A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a Cisco ASA 5512x which I use as my router with Cisco switches and AP's.  I have configured one of the interfaces for our Guest Wi-Fi which it was working.  However I recently got new AP's and switches from Ubiquity  and now that Guest Wi-Fi does not work.  I want to know if it is just a configuration issue or is there just a flat out incompatibility between the 2 vendors?

Determine the Perfect Price for Your IT Services
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

I have a Draytek 2862 and I want to create a login for a user but only give them basic access so that they can't change anything.  I'm able to do this quite simply on a Draytek 2960 but I can't see how to do it on a 2862.
Does a 2862 have this functionality?
BGP and DNS implementation

If I understand BGP is used when you have 2 Primary links to 2 separate ISPs, so that your Customers can reach your services in your LAN.
Though in some articles , they say  it is also used when you have 2 Primary links to 2 separate ISPs to reach other sites ...Not sure this is correct..please shade some lights on this.

Well, in either cases mentioned above , I believe with Public DNS , you still can make Customers reach your LAN or you can reach their LANs.

So how BGP is different from DNS ?

Thank you

I am trying to setup VSS and VLAN in Cisco 6807. I followed the steps in the link

I have questions (Any help will be appreciated)
- This steps must be done in one of the switches. Is that correct?
- I have 9300 switches that need to be connected to 6807 switch. I must connect two physical fiber connection one from each switch  (6807) to (9300 switches). Is that correct?
- I want to configure 10 VLAN's (,,...... with VTP domain in the (6807) switch ( I will need to assign IP address for each VLAN and create Management VLAN). How I can do that?
- I will change all the port that connect the 9300 and 6807 switch to trunk mode and use encapsulation Dot1Q.
- DHCP server (Multi scopes) address is So, I will need to configure IP helper address under each VLAN.
- Port 10 of Cisco (6807)  in switch 1 are connected inner interface of ASA [IP address and outer (public IP address 85.X.X.X)]. I need to be able to connect all VLAN's to be able to connect to internet and can see each other. How I can configure that?

Switch6807-1(config)#switch virtual domain 6
Switch6807-1(config-vs-domain)# switch 1
Switch6807-1(config-vs-domain)# switch 1 priority 110
Switch6807-1(config-vs-domain)# switch 2 priority 100
Switch6807-1(config)# interface port-channel 1
Switch6807-1(config-if)# no shutdown
Switch6807-1(config-if)# description VSL to switch 2

Open in new window

I am using a PA 3020.  
We have an ISP1 which is our main corp internet.
We have an ISP2 which is also our active Guest network.  

I'm trying to configure ISP1 virtual router with Path Monitoring so that if fails pinging a group of IP's it fails over to ISP2 virtual router.  

Well I have configured Path Monitoring and can trigger it accordingly by monitoring a dead IP.
However I cannot get to the internet after this kicks in.

From monitor tab I check my test laptop and the From Zone is till the same, and To Zone has changed. But everything says "aged-out" in the "Session End Reason" column.
 Any ideas if there is another issue I need to check?
I inherited a client that had a loose security environment and that turned into a ransomware attack.  Things have been weird ever since.  One of the weird situations is us finding ports 443 and 80 open and forwarded to our jump box.  We deleted those ports or so we thought because they popped up again.  We chalked it up to maybe not applying the setting.  So maybe it didnt get saved.  However, the client reported internet issues that felt like someone did a loopback in the network.  Then i looked at the router and found these ports open again w a loop back comment.  We changed the password of the router last time.  We are really at a loss as to why we are being haunted by this issue.  Any thoughts?   Two factor authentication does not come out for sonicwall until later in the year.   We are setting up LDAP tomorrow and VLAN segmentation on the 20th for some additional protection but we are still unclear how this individual is lurking.


Hi with Viptela vEDGE, how to keep original configuration if we want to reset it? Thanks
I have a Cisco 890 Router that is connected to a broadband connection. Internet is up, all services appear to be operational. There is a VPN tunnel to a smaller office in town that shares the internet with the device. We have a scale that just got installed. This scale is on the IP address
I can ping it from the router, I can telnet to it on port 4660 on the internal LAN. When I goto setup a rule that would allow any IP to telnet to the port from the internet, it doesn't appear to be routing.

ip nat inside source static tcp 4660 interface Dialer1 4660
access-list 106 permit tcp any any eq 4660

Those are the commands I typed in to allow the traffic on port 4660 through the WAN interface.
Are there any other commands I need to type to allow the traffic to route?
Hi One switch 3560 is connected to 4500 through two interfaces, which are bound as port-channel and as layer 2. Under the 3560, there are some PC and ip phone. so we use auto qos at each interface of 3560. Now we also need to configure auto qos voice trust on the port-channel. but 3560 port-channel does not support auto qos. How can we resolve the issue? Thank you
how to Enable SIP ALG on a Velop router system.
Rowby Goren Makes an Impact on Screen and Online
LVL 12
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

I would like to setup a sonicwall tz600 at home to use failover and load balancing.  At present, we have a linksys ea9500 router with linksys velop in bridge mode for wi-fi and a motorola doscis 3.1 modem connected to cox.  we are looking at adding at&t fiber internet as a secondary (maybe) source as the cox service has been spotty.  i have a sonicwall tz600 that we used to use at office and have since replaced it with something else.  It still has its access to antivirus, etc.  Is what I want to do possible and if so, how would I go about accomplishing it? Is the Sonicwall tz600 good for this or would I be better off with something else.  Thank you for your assistance.
ARP and Proxy-ARP

I have been reading about ARP and Proxy-ARP , but could not get a good grasp of it.
If I understand when there is Layer3  between 2 hosts in different subnets, the router will take care of ARP Requests/Replies between the Hosts.
in some articles they call that Proxy-ARP when the L3 device is handling the ARP Request/Reply.
if that's true , then ARP is within the same subnet and Proxy-ARP between 2 subnets connected by L3 device ?

Thank you
There are articles on this topic, but I have decided to summarise everything in one, according to the tools we have in 2019 for the job. Provided you have the means mentioned, the task should take you up to 5 hours or less to get running again. It required however around 5 days for me to get there.
LVL 20

Expert Comment

by:Lucas Bishop
Comment Utility
Wow, this is a really interesting article. I'd always written off hard bricked hardware as scrap bin material.

Author Comment

by:Anton Shostak
Comment Utility
I agree, that everyone would have done so, Lucas. But if you are a techie and deal with hardware, known to be "unbrickable", the process becomes a challenge and promises a great feeling, once you can accomplish something like this. In addition, JTAG method works with virtually any hardware, that has flash memory, so can save also priceless devices.

Andrew, indeed once the process is written out like here, it will not take long. But piecing this all together and researching, as well as trying all possible recovery methods is what takes time. However I am not a professional in soldering, neither had I an oscilloscope to know what signal levels I have to receive in the end.
How should spanning tree be designed?

I have a wireless controller that is essentially a switch and that is connected to a core switch.  The port, from the wireless controller is set with spanning tree turned on.  The core switch is using Spanning tree )(2 fiber connections on each switch uplink port.

I want to use another port on the same wireless controller that will be connecting to other switches.  Should I disable spanning tree on the other ports or not?  If these other ports on the wireless controller have spanning tree disabled will that cause any loop?

I have never worked with spanning tree before and I am not sure what I should do?  But I do not want to bring the network down.  Again Spanning tree I enabled on the core switch ports that will connect to the wireless controller.  Should I have spanning tree enabled on the wireless controller ports or will disabling spanning tree on the wireless controller bring the network down?

One may reference:
How Vmware Untagged Traffic is handled by Cisco switch

Sometimes in Vmware VM Port groups are not assigned to any Vlan or they have VLAN0, when the VM traffic gets to Cisco Switch how does the switch knows to where to send it.
Assuming VM1 is trying to communicate with VM2 and both are in default VLAN0

Thank you

   I wanted to get some opinion on what device would be better suited to be deployed at the edge of a site between an ASR or Nexus 7700? Specifically this device will be connecting to about 650 remote sites primarily doing routing. From a performance, and port capacity perspective what would be the best device to deploy?  Thank you
IP NAT Destination

Can someone give me an example  where we need to use Destination option in NAT

Example: IP NAT Inside/Outside Destination...

Thank you
I am looking to upgrade my router to a router that can handle a higher volume and faster, but the number is confusing me a little.

I currently have a Ubiquiti ER-X and looking at the ERPoe‑5, I compared all the specs [RAM, Storage size, 1518 byte packets] and the ERPoe‑5 is higher or same, except for 64 bytes packets which the EX-R the throughput and pps, same is with the CPU frequency on theses 2 the EX-R is higher [EX-R throughput 957 Mbps pps 1,400,000 and the ERPoe‑5 throughput 490 Mbps pps 730,000, CPU frequency ER-X 880 MHz ERPoe‑5 500 MHz both CPU core count 2]

Please help.
Cisco site to site bridge.  

I have a remote site that has a Cisco 867VAE on ADSL and I can telnet to it.  They use it for internet access.  

I have a Cisco 2851 at my site (and a shelf full of other ethernet and DSL routers in case this one is not adequate) providing ethernet access for my site.  

I need to access a device at the remote site (preferably without taking down Internet Access for more than a few minutes).  This device does not have a gateway configured, so I can't simply portforward to it or configure a site to site gre tunnel (as either would require a gateway or route on the device in question)

SO I decided to do a transparent bridge.

All the examples I can find say that a router can either route or bridge, but not both.  I don't believe that this is a real limitation.  After thinking about it, I want to set up a sub interface on the destination router that will bridge to a router at my site.  Presumably, this will involve creating a site to site VPN and attaching it to a bridge group.  

Can someone please help me achieve my goal - either using the method I have described - or a totally different method.  

I have remote access to configure the remote router.  I have no access to the device in question.  Physical access to the device or remote site is not possible.  There are no computers at the remote site that I can say, TeamViewer to and then connect locally to the device.  


Big Business Goals? Which KPIs Will Help You
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

I am looking to purchase Firewall. Anti-malware router.  It's for my small business of currently about: 30 people but will grow up to 100 units within the next 1-2 years.

The problem is we had a ransomware attack couple of days back and it's made us more aware.

The other thing to take note is: We don't have in house IT professionals, so we hire professionals from all over the world to work on our servers, they sometimes use RDP to login. or team viewer.

We use a VM ware, specifically promox, so we considering using: nakivo for back up also.

Our ISP guy recommended we used: Mikrotik RB/1100AHX2 Routerboard RouterOS Level 6 but he thinks we are small for it, and I think there's something better already.

I want to invest for the next 5years. I want to buy something that will take us to the next level, yet keep us funtional.

I don't know if we can also use it to block certain sites, manage bandwidth for users in the office, anything that'll generally keep security really up above board. Thank you.
I am having difficulty maintaining a consistent internet connection with too many black spots around the property.

The current setup is as follows:

1st floor: WIFI Router (DSL) with wired connected to WIFI extender (plugged into power outlet) which sends signal to second floor. One other WIFI extender on 1st floor to improve wifi coverage. All are bare bones TP-Link products

2nd floor: Wifi Extender to receive signal from first floor and two other wifi extenders.

Each floor is roughly 100sq.m or 1000 sq ft. Each floor is a separate unit. The walls within each unit and the exterior walls are very, very thick concrete.

On the second floor especially I only get a clear signal from the WIFI extender near the main entrance whose purpose is to get the internet connection from the first floor. This signal serves only one room, the main entrance. The rest of the unit has so many black spots and connection stoppages even within a few feet of the extenders.

Outside I don't even have a signal within one foot of the entrances. This occurs on the first floor as well.

Question: I am looking for products/solutions that cost under 400$ total that will give me a clear signal in each room on both floors and give me an outside signal within say 10 meters of the entrances on each floor., despite the buildings heavy concrete walls and remote location. My internet connection is roughly 15 mpbs down and 1 up.

For an additional cost I wanted something that I could use …
I have a Netgear Nighthawk Router and I am trying to block a specific port, 42443.  The issue is the port still shows open after I blocked it at the router.

  1. Clicked on Advanced tab
  2. Then Security tab -> Blocked Services
  3. Used below settings and rebooted router:
    • Protocol: TCP/UDP
    • Starting Port:      42443
    • Ending Port:      42443

The port is still open. I can go to https://xxx:xxx:x:xxx:42443 and get to a page, 404 not found. When I surf to http the browser reports ERR_EMPTY_RESPONSE.  When I go to and add my ip and the port, it shows it is open.

I have a comcast router that is in bridge mode that connects to a Netgear Nighthawk r7000 router where I added the block. There is a Cisco SG 300-28P 28-Port Gigabit PoE Managed Switch attached to the router but from what I can see, it is basically being used as an unmanaged switch. Attached to the switch are VOIP phones, ubiquiti AP's, computers and multi function devices.  

How can I detect what on the network is using port 42443?  Am I missing something in trying to block that port on the router?
Loop Guard and Root Guard on Cisco Switches

I have done some reading about Loop Guard and Root Guard

Loop guard is configured on Non Designated Ports , which means Blocked ports and Root Ports

Root Guard is configured on Designated Ports.

 Well, I believe this is needed just  in a redundant L2 Links Network. in this case , do we have to go to each Non Designated Ports in the Network and configure Loop Guard and to each Designated Port and configure Root Guard ?

I am assuming in the Network that has no Layer 2 redundant links this is not needed at all, except on the Access ports where we need to configure Port Fast and BPDU Guards.

Any Expert to shade some lights on this topic?

Anybody know what the expected life of a Cisco Catalyst 4506e should be? I believe the eta to upgrade to a newer model should be about 8-12 years. I am going on 10 years and it has been awesome but I think it is time move on.
Hai Guys

We have one Dell switch S4148T and its have four 100GBE and two  40 GBe  SFP+ port.  Same like we have one dell chassis M100E.  It have two dell force10 MXL 10/40 GBE balde switch. we connect the cable from S4148T to force10 MXL blade switch and do the initial configuration. But still swicth ports are down ( both 100GBe and 40 GBe) . Any one can help me to resolve this issue. Can you share the configuration with me






A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.