Voip softphone behind a linksys home router - one way voice

Either a softphone or a 7960 works when connected directly to a users DSL modem, but behind this particular linksys router it results in no inbound voice stream.
I have to assume that this particular linksys router/fw is firewalling off the returned udp stream. We have tried putting the PC at a fixed address, putting it in the DMZ, as well as setting all udp inbound ports to point to the internal address. Nothing seems to work.
At other external locations, this setup, without any special stuff works fine. I have come to the conclusion that this is specific to this particular model of router/firewall.
The device is a Linksys BEFW11S4, not the more common WRT54G series.
Anyone have any suggestions? My next step is to bring it back to our lab where we can do packet captures.
Roger

I have this same Linksys router and it works fine with a SIP based IPT using a 7960 and a softphone. With no modifications to the Linksys whatsoever. I have used the phones with SIP services such as FWD and SIPPhone as well as connecting to my own servers. You just have to use STUN or a SIP outbound proxy server.
I believe you are correct though and that the DMZ and port forwarding doesn't work on this router at all. I have tried it and nothing works. I believe the OS is faulty. I have tried using a couple of different versions of the firmware and none work.

Similar Messages

  • Using Catalyst 3550 Switch with Linksys Home Router and Cable Internet

    I've about pulled what little hair I have out of my head on this one, and need some configuration help.
    I have a Cisco Catalyst 3550 switch with five Windows 7 desktops, an Avaya PBX and five Avaya IP phones attached.  All of these devices are on a 192.168.0.0/24 subnet, and are communicating properly.  I will refer to this as network # 1. I also have SEPARATE network, we'll call network # 2, using AT&T ADSL service and a Netgear 4-port/wireless router/ADSL modem combo device, which is functioning properly with a couple of other Windows 7 desktops over its own wired Ethernet network, using DHCP, and also on a 192.168.0.0/24 subnet.  I thought it would be a simple integration, just plugging one of the 3550's ports to one of the DSL router's ports, in order to give the five Windows 7 desktop computers on network # 1 internet access via the DSL modem. Guess I was wrong.  When I connect the two switches together, although I get a good connectivity (green lights on both ports) and am able to ping the DSL router's gateway address (192.168.0.252) from network # 1's computers, the computers on network # 1 cannot access the internet. Also, the working computers on network # 2 lose their internet access as long as the two switches are connected together. I am not a Cisco guru, but there's got to be a way to make this scenario work.  Can someone provide me with a 3550 configuration that will allow me to extend my internet service from network # 2 on the DSL router to my 3550 switch and their computers?  Here's what I am looking for:
    INTERNET ---> ADSL MODEM ---> NETGEAR ROUTER ---> CISCO 3550 SWITCH ---> NETWORK DEVICES WITH INTERNET ACCESS

    The Netgear router is probably what's doing the natting. Is the 3550 configured for routing or is it straight L2? If you have the 3550 configured as L3, then it's going to be easy to do what you want. Just add a static route on the Netgear to point the subnet that it doesn't know about to the 3550. For example, if the Netgear is addressed at 192.168.1.1 and the Cisco 3550 is addressed at 192.168.1.2, but it also knows about the 192.168.0.0/24 (separate vlan), then you would put a static route on your Netgear for 192.168.0.0/24 to go to 192.168.1.2.
    The way that I would do it is to create a separate vlan on the 3550 and assign an address to it. Once you do that, make the port that the other switch connects to an access port of that vlan. (It would need to be on the same subnet as the existing equipment.) All of your devices would use it as a default gateway and then you would do the rest as above. You could also use RIP between the Netgear and Cisco if you can't do static routing.
    HTH,
    John

  • Site-to-site vpn with 2 asa and home router

    I am trying to establish a site-to-site vpn between 2 ASAs and am able to get the tunnel to establish and can get connectivity from the remote end of the connection to the local side. However, traffic from the local side is not able to get to the remote end. We have 2 ASA 5505 establishing the tunnel, on the remote end there is a linksys home router forwarding all traffic to the ASA outside interface on a private subnet. Our layout is as follows.
    Internal Network              Local ASA                   ISP1      ISP2          Remote Router                       Remote ASA                 Remote Network
    192.168.1.0/24         local-gateway/public ip                                 public ip/192.168.0.1/24     192.168.0.10/10.10.10.254         10.10.10.0/24
    10.10.10.0/24 (remote) -> 192.168.1.0/24 (local) works
    192.168.1.0/24 (local) -> 10.10.10.0/24 (remote) does not work
    Below are the configs of the local and remote asa. any help would be greatly appreaciated.
    local-asa
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.1.6 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address dhcp setroute
    same-security-traffic permit inter-interface
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network Switch
    host 192.168.1.5
    description 2960-24 Switch
    object network NETWORK_OBJ_192.168.1.0_24
    subnet 192.168.1.0 255.255.255.0
    object network Mark_Public
    host 76.98.2.63
    description Mark Public
    object network Mark
    subnet 10.10.10.0 255.255.255.0
    description Marks Network
    object network Mark_routed_subnet
    subnet 192.168.0.0 255.255.255.0
    access-list outside_access_in extended permit icmp any4 any4 echo-reply
    access-list outside_access_in extended permit tcp any object home-app-svr object-group DM_INLINE_TCP_2
    access-list outside_access_in extended permit ip object Mark 192.168.1.0 255.255.255.0
    access-list outside_cryptomap extended permit ip 192.168.1.0 255.255.255.0 object Mark
    access-list Home standard permit 192.168.1.0 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    icmp deny any outside
    asdm image disk0:/asdm-711.bin
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static Mark Mark no-proxy-arp
    object network obj_any
    nat (inside,outside) dynamic interface
    access-group outside_access_in in interface outside
    route outside 10.10.10.0 255.255.255.0 24.163.112.1 1
    route outside 10.10.10.0 255.255.255.0 76.98.2.63 128
    aaa-server Radius protocol radius
    aaa-server Radius (inside) host 192.168.1.101
    key *****
    user-identity default-domain LOCAL
    aaa authentication ssh console Radius LOCAL
    aaa authentication telnet console Radius LOCAL
    aaa authentication enable console Radius LOCAL
    aaa authentication http console Radius LOCAL
    aaa authentication serial console Radius LOCAL
    aaa accounting enable console Radius
    aaa accounting serial console Radius
    aaa accounting ssh console Radius
    aaa accounting telnet console Radius
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    http 66.162.9.0 255.255.255.0 outside
    http 76.98.2.63 255.255.255.255 outside
    http 10.10.10.0 255.255.255.0 inside
    snmp-server host inside 192.168.1.101 community *****
    snmp-server location 149 Cinder Cross
    snmp-server contact Ted Stout
    snmp-server community *****
    snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
    snmp-server enable traps syslog
    snmp-server enable traps ipsec start stop
    snmp-server enable traps entity config-change
    snmp-server enable traps memory-threshold
    snmp-server enable traps interface-threshold
    snmp-server enable traps cpu threshold rising
    crypto ipsec ikev2 ipsec-proposal DES
    protocol esp encryption des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal 3DES
    protocol esp encryption 3des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES
    protocol esp encryption aes
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES192
    protocol esp encryption aes-192
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES256
    protocol esp encryption aes-256
    protocol esp integrity sha-1 md5
    crypto ipsec security-association pmtu-aging infinite
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
    crypto map outside_map0 1 match address outside_cryptomap
    crypto map outside_map0 1 set peer 76.98.2.63
    crypto map outside_map0 1 set ikev1 transform-set ESP-3DES-MD5 ESP-3DES-SHA
    crypto map outside_map0 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map0 interface outside
    crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map inside_map interface inside
    crypto ca trustpoint ASDM_TrustPoint0
    enrollment self
    subject-name CN=stout-fw
    keypair vpn.stoutte.homeip.net
    crl configure
    crypto ca trustpoint ASDM_TrustPoint1
    enrollment terminal
    crl configure
    crypto ca trustpoint Home--Server-CA
    enrollment terminal
    subject-name CN=stout-fw,O=home
    keypair HOME-SERVER-CA
    crl configure
    crypto ca trustpoint HOME-SSL
    enrollment terminal
    fqdn stoutfw.homeip.net
    subject-name CN=stoutfw,O=Home
    keypair HOME-SSL
    no validation-usage
    crl configure
    crypto ca trustpoint SelfSigned
    enrollment self
    fqdn stoutfw.homeip.net
    subject-name CN=stout-fw
    keypair SelfSigned
    crl configure
    crypto ca trustpoint ASDM_TrustPoint2
    enrollment self
    fqdn 192.168.1.6
    subject-name CN=stout-fw
    keypair SelfSigned
    crl configure
    crypto ca trustpool policy
    crypto ikev2 enable outside client-services port 443
    crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
    crypto ikev1 enable inside
    crypto ikev1 enable outside
    telnet 192.168.1.0 255.255.255.0 inside
    telnet timeout 20
    ssh 192.168.1.0 255.255.255.0 inside
    ssh timeout 5
    console timeout 0
    management-access inside
    threat-detection basic-threat
    threat-detection statistics host
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    ntp server 192.168.1.5 source inside prefer
    ssl trust-point SelfSigned outside
    ssl trust-point ASDM_TrustPoint2 inside
    group-policy DfltGrpPolicy attributes
    vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
    group-policy GroupPolicy1 internal
    group-policy GroupPolicy1 attributes
    vpn-tunnel-protocol ikev1
    username stoutte password 0w8WOxYi69SDg3bs encrypted privilege 15
    username stoutte attributes
    webvpn
      anyconnect keep-installer installed
      anyconnect profiles value VPN_client_profile type user
    tunnel-group 76.98.2.63 type ipsec-l2l
    tunnel-group 76.98.2.63 general-attributes
    default-group-policy GroupPolicy1
    tunnel-group 76.98.2.63 ipsec-attributes
    ikev1 pre-shared-key *****
    tunnel-group VPN type remote-access
    tunnel-group VPN general-attributes
    authentication-server-group Radius LOCAL
    default-group-policy GroupPolicy_VPN
    dhcp-server link-selection 192.168.1.101
    tunnel-group VPN webvpn-attributes
    group-alias VPN enable
    class-map inspection_default
    match default-inspection-traffic
    remote-asa
    : Saved
    ASA Version 9.1(1)
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif inside
    security-level 100
    ip address 10.10.10.254 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address 192.168.0.10 255.255.255.0
    ftp mode passive
    clock timezone EDT -5
    clock summer-time EDT recurring
    dns server-group DefaultDNS
    domain-name netlab.com
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network Ted
    subnet 192.168.1.0 255.255.255.0
    description Teds Network
    object network Ted_Public
    host 24.163.116.187
    object network outside_private
    subnet 192.168.0.0 255.255.255.0
    object network NETWORK_OBJ_10.10.10.0_24
    subnet 10.10.10.0 255.255.255.0
    access-list outside_cryptomap extended permit ip 10.10.10.0 255.255.255.0 object Ted
    access-list outside_access_in extended permit icmp any4 any4 echo-reply
    access-list outside_access_in extended permit ip object Ted 10.10.10.0 255.255.255.0
    access-list outside_access_in extended permit ip object Ted_Public any
    pager lines 24
    logging enable
    logging buffered debugging
    logging asdm informational
    logging debug-trace
    nat (inside,outside) source static NETWORK_OBJ_10.10.10.0_24 NETWORK_OBJ_10.10.10.0_24 destination static Ted Ted no-proxy-arp
    object network obj_any
    nat (inside,outside) dynamic interface
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 192.168.0.1 1
    route outside 192.168.1.0 255.255.255.0 192.168.0.1 1
    dynamic-access-policy-record DfltAccessPolicy
    user-identity default-domain LOCAL
    http server enable
    http 24.163.116.187 255.255.255.255 outside
    http 192.168.0.0 255.255.255.0 outside
    http 10.10.10.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    crypto map outside_map2 1 match address outside_cryptomap
    crypto map outside_map2 1 set peer 24.163.116.187
    crypto map outside_map2 1 set ikev1 transform-set ESP-3DES-MD5 ESP-3DES-SHA
    crypto map outside_map2 interface outside
    crypto ikev2 enable outside
    crypto ikev2 enable inside
    crypto ikev1 enable outside
    crypto ikev1 enable inside
    ssh 10.10.10.0 255.255.255.0 inside
    ssh timeout 30
    console timeout 0
    dhcpd address 10.10.10.1-10.10.10.20 inside
    dhcpd enable inside
    group-policy GroupPolicy1 internal
    group-policy GroupPolicy1 attributes
    vpn-tunnel-protocol ikev1
    username admin password 8Ec7AqG6iwxq6gQ2 encrypted privilege 15
    tunnel-group 24.163.116.187 type ipsec-l2l
    tunnel-group 24.163.116.187 general-attributes
    default-group-policy GroupPolicy1
    tunnel-group 24.163.116.187 ipsec-attributes
    ikev1 pre-shared-key *****
    class-map inspection_default
    match default-inspection-traffic
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:2f4107de10e7171c3d951745c56b8d01
    : end
    no asdm history enable

    I am trying to establish a site-to-site vpn between 2 ASAs and am able to get the tunnel to establish and can get connectivity from the remote end of the connection to the local side. However, traffic from the local side is not able to get to the remote end. We have 2 ASA 5505 establishing the tunnel, on the remote end there is a linksys home router forwarding all traffic to the ASA outside interface on a private subnet. Our layout is as follows.
    Internal Network              Local ASA                   ISP1      ISP2          Remote Router                       Remote ASA                 Remote Network
    192.168.1.0/24         local-gateway/public ip                                 public ip/192.168.0.1/24     192.168.0.10/10.10.10.254         10.10.10.0/24
    10.10.10.0/24 (remote) -> 192.168.1.0/24 (local) works
    192.168.1.0/24 (local) -> 10.10.10.0/24 (remote) does not work
    Below are the configs of the local and remote asa. any help would be greatly appreaciated.
    local-asa
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.1.6 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address dhcp setroute
    same-security-traffic permit inter-interface
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network Switch
    host 192.168.1.5
    description 2960-24 Switch
    object network NETWORK_OBJ_192.168.1.0_24
    subnet 192.168.1.0 255.255.255.0
    object network Mark_Public
    host 76.98.2.63
    description Mark Public
    object network Mark
    subnet 10.10.10.0 255.255.255.0
    description Marks Network
    object network Mark_routed_subnet
    subnet 192.168.0.0 255.255.255.0
    access-list outside_access_in extended permit icmp any4 any4 echo-reply
    access-list outside_access_in extended permit tcp any object home-app-svr object-group DM_INLINE_TCP_2
    access-list outside_access_in extended permit ip object Mark 192.168.1.0 255.255.255.0
    access-list outside_cryptomap extended permit ip 192.168.1.0 255.255.255.0 object Mark
    access-list Home standard permit 192.168.1.0 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    icmp deny any outside
    asdm image disk0:/asdm-711.bin
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static Mark Mark no-proxy-arp
    object network obj_any
    nat (inside,outside) dynamic interface
    access-group outside_access_in in interface outside
    route outside 10.10.10.0 255.255.255.0 24.163.112.1 1
    route outside 10.10.10.0 255.255.255.0 76.98.2.63 128
    aaa-server Radius protocol radius
    aaa-server Radius (inside) host 192.168.1.101
    key *****
    user-identity default-domain LOCAL
    aaa authentication ssh console Radius LOCAL
    aaa authentication telnet console Radius LOCAL
    aaa authentication enable console Radius LOCAL
    aaa authentication http console Radius LOCAL
    aaa authentication serial console Radius LOCAL
    aaa accounting enable console Radius
    aaa accounting serial console Radius
    aaa accounting ssh console Radius
    aaa accounting telnet console Radius
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    http 66.162.9.0 255.255.255.0 outside
    http 76.98.2.63 255.255.255.255 outside
    http 10.10.10.0 255.255.255.0 inside
    snmp-server host inside 192.168.1.101 community *****
    snmp-server location 149 Cinder Cross
    snmp-server contact Ted Stout
    snmp-server community *****
    snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
    snmp-server enable traps syslog
    snmp-server enable traps ipsec start stop
    snmp-server enable traps entity config-change
    snmp-server enable traps memory-threshold
    snmp-server enable traps interface-threshold
    snmp-server enable traps cpu threshold rising
    crypto ipsec ikev2 ipsec-proposal DES
    protocol esp encryption des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal 3DES
    protocol esp encryption 3des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES
    protocol esp encryption aes
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES192
    protocol esp encryption aes-192
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES256
    protocol esp encryption aes-256
    protocol esp integrity sha-1 md5
    crypto ipsec security-association pmtu-aging infinite
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
    crypto map outside_map0 1 match address outside_cryptomap
    crypto map outside_map0 1 set peer 76.98.2.63
    crypto map outside_map0 1 set ikev1 transform-set ESP-3DES-MD5 ESP-3DES-SHA
    crypto map outside_map0 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map0 interface outside
    crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map inside_map interface inside
    crypto ca trustpoint ASDM_TrustPoint0
    enrollment self
    subject-name CN=stout-fw
    keypair vpn.stoutte.homeip.net
    crl configure
    crypto ca trustpoint ASDM_TrustPoint1
    enrollment terminal
    crl configure
    crypto ca trustpoint Home--Server-CA
    enrollment terminal
    subject-name CN=stout-fw,O=home
    keypair HOME-SERVER-CA
    crl configure
    crypto ca trustpoint HOME-SSL
    enrollment terminal
    fqdn stoutfw.homeip.net
    subject-name CN=stoutfw,O=Home
    keypair HOME-SSL
    no validation-usage
    crl configure
    crypto ca trustpoint SelfSigned
    enrollment self
    fqdn stoutfw.homeip.net
    subject-name CN=stout-fw
    keypair SelfSigned
    crl configure
    crypto ca trustpoint ASDM_TrustPoint2
    enrollment self
    fqdn 192.168.1.6
    subject-name CN=stout-fw
    keypair SelfSigned
    crl configure
    crypto ca trustpool policy
    crypto ikev2 enable outside client-services port 443
    crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
    crypto ikev1 enable inside
    crypto ikev1 enable outside
    telnet 192.168.1.0 255.255.255.0 inside
    telnet timeout 20
    ssh 192.168.1.0 255.255.255.0 inside
    ssh timeout 5
    console timeout 0
    management-access inside
    threat-detection basic-threat
    threat-detection statistics host
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    ntp server 192.168.1.5 source inside prefer
    ssl trust-point SelfSigned outside
    ssl trust-point ASDM_TrustPoint2 inside
    group-policy DfltGrpPolicy attributes
    vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
    group-policy GroupPolicy1 internal
    group-policy GroupPolicy1 attributes
    vpn-tunnel-protocol ikev1
    username stoutte password 0w8WOxYi69SDg3bs encrypted privilege 15
    username stoutte attributes
    webvpn
      anyconnect keep-installer installed
      anyconnect profiles value VPN_client_profile type user
    tunnel-group 76.98.2.63 type ipsec-l2l
    tunnel-group 76.98.2.63 general-attributes
    default-group-policy GroupPolicy1
    tunnel-group 76.98.2.63 ipsec-attributes
    ikev1 pre-shared-key *****
    tunnel-group VPN type remote-access
    tunnel-group VPN general-attributes
    authentication-server-group Radius LOCAL
    default-group-policy GroupPolicy_VPN
    dhcp-server link-selection 192.168.1.101
    tunnel-group VPN webvpn-attributes
    group-alias VPN enable
    class-map inspection_default
    match default-inspection-traffic
    remote-asa
    : Saved
    ASA Version 9.1(1)
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif inside
    security-level 100
    ip address 10.10.10.254 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address 192.168.0.10 255.255.255.0
    ftp mode passive
    clock timezone EDT -5
    clock summer-time EDT recurring
    dns server-group DefaultDNS
    domain-name netlab.com
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network Ted
    subnet 192.168.1.0 255.255.255.0
    description Teds Network
    object network Ted_Public
    host 24.163.116.187
    object network outside_private
    subnet 192.168.0.0 255.255.255.0
    object network NETWORK_OBJ_10.10.10.0_24
    subnet 10.10.10.0 255.255.255.0
    access-list outside_cryptomap extended permit ip 10.10.10.0 255.255.255.0 object Ted
    access-list outside_access_in extended permit icmp any4 any4 echo-reply
    access-list outside_access_in extended permit ip object Ted 10.10.10.0 255.255.255.0
    access-list outside_access_in extended permit ip object Ted_Public any
    pager lines 24
    logging enable
    logging buffered debugging
    logging asdm informational
    logging debug-trace
    nat (inside,outside) source static NETWORK_OBJ_10.10.10.0_24 NETWORK_OBJ_10.10.10.0_24 destination static Ted Ted no-proxy-arp
    object network obj_any
    nat (inside,outside) dynamic interface
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 192.168.0.1 1
    route outside 192.168.1.0 255.255.255.0 192.168.0.1 1
    dynamic-access-policy-record DfltAccessPolicy
    user-identity default-domain LOCAL
    http server enable
    http 24.163.116.187 255.255.255.255 outside
    http 192.168.0.0 255.255.255.0 outside
    http 10.10.10.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    crypto map outside_map2 1 match address outside_cryptomap
    crypto map outside_map2 1 set peer 24.163.116.187
    crypto map outside_map2 1 set ikev1 transform-set ESP-3DES-MD5 ESP-3DES-SHA
    crypto map outside_map2 interface outside
    crypto ikev2 enable outside
    crypto ikev2 enable inside
    crypto ikev1 enable outside
    crypto ikev1 enable inside
    ssh 10.10.10.0 255.255.255.0 inside
    ssh timeout 30
    console timeout 0
    dhcpd address 10.10.10.1-10.10.10.20 inside
    dhcpd enable inside
    group-policy GroupPolicy1 internal
    group-policy GroupPolicy1 attributes
    vpn-tunnel-protocol ikev1
    username admin password 8Ec7AqG6iwxq6gQ2 encrypted privilege 15
    tunnel-group 24.163.116.187 type ipsec-l2l
    tunnel-group 24.163.116.187 general-attributes
    default-group-policy GroupPolicy1
    tunnel-group 24.163.116.187 ipsec-attributes
    ikev1 pre-shared-key *****
    class-map inspection_default
    match default-inspection-traffic
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:2f4107de10e7171c3d951745c56b8d01
    : end
    no asdm history enable

  • How to solve one way audio problem

    i use cm 4.1(3) and i have one way audio problem ,i guess cause of NAT or firewall so i open all port that access-list block but i still have problem . i think nat is the problem .So which way does i have to fix this out
    pls tell me how

    Take a look at the following link.
    Troubleshooting One Way Voice Issues
    http://www.cisco.com/en/US/tech/tk652/tk698/technologies_tech_note09186a008009484b.shtml
    Hope this helps. If so, please rate the post.
    Brandon

  • New Ipod Touch 5g can't access Internet in home network (using Linksys E4200 router). But, OK with other Wifi.

    Just bought new Ipod Touch 5g. I found out it can't access Internet in home network. not really cannot access, but very slow to open any web page, App Store failed to access, etc. But, OK with other Wifi (office & starbucks). Others existing iOS devices (Iphone4 & Ipad2) have no problem like this. I'm using Linksys E4200 router at home. anyone has any idea why?

    Try:
    - Reset the iPod. Nothing will be lost
    Reset iPod touch: Hold down the On/Off button and the Home button at the same time for at
    least ten seconds, until the Apple logo appears.
    - Power off and then back on the router
    - Reset network settings: Settings>GeneralReset>Reset Network Settings
    - iOS: Troubleshooting Wi-Fi networks and connections
    - iOS: Recommended settings for Wi-Fi routers and access points
    - Restore from backup
    - Restore to factory settings/new iPod.
    - Make an appointment at the Genius Bar of an Apple store.
    Apple Retail Store - Genius Bar

  • Unable to connect to home network using a Linksys WRT110 router

    I recently had to upgrade from a Linksys G router to a new router--the Linksys WRT110.  I was able to connect to the WiFi using my Palm TX prior to doing a firmware update to the Linksys WRT110.  Now, my Palm TX doesn't even recognize that there is a network.  I put the network name in manually and it still won't connect.  I don't know what else to do!  Incidentally, my home computer and my laptop connect to the router wirelessly just fine.  I appreciate any help that i can get to enable me to use my WiFi on my Palm TX at home.
    Thanks.
    Post relates to: Palm TX

    Please read through the Wifi Checklist at the top of this section for some hints.
    WyreNut
    Post relates to: Centro (AT&T)
    I am a Volunteer here, not employed by HP.
    You too can become an HP Expert! Details HERE!
    If my post has helped you, click the Kudos Thumbs up!
    If it solved your issue, Click the "Accept as Solution" button so others can benefit from the question you asked!

  • New Asa 5505... Anyway to set up behind home router with no internal DNS?

    Since the home router is the DNS server, the Asa has no internal DNS which is probably the cause of no internet. Is there any way around this?

    Can you not simply use the ASA as the DHCP server and include the DNS server in your DHCP configuration ?
    Jon

  • BT Softphone and D-Link 2740B router problem

    Has anyone managed to work out how to set up a D-Link 2740B router so that BT Softphone will work?
    The best help I can get from BT INDIA is change the baud to 5060, what ever that means?
    I am not a techie, so any help in a simple step by step fashion would be most welcome.
    Solved!
    Go to Solution.

    no thats no what i thinking about... i dont want to connect any devices as handsets ect to my laptop, laptop must be free as is now if this router have VOIP in the lastest firmware i think i can connect router to my bt broadband line then standard handset to the router and thats it. From the router level set the voip softphone internet telephony connection for this handset and thats it.... then if I will need another standard landline handset then simply connect it straight to the bt line... thats my vision....no devices connected to my computer its not working that way 
    If you already have bt home hub its working away from your computer so only one reason to change router is to do it in the same way as BT.... as BT have rubbish routers and with more than one laptop in the home network just cut the connecton this making me mad.....

  • My iPad will no longer connect to my Linksys wireless router.  Every other electronic device in our house connects just fine.  What can I do?

    I have an iPad (the earliest version) that used to connect to my Linksys wireless router with no difficulty.  One night recently I could not get on the internet through my iPad.  I checked the Wi-Fi information, which said it was not connected.When I go through the process of choosing a network, on which my home system is clearly listed along with a very strong signal strength, I am told that my iPad is unable to join my own network.  All the other electronic devices in our house are connected and functioning fine.  Can anyone walk me through the steps to correct this problem?
    I need to add that I took my iPad to the Appple store, and the clerk there reset something--I don't know what--and my iPad was able to connect to their network.  When I came home, though, I was not able to connect to my home network.

    If everything else is connecting with no issues, I would go into the wifi setting on the iPad and redo the info there, user, password and anything else related to your wifi at your house.
    It is possible whatever he reset may have reset something to default setting which will not allow it to connect. If you need too then verify the wifi setting by comparing it with another device setting that works on your home network.
    Good luck

  • How to configure network printer with Linksys WRT54GL router network

    I just bought a Linksys WRT54GL router and I am planning to build the following home-network around it:
    1. A desktop computer connected to router via ethernet cable (hard-wired).
    2. An HP Network Printer (Color LaserJet CM1312 MFP) connected to router via ethernet cable (hard-wired).
    3. A notebook connected to router via Wi-Fi.
    I want both computers (desktop and notebook) to be able to share files, and also to share the same network printer.
    a. How do I do this?
    b. Do I need to install the printer drivers in both computers as if the printer was local for each one?
    c. What settings do I need to include in the Linksys router settings (and also the printer settings) to allow all this? I've read on the internet about DHCP configs, IP address, etc. but I hardly understand anything.
    A step-by-step ("for dummies") explanation will be extremely appreciated.

    You will need to install the printer driver on each computer that will be using the printer.  You will need to have a printer driver that is designed to be used on a network.   Many of HP's drivers (but not all of them) can be used for either a USB or a network connection.
    Usually, when you use HP's printer installation software, it will walk you through the printer installation procedure, and install the printer drivers.  This software is normally located on a CD that came with the printer.  Some installation software demands that you setup a USB connection first, then switch to a network connection.  Other installation software might install a network connection directly.  Just follow the HP directions.
    There are no special settings in the router.  Simply wire (using an ethernet cable) your printer to a LAN port on the router, when the installation software (or instructions) tells you to do so.
    Your printer will likely get a different LAN IP address (192.168.1.x )  from time to time.  Some printer drivers can handle this and still work properly.  Other printer drivers get confused, and cannot find your printer when it changes addresses.  If your driver has this problem, then you will need to assign your printer a fixed LAN IP address.  This will force the printer to have the same LAN IP address each time you boot up your network.   If you need to do this, you will need to enter the LAN IP address directly into your printer (Sometimes this is done using the printer's buttons and display panel, and sometimes this is done using HP printer software).  Note that any fixed LAN IP address must be outside your DHCP server range (defaults are 192.168.1.100  thru  192.168.1.149 ) , and it cannot end in 0, 1, or 255.  If you need to use a fixed LAN IP address, I would suggest you use 192.168.1.13 , which should be easy to remember by looking at the model number of your printer.   If you need to use a fixed LAN IP address, you will also need to enter the Subnet Mask 255.255.255.0, Default Gateway 192.168.1.1 , and DNS Server 192.168.1.1 , into your printer.   If you use a fixed LAN IP address in the printer, you do not need to change any settings in the router.  The router will automatically find your printer when you turn your printer on.   Even if your printer is using a fixed LAN IP address, your computers can continue to get their address automatically from the router's DHCP server. 

  • Linksys WRT54G router--Why doesn't it work with my Macbook?

    I have a perfectly functional Apple MacBook (Unibody, late 2008) running Leopard 10.5.6. I have used it to connect to public Wi-Fi but it is unable to connect to my home Linksys WRT54G router. I called Apple Tech Support, and they suggested that I change the wireless channel and/or temporarily remove the WPA encryption. I did both, the computer still could not connect. In System Preferences on the MacBook, it tells me that "AirPort does not have an IP address and cannot connect to the internet." The tech support guy tried to help, but in the end basically told me that the router just plain might not be compatible with Apple products. (My iPod Touch cannot connect either.)
    I can buy a new router, but this one works perfectly for the rest of the computers in the house (PCs) and they're expensive--and there's no guarantee that those will work either.
    So: Does anyone know any solutions short of buying a new router that would make my Linksys compatible with my Macbook AND our home PCs? Or, failing that, a good, WPA-encrypted router that WILL work with both?
    I have a Snow Leopard disk (I just received the computer on Thursday). Would upgrading to Snow Leopard be of any help? I'm planning on doing it anyway one of these days.
    Many thanks in advance,
    Sola Gratia

    You are in the wrong forum but I'll try and help anyway. That model of Linksys router has a long history of not getting along with Apple products. That is not to say it will never work, but it does require that you download and install the latest firmware for the exact model of router that you have. There are multiple sub-models of that router so make sure that you get the right one.
    Once you have done the firmware update, restart your router and try it again. WPA-psk should work but for troubleshooting purposes, turn off encryption and see if you can get your MacBook and touch working. You might want to use WPA2-psk instead of WPA.
    I would hold off on Snow Leopard until you get WiFi working. Nothing like changing to too many things at one time to really mess things up.

  • Need Help Streaming Video From Web Server Built Into Application - Linksys WRT54g Router

    Very much appreciate any help getting streaming video feed from web server built into video application to work properly using port forwarding on my Linksys WRT54g wireless router.
    Here is the situation:
    My PC is connected to the internet via a Linksys WRT54g wireless router.
    The Windows XP Pro SP2 firewall is enabled, with a firewall exception established for the video camera application.
    On the router, forwarding of port 80 is enabled for the LAN IP address of the PC running the video application with an embedded web server, and the web server in the video camera application is also set to use port 80.
    I have a free DYNDNS account and also run the DYNDNS updater program on the PC running the video application with embedded web server. According to the DYNDNS web site and the DYNDNS updater program, the IP address assigned to the machine running the video application with embedded web server is set correctly in my dyndns account.
    When I open a browser (Explorer or Firefox) on the PC running the video camera application with embedded web server, I am able to  connect to the video application's web server by going to the dyndns address linked to the machine running the video application. The video application's web server is set to use the dyndns address. That's the good news. The bad news is that I can't connect to the video application's web server from any machine that connects to the internet that uses a router other than the router used by the PC running the video application. I am only able to connect to the streaming video from the application's web server only on machines that connect to the internet using the same (home) router used by the PC that is running the video application.
    Since I am able to connect to the video app's embedded web server successfully on the machine running the video application, it seems that at least something about the current port forwarding settings is correct. For example, if I uncheck 'enable' for forwarding of port 80 on the router settings page, I am no longer able to connect to the video app's web server when I try to do so in a browser running on the machine running the video app. When I re-enable port 80 forwarding on the router, I am again able to connect to the web server of the video application on the machine running the video app. I thought that by enabling forwarding of port 80 on the router and associating that port with the LAN IP of the machine running the video application, it would be possible to connect to the streaming video of the video app's embedded web server from ANY machine connected to the internet, but that is not the case. There must be some other router settings to update/change in order to get the port forwarding working to enable a successful connection to the video web server, but I am stumped. Very grateful for any suggestions as to how to get this working properly.
    Thanks in advance...

    The firewall log can be configured on the third tab in the window for the firewall settings, where you can turn the firewall on and off completely.
    From your tests, though, it does not seem to be the firewall. However, to be sure, it would be good to check the log. It will help to eliminate the firewall as the culprit and you may find it handy in the future, too. ;-) Just don't forget to turn the log off again after you are done because it may cause some performance penalty on your system while on.
    From what you write, it seems as if I should give a little networking background on the ip addresses you'll see. Your setup is (or should be) a modem connected to the WAN/Internet port of the WRT. The computer is connected into a LAN port of the WRT.
    Your router has two IP addresses (that's what makes it a router): a WAN address and a LAN address. The WAN address is the address assigned by the ISP. It is a normal internet IP address. Everyone is able to send packets to this IP address. The WAN address is the one reported by whatismyipaddress.com, it should be listed in the dyndns record and it is the address that your router shows on the Status page. It's the public IP address of your router. Dyndns maps your dyndns.org name to that IP address.
    Your router also has an IP address on the LAN side. You can configure it to be whatever you want. The default is 192.168.1.1 with netmask 255.255.255.0 and it is better to leave it like that or at least inside the network 192.168.*.*. 192.168 is a special, reserved IP address range for private networks. Basically, routers in the internet are not supposed to forward addresses in this range. That makes them suitable for private LANs as the packets never can get anywhere. Most people using Linksys routers have there LAN in 192.168.1.*.
    The router acts as gateway, which means it forwards packets from PCs in the LAN to the internet and back. As all your PCs in your LAN share a single WAN IP address, the gateway does address translation (NAT). This works only in one direction: from the inside to the outside. The router remembers when a PC in your LAN sends something out and accepts the responses in and sending them back to the PC. If something comes in from the internet which cannot be associated with a ongoing communication the packet is dropped unless you use port forwarding.
    All computers in your LAN either have a static IP address assigned or use DHCP to get it automatically. The router has a DHCP server as well which gives out IP address from 192.168.1.100-149 if not changed. With a router with default settings static IP addresses can be in the range of 192.168.1.2-99 and 150-254.
    ipconfig /all reports your IP address in your LAN, i.e. an address 192.168.1.*. The gateway in this output should be 192.168.1.1 which is your router. And packet no in the LAN address range 192.168.1.* is send to the router which forwards the packets into the internet.
    An address 192.168.1.* should not appear as internet address in the Status page of the router nor should it appear at dyndns.
    Port forwarding is used to operate a server in the LAN. By default, a server in the LAN cannot be reached from the internet. You have to configure port forwarding for this. You configure that traffic bound for a specific port (e.g. TCP port 80 for http) on your WAN IP address is forwarded to the same port on a specific LAN IP address. If your server runs on 192.168.1.50 than traffic to your WAN IP address port 80 is forwarded to 192.168.1.50 port 80. That way your HTTP server can be reached from the internet. As you can only configure a fixed IP address in port forwarding it is recommended that the server uses a static IP address and not DHCP as in the latter case the IP address may change over time...
    O.K. so much for networking. I hope that makes things a little clearer and you can verify that your setup is how it is intended to be.
    I suggest the following: on the router's security page there is an option to block WAN requests. Remove the check if it is set (meaning: do not block). After you did that change you should be able to ping your WAN address (e.g. ping xxxx.dyndns.org) from the internet. That way we know that it is on the correct address.
    Also on the Administration page make sure that remote management is disabled (should be like that per default) or that the management port is NOT 80 but for example 8080. What is your your UPnP settings on the same page?
    O.K. that should be enough for the moment...

  • Reset Linksys E2000 router and now my HP-6310 is Offline.

    I recently reset my wireless Linksys E2000 router...changed network SSID name and WPA security key and now no one on my home network can print to the HP-6310. I am running Windows 7 and when I go to Devices and Printers, &  double-click on HP Officejet 6300 Series, it shows the printer is "offline". My printer is configured as a network printer and is connected to my router via Ethernet cable. How do I get it back online and printing again?
    Would really appreciate any help.
    Thanks,
    Gary

    Delete all instances of the printer in Devices & Printers.  Re-add it with this method:
    1. Make sure the printer is turned on and connected to your network. Verify that you can access the printer's internal web page by browsing to its IP address before continuing. Get its IP from a Network Test printed from the front panel of the printer.
    2. Click >> Start >> Control panel >> Devices & Printers.
    3. Click the Add a printer
    4. Select Local printer
    5. Select Create a new port and select Standard TCP/IP Port and click Next button.
    6. Under Device type, select TCP/IP Device. Under Hostname or IP address, enter the printer's IP address. Click Next.
    7. Select Hewlett-Packard from the list of manufacturers and select and select your printer model. Click Next.
    If your printer model was not listed, then select Have Disk, browse the HP CD that came with your printer and select the first file that starts with hp and ends with inf. Click Open then OK. Select your printer model. Click Next.
    8. If you are asked, use the currently installed driver.
    9. It will ask for the Printer name -- enter a new name or use the existing one. This will be the name of the printer that you select from other applications.
    10. You may be asked to share the printer. Choose NO.
    11. The Print Test Page box appears. Go ahead and print it.
    12. Click Finish.
    Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
    I am employed by HP

  • VPN through Linksys x3000 router

    Hello,
    I have Linksys x3000 router with cable internet.
    My home network based on linux machines.
    I built vpn server on one of it.
    The connection works intire of LAN, but I cannot create a connection from any out computer.
    What can I missed?
    Thanks.

    In adddition to the ports you have already forwarded, forward ports 50,51,1701 and 5000...Use a static IP Address on your computer to forward the ports...
    Click on the Start button >>> Settings >>> Control Panel >>>Network
    Connections- Right click on the icon for Local area connection and go to properties- On the 'General' tab select 'Internet Protocol TCP/IP' and click on the Properties button- Select 'Use the following IP address'- Provide IP Address - 192.168.1.5 Subnet Mask - 255.255.255.0 Default Gateway - 192.168.1.1 and click on O.k...
    While doing port forwarding use the ip address : 192.168.1.5...Change the MTU to 1300...If it does not resolve your concern try a firmware upgrade...

  • Linksys WRT120N Router -- How to set to "Dynamic"?

    I am having trouble getting my work computer to connect wireless to my home router.  I was told it was because my work computer is set to "dynamic" and my home router is probably set to "static"... how to I set my home router (Linksys WRT120N) to "dynamic"?  I'm Dumb Dora when it comes to this so specific step-by-step directions would be appreciated.

    CA_Martie,
    Have you confirmed the settings on your router?
    Ensured DHCP is enabled
    Have you configured your wireless network settings on the router? 
    SSID Name
    N or G network (both?)
    Security settings?
    Can any other devices connect wirelessly?
    1 x r7000 Nighthawk 1.0.3.24
    3 x WNDR4500 v1 / v2
    e4200 Rev 1 f/w 1.0.05
    e3000 Rev 1 f/w 1.0.04
    QNAP TS-219P-II 4TB
    dns323 ext3 4TB
    Roku N 1080p
    Altigen ip-710 VOIP phone
    Other Routers - Asus (just ok), DLink (junk), Netgear (Current Favorite) & ProSafe, wrt54g & G2
    wvc54gca - Dumped this as it only support TKIP encryption & 54mbps

Maybe you are looking for

  • I tried to change the file type of the movie, but now I am unable to open/edit it in iMovie, HELP !

    I tried to change the file type of the movie, but now I am unable to open/edit it in iMovie, HELP !

  • Error when converting a constant amount MAXBT in T511P

    Dear Expert, I am encounter error as below when run payroll for Macao, Error when converting a constant amount MAXBT in T511P CONVERT_TO_LOCAL_CURRENCY has been Called Data used: Validity end date: 28.02.2014 Constant: MAXBT T511P Currency MOP Curren

  • IDoc Meta Data Problem

    Hello i am getting the following error not clear of what might be the cause. <?xml version="1.0" encoding="UTF-8" standalone="yes" ?> - <!--  Call Adapter   --> - <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlso

  • How to upgrade iWeb 2.0.4 to 3.x

    Hi, I bought a MacBook 2008 early. This MacBook include iWeb 2.x. Last month I upgraded some iLife '08 application to '11 but I couldn't upgrade iWeb '08 to newer. Last iWeb version is 3.0.4. How can I upgrade iWeb 2.x to 3.x? Please help me! Thx! Ba

  • Experience with Keynote on iPad....

    Would those of you who have given a number of iPad/Keynote presentations, please make some general comments about your experiences? What pleased you? What thwarted you? (I have the sense that, after reading some of the questions/replies, that there i