Simple Router Config Issues

Similar Messages

• 851 Router Config Issue

  Hi all,
  Hopefully this will be a nice easy one for you all.
  I have recently configured and installed an 851 router successfully :) I now only have one issue, the damn thing switches itself off after a period of inactivity!
  If I want to use it again I have to issue a reset command then a boot command.
  This takes me to the:
  router>
  prompt. I then have to issue a copy start run command. And then a no shut on each of my interfaces.
  Obviously I would just like the router to stay up and running. But I cant work out how to do it. Im sure that this is just a simple config issue and I would dearly love for you all to solve it!
  If any of you know the answer can you please provide clear an accurate commands as I will copy it parrott fashion into the router.
  Thank you all in advance.
  Stuart

  Hello,
  as spremkumar already pointed out the config register usually is set to 0x2102. You can reconfigure the register by:
  Router#configute terminal
  Router(config)#config-register 0x2102
  Router(config)#end
  Then perform a reload and check whether the config is present after the router finished booting.
  Hope this helps! Please rate all posts.
  Regards, Martin

• WRT54G firmware failure leaving no access to router config

  I have a WRT54G router.  Running Vista SP2 64-bit on a laptop wired to router.  When I first tried to upgrade the firmware I was connected wirelessly.  (I know, please just think it but don't type it)  During the upgrade the internet connection disconnected and the upgrade failed.  I am connecting right now wirelessly using someones unsecure network.  I attempted to upgrade the firmware to 8.00.7.  Since then I am unable to access the router config using IP 192.168.1.1.  I have read as many posts as I can handle.  I have checked and that is the IP showing in Vista, (Network & Sharing, view status, properties) however I cannot ping that IP.  It times out every time.  I have done all the resets (10 seconds and up to 1 minute) on the router and power cycle etc.  Nothing.  I downloaded the firmware utility and I get an error message everytime that it is unable to get responses from the server.  I have tried my password, which I think is gone due to all the resets, and am using admin as the password.  I have disabled my firewall.  I do have Network Magic and when I checked control internet access it says I am able to do so.  Is there a way to disable Network Magic?  Can that be the issue?  When all this started I had my own internet connetion.  I'm in the process of moving so I have disconnected my internet service.  Since I'm only trying to connect to the router locally, do I really need to have a live internet connection?  Please, HELP!  I don't want to buy a new router.  This one has been very reliable.  If I do have to buy something new, can you recommend something just as reliable. 
  There have been 2 or 3 times where it looked as though I was going to be able to connect to config interface and the firsrt basic screen loads with minimal data and no clickable links to allow me to change screens.  The "&" from one of the links that is supposed to appear but does not,  is the only thing that appears in that area and if I click it, I either get a error from IE that it cannot connect, or, it takes me to the Ports screen with minimal data and I cannot progress from there.  In the top right corner of the screen, it does show the firmware version is 8.00.7.  ?????
  P.S.  Obviously, I'm not very computer savvy so excuse me if I'm missing the obvious.
  Message Edited by Steviegt on 09-29-2009 08:38 AM
  Message Edited by Steviegt on 09-29-2009 08:43 AM
  Windows Vista Home Premium SP2 64-bit
  Internet Explorer v8
  Office 2007 SP2 Home and Student
  Outlook 2007 Standalone
  ESET Smart Security
  WRT54G v8.00.6
  Solved!
  Go to Solution.

  Its Great that your issue has been resolved now...

• Reg:FWSM router mode issue

  Hi,
  I have a Cisco FWSM installed on Cisco 7613 router,the topology is like mentioned below,
          7613+{FWSM}------3560---------3560----[10.220.0.0/29,10.220.1.0/29,10.220.2.0/29] 
  Here  we created a p2p link between 7613 gig port and switch3560 gig port  (say 10.220.1.252/29) and then there ia a trunk between both 3560 switches  ,We wish to run FWSM in router mode and configured vlan groups 10(101,102)and 20(200,201),assigned both these groups to firewall module on router on vlan 200 ip add 192.168.2.1/24 has been given, while on fwsm on int vl 200, 192.168.2.2 ip has been given,although the interfaces are up and pinging their individual ip ads they are not pinging each other(both ip ads appear in sh arp though.Kindly help in resolving this issue.
  Also i configured inside vlan 201as inside its also up and visible in arp of router but not pinging others kindly help in the resolution of this issue.
  We need to put this firewall in front of the router which has a serial line to another 7600 router,how would i take traffic to fwsm ,pls suggest what else do i need to do ,as i m new to FWSM .
  router config:
  Router#sh firewall module
  Module Vlan-groups
    04   1,2
  Router#sh firewall vlan-group
  Display vlan-groups created by both ACE module and FWSM
  Group    Created by      vlans
      1           ACE      100-101,200-202
      2                    <empty>
  Router#sh arp
  Protocol  Address          Age (min)  Hardware Addr   Type   Interface
  Internet  10.225.62.145           -   001d.a156.9300  ARPA   GigabitEthernet10/1
  Internet  10.225.62.146         107   001d.a1a5.fbc1  ARPA   GigabitEthernet10/1
  Internet  192.168.2.1             -   001d.a156.9300  ARPA   Vlan200
  Internet  192.168.2.2             7   0007.0e5c.3d00  ARPA   Vlan200
  Internet  192.168.3.1             4   0007.0e5c.3d00  ARPA   Vlan201
  Internet  192.168.3.2             -   001d.a156.9300  ARPA   Vlan201
  Fwsm config:
  hostname FWSM
  interface Vlan200
  nameif outside
  security-level 0
  ip address 192.168.2.2 255.255.255.0
  interface Vlan201
  nameif inside
  security-level 100
  ip address 192.168.3.1 255.255.255.0
  passwd 2KFQnbNIdI.2KYOU encrypted
  ftp mode passive
  pager lines 24
  mtu outside 1500
  mtu inside 1500
  no failover
  no asdm history enable
  arp timeout 14400
  route outside 0.0.0.0 0.0.0.0 192.168.2.1 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 1:00:00 h225 1:00:00 mgcp 0:05:00
  timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
  timeout sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout uauth 0:05:00 absolute
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  class-map inspection_default
  match default-inspection-traffic
  policy-map global_policy
  class inspection_default
    inspect dns maximum-length 512
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect smtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
  service-policy global_policy global
  prompt hostname context
  Cryptochecksum:4e3eadb1a489f3b696d0c6da8b1b20b9
  : end
  FWSM#
  FWSM# sh arp
          outside 192.168.2.1 001d.a156.9300
          inside 192.168.3.2 001d.a156.9300
          eobc 127.0.0.81 0000.1800.0000
  FWSM# sh int
  Interface Vlan200 "outside", is up, line protocol is up
    Hardware is EtherSVI
          MAC address 0007.0e5c.3d00, MTU 1500
          IP address 192.168.2.2, subnet mask 255.255.255.0
    Traffic Statistics for "outside":
          6 packets input, 658 bytes
          12 packets output, 1316 bytes
          474 packets dropped
  Interface Vlan201 "inside", is up, line protocol is up
    Hardware is EtherSVI
          MAC address 0007.0e5c.3d00, MTU 1500
          IP address 192.168.3.1, subnet mask 255.255.255.0
    Traffic Statistics for "inside":
          6 packets input, 658 bytes
          7 packets output, 726 bytes
          107 packets dropped

  hi,
  thanks for being so helpful,there is a little issue thats arisen, i can not ping inside address configured on fwsm(192.168.3.1)where as i can ping 192.168.3.2 on router interface.i cannot telnet fwsm using its outside interface ip 192.168.2.2 either,hereis my FWSM config ,kindly suggest if there is any mistake .
  thanks.
  Also i tried to ping inside fwsm interface from my client 10.220.2.2 and enabled debug,to get these ,
  FWSM# debug icmp trace 255
  debug icmp trace enabled at level 255
  FWSM# ICMP echo request (len 50 id 2 seq 34642) 10.220.2.2 > 192.168.2.2
  ICMP echo reply (len 50 id 2 seq 34642) 192.168.2.2 > 10.220.2.2
  ICMP echo request (len 50 id 2 seq 34898) 10.220.2.2 > 192.168.3.1
  ICMP echo reply (len 50 id 2 seq 34898) 192.168.3.1 > 10.220.2.2
  ICMP echo request (len 32 id 2 seq 35154) 10.220.2.2 > 192.168.3.1
  ICMP echo reply (len 32 id 2 seq 35154) 192.168.3.1 > 10.220.2.2
  ICMP echo request (len 32 id 2 seq 43602) 10.220.2.2 > 192.168.3.1
  ICMP echo reply (len 32 id 2 seq 43602) 192.168.3.1 > 10.220.2.2
  ICMP echo request (len 32 id 2 seq 49746) 10.220.2.2 > 192.168.3.1
  ICMP echo reply (len 32 id 2 seq 49746) 192.168.3.1 > 10.220.2.2
  ICMP echo request (len 32 id 2 seq 55634) 10.220.2.2 > 192.168.3.1
  ICMP echo reply (len 32 id 2 seq 55634) 192.168.3.1 > 10.220.2.2
  ICMP echo request (len 50 id 2 seq 25683) 10.220.2.2 > 192.168.2.2
  ICMP echo reply (len 50 id 2 seq 25683) 192.168.2.2 > 10.220.2.2
  ICMP echo request (len 50 id 2 seq 25939) 10.220.2.2 > 192.168.3.1
  ICMP echo reply (len 50 id 2 seq 25939) 192.168.3.1 > 10.220.2.2
  Kindly suggest what could be done.
  thanks.

• I have an Airport Extreme as my router and am using time capsule to extend the network in my new house. My ISP is only providing me 4-5 ip addresses and wants me to set up my router to issue out new ip addresses for all my devices.How do I fix this?Help

  I have an Airport Extreme as my router and am using time capsule to extend the network in my new house. My ISP is only providing me 4-5 ip addresses and wants me to set up my router to issue out new ip addresses for all my devices.How do I fix this?Help.
  They said I need to change my settings to NAT settings. I haven't been able to figure out or find anything. I have also spoken to Apple Support on the phone for hours without being able to figure out how to do this ( i don't think he knew much either lol.) Please help me because I've got about 15-20 devices in my house that require to be connected to the internet and this is just making things ridiculously slow and painful for me.
  Thanks!

  It is on DHCP & NAT under router mode yet my isp is still the one issuing ip addresses to my devices instead of the router issuing them

• I can sync bookmarks on my Firfox for android, but folders aren't sync, i can only get bookmarks from bookmarks main folder. Is a bug or a config issue?

  I can sync bookmarks in firefox for android, but only the ones that are on Bookmarks main folder, the folders create below the main folder are not synchronized. Is this a bug or a config issue?
  Thanks

  Thanks Barney, I tried that but all that comes up in Spotlight are the log files that show the file paths! I don't know how Steam works. Are all the files held by Steam on their server perhaps?

• Simple xml config file

  I have created a simple config file using something like:
        XMLEncoder e = new XMLEncoder(
                                    new BufferedOutputStream(
                                        new FileOutputStream("Config.xml")));
        e.writeObject(base.toString());
        e.writeObject(numberFrom);
        e.writeObject(numberTo);
        e.writeObject(numberPad);
        e.writeObject(maxTasks);
        e.writeObject(maxSubTasks);
        e.writeObject(textFrom);
        e.writeObject(textTo);
        e.close();which produces a file like:
  <?xml version="1.0" encoding="UTF-8"?>
  <java version="1.4.2_05" class="java.beans.XMLDecoder">
  <string>C:\</string>
  <int>1</int>
  <int>20</int>
  <int>2</int>
  <int>0</int>
  <int>1</int>
  <string>a</string>
  <string>z</string>
  </java> I want to make it a bit more version proof so need to get something more like:
  <?xml version="1.0" encoding="UTF-8"?>
  <program name=myprog>
  <dir>C:\</dir>
  <version>1</version>
  <myval1>20</myval1>
  <myval2>2</myval2>
  </program>There's probably loads of errors in that bit;) but you get the idea. I'm a bit new to xml programming.
  Can anyone give me any urls of help or examples that might do this?
  Thanks,
  David.

  You could use a binding api such as JAXB or xmlbeans. In essence these apis abstract the xml as pure java objects. Alternatively you could use an xml parser such as dom4j and build the XML 'by hand'. This class will create an example config file and write it to the file system
  import java.io.BufferedWriter;
  import java.io.File;
  import java.io.FileWriter;
  import java.io.IOException;
  import javax.xml.parsers.DocumentBuilderFactory;
  import javax.xml.parsers.ParserConfigurationException;
  import org.apache.xml.serialize.OutputFormat;
  import org.apache.xml.serialize.XMLSerializer;
  import org.w3c.dom.Document;
  import org.w3c.dom.Element;
  import org.w3c.dom.Text;
  * Class to create a simple xml config file using W3C api
  * @author wollnyj
  public class CreateConfig {
       * create the config file
       *?xml version="1.0" encoding="UTF-8"?>
       *<program name=myprog>
       *    <dir>C:\</dir>
       *    <version>1</version>
       *    <myval1>20</myval1>
       *    <myval2>2</myval2>
       *</program>
       * @param configFile
       * @throws ParserConfigurationException
       * @throws IOException
      public CreateConfig(String configFile) throws ParserConfigurationException, IOException {
          //Document doc = parseXml(configFile);
          DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
          Document doc = factory.newDocumentBuilder().newDocument();
          Element program = doc.createElement("program");
          program.setAttribute("name","myprog");
          Element dir = createEle("dir","c:\\",doc);
          Element version = createEle("version","1",doc);
          Element val1 = createEle("myval1","20",doc);
          // etc...
          program.appendChild(dir);
          program.appendChild(version);
          program.appendChild(val1);
          doc.appendChild(program);
          write(doc,new File(configFile));
       * @param args
       * @throws Exception
      public static void main(String[]args) throws Exception {
          CreateConfig create = new CreateConfig("F:\\config.xml");
       * Write an xml document to the file system
       * @param document The document to be written
       * @param xmlFile The output file
       * @throws IOException The file does not exist or could not be created
      private void write(Document document, File xmlFile) throws IOException {
          OutputFormat format = new OutputFormat(document);
          format.setIndent(4);
          format.setLineSeparator(System.getProperty("line.separator"));
          format.setLineWidth(80);
          FileWriter writer = new FileWriter(xmlFile);
          XMLSerializer fileSerial = new XMLSerializer(new BufferedWriter(writer), format);
          fileSerial.asDOMSerializer();
          fileSerial.serialize(document);
      private Element createEle(String name, String value, Document doc) {
          Element ele = doc.createElement(name);
          Text textNode = doc.createTextNode(value);
          ele.appendChild(textNode);
          return ele;
  }

• Disappearance of IP Routing config on 6509

  Our 6509 Switch (Cisco WS-C6504-E) suddenly lost its Routing table & entire Routing configs including all Static & Dynamic route configurations.
  We had to turn on ip routing & restore the routing configuration .
  Have anyone experienced this & does it could be some kind of caveat with the MSFC or the Layer 3 engine .
  Any thoughts are welcome.
  No config changes were applied to the switch ; except only a SNMP ip address was allowed .
  Thanks
  Prabs

  Ah, ok, thanks. I guess that was pretty obvious, now that I know the answer.
  The "ip routing" command isn't mentioned anywhere in the CLI documentation, but I guess if I'd thought about it a little longer, I may have come to the same conclusion.
  Thanks Tom. 

• Review my first 892 router config

  This is the first router config that I have done, and I used CLI to program a Cisco model 892. There are about 10 users behind this router connected to a series SG300 switch. This router will provide DHCP, VLANs, and NAT access to the internet (via cable modem). The lan port is FE0 and the WAN port is FE8 to the internet.  There are 4 Cisco WAP321 connected with two SSID's. The guest SSID (internet access only) uses VLAN2 and the normal SSID uses VLAN1.. Please let me know if there are security or efficiency improvements that I can add to this. Thanks!
  ! Last configuration change at 20:04:03 PST Mon Dec 22 2014
  ! NVRAM config last updated at 15:10:16 PST Mon Dec 22 2014
  ! NVRAM config last updated at 15:10:16 PST Mon Dec 22 2014
  version 15.2
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname gateway
  boot-start-marker
  boot config usbflash0:CVO-BOOT.CFG
  boot-end-marker
  no aaa new-model
  clock timezone PST -8 0
  ip cef
  ip dhcp excluded-address 192.168.10.1 192.168.10.99
  ip dhcp excluded-address 192.168.8.1 192.168.8.99
  ip dhcp pool data
   import all
   network 192.168.8.0 255.255.255.0
   default-router 192.168.8.1 
   dns-server 192.168.8.60 
   domain-name summmitdrive.local
  ip dhcp pool guest_wifi
   import all
   network 192.168.10.0 255.255.255.0
   default-router 192.168.10.1 
   dns-server 64.59.168.13 64.59.168.15 
  no ip domain lookup
  ip domain name summitdrive.local
  ip host gateway 192.168.0.1
  ip host fs1 192.168.8.60
  ip name-server 64.59.168.13
  ip name-server 64.59.168.15
  no ipv6 cef
  multilink bundle-name authenticated
  license udi pid CISCO892-K9 sn FCZ1714C2ZD
  username sdcadmin privilege 15 secret 4 zsc1w55wVxL1behpFMAW8XrxKcVujVnNHLpMKP.ZgXk
  redundancy
  ip ssh version 2
  interface Loopback0
   ip address 192.168.0.1 255.255.255.0
  interface BRI0
   no ip address
   encapsulation hdlc
   shutdown
   isdn termination multidrop
  interface FastEthernet0
   switchport mode trunk
   no ip address
  interface FastEthernet1
   no ip address
  interface FastEthernet2
   no ip address
  interface FastEthernet3
   no ip address
  interface FastEthernet4
   no ip address
  interface FastEthernet5
   no ip address
  interface FastEthernet6
   no ip address
  interface FastEthernet7
   no ip address
  interface FastEthernet8
   ip address 184.71.128.156 255.255.255.252
   ip access-group INBOUND_INTERNET in
   ip nat outside
   ip virtual-reassembly in
   load-interval 30
   duplex auto
   speed auto
  interface GigabitEthernet0
   no ip address
   shutdown
   duplex auto
   speed auto
  interface Vlan1
   description data_vlan
   ip address 192.168.8.1 255.255.255.0
   ip nat inside
   ip virtual-reassembly in
  interface Vlan2
   description guest_vlan
   ip address 192.168.10.1 255.255.255.0
   ip nat inside
   ip virtual-reassembly in
  ip forward-protocol nd
  no ip http server
  no ip http secure-server
  ip dns server
  ip nat inside source list NAT interface FastEthernet8 overload
  ip route 0.0.0.0 0.0.0.0 184.71.128.154
  ip access-list extended INBOUND_INTERNET
   permit icmp any host 184.71.125.118 echo-reply
   permit icmp any host 184.71.125.118 time-exceeded
   permit icmp any host 184.71.125.118 unreachable
   deny   ip any any log
  ip access-list extended NAT
   permit ip 192.168.0.0 0.0.255.255 any
  ip access-list extended SSH
   permit ip 192.168.8.0 0.0.0.255 any
  control-plane
  mgcp profile default
  line con 0
   logging synchronous
  line aux 0
  line vty 0 4
   access-class SSH in
   exec-timeout 5 0
   login local
   transport input ssh
  ntp server 1.ca.pool.ntp.org
  ntp server 0.ca.pool.ntp.org
  end

  I've modified inbound_internet:
  ip access-list extended INBOUND_INTERNET
   permit icmp any host 184.71.125.118 echo-reply
   permit icmp any host 184.71.125.118 time-exceeded
   permit icmp any host 184.71.125.118 unreachable
   permit udp any any eq ntp
   permit tcp any any established
   deny   ip any any log
  The idea is to block anything inbound unless it is an already established connection from the inside. Does that make sense?

• Security Wireless 857w router config.

  Hi,
  I do have adsl & wireless internet connection running properly under my Cisco 857w router.
  However, I am trying to configuring with out success the (wap), my wifi internet connection still open for everyone.
  I will really appreciate your advices.
  Thanks in advance.
  Daniel.

  Hi Brandon,
  Thanks for your response, but unfortunally I could not setup my Wireless Security yet.
  With the following config I am unable to connect with my laptop:
  Encryption mode: "Cipher TKIP"
  Authentication Key Management:
  Key Management: "Mandatory" "WPA"
  WPA Preshared key: "xxxxxxxxx" "ascii"
  I mean, if I want to connect with my laptop via wifi the router encryption modes need to be configure to (none).
  Here below I attached my router config, maybe you can see what is wrong on it.
  Thanks in advance.
  Daniel

• Solaris 10 Dev. Edition - Network config issue (NIC,DHCP,Can't ping router)

  I am a developer getting started with Solaris 10 configuration. I recently installed Solaris 10 and have run into an issue with network connectivity.
  I have done much research on this and I was able to get communiction to the internet established once, but the settings were lost on reboot.
  Overview - The Solaris box is connected to a router which is acting as a DHCP server.
  AMD 64 dual 2.6
  nForce4+ integrated NIC
  1) I am not able to obtain an address from the router. Nor do I get a respons back when I ping it. I get an IP etc if I boot into Windows so phyicial connectivity is fine.
  2) Upon reboot the device nfo0 as shown using ifconfig -a has an IP of 0.0.0.0.
  3) If I run ifconfig [hostname] my machine gets the ip from the hosts file, but I would like to obtain this from the router.
  4) NOTE - the machine shows as active on my router, but the Solaris box cannot be reached from other computers on the networ, nor do I get a reply back when pinging the router from the Solaris box.
  GOAL - reach and obtain a DHCP from the router and have the changes stick upon reboot.
  /etc/hosts contents
  127.0.0.1 localhost loghost
  192.168.1.55 solarisX /*<-- this is what I get when I do ifconfig nfo0 solarisX */
  /etc/hosname.nfo0
  netmask + 255.255.255.0
  solarisX
  /etc/defaultrouter
  192.168.1.254
  /et c/netmasks
  192.168.0.0 255.255.2550
  Specific Steps taken:
  Using the driver nfo-2.4.5 locate at http://homepage2.nifty.com/mrym3/taiyodo/eng/ I did the following.
  % cd /.../nfo-x.x.x
  % rm obj Makefile
  % ln -s Makefile.${KARCH}_${COMPILER} Makefile
  % ln -s ${KARCH} obj
  where ${KARCH} is the result of `isainfo -n`, and ${COMPILER} is
  "gcc" or "suncc" which you want to use to make the driver.
  4. Testing
  Testing before installation is strongly recommended.
  # cd /.../nfo-x.x.x
  # /usr/ccs/bin/make install
  # ./adddrv.sh
  # /usr/ccs/bin/make uninstall (for solaris7, don't remove the file )
  # modload obj/nfo
  # devfsadm -i nfo (for solaris7, use drvconfig and reboot with -r )
  # ifconfig nfoN plumb ( where N is an instance number, typcally 0 for first card)
  # ifconfig -a ( you will see an entry for nfoN)
  # ifconfig nfoN YOUR-HOST-NAME
  # ifconfig nfoN ( ensure IP address is correct)
  # ifconfig nfoN up ( and then you can test with ping, telnet, ftp ...)
  5. Installation
  After you ensure that the nfo driver is fully functional, install it.
  (1) copy the nfo driver into the kernel directory
  # cd /.../nfo-x.x.x
  # /usr/ccs/bin/make install
  If you do not test the nfo driver yet, execute the following commands:
  # ./adddrv.sh
  # devfsadm -i nfo (for solaris7, use drvconfig and reboot with -r)
  (2) Configure the network interface. Create and/or modify the following file:
  /etc/hostname.nfoN
  (3) Reboot the system.
  # init 6
  Edited by: hedger on Nov 16, 2007 11:17 PM

  Thanks Alan. I worked on trying to get the NIC working again last night. I had it working once, although the settings did not perist. I can still get the device to load, but I can't communciate with the router (it's not physical because another OS can reach it.
  I took your advice and tried the sys-unconfig. But I did not have much success.
  I am wondering if plopping in a new PCI NIC would be the most efficient route to get the server up.
  What kind of NIC do you utilize and have had success with?
  I am looking at possibly a DLINK DFE-530 or NetGear FA-311. I don't need wireless at this point just a rock solid DEV box.
  Thanks again for the previous info.
  Ted

• How can I resolve a NAT config issues with Arris router & AE

  I'm having NAT conflict issues.  None of the existing threads on the forum match my configuration.  I have an Arris Cable Router/Modem (Time Warner) with 4 ports. Port 1 feeds an unmanaged switch for ethernet connected devices, and port 2 on the Arris router feeds and Airport Express.  Getting "Double NAT Status" on airport utility for the AE.   How can I resolve this while not effecting my wired devices ?  Thanks so much !

  To resolve the NAT conflict you simply need to reconfigure the AirPort Express as a bridge.
  You would do so using the AirPort Utility, as follows:
  Run the AirPort Utility, and then, select the AirPort Express.
  Select Edit.
  Select the Network tab.
  Change Router Mode to: Off (Bridge Mode)
  Select Update and allow the Express to restart.

• Config Issues

  Hi guys,
  I am having some trouble with this config. All i am looking to do is a simple reverse proxy to this one host. When the page comes up it prompts me to download a bin file.... Probe succeeds and it says its working. I would also like to redirect to /spend What am i missing?
  PA-ACE-4700-SLB/Spend-Support# show run
  Generating configuration....
  crypto chaingroup SPEND-CHAINGROUP
    cert AddTrustExternalCARoot.crt
    cert COMODOHigh-AssuranceSecureServerCA.crt
  access-list allow line 8 extended permit ip any any
  probe tcp HTTPS_PROBE
    port 443
    interval 5
    passdetect interval 5
    receive 3
    connection term forced
    open 2
  probe tcp TCP8005_PROBE
    port 8005
    interval 5
    passdetect interval 5
    receive 3
    connection term forced
    open 2
  rserver host Spend
    ip address 10.0.10.22
    inservice
  serverfarm host SPEND
    probe HTTPS_PROBE
    rserver Spend 443
      inservice
  ssl-proxy service SPEND-SSLPROXY
    key ProdKEYPAIR.PEM
    cert WWW-PROD-CERT.crt
    chaingroup SPEND-CHAINGROUP
  class-map type http loadbalance match-any L5
    2 match http url /.*
  class-map match-all SPEND-CLASS
    2 match virtual-address 10.0.1.110 tcp eq https
  policy-map type loadbalance first-match HTTPS
    class L5
      serverfarm SPEND
  policy-map multi-match SPEND-SLB
    class SPEND-CLASS
      loadbalance vip inservice
      loadbalance policy HTTPS
      loadbalance vip icmp-reply active
      nat dynamic 1 vlan 1000
      ssl-proxy server SPEND-SSLPROXY
  interface vlan 1000
    ip address 10.0.1.109 255.255.255.0
    access-group input allow
    nat-pool 1 10.0.1.110 10.0.1.110 netmask 255.255.255.255 pat
    service-policy input SPEND-SLB
    no shutdown
  ip route 0.0.0.0 0.0.0.0 10.0.1.8
  Thanks!
  -Andy

  Hey Andy what´s up?
  Ok, Could you explain a little bit what seems to be the issue which you got or what you want to accomplish here?
  You said, you are typing: https://10.0.1.110 and it should show the content of 10.0.10.22 but it is not or you are typing
  https://10.0.1.110/spend and you expect the ACE magicly know what to do?
  Could you specify a little bit?
  If you are trying to do the following:
  https://10.0.1.110/spend
  then you may try something like:
  class-map type http loadbalance match-any spend
    2 match http url /spend
  policy-map type loadbalance first-match HTTPS
    class spend
      serverfarm SPEND
    class L5
      serverfarm serverfarm-for-others
  Please specify what you are looking for.
  Jorge

• Can you help? Two dialer interfaces with IP SLA for default route failover - issues

  I have an issue with a Cisco 2821, it has an ADSL2+ HWIC  whose ATM interfaces is linked to dialer 1 and a Gi0/1 interface with a pppoe client which is linked to dialer 2.  Both dialer interfaces are up with their respective IP addresses.  If the ADSL on dialer 1 fails i want the IP SLA to kick and and replace the default route for dialer 1 with one for dialer 2.
  This config works if you manually shut down the dialer 1 interface, it injects the default route for dialer 2 and then when you unshut the interface, the default route for dialer 1 comes back.  The problem i have is if you take out the cable for the ATM interface and take it down, it does not take the route out the routing table and the default route for dialer2,  which works if you just shut down dialer 1 does not appear.
  whats the difference between shutting down dialer1 and it fails over the default route and taking the cable out then it does not?
  Here is my config, i'm sure its something simple i'm doing wrong, can anyone help???
  version 12.4
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname Router
  boot-start-marker
  boot-end-marker
  logging message-counter syslog
  enable secret 5 $1$qOOJ$HV5AH6US/YZMuCGPYp3pP.
  no aaa new-model
  dot11 syslog
  ip source-route
  ip cef
  ip dhcp excluded-address 192.168.0.1
  ip dhcp pool pool1
     network 192.168.0.0 255.255.255.0
     default-router 192.168.0.1
     dns-server 188.92.232.50 188.92.232.100
  no ip domain lookup
  no ipv6 cef
  multilink bundle-name authenticated
  voice-card 0
   no dspfarm
  archive
   log config
    hidekeys
  track 1 ip sla 1 reachability
  interface GigabitEthernet0/0
   description Gi0/30 Local LAN
   ip address 192.168.0.1 255.255.255.0
   ip verify unicast reverse-path
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   ip nat inside
   ip virtual-reassembly
   no ip mroute-cache
   duplex auto
   speed auto
   snmp trap ip verify drop-rate
   no mop enabled
  interface GigabitEthernet0/1
   no ip address
   duplex auto
   speed auto
   pppoe enable group global
   pppoe-client dial-pool-number 2
  interface ATM0/2/0
   description ATM0_DSL
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   logging event atm pvc state
   logging event subif-link-status
   no atm ilmi-keepalive
   dsl operating-mode auto
   dsl enable-training-log
   pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  interface Dialer1
   ip address negotiated
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip mtu 1492
   ip nat outside
   ip virtual-reassembly
   encapsulation ppp
   dialer pool 1
   keepalive 1 3
   no cdp enable
   ppp lcp predictive
   ppp authentication pap chap callin
   ppp chap hostname ********@ccsleeds.net
   ppp chap password 0 ********
   ppp pap sent-username *******@ccsleeds.net password 0 ********
  interface Dialer2
   ip address negotiated
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip mtu 1492
   encapsulation ppp
   dialer pool 2
   keepalive 1 3
   no cdp enable
   ppp lcp predictive
   ppp authentication pap chap callin
   ppp chap hostname **********@adsllogin.co.uk
   ppp chap password 0 *********
   ppp pap sent-username *********@adsllogin.co.uk password 0 ***********
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 Dialer1 track 1
  ip route 0.0.0.0 0.0.0.0 Dialer1
  ip route 0.0.0.0 0.0.0.0 Dialer2 10
  no ip http server
  no ip http secure-server
  ip nat inside source list 1 interface Dialer1 overload
  ip sla 1
  icmp-echo 8.8.8.8 source-interface di1
  timeout 1000
  threshold 100
  frequency 3
  ip sla schedule 1 life forever start-time now
  access-list 1 permit 192.168.0.0 0.0.0.255
  control-plane
  gatekeeper
   shutdown
  line con 0
  line aux 0
  line vty 0 4
   password test
   login
  scheduler allocate 20000 1000
  end

  Sure that EEM can shut/unshut interface...you have "event track" in EEM for monitoring track events...for example:
  event manager applet test
  event track 1 state down
  action 1.0 command "enable"
  action 1.1 command "conf t"
  action 1.2 command "interfac dialer 1"
  action 1.3 command "shut"
  action 1.4 syslog "Dialer 1 down!!!"
  action 1.5 end
  This would be an example from head :)
  You would need another EEM similar to this one for unshutting interface with "event track 1 state up" for bringing interface up again.
  Again as I said you would need to test this before putting in production and you would maybe need to tweak this a little bit acording to your needs...
  BR,
  Dragan

• E4200 - Okay router, setup issues

  I chose this router over the Netgear N750 because of previous bad experience with their customer support and over the Asus RT-N56U b/c of a compatibility issue with a specific application.
  The Cisco Connect Software is very poor software. No OSX Lion support so I could not use my Mac for setup and it could not even detect the router on a wired connection on a Windows 7 PC through a simple Dell unmanaged switch. Even the router setup software built into Windows had no problem with that. I had to rely on manual setup which was straightforward.
  Range was mostly adequate for me with both 2.4 and 5 Ghz over 5,000 sq. ft. of indoor space with no direct line of sight, through many walls, multiple floors, and the outside patio also, although with a few connected devices I found the 5 Ghz band somewhat unreliable at times. Wired gigabit performance was good enough for my purposes.
  Overall a decent router, not bad, not great. 

  It seems like you are using an outdated version of Cisco Connect Software… There is a new release of the Cisco Connect Software that supports Mac OS X (10.7 "Lion")… So you need to download the latest Cisco Connect from the Cisco Website (homesupport.cisco.com) or you can use this link: http://homesupport.cisco.com/en-us/support/routers/E4200 ... After downloading you need  to set the router to factory defaults, power cycle the whole network and then run the Cisco Connect that you downloaded…
  For more information about setting up E4200 router with Cisco Connect. Please refer to the link below.
  http://www6.nohold.net/Cisco2/ukp.aspx?pid=93&login=1&vw=1&app=search&articleid=22732&userrole=Links...