Routers

46K

Solutions

30K

Contributors

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Share tech news, updates, or what's on your mind.

Sign up to Post

We have issues while setting up client VPN on TP-LINK TL-ER6120 and TL-ER6020 routers. Even when it is connected, we are unable to ping the inside hosts.
0
What does it mean to be "Always On"?
LVL 4
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

bgpI have the topology shown  above.  R1 and R5 are running BGP, R2  and R4 are  running BGP and OSPF , R3 is running just OSPF

I would like to know if I need to run BGP on R3 in addition to OSPF, or just redistribute BGP into OSPF and OSPF into BGP on R2 and R4


Thank you
Screen-Shot-2017-07-27-at-2.33.23-PM.png
0
Hi,

I am trialling a Cisco CSR 1000v (2 nic) in Azure. I have setup VPN's to the external interfaces and these are up and running and I can ping the internal IP of the 1000v.

Office A: 192.168.1.1/24  (can ping 172.16.31.1 and 172.17.31.1. Cannot  ping 172.17.31.4 )
1000v WAN interface internal IP: 172.16.31.1
1000v  LAN interface: 172.17.31.1
VM IP: 172.17.31.4 (firewall Disabled and can ping 172.16.31.1 and 172.17.31.1. Cannot ping internal IP of office firewall)

I have set up a test VM and connected to the internal interface and I can ping the VM from the 1000v. I can't seem to ping the VM from the office. I can ping the 1000v from the office and if I run a traceroute I can see the traffic for the VM being sent to the 1000v so I know the route is setup correctly.

 Can someone tell me what I need to do to allow access. I have added both interfaces to the Crypto Map (below)

Cisco1000v#show crypto map

Crypto Map IPv4 "OfficeMAP" 102 ipsec-isakmp
        Peer = XXX.XXX.XXX.XXX
        Extended IP access list 102
            access-list 102 permit ip 172.16.31.0 0.0.0.255 192.168.1.0 0.0.0.255
            access-list 102 permit ip 172.17.31.0 0.0.0.255 192.168.1.0 0.0.0.255
        Current peer: XXX.XXX.XXX.XXX
        Security association lifetime: 4608000 kilobytes/3600 seconds
        Responder-Only (Y/N): N
        PFS (Y/N): N
        Mixed-mode : Disabled
        Transform sets={
                T1:  { XXXXXXXXXXXXX} ,
        }
        …
0
Hi All,

I have found myself to be very lacking in memory when it comes to Cisco IOS and after far too many hours of trying and reading website and documents I have decided to ask an expert!

I need help with the following setup:

Cisco 897VA router
WAN on G8:
Direct Connection to fibre Media Converter.  (no vLan tagging required)
CE of Router needs to be 203.197.207.126/30
Gateway or PE is 203.197.207.125, DMZ from ISP is 203.197.217.136
I have Static IP Addresses assigned by the provider pointing at 203.197.207.126 (203.167.245.224/29) only using 2 at the moment .225/.226.
External DNS 203.47.152.43/44
External Nat

LAN 2 Ports to be used G1 & G2

G1 is the port facing the main network and servers and will be the gateway for all PC's inside.
IP is to be 192.168.1.254
Internal DNS 192.168.1.3/4
Internal NAT

G2 is to be the Wifi. Original Setup before router replacement was on Private WIFI on vLan100 and Public WIFI was on vLan101)
Internal NAT
vLan101 had internet access only no internal access with ip of 192.168.101.x for the WIFI and external DNS
vLan100 had access to internal systems and internet with IP of 192.168.100.1 for interface and 192.168.100.254 for the WIFI.  The WIFI, accessed 192.168.1.254 and the 2 internal DNS for internet and internal access.

Both WIFI used the router for DHCP, no DHCP for internal computers. IP Range was 192.168.{100/101}.100-125 for each

Internal network was vLan1

Access was allowed for 80/443/25/3389 …
0
bgp
I have the topology shown above. I have configured BGP on R1 which is in AS1 and on R2 which is in AS2
now when I run Show Ip BGP command on each router I get the output shown below. I need an Expert to explain the meaning of the Output  below. especially the lines :
r> 2.2.2.2/32       192.168.12.2             0             0 2 i
*  192.168.12.0     192.168.12.2             0             0 2 i
*>                  0.0.0.0                  0         32768 i




R1#sh ip bgp              
BGP table version is 5, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       0.0.0.0                  0         32768 i
r> 2.2.2.2/32       192.168.12.2             0             0 2 i
*  192.168.12.0     192.168.12.2             0             0 2 i
*>                  0.0.0.0                  0         32768 i
R1#

Open in new window


R2#sh ip bgp         
BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
r> 1.1.1.1/32       192.168.12.1             0             0 1 i
*> 2.2.2.2/32       0.0.0.0                  0         32768 i
*  192.168.12.0     192.168.12.1             0             0 1 i
*>                  0.0.0.0                  0         32768 i
R2#

Open in new window

0
I set up a Linksys LRT224 router about a year ago
it does some pass-throughs ti the following
-security camera NVR only two users can access

-Windows Server 2012 running an SQL database about 10 users

-VPN connection so users can get to all servers and appliances
This was suppose to be for only two users, but now they want all 10 users to be able to use VPN

Question?
should I continue to use this router? will is start to degrade in speed
some users say the VPN is starting to slow down

any suggestions are appreciated
0
I have a Lync 2010 Server and our users are getting upgraded from Office 2010-2013 to the Office365 products. When users freshly upgraded to Office365 try to log onto Skype for Business for the first time over our VPN routers, the sign in fails giving a generic can't log in message. This issue does not happen internally or externally from our network. Prior to the Office upgrades, we have never had issues with 2010 or 2013 with signing onto lync/skype for business over the VPN routers.

When I look in the tracing logs for lync from a test laptop running on a VPN router, I see that it communicates to our internal lync discovery domain, but further along the logs, I  see an error message, "The server returned a trust fault: 'The request scope is invalid or unsupported'. The fault reason was: 'The AppliesTo element of web ticket request points to a different web server or site.'

Any thoughts on this?
0
CURRENT CONFIGURATION:

                           ROUTING TABLE:
#    Dest IP      Mask  Gateway IP  Metric Device Use Edit Drop
---------------------------------------------------------------------
1  10.188.45.91    32 10.188.45.91     1   poe0  0    
2  192.168.254.0   24 192.168.254.254  1   enet0 137888
3  default          0 Node1            2   poe0  105886

                            WAN CONNECTION TABLE:
PVC VPI/VCI IP Address          Subnet      GateWay      DNS Server    Encapsulation Status
PVC0  0/35 10.216.230.183 255.255.255.255 10.188.45.91 112.198.126.116     PPPoE       Up

                        *NEW* CONFIGURATION:
                           ROUTING TABLE:
#    Dest IP      Mask  Gateway IP  Metric Device Use Edit Drop
---------------------------------------------------------------------
1  10.216.xxx.xxx  ?? 10.188.45.91     1   poe0  0    
2  192.168.254.0   24 192.168.254.254  1   enet0 137888
3  default          0 Node1            2   poe0  105886

Can anybody - please - help me with a correct Mask (??)? :)

Regards,
WWW.GULDVOG.COM.PH Jan Guldvog
CEO/OWNER
0
Hello experts. I am trying to setup a VLAN in a test environment and I am not able to get it to work so far. I have searched this board and researched online but just can't seem to get it to work.

Right now I have two Comcast internet circuits coming into a peplink balance 20 (will be upgraded to the balance 305) I have one cat 6 patch cable going from the router lan port 1 to Switch 1, port 1. I have a total of 5 sg200 switches, all connected by 4 port LAGS and fiber.

I want to have 3 VLANS. On the peplink under LAN--->network settings I created the VLANS as 10 with an IP of 192.168.10.1 with DHCP enabled for 192.168.10.2 - 192.168.10.250, VLAN 20 as 192.168.20.1, VLAN 30 as 192.168.30.1 all with DHCP enabled. Under LAN--> port settings I have port 1 set to trunk and tagged the 3 VLANS.

I have the VLANS setup on all of the switches. On Switch 1, port 1 where the router is connected I have it set to tag the 3 VLANS I created.

On Switch 1, port 5 I have a laptop connected to test. I have that port set to access and VLAN1 to exclude, VLAN10 as untagged. From this point I am unable to get a dhcp address and if I enter a static ip I am unable to get internet access.

Is everything correctly configured so far? Right now everything is operating from the one switch. I haven't tried other ports on other switches.

What do I configure the LAGs as?

Any help will be VERY much appreciated!

Thanks in advanced,
CJ
0
Greetings,

We have a setup with users that change out 3 times a day. Each meeting is about ~150 users of so. The problem that we run into is that we only have a Centurylink c2100 modem and it is not always handing out DHCP addresses even after a reboot. It has the latest firmware. We have even upgraded to this modem as it also does 5ghz wireless. Is there an enterprise device to fix this situation?

DHCP scope time is 4 hours currently

Current setup -
C2100z Zyxel

Planned on doing -
C2100z -> Fortinet 60e -> Ubiquiti AC PRO
Static IP on WAN for Fortinet, Fortinet serves as DHCP server for hosts, Ubiquiti does wireless

Hoping to do -
Reliable DSL Enterprise Router -> Ubiquiti AC PRO

I know that if this were cable or fiber there are many choices, but with DSL I have not found a stable solution yet.

Thank you for looking at this
0
Free Tool: Site Down Detector
LVL 9
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Dear Sir we have wifi routers in our internal network that are connected thru lan switches. wifi routers connect with wire in WAN port and then further Routers DHCP change the class for routers client, i am able to control the traffic of WAN port IP from TMG but unable create a different rules for routers clients.....
any idea please..!
0
bgp
On the  screenshot above R1 is in AS1 and R2 in AS 2
I advertised Loopback networks from both Routers, but cannot see it in each other router BGP table

R1#sh run
Building configuration...

Current configuration : 1519 bytes
!
! Last configuration change at 19:08:12 UTC Tue Jul 25 2017
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip source-route
no ip icmp rate-limit unreachable
ip cef    
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
! 
!         
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 !
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
 duplex half
 !
!
interface Ethernet1/0
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/1
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/2
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/3
 no ip address
 shutdown
 duplex half
 !
!
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 network 192.168.12.0
 neighbor 192.168.12.2 remote-as 2
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 2.2.2.2 255.255.255.255 192.168.12.2
!
no cdp log mismatch duplex
!
!
!
!
!
!

Open in new window

0
Can you configure a routed interface to use both the global and VRF routing table?
0
Dear, we found an old switch Cisco 2960 in warehouse, it still works when we plug in the power but we 'd like to make sure it will not suddenly die. So how can I check the health of that switch? Can anyone please suggest some commands to check:
- When was it used for the first time?
- How long can it be used?

We want to utilize it for a new project so please help! Many thanks!
0
Hello all,

I wanted to see if I could get some advice and/or recommendations for a project that I am working on.

Our internet: 2x Comcast cable 250/25 package
Switches: 2x Cisco SG200-50

Router: Peplink balance series (not bought yet)

Situation: This is for an events center. Every now and then I will need to make changes to meet the clients needs. I want to have both Comcast circuits load balance the traffic in the building. When we have events in the building that stream I want to have that traffic go through one of the Comcast circuits and nothing else. The rest of the traffic can use the other circuit. I know with the peplink router I can set it to have certain IP addresses travel out of whatever circuit I want. I think the peplink and managed switches would do what we need.
Are there better ways to go about this without going too crazy with cost. I would like everything to be able to be controlled remotely as much as possible.

 I also need a few VLANs that I can't see to get to work. I want to separate our office and servers from the rest of the building. How can I setup a VLAN so that they can all access the internet but can't pass traffic between the VLANs. On the peplink I created a new LAN with different IP addresses and it is VLAN 2. In order to get it to the switches do I set port 4 for example as trunk and tag it to VLAN 2? If I connect peplink port 4 to switch #2 port 8 - what do I do with that port? Do I also set it to trunk?  If our office ports…
0
I setup wifi in a 4 bed 2 storey house & there have been alot of wifi issues!
Multiple devices & 4 heavy users.
Apple Tvs, Ipads, Macbook, Iphones & 2 windows laptops
Constant drops on wifi & constant reboots of Fiber router.
EG Freezes when watching netflix & need to connect to another SSID.
They get approx 50mb download from the router (which also has wireless enabled)
They didn’t want to wire so i used 4 tplink powerline av600’s
(i’ve used them before with little issues)

http://uk.tp-link.com/products/details/TL-WPA4226-KIT-V1.2.html

So i’m thinking of just swapping out the AV600’s with Archer C2 wifi routers & using standard tplink powerline plugs

http://www.tp-link.com/us/products/details/cat-5506_Archer-C2.html

I setup as Access Points.
I disable dhcp, wan, use separate channels, disable firewall,nat,guest network. I set dns to 8.8.8.8 & 8.8.4.4
All have seperate SSID's. A mix of 2.4 & 5G.
I set the 2.4 channel width to 20mhz
I’ve been testing on my home network & it works fine then just loses connection for a couple of mins.
Happens every hour or so.
I get obscure DHCP error messages in the system log.
I upgraded the firmware & it’s more stable but not perfect.
I try continuous pings from a pc & ipad & they seem fine?

Other than hard wiring is there any advise to minimise issues?
Or is it a limitation of powerline?
0
Hello,

I have configured  fire power 2110  between our router and network.  I can able to ping  router, but can't see the firepower.

 Outside Traffic<---------------->Router   <------------>  FirePower <----------------> FW <------> Switch<------------>  Server

I can't traceroute or ping Firepower from outide of  network.
1
I have Server 2012 r2 running the Server Essentials Experience and a Server 2008r2 running Exchange Server 2013 SP1. I have forwarded ports 25 and 587 to the internal IP of the mail server but at the moment 443 forwards to the Server 2012 r2 as I believe a lot of the features on that need 443?

How do I solve the issue of 1 port needing to go one way for mail related things and the other way for the Server Essentials things?  Or is there nothing that actually needs 443 in Essentials Experience?

Previously we had both Exchange and File & Print on the same SBS box so we didn't have this issue? We currently only have 1 static external IP?
0
I have this lingering doubt: There are BWs associated w/ each class of service. If the BW is NOT used in one class, can it be used by other? My guess is "NO", as each packet in individual class is marked w/ specific priority (dscp). BUT, there is this "remaining Bandwidth" statement in Cisco, so that any leftover BW is relinquished over to other classes to use. THis is my doubt, please let me know what you think.
0
Industry Leaders: We Want Your Opinion!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Hi All,
What's a good way to practice your skills on firewalls, like ASA, palo alto or any other.
It seems like you can do labs on routers and switches and build your own topology in GNS3 or packettracer but I don't know how to get familiar with firewalls, is it just a matter of you just have to get thrown in fire to learn.
thanks for your input..
0
I have got the output of interface, tunnel900 is shwoing as 10.8.12.6, is it local interface IP to initiate the remote VP connection ?

router#show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol

Tunnel900                 10.8.12.6        YES NVRAM  up                    up
0
How can I install a web server on a local network which is accessible world wide without configuring port forwarding on the local router?
I want to install video monitoring systems in friends houses without touching their routers.
0
Dear All,

I would like to configure the connectivity on my home but I'm having some doubts and would like your help in order to configure the best way possible.

Devices:
Modem:  TPLink (TD-W8901N)
Router: Linksys (WRT1900ACS)

Currently I have two different options to configure internet connectivity:

1- Allow the TPLink to connect using PPoE on PV2 and specify user and password on the Modem and connect the cable from the TPLink to the internet connection on the Router Linksys (WRT1900ACS), so using this way we will receive internal IP Address from the TPLink instead of the WAN IP on the Internet Connection in the Linksys router.

2- Set the TPLink as Bridge Connection and connect the cable to the Internet Port on WRT1900ACS and configure the Router to connect using the PPoE on the Linksys and just use the TPLink as bridge.

Can you help me to understand the best recommended configuration and some explanation why just to understand?

Also would like to know if there any required configuration on the TPLink like VCI or VPI or something specific to have better performanc from the ISP?

I'm currently having performance issue on the connectivity and wanted to undertand the best way to setup the connectivity.

Thanks in advance,
0
My LAN giga0/0 main interface is configured with input QoS.
there are a few subinterfaces configured as well (giga0/0.2, giga0/0.3 etc)
My question is, would it be better to apply the QoS under each sub-interface or just leave it under the main interface?
Would the QoS under the main interface check ALL sub-interface traffic?
I'm trying to find out if applying the QoS under each subinterface would release some processor on that interface.


interface GigabitEthernet0/0
 no ip address
 ip flow ingress
 ip flow egress
 load-interval 30
 duplex full
 speed 1000
 service-policy input QOS-X-XXXXX    <<<<<===============
!
interface GigabitEthernet0/0.2
 description st9739 staging VLAN
 encapsulation dot1Q 2
 ip address x.x.x.x 255.255.255.0

!
interface GigabitEthernet0/0.3
 encapsulation dot1Q 3
 ip address x.x.x.x 255.255.255.0

!
interface GigabitEthernet0/0.13
 encapsulation dot1Q 13
 ip address x.x.x.x 255.255.255.252
0
Hello,

SonicWALL NSA routers

I have a network with 10 site to site vpn's. We switched providers on two of our sites. The buildings are on the same street and I got these IP's

Site A -   X.X.49.53
Site B -  X.X.49.52

I was able to recreate all of the tunnels with the exception of Site A to Site B. I'm wondering if it has to do with the fact that they are on the same .49 network. Any idea if this is the case?

Thanks in advanced
0

Routers

46K

Solutions

30K

Contributors

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.