 0 2786872 0 0
User Cells: 0 68 0 0
Reed-Solomon EC: 0 546 0 0
CRC Errors: 0 9 0 0
Header Errors: 0 10 0 0
Interleave (ms): 0.00 8.00 0.00 8.00
Actual INP: 0.00 1.12 0.00 1.28
Training Log : Stopped
Training Log Filename : flash:vdsllog.bin
And here's the output from the ATM and dialer interfaces:
interface ATM0
no ip address
ip flow ingress
no atm ilmi-keepalive
end
interface ATM0.1 point-to-point
ip flow ingress
pvc 0/38
pppoe-client dial-pool-number 2
end
interface Dialer2
description OUTSIDE
ip address negotiated
ip access-group firewall in
ip mtu 1492
ip flow ingress
ip nat outside
ip inspect DEFAULT100 out
ip virtual-reassembly in
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap callin
ppp chap hostname ###removed###
ppp chap password ###removed###
no cdp enable
crypto map dcvpn
end
As I say though, config-wise, everything should be correct - the same router works fine on another line (which should also confirm the authentication details are correct - at least in as far as it matches what the ISP have on their RADIUS)
Any further thoughts? -
Trying to Download a Software Image to Cisco 2800 series router through TFTP Using the tftpdnld ROMmon Command
and I am getting an Error , I cant figure out what I am doing wrong. I have also pasted my display down here can someone help me out, thanks in advance, I am still new to this utility.
My questions are How do you direct this utility to point to the desktop or the TFTP folder
does FE_PORT: Fast Ethernet 0 imply or point to Fa0/0 on my router
My router is suppose to have 10.0.0.3 255.0.0.0
Gateway of 10.0.0.1 255.0.0.0
My TFTP Server 10.0.0.2 255.0.0.0
How do I get the MAC address of the Router or the TFTP Server and which one is required?
my Ethernet port is 100Mb/Sec I cant tell whether it is full duplex or not so How do i set this FE_SPEED_MODE: Auto???
=====================================================================================
rommon 10 >
rommon 10 > set
PS1=rommon ! >
FE_PORT=0
WARM_REBOOT=
RET_2_RTS=20:35:55 UTC Thu Sep 25 2014
BSI=0
RET_2_RCALTS=
RANDOM_NUM=1600357627
?=0
IP_ADDRESS=10.0.0.3
IP_SUBNET_MASK=255.0.0.0
DEFAULT_GATEWAY=10.0.0.1
TFTP_SERVER=10.0.0.2
TFTP_FILE=
rommon 11 > TFTP_FILE=c2800nm-adventerprisek9-mz.124-24.T4
rommon 12 > TFTP_CHECKSUM=0
rommon 13 > SET
monitor: command "SET" not found
rommon 14 > set
PS1=rommon ! >
FE_PORT=0
WARM_REBOOT=
RET_2_RTS=20:35:55 UTC Thu Sep 25 2014
BSI=0
RET_2_RCALTS=
RANDOM_NUM=1600357627
IP_ADDRESS=10.0.0.3
IP_SUBNET_MASK=255.0.0.0
DEFAULT_GATEWAY=10.0.0.1
TFTP_SERVER=10.0.0.2
?=0
TFTP_FILE=c2800nm-adventerprisek9-mz.124-24.T4
TFTP_CHECKSUM=0
rommon 15 > tftpdnld
IP_ADDRESS: 10.0.0.3
IP_SUBNET_MASK: 255.0.0.0
DEFAULT_GATEWAY: 10.0.0.1
TFTP_SERVER: 10.0.0.2
TFTP_FILE: c2800nm-adventerprisek9-mz.124-24.T4
TFTP_VERBOSE: Progress
TFTP_RETRY_COUNT: 18
TFTP_TIMEOUT: 7200
TFTP_CHECKSUM: No
TFTP_MACADDR: 30:37:a6:49:35:a8
FE_PORT: Fast Ethernet 0
FE_SPEED_MODE: Auto
Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on flash: will be lost!
Do you wish to continue? y/n: [n]: y
ARP: address resolution for 10.0.0.2 timed out.
ARP failed with failure code 1. TFTP transfer aborted.
TFTP: Operation terminated prematurely.
rommon 16 > " not found
rommon 17 >FE_SPEED_MODE=2
variable name contains illegal (non-printable) characters
rommon
rommon 18 > set
PS1=rommon ! >
FE_PORT=0
WARM_REBOOT=
RET_2_RTS=20:35:55 UTC Thu Sep 25 2014
BSI=0
RET_2_RCALTS=
RANDOM_NUM=1600357627
IP_ADDRESS=10.0.0.3
IP_SUBNET_MASK=255.0.0.0
DEFAULT_GATEWAY=10.0.0.1
TFTP_SERVER=10.0.0.2
TFTP_FILE=c2800nm-adventerprisek9-mz.124-24.T4
TFTP_CHECKSUM=0
?=0
rommon 19 > tftpdnld [ur]
usage: tftpdnld [-hr]
Use this command for disaster recovery only to recover an image via TFTP.
Monitor variables are used to set up parameters for the transfer.
(Syntax: "VARIABLE_NAME=value" and use "set" to show current variables.)
"ctrl-c" or "break" stops the transfer before flash erase begins.
The following variables are REQUIRED to be set for tftpdnld:
IP_ADDRESS: The IP address for this unit
IP_SUBNET_MASK: The subnet mask for this unit
DEFAULT_GATEWAY: The default gateway for this unit
TFTP_SERVER: The IP address of the server to fetch from
TFTP_FILE: The filename to fetch
The following variables are OPTIONAL:
TFTP_VERBOSE: Print setting. 0=quiet, 1=progress(default), 2=verbose
TFTP_RETRY_COUNT: Retry count for ARP and TFTP (default=18)
TFTP_TIMEOUT: Overall timeout of operation in seconds (default=7200)
TFTP_CHECKSUM: Perform checksum test on image, 0=no, 1=yes (default=1)
TFTP_MACADDR: The MAC address for this unit
FE_PORT: 0= (default), 1
FE_SPEED_MODE: 0=10/hdx, 1=10/fdx, 2=100/hdx, 3=100/fdx,
5=Auto (default)
TFTP_DESTINATION: The flash destination device for the file
flash:(default), usbflash0:, usbflash1:
Command line options:
-h: this help screen
-r: do not write flash, load to DRAM only and launch image
rommon 20 > tftpdnld
IP_ADDRESS: 10.0.0.3
IP_SUBNET_MASK: 255.0.0.0
DEFAULT_GATEWAY: 10.0.0.1
TFTP_SERVER: 10.0.0.2
TFTP_FILE: c2800nm-adventerprisek9-mz.124-24.T4
TFTP_VERBOSE: Progress
TFTP_RETRY_COUNT: 18
TFTP_TIMEOUT: 7200
TFTP_CHECKSUM: No
TFTP_MACADDR: 30:37:a6:49:35:a8
FE_PORT: Fast Ethernet 0
FE_SPEED_MODE: Auto
Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on flash: will be lost!
Do you wish to continue? y/n: [n]: y
ARP: address resolution for 10.0.0.2 timed out.
ARP failed with failure code 1. TFTP transfer aborted.
TFTP: Operation terminated prematurely.
rommon 21 >What I notice in the original post is this error
ARP: address resolution for 10.0.0.2 timed out.
which says that the router is looking for the 10.0.0.2 server but not getting response to its arp request. Can the original poster clarify for us how the device that has the image file is connected to the router that has the problem? Also what kind of device is 10.0.0.2? Is it a PC running TFTP server software or is it something else?
HTH
Rick -
Hello all.
I have just set up a new cisco DPQ3925 wireless router that Optus sent me to be able to access the higher speed internet I have signed up for.
I have a 4th gen apple extreme that I want to use to extend the wifi but when I try to update the settings via the airport utility I get a message that says it cannot do so, and to check it is in range and the wifi is set up correctly. I'm not experienced with these things but I can't think what I have done wrong.
Is anybody able to help me please.You cannot use the AE to extend wireless from a non apple router such as your cisco modem router.. they are not compatible..
You need to tie to the two devices together either with ethernet or something like EOP adapters.. They are about $120 and you can price match in officeworks.
Maybe you are looking for
-
How do I delete files from the cloud
I have numerous back issues of The New Yorker as well as old videos that are automatically stored on icloud from my ipad. I want to delete them from the cloud to free up storage space. How do I do this?
-
HP Pavilion Elite e9280t Desktop - Memory Card Reader Stopped Working
Hello, I have a HP Pavilion Elite e9280t CTO Desktop PC ... The memory card reader recently stopped working. I believe, maybe the firmware, and/or driver was deleted by one of my optimization softwares. I checked the "Device Manager" list
-
Acrobat 7.0 - Printing as PDF doesn't 'fix' redactions.
Hi, We carry out a lot of redacting of files and exempting information. To do this we use stamps and opaque boxes to cover information and then used the 'Print as pdf' to 'fix' the stamps and boxes in place so that the hidden information can't be vie
-
Is there a way to invoke DBMS_CRYPTO directly from SQL?
When I try to do this:- INSERT INTO MyTable ( MyName ) VALUES DBMS_CRYPTO.ENCRYPT(UTL_I18N.STRING_TO_RAW ('Graeme', 'AL32UTF8'), DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_CBC + DBMS_CRYPTO.PAD_PKCS5, UTL_I18N.STRING_TO_RAW('0123456789ABCDEF', 'A
-
For a while now Firefox has randomly shut down for reasons unknown. Sometimes windows reports the error but not always. When I start Firefox back up again, it does not restore my tabs. Also as an added bonus it deletes the cookies and cache, and I do