I need a config ...please for a Cisco 1800 Series with 3 private vlans

Hi I need a config please for a cisco 1841 on 3 vlans with trunk to vlan 2,3,4,

vlan 2 10.191.../0/24

vlan 3 10.193....0/24

vlan 4 10.191....0/24

FE 0/1   10.191 ...1/24

Thank you in advance
NewGuyOnCiscoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bkepfordCommented:
Is this on a switch interface card or is just using the onboard interface cards. Private vlans are a switch setup.
Here is a link on configuring private VLANS on a switch
http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_46_se/configuration/guide/swpvlan.html 
You can trunk like this but they can't be overlapping networks.
interface fastethernet 0/1
ip address 10.191.0.1 255.255.255.0
!
interface fastethernet 0/1.2
encapsulation dot1q 2
ip address 10.192.0.1 255.255.255.0
!
interface fastethernet 0/1.3
encapsulation dot1q 3
ip address 10.193.0.1 255.255.255.0
!
interface fastethernet 0/1.4
encapsulation dot1q 4
ip address 10.194.0.1 255.255.255.0


0
NewGuyOnCiscoAuthor Commented:
Using the on board interface
0
NewGuyOnCiscoAuthor Commented:
thank you for your help

and what are the commands also to enter the data ??
0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

NewGuyOnCiscoAuthor Commented:
I have the following setup :
1. HSRP with 2 X 2600 Series
2. Static Routing
3. Acl's to prevent Communications vlan 2 and vlan 4
4. Acl;s to deny inbound traffic from WAN except ICMP
5 Do any outbound fron any vlan exept ports 80, 443 , 22 ICMP
6. Setup AAA Local Authetication on all devices with Telnet access
7. Setup Nat for outbound internet on boith 2600 series
use 10.10.....1/29 C -2600 - 1
use 10.10....1/29 C 2600 - 2
0
NewGuyOnCiscoAuthor Commented:
trunk  vlan 2,3,4,



0
NewGuyOnCiscoAuthor Commented:

C1841-Vlan#enab
C1841-Vlan#sh run
Building configuration...

Current configuration : 1223 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C1841-Vlan
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$0ZYi$rWNPwZFuLubZv5R2sloBh/
enable password imr1841
!
aaa new-model
!
!
aaa authentication login USER_AAA local
aaa authentication login USERLIST local
aaa authorization network GROUP_AAA local
!
aaa session-id common
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
!
!
!
!
!
!
!
!
controller T1 0/0/0
 framing esf
 linecode b8zs
!
controller T1 0/0/1
 framing esf
 linecode b8zs
!
!
!
!
interface FastEthernet0/0
 no ip address
 ip nat inside
 no ip virtual-reassembly
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 no ip address
 ip nat outside
 no ip virtual-reassembly
 duplex auto
 speed auto
!
ip classless
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source list 2 interface FastEthernet0/1 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
disable-eadi
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 password imr1213
!
end

C1841-Vlan
0
NewGuyOnCiscoAuthor Commented:
and the C 1841 Series needs to be connected to a C 2950  vlan

1 . Port 2-7 Vlan 2 NIM

2. Port 8-10 VLAn 3 servers

3. Port 11-15 vlan 4  DERM


Please if you can help with the config for the C 2950 also ....

Thank you so much in advance

0
bkepfordCommented:
The switch config is easy
interface fastethernet 0/1
description 1841 router
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 1,2,3,4 <this line can be omitted if you want to allow all VLANs which is the default>
0
NewGuyOnCiscoAuthor Commented:
C2950-Vlan>enab
Password:
C2950-Vlan#sh run
Building configuration...

Current configuration : 1205 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname C2950-Vlan
!
enable secret 5 $1$QX/B$TOk.J4GPqr596jXF.34i4.
enable password imr1841
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
ip http server
!
!
line con 0
line vty 0 4
 password imr1213
 login
line vty 5 15
 password imr1213
 login
!
end

C2950-Vlan
0
bkepfordCommented:
Is that all you needed?
0
NewGuyOnCiscoAuthor Commented:
can you please help me and post the configs for both ...please


for the

C 1841   and also for the C 2950 ??/


Thank you so much in advance ...
0
NewGuyOnCiscoAuthor Commented:
yes please ....all the info i posted here you have it .........thank you so much
0
bkepfordCommented:
This is your router config the best I figure
interface fastethernet 0/1
ip address 10.191.0.1 255.255.255.0
no shut
!
interface fastethernet 0/0
no ip address
no shut
!
interface fastethernet 0/0.2
encapsulation dot1q 2
ip address 10.192.0.1 255.255.255.0
!
interface fastethernet 0/0.3
encapsulation dot1q 3
ip address 10.193.0.1 255.255.255.0
!
interface fastethernet 0/0.4
encapsulation dot1q 4
ip address 10.194.0.1 255.255.255.0
And below is the switch again as best I can figure from what you said

vlan 2
name NIM
vlan 3
name Servers
vlan 4
name DERM
 
interface FastEthernet0/1
description 1841 router
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/2
switchport mode access
switchport access vlan 2
!
interface FastEthernet0/3
switchport mode access
switchport access vlan 2
!
interface FastEthernet0/4
switchport mode access
switchport access vlan 2
!
interface FastEthernet0/5
switchport mode access
switchport access vlan 2
!
interface FastEthernet0/6
switchport mode access
switchport access vlan 2
!
interface FastEthernet0/7
switchport mode access
switchport access vlan 2
!
interface FastEthernet0/8
switchport mode access
switchport access vlan 3
!
interface FastEthernet0/9
switchport mode access
switchport access vlan 3
!
interface FastEthernet0/10
switchport mode access
switchport access vlan 3
!
interface FastEthernet0/11
switchport mode access
switchport access vlan 4
!
interface FastEthernet0/12
switchport mode access
switchport access vlan 4
!
interface FastEthernet0/13
switchport mode access
switchport access vlan 4
!
interface FastEthernet0/14
switchport mode access
switchport access vlan 4
!
interface FastEthernet0/15
switchport mode access
switchport access vlan 4
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24

Open in new window

0
bkepfordCommented:
I had to change your IP address scheme as it overlapped.  Check that out and I can help you with changes.
0
NewGuyOnCiscoAuthor Commented:
thank you ...do i have to mention anywhere this stuff ??  in the router ??


vlan 2  10.191.2.0/24

vlan3 10.191.3.0/24

vlan4 10.191.4.0/24     ???

0
NewGuyOnCiscoAuthor Commented:
it does not let me enter

switchport trunk encapsulation dot1q

says invalid ???
0
bkepfordCommented:
If that is your IP scheme here is the correct config. You don't have to mention it the number after the dotq is what specifies the vlan.
 
interface fastethernet 0/1
ip address 10.191.1.1 255.255.255.0
no shut
!
interface fastethernet 0/0
no ip address
no shut
!
interface fastethernet 0/0.2
encapsulation dot1q 2
ip address 10.191.2.1 255.255.255.0
!
interface fastethernet 0/0.3
encapsulation dot1q 3
ip address 10.191.3.1 255.255.255.0
!
interface fastethernet 0/0.4
encapsulation dot1q 4
ip address 10.191.4.1 255.255.255.0
0
NewGuyOnCiscoAuthor Commented:
thank you ...ones i finish ..i will post the configs so you can check what else i need

what about all this ??

1. HSRP with 2 X 2600 Series
2. Static Routing
3. Acl's to prevent Communications vlan 2 and vlan 4
4. Acl;s to deny inbound traffic from WAN except ICMP
5 Do any outbound fron any vlan exept ports 80, 443 , 22 ICMP
6. Setup AAA Local Authetication on all devices with Telnet access
7. Setup Nat for outbound internet on boith 2600 series
use 10.10.....1/29 C -2600 - 1
use 10.10....1/29 C 2600 - 2



0
NewGuyOnCiscoAuthor Commented:
C2950-Vlan#
C2950-Vlan#sh run
Building configuration...

Current configuration : 1653 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname C2950-Vlan
!
enable secret 5 $1$QX/B$TOk.J4GPqr596jXF.34i4.
enable password imr1841
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 description 1841 router
 switchport trunk allowed vlan 2-4
!
interface FastEthernet0/2
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 2
!
interface FastEthernet0/4
 switchport access vlan 2
!
interface FastEthernet0/5
 switchport access vlan 2
!
interface FastEthernet0/6
 switchport access vlan 2
!
interface FastEthernet0/7
 switchport access vlan 2
!
interface FastEthernet0/8
 switchport access vlan 3
!
interface FastEthernet0/9
 switchport access vlan 3
!
interface FastEthernet0/10
 switchport access vlan 3
!
interface FastEthernet0/11
 switchport access vlan 4
!
interface FastEthernet0/12
 switchport access vlan 4
!
interface FastEthernet0/13
 switchport access vlan 4
!
interface FastEthernet0/14
 switchport access vlan 4
!
interface FastEthernet0/15
 switchport access vlan 4
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
ip http server
!
!
line con 0
line vty 0 4
 password imr1213
 login
line vty 5 15
 password imr1213
 login
!
end

C2950-Vlan
0
NewGuyOnCiscoAuthor Commented:
is this correct ...?? all that i need for that type of config on the switch - C 2950
0
bkepfordCommented:
Did you copy and paste in my configuration? If not go into configuration mode on the switch (config t) and just copy and past my config into your switch.
Secondly I want to help you with your other confis but I need to know how all the devices are attached a picture with port numbers and IP address would be great if you could draw one and scan it in.
0
NewGuyOnCiscoAuthor Commented:
i cannot send you a picture...i wish i could

 
            Feo/1  10.191.10.1/24
               C1841-vlan------------------->vlan 2  - 10.191.2.0/24
                                  _____________>vlan 3 10.191.3.0/24
                                ---------------------> vlan 4 10.191.4.0/24
__________________---
    Here is Fe 0/0   that connects via trunk vlan 2,3 4      


to         C 2950 - Vlan      via Fe 0/1

___________________________

from here goes in 3   port 2-7 vlan 2  NIM
                                   port 8-10 vlan 3 servers
                                   port 11-15  vlan 4 DERM



0
NewGuyOnCiscoAuthor Commented:
on top of this
is via         fe0/1 10.191.10.1/24

it's connected a C2950  - Backbone via vlan 10

0
NewGuyOnCiscoAuthor Commented:
all i need is the c1841 and c 2950 ...
0
NewGuyOnCiscoAuthor Commented:
1. HSRP with 2 X 2600 Series
2. Static Routing
3. Acl's to prevent Communications vlan 2 and vlan 4
4. Acl;s to deny inbound traffic from WAN except ICMP
5 Do any outbound fron any vlan exept ports 80, 443 , 22 ICMP
6. Setup AAA Local Authetication on all devices with Telnet access
7. Setup Nat for outbound internet on boith 2600 series
use 10.10.....1/29 C -2600 - 1
use 10.10....1/29 C 2600 - 2



all this need to be conected in the config



0
NewGuyOnCiscoAuthor Commented:

 C1841-Vlan>
C1841-Vlan>enab
Password:
C1841-Vlan#sh run
Building configuration...

Current configuration : 1507 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C1841-Vlan
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$0ZYi$rWNPwZFuLubZv5R2sloBh/
enable password imr1841
!
aaa new-model
!
!
aaa authentication login USER_AAA local
aaa authentication login USERLIST local
aaa authorization network GROUP_AAA local
!
aaa session-id common
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
!
!
!
!
!
!
!
!
controller T1 0/0/0
 framing esf
 linecode b8zs
!
controller T1 0/0/1
 framing esf
 linecode b8zs
!
!
!
!
interface FastEthernet0/0
 no ip address
 ip nat inside
 no ip virtual-reassembly
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/0.2
 encapsulation dot1Q 2
 ip address 10.191.3.1 255.255.255.0
 no snmp trap link-status
!
interface FastEthernet0/0.3
 encapsulation dot1Q 3
 ip address 10.191.4.1 255.255.255.0
 no snmp trap link-status
!
interface FastEthernet0/0.4
!
interface FastEthernet0/1
 ip address 10.191.2.1 255.255.255.0
 ip nat outside
 no ip virtual-reassembly
 duplex auto
 speed auto
!
ip classless
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source list 2 interface FastEthernet0/1 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
disable-eadi
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 password imr1213
!
end

C1841-Vlan
0
NewGuyOnCiscoAuthor Commented:
are these 2 ok ??  i think i need something else
thank you so much for your help
0
NewGuyOnCiscoAuthor Commented:
i hope this helps ..this is the bottom

config.JPG
0
NewGuyOnCiscoAuthor Commented:
is this ok ??
0
NewGuyOnCiscoAuthor Commented:
what are the command to inpout these ??
 1. HSRP with 2 X 2600 Series
2. Static Routing
3. Acl's to prevent Communications vlan 2 and vlan 4
4. Acl;s to deny inbound traffic from WAN except ICMP
5 Do any outbound fron any vlan exept ports 80, 443 , 22 ICMP
6. Setup AAA Local Authetication on all devices with Telnet access
7. Setup Nat for outbound internet on boith 2600 series
use 10.10.....1/29 C -2600 - 1
use 10.10....1/29 C 2600 - 2



i can look for the numbers if you can point me in the right direction


i will put a better picture latter tonight ..if you can help me ...please


thank you so much


0
bkepfordCommented:
1) Recheck your FastEthernet configs if they are supposed to look like mine they don't
2) for HSRP you need two interfaces on two seperate routers if you do have 2 2600 routers that would work but  to properly give you a confige I need to know the IP address you want to use and which interface it is going to use.
3) Your static route will look like this
ip route 0.0.0.0 0.0.0.0 <ip address of gateway out to Internet>
4) acl to deny 2 to 4 is this
access-list 100 deny ip 10.191.2.0 0.0.0.255 10.191.4.0 0.0.0.255
access-list 100 permit ip any any
!  This applies the ACL to the interface
int fa 0/0.2
ip access-group 100 in
5) to block you do two things first create an inspect list and then apply a deny list to the inbound interface of the outside.

access-list 105 permit icmp any any echo-reply
access-list 105 permit icmp any any time-exceeded
access-list 105 permit icmp any any packet-too-big
access-list 105 permit icmp any any traceroute
access-list 105 permit icmp any any unreachable
access-list 105 deny ip any any
!  the deny any any is implicit but I put it here just for clarity
ip inspect name MYFW tcp
ip inspect name MYFW udp
ip inspect name MYFW ftp
ip inspect name MYFW http
! Apply to interface out
interface fa 0/1
ip access-group 105 in
ip inspect MYFW out
6) your aaa looks like it should be working you just need to apply the list to the vty lines

line vty 0 4
login authentication USER_LIST
7) Not sure what your asking for here

"Do any outbound fron any vlan exept ports 80, 443 , 22 ICMP"
Do you want me to restrict outgoing comming in from these or restrict these protocols from yor inside users
8)Well your NAT is wrong but from the information you have given me not sure which network goes to the 2600s
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bkepfordCommented:
Also post what version of IOS (show ver) you are running on the 2950.
0
NewGuyOnCiscoAuthor Commented:
Thank you for your help in advance
downsized-1104081417.jpg
0
NewGuyOnCiscoAuthor Commented:
ver 12.4 ( 3b )
0
bkepfordCommented:
ON the 2950 switch?
0
NewGuyOnCiscoAuthor Commented:
more info
1104081417a.jpg
0
NewGuyOnCiscoAuthor Commented:
sorry on the c 1841


c 2950 is  12.1 ( 14 ) EA1a
0
bkepfordCommented:
HSRP configuration

C2600-1
Interface fa 0/0
standby 1 ip 10.191.10.6
standby 1 preempt

C2600-2
Interface fa 0/0
standby 1 ip 10.191.10.6
standby 1 preempt

0
bkepfordCommented:
Static route on 1841
ip route 0.0.0.0 0.0.0.0 10.191.10.6
0
NewGuyOnCiscoAuthor Commented:
all i need is the config for the bottom ones on the first picture

cisco 1841 -vlan

cisco 2950 vlan

if you can post them both individual that will be fantastic.....i cannot thank you enough already
0
NewGuyOnCiscoAuthor Commented:
wher do i put the HSRP ??  In c 1841 ??

sorry
0
NewGuyOnCiscoAuthor Commented:
if you can put both configs separate ...on different display ..and than i will ask you if i fcannot enter some config

sorry to bother you ...you are a fantastic help
0
NewGuyOnCiscoAuthor Commented:
i think for the inside users vlan except ports

in regards to NAT ?i do not know
0
bkepfordCommented:
Do you want NAT setup on he c1841?
0
bkepfordCommented:
Here is the 1841 config
c1841.txt
0
NewGuyOnCiscoAuthor Commented:
thank you ...you are the expert ...i don;t know
0
bkepfordCommented:
The switch doesn't support aaa but you can telnet to the VLAN interface ie 10.191.2.254
c2950.txt
0
bkepfordCommented:
You will have to NAT at the edge (2600s if they are attached to your internet connection)you don't really need to NAT in the middle. I went ahead and set it up on the configuration but to remove it all you have to do is go to each interface and type "no ip nat inside" or "no ip nat outside" make sure to get them all.
 
The only thing about that is according to your map the two T1s have private addresses going out are they not atteched to the Internet?
 
 
0
NewGuyOnCiscoAuthor Commented:
Wow ..You are fantastic ..really ...thank you so much ...

i would to keep in touch from no on if possible

i will have lot's of projects comming up and would be a benefit for both of us ,,'

Thank you again ,,you are the best ...i would like to recompensate you with something

i hope you don;t mind ....  sorry

so we can work together

so i can understand more and gain from your knowledge

THANK YOU
0
NewGuyOnCiscoAuthor Commented:
Thank you ......I cannot thank you enough ...really you are the best
0
NewGuyOnCiscoAuthor Commented:
may be they are ...i really do not know
0
NewGuyOnCiscoAuthor Commented:
Do you think if i did something wrong i can copy and paste your config ??  in Both ??Router and switch ??
0
bkepfordCommented:
Yes you can copy and paste into both the router and the switch it should work fine as it came from your original configs and I don't think I typed anything wrong (might double check)
If you post an email I will send you my business info.
0
NewGuyOnCiscoAuthor Commented:
thank you and god bless ..have a wonderfull evening ..
0
bkepfordCommented:
Thanks
0
NewGuyOnCiscoAuthor Commented:
Hi ,
I am trying to change in my Cisco 1841 config from :

access-list 102 permit tcp any any eq www
access-list 102 permit tcp any any eq 443
access-list 102 permit tcp any any eq 22
access-list 102 permit icmp any any
access-list 102 deny   ip any any


to the one you gave me

access-list 102 permit tcp any any eq 80
access-list 102 permit tcp any any eq 443
access-list 102 permit tcp any any eq 22
access-list 102 permit icmp any any
access-list 102 deny ip any any

but it does not let me change

access-list 102 permit tcp any any eq 80

this one ??

I do not know how to enter as admin in my router ..please let me know

Thank you

0
bkepfordCommented:
It automatically changes it to www that is how it is intended to work. It is the same thing.
0
NewGuyOnCiscoAuthor Commented:
thank you ..so i am ok ....

In regards to the Switch 2950

this is what it shows me and i cannot take the shutdown out or the other line
interface Vlan1
 ip address 10.191.1.254 255.255.255.0
 no ip route-cache
!
interface Vlan2
 ip address 10.191.2.254 255.255.255.0
 no ip route-cache
 shutdown
!
interface Vlan3
 ip address 10.191.3.254 255.255.255.0
 no ip route-cache
 shutdown
!
interface Vlan4
 ip address 10.191.4.254 255.255.255.0
 no ip route-cache
 shutdown
0
NewGuyOnCiscoAuthor Commented:
if i put no shut down it moves ..to the other interfaces vlan ..is that normal ?? should i leave it like that ?
0
bkepfordCommented:
It probably only allows one management interface 2950 are stricly layer 2 switches so they don't do much with IP.
So yes it is normal just pick the one you want to telnet to.
0
NewGuyOnCiscoAuthor Commented:
thank you ..i have another project that i will send you a picture to see and the details after that
0
NewGuyOnCiscoAuthor Commented:
The ideea is to have e vlan 's it doesn't matter the name that fail over 3 DHCP Servers

setup to be donw on a Cisco 2950 Switch and maybe a C 1841 >???


1105080925.jpg
0
bkepfordCommented:
If this is a new project I would ask that you close this string and start a new one. That way if I am unable to answer all of your questions then at least someone else might.
0
NewGuyOnCiscoAuthor Commented:
ok ....and thank you so much again for all of your help ..take care
0
bkepfordCommented:
Your welcome it's just that I have never done redundant DHCP server before. Didn't want to you to get stuck because of me.
0
NewGuyOnCiscoAuthor Commented:
Thank you ..you are the best .. in the future if i have something similar to what you helped me on i will post it here ...maybe you see it first .....and then guide me ...

Take care and again God Bless .,...for your knowledge and help and wisdom
0
NewGuyOnCiscoAuthor Commented:
Where do i connect the C 1841 to C 2950 ??

What ports ??

Just one cat 5 cable ??

What about the other ones ..

Thank you

0
bkepfordCommented:
c1841 needs to go to the first port according to my configuration.
Fastethernet 0/1 aka port 1
0
NewGuyOnCiscoAuthor Commented:
Thank you
0
NewGuyOnCiscoAuthor Commented:
Hi , It's me again

I need the same thing for the top part of the scheme i posted which is th efollowing

Router  C2600-1

outer C2600-2

Switch C2950 - Backbone

PLease see the attached File ..

Thank you so much in advance

Please post all 3 configs ...thank you
a.JPG
0
NewGuyOnCiscoAuthor Commented:
This is the whole scheme

I need only the top part

c 2600 - 1
c 2600 - 2
c2950 - backbone

Thank you
b.JPG
0
NewGuyOnCiscoAuthor Commented:
with the HSRP     to be     .6
0
bkepfordCommented:
Configuration file? If so post what you currently have so that the Interface numbers match.
0
NewGuyOnCiscoAuthor Commented:
i have  all that you gave me for  C1841-vlan and C2950 -vlan


the configs i have are blank for  the 2 c2600-1 and 2 and the C2950 - Backbone


Thank you for your help .

Please post them here

0
NewGuyOnCiscoAuthor Commented:
i willl post the blank ones i have in a minute .
Thank you
0
bkepfordCommented:
Post me the blank configs so that I can be accurate on the interface numbers.
0
NewGuyOnCiscoAuthor Commented:
C2600-1
C2600-1.txt
0
NewGuyOnCiscoAuthor Commented:
C2600-2
C2600-2.txt
0
NewGuyOnCiscoAuthor Commented:
C2950-Backbone
C2950-Backbone.txt
0
NewGuyOnCiscoAuthor Commented:
Thank you so much
0
NewGuyOnCiscoAuthor Commented:
with   HSRP      .6
0
bkepfordCommented:
Any prefernece on which router would be prefered?
0
bkepfordCommented:
err preference I mean for the HSRP
 
0
NewGuyOnCiscoAuthor Commented:
C2600-1
0
bkepfordCommented:
Here you go. You will have to setup the T-1 interface but you need your providers help for that.
Also on the Serial interface 10.10.10.1 is it /29 or /24 it was hard to tell so I put /29 on them.

C2600-1.txt
C2600-2.txt
0
NewGuyOnCiscoAuthor Commented:
Thank you .....and the C2950-Backbone ..you have it ??
0
bkepfordCommented:
I put the management vlan on vlan 10 as it is on the same subnet as your other Items.
Use ports 1-3 doesn't matter which is which

C2950-Backbone.txt
0
NewGuyOnCiscoAuthor Commented:
Thank you and god bless you and have a wonderfull night

You are FANTASTIC ..SMART

Thanks again
0
bkepfordCommented:
Since you are new not sure you know but when a question is answered you the poster would pick the answers that fixed your problem points are awarded.
Us experts like to compete. So If your question is answered if you wouldn't mind awarding points. And then if you need something else just post a new thread make it worth 500 points and your question will get answered.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Operations

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.