VPN hub and spoke topology, hub using two interfaces

Similar Messages

• Multiple Spanning Tree in a Hub and Spoke topology?

  My company is planning to implement Multiple Spanning tree into our hub and spoke topology. Is that possible?
  Should I divide up the vlans into instances based on assigned switch or assigned department?
  Thank You.

  hi, everyone,
  i have search a internet draft to describe this situation, "Using an LSA Options Bit to Prevent Looping in BGP/MPLS IP VPNs", from "http://www.ietf.org/internet-drafts/draft-ietf-ospf-2547-dnbit-03.txt"
  does anyone can tell me how can disable this function and clear the "DN" bit on a cisco router? thanks very much.

• I am doing two people's jobs and I need to use two separate log-ins on the same website. How can I keep both log-ins open at the same time. Everytime I switch tabs I have to log in again.

  I am doing two people's jobs and I need to use two separate log-ins on the same website. How can I keep both log-ins open at the same time. Everytime I switch tabs I have to log in again.

  Try one of these extensions for multiple cookie sessions.
  Multifox: <br />
  http://br.mozdev.org/multifox/ <br />
  Cookie Swap extension: <br />
  https://addons.mozilla.org/firefox/3255/ <br />
  Cookie Pie extension: <br />
  http://www.nektra.com/oss/firefox/extensions/cookiepie/

• Change volume and Balance of speaker using Clip interface

  Hello,
  I am playing more than one Clip simulteniously. I want to change the volume and balance of individual Clip so that they have individual effect on speaker. I mean, if there are two clip then one should have high sound and other have low like that.
  Any help would be appreciated.
  Thanks in Advance.

  Hello,
  I play a sound using Clip interface in Java Sound. i am able to get FloatControl.Type.MASTER_GAIN) control but not FloatControl.Type.PAN)
  I have written a code like this,
  FloatControl gainControl = (FloatControl) clip.getControl(FloatControl.Type.PAN);
  Any help would be appreciated.
  * Thanks In advance*

• Use two interfaces on the same network

  Hello every one,
  I actually starting to work on a cisco project. I'm a beginner on networking and cisco technologie.
  For my project we use a router 2921.
  We got two network:
  - Network A: 192.198.0.X / 255.255.255.0 / Gateway 192.198.0.1
  - Network B: 162.168.0.X / 255.255.0.0 / Gateway 162.168.0.1
  Each network use switch, Switch A (connecting to network A) is connected to interface G0/0.
  And Switch B (connecting to network B) is connected to interface G0/1.
  Router well configured as:
  - G0/0: ip address 192.198.0.1 255.255.255.0 (network A)
  - G0/1: ip address 162.168.0.1 255.255.0.0 (network B)
  Every think working fine.
  The problem is with this one, we need to connect a computer on G0/2. This computer is configure as network A (192.198.0.10 / 255.255.255.0 and same gateway).
  I can't configure G0/2 as 192.198.0.1 255.255.255.0 (network A), cause G0/0 use this adresse.
  I can't put this computer on the switch A, my only physical possibilité is to connect him on G0/2.
  We just need to use interface G0/0 and G0/2 as a switch on the router with the same gateway (192.198.0.1)
  How can i connect this computeur? How can i configure two interfaces on the same network and same gateway?
  Thanks you

  I would just put the PC on a different network, but if you really want it to be in the same network, you could use IRB to connect two of the interfaces on the router at layer 2.
  Here is an example config for IRB:
  interface FastEthernet0/0
  bridge-group 1
  interface FastEthernet0/1
  bridge-group 1
  bridge irb
  interface BVI1
  ip address 192.168.0.1 255.255.255.0
  bridge 1 route ip
  Notice that the physical ports do not have IP addresses on them, the IP for the subnet is on the BVI interface.

• Routing issue for remote vpn user and spoke

  Hi all,
  i have configure VPN (see attached file)
  before upgrading ASA from 8.3 to 8.4,  SPOKES was able to communicate between them and  also remote VPN users was able to access spoke site.
  after upgrade  ASA HUB, neither spoke-to-spoke  nor remoteuser---to---spoke cannot communicate
  here is NAT exemption configuration on ASA HUB.  only this ASA have been upgrade. nothing have been done on other site
  object network 172.17.8.0
  subnet 172.17.8.0 255.255.255.0
  object network 10.100.96.0
  subnet 10.100.96.0 255.255.240.0
  object network VPN-SUBNET
  subnet 172.20.1.0 255.255.255.0
  nat (outside,outside) source static 172.17.8.0 172.17.8.0 destination static 10.100.96.0 10.100.96.0
  nat (outside,outside) source static 10.100.96.0 10.100.96.0 destination static 172.17.8.0 172.17.8.0
  nat (outside,outside) source static VPN-SUBNET VPN-SUBNET destination static 10.100.96.0 10.100.96.0
  nat (outside,outside) source static VPN-SUBNET VPN-SUBNET destination static 172.17.8.0 172.17.8.0
  same-security traffic permit intra-interface
  same-security traffic permit inter-interface
  Please do you know what can be the problem ?
  thanks so much for your help

  Since you are not NATing any of those traffic and it's a u-turn traffic, pls remove those 4 NAT statements. They are not required at all.
  Pls "clear xlate" after removing it and let us know how it goes.

• I have two iphones and I want to use two different apple IDs on the same computer without any syncing of the two phones?

  I have two iPhones. How do I have two seperate apple ID's on one computer without them syncing.

  You can either do as sberman suggested - create separate User logons on the computer
  or
  You can make sure that you are syncing Contacts, Calendars, and Mail via the individual iCloud accounts.
  Then, for Apps, Music, Movies, Books, Photos, etc. you would set up each individual iPhone's options to only sync what you want to have loaded to each of the phones from the iTunes and Photo libraries. You do this by setting up the individual Device Profile pages to have only what is selected for that particular device. When you hook the device up via a USB cord, you will see the device Profile pages to the right of the sidebar. Select each Profile page and set it up as desired for the particular device.
  Also, turn off Automatic downloads in Settings>iTunes & Apps Store>Automatic Downloads on each device.
  Cheers,
  GB

• HT4993 My phone won't type long ways when I text and I can't use two hands. But it will in email. How do I fix this!! ?

  My phone won't change to horizon format when texting phone messages but will in email and searches. It makes me crazy to text w one finger what is wrong!!?

  reset all settings, or txt with 2 hands.
  settings>general>reset>reset all settings  this will wipe out any wifi connections you hav and will restore your wallpaper/ringtones to default but you will not lose any data.
  if that doesnt work you can always restore as new =)

• Static NAT and same IP address for two interfaces

  We have a Cisco ASA 5520 and in order to conserve public IP addresses and configuration (possibly) can we use the same public IP address for a static NAT with two different interfaces? Here is an example of what I'm refering too where 10.10.10.10 would be the same public IP address.
  static (inside,Outside) 10.10.10.10  access-list inside_nat_static_1
  static (production,Outside) 10.10.10.10  access-list production_nat_static_1
  Thanks for any help.
  Jeff

  Hi Jeff,
  Unfortunately this cannot be done, on the ASA packet classification is done on the basis of mac-address, destination nat and route, and here you are confusing the firewall, to which interface does the ip belong to. I haven't ever tried to do it, but it should cause you issues.
  Thanks,
  Varun Rao
  Security Team,
  Cisco TAC

• IDOC to PDF and XML via EMail: using InputAttachment interface in mapping

  Hello Together,
  I am working on the following scenario:
  IDOC --> Transformation Nr. 1 IDOC-XML; Transformation Nr.2 XML- PDF --> Email with 2 Attachments XML and PDF.
  Till now Iu2019ve managed "IDOC to Email" with XML-Attachment. Therefore I used MailPackage and SwapBean. Unfortunately I didnu2019t see any possibility to send PDF attachment with MailPackage approach.
  Thatu2019s why I decided to change the scenario in this way to avoid using of MailPackage:
  u2022     first step: IDOC to FTP (2 XML files)
  u2022     second step: FTP (1. file = payload + 2. file= attachment) to Email with one XML-attachment
  It works without MailPackage, but I still need the PDF-attachment. In the moment I am trying to read the XML-attachment,  to transform XML2PDF and to add the second attachment to the message inside of mapping . I use InputAttachment and OutputAttachment interfaces.
  http://help.sap.com/javadocs/pi/SP3/xpi/com/sap/aii/mapping/api/InputAttachments.html
  Unfortunately the reading of the XML-attachment with u201CInputAttachementu201D interface inside of mapping doesnu2019t work. Tracing says: "there is no attachment".
  So my questions are:
  1. Is it possible to work with Input- and OutputAttachement interfaces inside of mapping? Or does it work only inside of adapter module?
  2. If it works inside of mapping, how can I test it in design time?
  If you see any other way to solve my problem, let me know please.
  Thank you a lot, regards Anna

  Question Nr. 1:
  "... Mapping programs are executed in the Java part of SAP NetWeaver AS. Consequently, the mapping runtime transfers the message payload from the ABAP part of the SAP NetWeaver Application Server to the Java part before the mapping program is executed. Since mapping programs do not usually access any MIME attachments in a message, the default setting is for the mapping runtime to transfer the payload only and not the attachments. This applies for both attachments that are removed as part of MTOM optimization in the Web services runtime, as well as for attachments that a sender sends together with a payload by using proxy methods in the XI runtime.
  If you want to access an attachment from a mapping program, it must have been transferred from the ABAP part to the Java part prior to execution. You can configure this in the basic settings of the operation mapping in which you reference the mapping program (select the Read Attachments checkbox)..."

• Xen using two interfaces

  Hello
  I got Xen installed and it's running fine. Now I want to apply a second interface to it so that I can have certain guests routing their traffic over xenbr1
  In my setup, xenbr0 was running fine. I have a netcfg config for xenbridge-static and Xen goes with xenbr0 over eth0.
  To have a second interface,
  1. I set up a netcfg profile for xenbr1 as xenbridge-static2
  2. I wrote a script "multi-interface" with the following contents
  #!/bin/sh
  dir = $(dirname "$0")
  "$dir/network-bridge" "$@" vifnum=0 netdev=eth0 bridge=xenbr0
  "$dir/network-bridge" "$@" vifnum=1 netdev=eth1 bridge=xenbr1
  When I now start the Dom0 and type ip addr I see eth0 and eth1 but no xenbr0 anymore, I only got xenbr1.
  When I run my script manually with
  /etc/xen/scripts/multi-interface start nothing happens journalctl also shows no error or something
  When trying netcfg xenbridge-static (thats the one with xenbr0 in it) it tells me
  > xenbridge-static already connected
  But ip addr still doesn't show xenbr0, only lo, eth0, eth1 and xenbr1
  Before I wrote the multi-interface script and restarted xend, I had xenbr0 running and was using it accessing the net.
  ifcfg xenbr0 <some-ip> brings up the xenbr0 interface, but I want, that it comes up correctly at boot. Also the default route goes over xenbr1 now and not xenbr0 as it should.
  What's going wrong here? Why is xenbr0 not comming up automatically but "ifcfg xenbr0 <ipnumber>" works?

  Analyzing the config files you revealed the inactiv NAT exemption for traffic flow between LAN-A and LAN-C.
  Furthermore a static route fro LAN-C out the inside interface was missing.
  Fixing both communication works fine.
  Thanks for the real good support.

• Hub and Spoke between SA540 and RV120

  Hello.
  I want to build a "hub and spoke" topology for one of my clients.
  For the "HUB" , I'm planning to use an SA540, with a static public IP provided by a 4Mb SDSL.
  For the "spokes" (21 at the moment), I'm planning to use RV120. They will be behind a NAT, provided by a "SAGEM LIVEBOX", and a static public IP.
  The boss will connect to the HUB using Cisco VPN client, or quickVPN, and get access to all the spokes.
  Some spokes will have to connect to each other, via the HUB.
  I searched a long time on this forum and reading documentation, but I didn't find at the moment the answer to my question : is this topology suitable with the choosen hardwares ?
  Alain

  Alain,
  I would contact someone with the enterprise group with the questions on which enterprise router to use with your topology; I would expect a Cisco ASA5505 or ASA5510 with proper licensing would accomplish this at main office and cisco 800 series at remote offices. For your spokes(remote offices) the RV120 or RVS4000 should work fine if you are trying to route traffic from remote office to main office only. If you are looking to route traffic from remote office to main office then to another remote office. You would need to go all enterprise small business devices. In our small business routers we can’t specify to route traffic to another subnet across the IPSec tunnel. When we make the IPSec tunnel it creates the routes in routing table to the remote host. So we can only route traffic to directly connect IPSec tunnel host. If you need further clarification you can give us a call.
  SBSC
  1-866-606-1866
  TAC (Enterprise Group)
  1-800-553-2447
  Main office (ASA5505 – ASA5510) --- (Cisco 800 Series) = Remote office
  Please clarify with enterprise group.
  Thanks
  Jasbryan
  Cisco Support Engineer
  .:|:.:|:.

• EIGRP in a NBMA hub and spoke configuration ?

  Hi,
  Is there a way to configure EIGRP for a Frame Relay NBMA network using a hub and spoke topology ?
  I'm curious that I cannot find any config examples for this, whereas with OSPF in this environment there are plenty of examples.
  I'm wondering if EIGRP being a distance-vector protocol this shouldn't be attempted.
  PS: I've been at this all day and have only managed to get EIGRP to work in one cofiguration and that was using physical interfaces on all routers and switching off split horizon at the hub router. I used frame-relay map statements with broadcast enabled also.
  Any pointers would be appreciated.
  Cheers,
  Phil.

  hi phil,,,
  here is the configuration for the HUB router
  ! hostname ABC
  interface Ethernet1
  ip address 192.168.2.1 255.255.255.0
  interface Serial0
  no ip address
  encapsulation frame relay
  no ip mroute cache
  interface Serial0.1 multipoint
  ip address 192.168.1.1 255.255.255.0
  no ip split horizon eigrp 2001 Split Horizons disabled
  bandwidth 112 Bandwidth set to the sum of the remote PVCs
  frame relay map ip 192.168.1.5 110 broadcast
  frame relay map ip 192.168.1.6 130 broadcast
  router eigrp 2001 EIGRP routing process
  network 192.168.1.0 Networks running EIGRP
  you can have appropriate IP addressing as per your design...
  you can have some easy configuration at spoke side with compere to HUB router....
  regards
  Devang

• Boot camp with Cisco VPN client and smart card

  Looking at a Macbook or Macbook Air and the only reason I need to run windows is to be able to access my work network through the Cisco VPN client and my Smartcard then use remote desktop. From my understanding if I run Bootcamp it should work am I correct? Im going to an Apple store tomorrow hopefully they can help too.
  Thanks

  mrbacklash wrote:
  Ok with that being said will the MBA 11.6 1.4ghz have the guts to make it run mostly internet based programs over the VPN connection?
  I think if you are running apps over the Internet the bottleneck will be the Internet and your VPN bandwidth. Your computer can certainly execute faster than Internet communications.
  Besides, Internet or remote applications run on the remote server. All your local computer does is local processing of the data if necessary.
  Message was edited by: BobTheFisherman

• Get GPS info using Autonomous and CellSite Mode parallelly using MultiThreading

  I tried to get the GPS latitude and longitude values using Autonomous and CellSite Mode parallelly using two threads, but while execution only one thread is being active and I get values from only that, the other thread doesn't return any values at all.
  Is it possible to retrieve the GPS information using multiple threads running parallelly and also can I display the latitude and longitude values from the threads on the screen with less accuracy rate among the values.
  Thanks in advance...

  Your thread may not get noticed as it is in General Support threads. You may post your thread in Java Development to get faster response.
  Ron
  Click "Accept as Solution" if your problem is solved. To give thanks, click thumbs up Blackberry Battery Saving Tips | Follow me on Twitter