I have a Draytek 2862 and I want to create a login for a user but only give them basic access so that they can't change anything.  I'm able to do this quite simply on a Draytek 2960 but I can't see how to do it on a 2862.
Does a 2862 have this functionality?

Hi,

I am trying to setup VSS and VLAN in Cisco 6807. I followed the steps in the link

https://www.youtube.com/watch?v=LVYcdgaLeeQ

I have questions (Any help will be appreciated)
- This steps must be done in one of the switches. Is that correct?
- I have 9300 switches that need to be connected to 6807 switch. I must connect two physical fiber connection one from each switch  (6807) to (9300 switches). Is that correct?
- I want to configure 10 VLAN's (192.168.0.0, 192.168.1.0,......192.168.10.0) with VTP domain in the (6807) switch ( I will need to assign IP address for each VLAN and create Management VLAN). How I can do that?
- I will change all the port that connect the 9300 and 6807 switch to trunk mode and use encapsulation Dot1Q.
- DHCP server (Multi scopes) address is 192.168.0.100. So, I will need to configure IP helper address under each VLAN.
- Port 10 of Cisco (6807)  in switch 1 are connected inner interface of ASA [IP address 192.168.0.1 and outer (public IP address 85.X.X.X)]. I need to be able to connect all VLAN's to be able to connect to internet and can see each other. How I can configure that?

Switch6807-1(config)#switch virtual domain 6
Switch6807-1(config-vs-domain)# switch 1
Switch6807-1(config-vs-domain)# switch 1 priority 110
Switch6807-1(config-vs-domain)# switch 2 priority 100
Switch6807-1(config)# interface port-channel 1
Switch6807-1(config-if)# no shutdown
Switch6807-1(config-if)# description VSL to switch 2

Select all Open in new window

…

I inherited a client that had a loose security environment and that turned into a ransomware attack.  Things have been weird ever since.  One of the weird situations is us finding ports 443 and 80 open and forwarded to our jump box.  We deleted those ports or so we thought because they popped up again.  We chalked it up to maybe not applying the setting.  So maybe it didnt get saved.  However, the client reported internet issues that felt like someone did a loopback in the network.  Then i looked at the router and found these ports open again w a loop back comment.  We changed the password of the router last time.  We are really at a loss as to why we are being haunted by this issue.  Any thoughts?   Two factor authentication does not come out for sonicwall until later in the year.   We are setting up LDAP tomorrow and VLAN segmentation on the 20th for some additional protection but we are still unclear how this individual is lurking.

 

I have a Cisco 890 Router that is connected to a broadband connection. Internet is up, all services appear to be operational. There is a VPN tunnel to a smaller office in town that shares the internet with the device. We have a scale that just got installed. This scale is on the IP address 192.168.35.115.
I can ping it from the router, I can telnet to it on port 4660 on the internal LAN. When I goto setup a rule that would allow any IP to telnet to the port from the internet, it doesn't appear to be routing.

ip nat inside source static tcp 192.168.35.115 4660 interface Dialer1 4660
access-list 106 permit tcp any any eq 4660

Those are the commands I typed in to allow the traffic on port 4660 through the WAN interface.
Are there any other commands I need to type to allow the traffic to route?

how to Enable SIP ALG on a Velop router system.

I would like to setup a sonicwall tz600 at home to use failover and load balancing.  At present, we have a linksys ea9500 router with linksys velop in bridge mode for wi-fi and a motorola doscis 3.1 modem connected to cox.  we are looking at adding at&t fiber internet as a secondary (maybe) source as the cox service has been spotty.  i have a sonicwall tz600 that we used to use at office and have since replaced it with something else.  It still has its access to antivirus, etc.  Is what I want to do possible and if so, how would I go about accomplishing it? Is the Sonicwall tz600 good for this or would I be better off with something else.  Thank you for your assistance.

How Vmware Untagged Traffic is handled by Cisco switch

Sometimes in Vmware VM Port groups are not assigned to any Vlan or they have VLAN0, when the VM traffic gets to Cisco Switch how does the switch knows to where to send it.
Assuming VM1 is trying to communicate with VM2 and both are in default VLAN0

Thank you

IP NAT Destination

Can someone give me an example  where we need to use Destination option in NAT

Example: IP NAT Inside/Outside Destination...

Thank you

Cisco site to site bridge.  

I have a remote site that has a Cisco 867VAE on ADSL and I can telnet to it.  They use it for internet access.  

I have a Cisco 2851 at my site (and a shelf full of other ethernet and DSL routers in case this one is not adequate) providing ethernet access for my site.  

I need to access a device at the remote site (preferably without taking down Internet Access for more than a few minutes).  This device does not have a gateway configured, so I can't simply portforward to it or configure a site to site gre tunnel (as either would require a gateway or route on the device in question)

SO I decided to do a transparent bridge.

All the examples I can find say that a router can either route or bridge, but not both.  I don't believe that this is a real limitation.  After thinking about it, I want to set up a sub interface on the destination router that will bridge to a router at my site.  Presumably, this will involve creating a site to site VPN and attaching it to a bridge group.  

Can someone please help me achieve my goal - either using the method I have described - or a totally different method.  

I have remote access to configure the remote router.  I have no access to the device in question.  Physical access to the device or remote site is not possible.  There are no computers at the remote site that I can say, TeamViewer to and then connect locally to the device.  

thanks

John

I am looking to purchase Firewall. Anti-malware router.  It's for my small business of currently about: 30 people but will grow up to 100 units within the next 1-2 years.

The problem is we had a ransomware attack couple of days back and it's made us more aware.

The other thing to take note is: We don't have in house IT professionals, so we hire professionals from all over the world to work on our servers, they sometimes use RDP to login. or team viewer.

We use a VM ware, specifically promox, so we considering using: nakivo for back up also.

Our ISP guy recommended we used: Mikrotik RB/1100AHX2 Routerboard RouterOS Level 6 but he thinks we are small for it, and I think there's something better already.

I want to invest for the next 5years. I want to buy something that will take us to the next level, yet keep us funtional.

I don't know if we can also use it to block certain sites, manage bandwidth for users in the office, anything that'll generally keep security really up above board. Thank you.

I have a Netgear Nighthawk Router and I am trying to block a specific port, 42443.  The issue is the port still shows open after I blocked it at the router.

1. Clicked on Advanced tab
2. Then Security tab -> Blocked Services
3. Used below settings and rebooted router:
4. • Protocol: TCP/UDP
   • Starting Port:      42443
   • Ending Port:      42443

The port is still open. I can go to https://xxx:xxx:x:xxx:42443 and get to a page, 404 not found. When I surf to http the browser reports ERR_EMPTY_RESPONSE.  When I go to http://www.canyouseeme.org/ and add my ip and the port, it shows it is open.

I have a comcast router that is in bridge mode that connects to a Netgear Nighthawk r7000 router where I added the block. There is a Cisco SG 300-28P 28-Port Gigabit PoE Managed Switch attached to the router but from what I can see, it is basically being used as an unmanaged switch. Attached to the switch are VOIP phones, ubiquiti AP's, computers and multi function devices.  

How can I detect what on the network is using port 42443?  Am I missing something in trying to block that port on the router?

Anybody know what the expected life of a Cisco Catalyst 4506e should be? I believe the eta to upgrade to a newer model should be about 8-12 years. I am going on 10 years and it has been awesome but I think it is time move on.