RV320 vs 1921/1941
Hello all,
I was wondering, what is the biggest difference between the RV320 and 1921/1941 cisco series routers?
Is throughput higher on 1921 series or same as rv320? Im basically looking for best GUI/Best performance router for upto 100 clients.
I dont need VPN perse, i dont need VOIP or any other things it basically just needs to do DHCP, DNS and NAT plus gigabit ofc.
Im noticing with the RV320, performance goes down a lot when you enable QoS services.
Greetings!
Im basically looking for best GUI/Best performance router for upto 100 clients.
If you like GUI, then 1921/1941 isn't going to be your "cup of tea". These routers are mostly CLI. Sure there are limited GUI functionality but a lot of us prefer CLI because there are more functions/features available with CLI than GUI.
Similar Messages
-
Question for VWIC3-1MFT-T1/E1 capabilities
I am trying to receive some feedback before purchasing the hardware....
I have a remote location connected to my data LAN via an Ethernet Private Line. On both ends I have 2911 routers with 15.2 OS version. I would like to install a voice card (VWIC3-1MFT-T1/E1) in both routers and connect also the voice switches (ALCATEL 4400) over the same WAN interface (Ethernet Private Line) as the data connection in order the give up the additional leased E1 that I have currently for the PABX PRI inter-node link between the same locations. Alcatel is using the ABC-F proprietary protocol over the PRI connection. The Alcatel board used is PRA-2.
Is this going to work? Has anyone tried a similar configuration? Did you experienced any issues?
SamHi George,
Sadly not supported on any 2800 series
The Cisco® Third-generation 1-, 2-port and 4-port T1/E1 Multiflex Trunk Voice/WAN Interface (MFT VWIC3s) support data and voice applications on the Cisco 1921, 1941 and 1941W (data only), and the Cisco 2901, 2911, 2921, 2951, 3925, 3945, 3925E and 3945E Integrated Services Routers.
Table 1. Cisco MFT VWIC3 Platform Support and Minimum Cisco IOS Software Release Requirements
VWIC3-1MFT-T1/E1
VWIC3-2MFT-T1/E1
VWIC3-1MFT-G703
VWIC3-2MFT-G703
VWIC3-4MFT-T1/E1
Cisco 1900 Chassis EHWIC Slots
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
N/A*
Cisco 2900 Chassis EHWIC Slots
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.1(3)T*
Cisco 3900 Chassis EHWIC Slots
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.1(3)T
* VWIC3-4MFT-T1/E1is supported on Cisco 2911, 2921, 2951 and Cisco 3900 Series routers
http://www.cisco.com/en/US/prod/collateral/routers/ps5855/data_sheet_c36-609138.html
Cheers!
Rob
"Why do the best things always disappear "
- The Band -
VWIC3-1MFT-T1/E1 for 2911 . base config
Hi,
I need the base configs for this VWIC3-1MFT-T1/E1 for 2911 please. ( Card type & card controller )
Thanks.Hi George,
Sadly not supported on any 2800 series
The Cisco® Third-generation 1-, 2-port and 4-port T1/E1 Multiflex Trunk Voice/WAN Interface (MFT VWIC3s) support data and voice applications on the Cisco 1921, 1941 and 1941W (data only), and the Cisco 2901, 2911, 2921, 2951, 3925, 3945, 3925E and 3945E Integrated Services Routers.
Table 1. Cisco MFT VWIC3 Platform Support and Minimum Cisco IOS Software Release Requirements
VWIC3-1MFT-T1/E1
VWIC3-2MFT-T1/E1
VWIC3-1MFT-G703
VWIC3-2MFT-G703
VWIC3-4MFT-T1/E1
Cisco 1900 Chassis EHWIC Slots
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
N/A*
Cisco 2900 Chassis EHWIC Slots
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.1(3)T*
Cisco 3900 Chassis EHWIC Slots
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.0(1)M3, 15.1(1)T1, 15.1(2)T
15.1(3)T
* VWIC3-4MFT-T1/E1is supported on Cisco 2911, 2921, 2951 and Cisco 3900 Series routers
http://www.cisco.com/en/US/prod/collateral/routers/ps5855/data_sheet_c36-609138.html
Cheers!
Rob
"Why do the best things always disappear "
- The Band -
Does 1900 series router supports voice functon?
I have seen that 1921 and 1941 can insert a vwic3 interface card,but i cannot see pvdm on 1921&1941,my question is that how 1921&1941 support voice function(e.g voice termination)?
Hi.
Based on these docs, it does not support voice
http://www.cisco.com/en/US/products/ps10538/prod_series_comparison.html
http://www.cisco.com/en/US/prod/collateral/voicesw/ps6789/ps7290/ps10589/data_sheet_c78-598389.html
VWIC3 cards are not only for voice, that's why you can add them to a 1900 series router.
http://www.cisco.com/en/US/prod/collateral/routers/ps5855/data_sheet_c36-609138.html
HTH
Regards
Carlo
Sent from Cisco Technical Support iPhone App -
Logging persistent url not working on 1921
Hi All
I am unable to configure logging persistence on a 1921. Is this due to the internal arrangement of flash memory and the fact it is present as usbflash0:/ and not flash:/?
I understand logging buffered needs to be configured first and I have done that. I am running 15.1(4)M6 and here is what happens when I try and configure this feature:
On a 1921:
Router(config)#logging persistent url ?
% Unrecognized command
Router(config)#logging persistent ?
batch Set batch size for writing to persistent storage
filesize Set size of individual log files
immediate Write log entry to storage immediately (no buffering).
notify Notify when show logging [persistent] is activated.
protected Eliminates manipulation on logging-persistent files.
size Set disk space for writing log messages
threshold Set threshold for logging persistent
url URL to store logging messages
<cr>
On a 1941:
Router(config)#logging persistent url ?
flash0: Filesystem name
flash1: Filesystem name
flash: Filesystem name
Any ideas?Single Sign-on and single sign-off methods are much different in 10g family of OAS than from those in 9iAS.
There are internal redirections involved in 10g family, and 10.1.4 has even a little more different method of login and logout than even 10.1.2.0.2.
You will have to notify your logout page in WWSSO_LS_CONFIGURATION_INFO$ in the orasso schema.
hi
1. i cant find table WWSSO_LS_CONFIGURATION_INFO
only WWSSO_LS_CONFIGURATION_INFO_T and
WWSEC_ENABLE_CONFIG_INFO$
was should i do ?
You will have to notify your logout page in WWSSO_LS_CONFIGURATION_INFO$ in the orasso schema.
2. do i have to create a customised logout page?
Ria -
Regarding BTU / hr for 1921/K9 router
Hi All ,
Do we have any vlaue for BTU/hr for 1921/K9 router..
I can find out BTU/Hr value for few routers and switches but not for 1921 router..
Any link which shows the VTU/Hr value for 1921 router ..I tried to get it in Cisco website but i could not able to find it out...
I need to know the BTU/ hr value for 1921 router which could be shared with power team as we are going to install 1921 router at one of the cusotmer site..
For example for 3750-48P switches BTU/Hr value is 404 BTU/hour..Its related to maximum Thermal output (BTU/Hr) on the device..
Any help would be appreciated..
With rgds,
M S K
Thanks ,
M S KI require BTU/hr for 1921/K9 and 1941/K9 routers
I can find this info for 1841/K9 router, 153 BTU/hr, but not for the 1900 series routers -
Cisco 1921 - Visio template needed
Can anyone send me a template for a Cisco 1921 router? (only the 1941 is on the Cisco download site).\
Would prefer a 2-D version . . .
You can email it direct to me [email protected]
thks, - Bill HHello Bill,
Please click here for Visio Stencils
HTH
Regards,
Ashish Shirkar
Technical Community Manager-NI -
SSL VPN on Cisco 1941 with Firewall woes
Hi Folks,
Been trying to setup SSL VPN on a 1941 with limited sucess.
I can get the VPN configured and working but as soon as enable the firewall it blocks the VPN
The VPN connects and I can ping the internal gateway address from a remote client but I can't
connect to any of the internal Lan address.
Been round and round in circles, any help appreciated.
Cheers
Building configuration...
Current configuration : 9532 bytes
! Last configuration change at 13:08:29 UTC Sun Feb 23 2014 by admin
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname router
boot-start-marker
boot-end-marker
no logging buffered
enable secret 4 xxxxx
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
ip cef
ip name-server 8.8.8.8
ip name-server 4.4.4.4
no ipv6 cef
multilink bundle-name authenticated
crypto pki trustpoint my-gw-ca
enrollment selfsigned
subject-name Cn=gw
revocation-check crl
rsakeypair gw-rsa
crypto pki trustpoint test_trustpoint_config_created_for_sdm
subject-name [email protected]
revocation-check crl
crypto pki certificate chain my-gw-ca
certificate self-signed 01
30820320 30820208 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
DAC0F948 A5B56EDD CD6DABBD 47463AB2 7E3F0DC3 DF4ECCE6 EAC5E916 B83DA4D0 C3119E9B
quit
crypto pki certificate chain test_trustpoint_config_created_for_sdm
license udi pid CISCO1941/K9 sn
username aaa privilege 15 secret 4
username bbb privilege 0 secret 4
username ccc privilege 15 view root secret 4
redundancy
class-map type inspect match-all CCP_SSLVPN
match access-group name CCP_IP
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-any SDM_WEBVPN
match access-group name SDM_WEBVPN
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any ccp-cls-insp-traffic
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-http
match protocol http
class-map type inspect match-all SDM_WEBVPN_TRAFFIC
match class-map SDM_WEBVPN
match access-group 102
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
pass
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
pass
policy-map type inspect ccp-sslvpn-pol
class type inspect CCP_SSLVPN
pass
class class-default
drop
policy-map type inspect ccp-permit
class type inspect SDM_WEBVPN_TRAFFIC
inspect
class class-default
pass
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
zone security out-zone
zone security in-zone
zone security sslvpn-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security zp-out-zone-sslvpn-zone source out-zone destination sslvpn-zone
service-policy type inspect ccp-sslvpn-pol
zone-pair security zp-sslvpn-zone-out-zone source sslvpn-zone destination out-zone
service-policy type inspect ccp-sslvpn-pol
zone-pair security zp-in-zone-sslvpn-zone source in-zone destination sslvpn-zone
service-policy type inspect ccp-sslvpn-pol
zone-pair security zp-sslvpn-zone-in-zone source sslvpn-zone destination in-zone
service-policy type inspect ccp-sslvpn-pol
crypto vpn anyconnect flash0:/webvpn/anyconnect-win-3.1.05152-k9.pkg sequence 1
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description $ETH-LAN$$FW_INSIDE$
ip address 192.168.192.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
duplex auto
speed auto
interface GigabitEthernet0/1
description $ETH-WAN$$FW_OUTSIDE$
ip address 194.74.99.99 255.255.255.224
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
duplex auto
speed auto
interface Virtual-Template1
description $FW_INSIDE$
ip unnumbered GigabitEthernet0/1
zone-member security in-zone
interface Virtual-Template2
description $FW_INSIDE$
ip unnumbered GigabitEthernet0/1
zone-member security in-zone
interface Virtual-Template3
ip unnumbered GigabitEthernet0/1
zone-member security sslvpn-zone
ip local pool vpn-ssl-pool 192.168.192.200 192.168.192.210
ip forward-protocol nd
ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
ip access-list extended CCP_IP
remark CCP_ACL Category=128
permit ip any any
ip access-list extended SDM_WEBVPN
remark CCP_ACL Category=1
permit tcp any any eq 4444
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.192.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.192.2
access-list 102 remark CCP_ACL Category=128
access-list 102 permit ip any host 194.74.2.81
control-plane
webvpn gateway ssl_gw
ip address 194.74.99.99 port 4444
ssl trustpoint my-gw-ca
inservice
webvpn context ssl-ctx
acl "ssl-acl"
permit ip 192.168.192.0 255.255.255.0 192.168.192.0 255.255.255.0
gateway ssl_gw
max-users 10
ssl authenticate verify all
inservice
policy group ssl_policy
functions svc-enabled
filter tunnel ssl-acl
svc address-pool "vpn-ssl-pool" netmask 255.255.255.0
svc keep-client-installed
svc split include 192.168.192.0 255.255.255.0
svc dns-server primary 192.168.192.2
default-group-policy ssl_policy
endHello Fahad,
Please see my inline responses.
1)I have some questions, does this 5500 Series of ASA firewall also have IDS(Intrusion Detection System)?
You can have an IPS module if your ASA model supports it.
2) My other question is that the configuration and troubleshooting of SSL VPN technique is same on all ASA models?
Yes, pretty much the same
Regards,
Jazib -
Time-out problems with RV320 (after upgrade from RV042)
config:
dual wan
WAN1: 4G router (DHCP) - approx 25Mbit/ 8Mbit
WAN2: PPOE (DSL) - 1 Mbit/ 0.2 Mbit
worked with a RV042 before and upgraded to a RV320 now.
all other things are unchanged.
3 problems - 2 solved/ not critical - one still open:
a) not critical: DHCP Status does not include all devices (changing view - but all-time problem)
I would suspect a software bug.... DHCP itself works perfectly/ IPs are assigned (just not shown in status)
b) solved (at least for now): internet connection featured time-outs; after many tries, disabling the SPI in the firewall helped
btw: this only happend for the WAN1 - WAN2 worked (or is that slow that the additonal wait time did not matter ;-)
c) very annoying: exchange connection (from Outlook client to external exchange) still has time-outs (mostly the whole mail client hangs/ ends to be restarted).
As soon as I disable WAN1, it works! But it´s not the LTE WAN itself - switching back to the RV042 does not show the same symptom.
I tried: include IP into local DNS (in general I work with google DNS servers - but changing that does not help either), opening all traffic for teh realevant IPs and disabling the firewall completely. no positive results....
thanks for any hints....I agree with you on a, probably a bug of some sort.
b is an issue I've seen before, and even on similar bandwidth (25/5) on my rv016. What was able to figure out is that the carrier (ISP) is sending about 4k/sec of ICMP packets to the router, which in turn makes the router think it's under attack so it drops the connection. As you can tell, disabling the SPI helps. For me, putting another router in front of my rv016 (on 2 of 3 wans) was my only 'permanent' solution.
c sounds like there's a protocol binding/static route in the rv042 that you need to add to the rv320. I'd check that first.
Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com -
Static NAT entry disappears when using NVI on Cisco 1921 (Multiple versions)
We have a Cisco 1921 as an IPSec tunnel endpoint where we assign static NAT entries. It is a static one-to-one NAT putting each remote endpoint as a local /24 subnet. We are using NVI and we see some of these static entries disappear when packets are unable to reach the destination.
The production router is running 15.0(1r)M16 but we were able to reproduce this same behavior on 15.4(1)T2.
To reproduce, we add the static NVI entry:
ip nat source static X.X.X.X 172.30.250.11
And things look good for a bit:
ROUTER# sh ip nat nvi trans | i 172.30.250.11
gre 172.30.250.11:0 X.X.X>X:0 Y.Y.Y.Y:0 Y.Y.Y.Y:0
--- 172.30.250.11 138.54.32.9 --- ---
tcp Y.Y.Y.Y:60360 Z.Z.Z.Z:60360 172.30.250.11:22 X.X.X.X:22
There is a known issue with GRE traffic being dropped at this particular endpoint, so after generating GRE traffic, the entry completely disappears:
ROUTER# sh run | i 172.30.250.11
ROUTER#
ROUTER# sh ip nat nvi trans | i 172.30.250.11
gre 172.30.250.11:0 X.X.X>X:0 Y.Y.Y.Y:0 Y.Y.Y.Y:0
icmp Y.Y.Y.Y:59916 Z.Z.Z.Z:59916 172.30.250.11:59916 172.30.250.11:59916
tcp Y.Y.Y.Y:60360 Z.Z.Z.Z:60360 172.30.250.11:22 X.X.X.X:22
I can reproduce this by severing the tunnel to any other remote site, and after generating GRE traffic to the downed endpoint, the corresponding static NAT entry will disappear.
Debugging has not shown anything, and I have found some mentions of similar behavior on older versions. Has anyone seen this? We don't have support access to test all versions, so if it is known to be resolved in a particular one, we would love to know to work towards loading that version.
ThanksHi Ryan,
Asa cannot ahve 2 default routes, it can only have one. ASA also doesnt support PBR, so the setup that you are trying to configure would not work on the ASA. Router is the correct option for it.
Hope that helps.
Thanks,
Varun Rao
Security Team,
Cisco TAC -
RV320 SSL VPN ActiveX and Virtual Passage driver on Windows 7 64-bit
Hi,
My company has just purchased a new RV320 router and only afterwards found out from the release notes that there are issues with the SSL VPN in this unit and other small business routers. Is there any news on when these issues will be fixed?
1) ActiveX controls have expired certificate dated 24/9/14 - this prevents them from running unless without changing IE security settings to prompt or allow unsigned controls, which is a big security risk.
2) ActiveX controls do not work on Windows 64-bit. Release notes state Windows 7 IE10 and Windows 8.1 IE11, however they also fail on Windows 7 IE11. Even adding router to Trusted Sites to force 32-bit mode results in error message stating that IE is required for the controls.
3) Virtual Passage driver will not install - crashes IE10/IE11 with a BEX violation. From a dig around the web it appears that the Netgear SRX5308 uses the same Cavium chipset and a Virtual Passage driver that works with Windows 7 64-bit, and installs fine using IE10/11 (and if you install the Netgear driver it works with the Cisco RV routers too, proving that the driver is fully compatible...) - if Netgear can get this working, why can't Cisco?
I've only just started setting us this router and show stopper issues like this might end up with an RMA being requested as it appears to be unsuitable for purpose, already run into other issues with I've posted about. :(
EDIT: Got (2) sort of working on IE11 - seems that the Cisco interface is specifically looking for old style IE user agent strings, so using developer tools to set the user agent to IE9, and changing security settings in Trusted Sites to prompt for unsigned controls (due to issue (1)), allows the controls to install and load. These issues are pretty simple to fix, requiring just a string check change and updated signed controls. Fingers crossed these are fixed in the new firmware due soon, awaiting response from Cisco support to my open ticket.
Looks like (3) is prevented from working by (1), and also because the certificate has expired it is treated as software without a valid publisher which cannot be installed in Windows 7 without fiddling in the registry. Releasing an updated version with a certificate that isn't expired should solve that issue too.
These are ridiculously simple fixes to push out, I can't believe a major hardware vendor like Cisco hasn't already solved these issues.I've had a reply from Cisco support regarding this issue, and it's a bleak outlook. This is a copy from the email I received:
"Engineering has no plans to support SSL VPN on RV32x due to chipset limitations. Pretty much, it will work for old XP and Win7 32-bits."
So Cisco are falsely advertising that the RV320 has SSL VPN capabilities when there are no plans to update it so that it works with 64-bit Windows (which is now the major install base for Windows as most new systems are 64-bit based), and as the certificates have expired in the SSL VPN components they are not even useable on 32-bit systems without overriding a number of security settings.
Dan -
RV320 SSL VPN web service unable to connect port 56000 56001...
I have recently installed a RV320 dual WAN small business router in order to use the SSL VPN functionality to allow secure access to our intranet pages which are hosted on a server inside our network. I have the latest firmware installed on the router.
With the firewall feature of the RV320 disabled - After logging in to the router remotely via the HTTPS interface, I am able to use the web-based services such as SSH and NetworkPls. However, when using the HTTP and HTTPS services I receive a web browser unable to connect error on port 56000, 1, 2, 3 ... This is regardless of whether I enter a URL or IP address on the network behind the router or on the internet.
Enabling the firewall feature of the RV320 gives a different result - when any IP or URL is entered into the box in the second image below, the router log-in page is loaded instead of the required site. I have pasted an extract from the log at the bottom of this post although it doesn't seem to contain any relevant information. As a separate issue, you will also notice that users connecting to the router brings up [HACK] SynFlooding Attack in error.
Can anyone explain why this is happening? Alternatively, does anyone have a guide for setting up a IPSec VPN with this router? There seems to be very little literature available for this model.
Thanks in advance for your help.
Log extract
2013-11-02, 11:36:19
Connection Accepted
IN=eth1 OUT=eth0 SRC=178.239.83.183 DST=192.168.10.100 DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=57573 DF PROTO=TCP SPT=54925 DPT=993 WINDOW=5840 RES=0x00 SYN URGP=0
2013-11-02, 11:36:19
[HACK] SynFlooding Attack
IN=eth1 OUT=eth0 SRC=178.239.83.183 DST=192.168.10.100 DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=57573 DF PROTO=TCP SPT=54925 DPT=993 WINDOW=5840 RES=0x00 SYN URGP=0
2013-11-02, 11:31:53
Connection Accepted
IN=eth1 OUT=eth0 SRC=178.239.83.156 DST=192.168.10.100 DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=50721 DF PROTO=TCP SPT=55634 DPT=993 WINDOW=5840 RES=0x00 SYN URGP=0
2013-11-02, 11:31:53
[HACK] SynFlooding Attack
IN=eth1 OUT=eth0 SRC=178.239.83.156 DST=192.168.10.100 DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=50721 DF PROTO=TCP SPT=55634 DPT=993 WINDOW=5840 RES=0x00 SYN URGP=0
2013-11-02, 11:31:38
User Log
User cisco login success from 221.142.25.181
2013-11-02, 11:31:38
User Log
User cisco login success from 221.142.25.181
2013-11-02, 11:29:49
Kernel
kernel: upnp idx=83, ip=192.168.10.220, eport=59725, iport=59725
2013-11-02, 11:29:49
Kernel
kernel: wrong ip[0],not_list[0]
2013-11-02, 11:29:43
Connection Accepted
IN=eth1 OUT=eth0 SRC=176.251.102.32 DST=192.168.10.100 DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=64 TOS=0x00 PREC=0x00 TTL=52 ID=44670 DF PROTO=TCP SPT=49423 DPT=143 WINDOW=65535 RES=0x00 SYN URGP=0
2013-11-02, 11:29:43
[HACK] SynFlooding Attack
IN=eth1 OUT=eth0 SRC=176.251.102.32 DST=192.168.10.100 DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=64 TOS=0x00 PREC=0x00 TTL=52 ID=44670 DF PROTO=TCP SPT=49423 DPT=143 WINDOW=65535 RES=0x00 SYN URGP=0
2013-11-02, 11:29:12
Kernel
kernel: upnp idx=83, ip=192.168.10.220, eport=59725, iport=59725
2013-11-02, 11:29:12
Kernel
kernel: wrong ip[0],not_list[0]
2013-11-02, 11:29:12
SSL Log
User ben login success from 221.142.25.181After lots of trial and error, I was able to eliminate this problem. What I wound up doing is defining the XE service again in the listener.ora file:
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(SID_NAME = XE)
(ORACLE_HOME = C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server)
I know that typically you should not have to do this, especially since I already had defined DEFAULT_SERIVCE_LISTENER = (XE) at the bottom of the listener.ora file. Explicitly defining the XE service in the listener.ora file allows the listener to find it while the system is running under the Cisco AnyConnect VPN. The only hiccup I found by doing this is that the XE service is discovered twice by the listener when the system is NOT running under the Cisco AnyConnect VPN. It still works OK. The listener just seems to ignore the repeated definition of the XE service (see output below):
C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server\bin>lsnrctl service
LSNRCTL for 32-bit Windows: Version 11.2.0.2.0 - Production on 13-JUN-2013 10:03:15
.......(omitted output).......
Service "XE" has 2 instance(s).
Instance "XE", status UNKNOWN, has 1 handler(s) for this service...
Handler(s):
"DEDICATED" established:0 refused:0
LOCAL SERVER
Instance "xe", status READY, has 1 handler(s) for this service...
Handler(s):
"DEDICATED" established:0 refused:0 state:ready
LOCAL SERVER
Service "XEXDB" has 1 instance(s).
Instance "xe", status READY, has 1 handler(s) for this service...
Handler(s):
"D000" established:0 refused:0 current:0 max:1022 state:ready
DISPATCHER <machine: DEV-M-137GF, pid: 5544>
(ADDRESS=(PROTOCOL=tcp)(HOST=DEV-M-137GF.paychex.com)(PORT=58257))
The command completed successfully
If anyone has a cleaner solution for this problem, please let me know. Otherwise, I am moving forward with what I did.
Thanks.....Paul -
Error 1921 when installing iTunes 8
Just got my first iPod - the Nano. Trying to install iTunes 8 and I get this msg:
error 1921 Service iPod service (Pod Service) could not be stopped. Verify that you have sufficient privileges to stop system privileges.
?????? HELP!!
Also -- how do I tell if the USB port on the laptop is a highspeed??
Thanks in advance for any help. RamonaHi Ramona,
Try b noir's suggestion in this thread: http://discussions.apple.com/thread.jspa?threadID=1574287
If the issue persists, try the general tips in this article: http://support.apple.com/kb/HT1926
-Jason -
Hi,
My Cisco RV320 router are not working like I want ...
I get two ISP in France, same tech. specs., sames bandwidth, but 2 differents way to connect.
The first WAN is connected in PPPoE with a ADSL2+ Modem
The second WAN is connected in Static IP with a modem/router
I set the load balancing Auto. but it seem that the WAN2 is more used than the WAN1...
For example, I upload a big documents, like a video on youtube, witch take a long time and need the max Bandwidth. While I'm going to download a file with an internal software, who use a different port by the way. The most of the time, it only use the WAN2 ... so my download is flanged ! It only donwload @~450KB/S when it can max @ ~1,8MO/S, and the WAN1 is not blinking ... And sometimes the balancing is good ... I can't understand the RV320 logic ? But Maybe is there a bug ? Maybe I get a bad configuration ?
Have a clue ?
Please help me !So, you can hear the phone ringing and answer it? which means that SIP pakets are coming through WAN to LAN and well redirected to the phone IP, but you cannot hear after that, which means that there could be a problem with the RTP packets.
If you have problem only with the incoming calls and not the outgoing, than try enable/disable SIP ALG (Firewall). If that doesn't fix the issue, try to allow (or even forward) from WAN to LAN RDP - UDP ports 16384-32767 to the phone IP.
Regards,
Kremena -
I just bought a new RV320 to replace my older RV082 in my local office network. I was able to get the RV320 set up and running, but had a problem with the PPTP settings. On the RV082 I have three gateway-to-gateway VPNs set up and when a user logs in using a PPTP VPN they are able to access resources on any of the gateway-togateway VPNs. I set up the RV320 the same way and had all of the gateway-to-gateway tunnels up and running and verified from my internal network that I can reach the servers on each tunnel. I set up a PPTP user and verified that I can reach the network from a remote computer, but when I try to reach a resource on one of the gateway-to-gateway tunnels it crashes the RV320 and I have to reconnect all of my gateway-to-gateway VPNs. I ensured that all of the pass throughs are enabled and haven't found any other settings that seem out of place. Can anyone think of anything else that I may need to set up to get this to work?
I know a lot of people wouldn't use the PPTP with the other options available, but this is the best option to connect my Surface RT tablet to the network while I'm on the road since a client isn't availble for it.
Thanks,
ClintonClinton,
just found your post and it sounds similar to an issue I am experiencing with a client.
Two sites, RV320 with latest firmware in the main office and a satellite office with a Netgear unit. Both connected via a gateway to gateway IPSec vpn. The link is very stable. The satellite office initiates the connection. The main office RV320 also has a number of users setup for PPTP remote access to company resources such as rdp/rdc.
Our issue is when I vpn in with pptp to the main office, the RV320, the moment I try to access the satellite office subnet it triggers the IPSec gateway to gateway vpn to crash. I then have to remote into the satellite office and manual restart the link.... then all is fine again. Now, if I am physically at the main office, and ping or access the satellite office subnet, all is fine.
My thought has been that either I do not have the gateway to gateway vpn setup properly or there is some access rule I am missing. I need to do some more research and experiment with the connection. It very well could be my setup as this was the first time I have setup IPSec... Just as a note, the RV320 itself never crashes ... it just shows the IPSec vpn is down ... I need to isolate the issue to either the Netgear or Cisco side...
I will follow this thread and see if you find out anything.
cheers
greg
Maybe you are looking for
-
Hey guys I really need some help. I'm trying to load XFCE as a normal user however I cannot. First thing I did was install it then tried startx I was able to log get into it as root. So I decided to logout and login with my normal user account. When
-
Wsdl file that is used in bpel (ejb web service)
hi all, i have created a product table in the database and then i created an entity product class from the table, after that i created session bean and publish this session bean as a web service. During creating session bean --> i chose Business tier
-
How do i show descriptions instead of dimension values at presentations ?
We are facing a problem that could be a BIBeans problem or could be an OLAP problem, please inform if to change forum: We are using jdev 903/BIB903 accessing an AW created at Oracle OLAP 9205 with AWM. All our dimensions were created at OWB 10g and d
-
How to posting to Vendor Account? Call for emergent HELP!
Hi Gurus, This is my first time to posting donation wage item to vendor account instead of Balance Sheet Account. Can anyone give some tip about this solution? Better in details. Here's my questions: 1)Do we need technical account HRA(transaction) 10
-
Help Please. I have just purchased the HPdeskjet 3520. Im trying to print in mirror or flip the text, as i'm trying to print wording on to a childs top. I need this ASAP. Any help is greatly appreciated. Thank you Kym