Routers Help

Network access/routing issue. The configuration that is place worked perfectly fine until the broadband ISP switch out their cable modem. See attached diagram for clarification.
The issue at had is before the cable modem gateway was replaced, any workstation on the local LAN (192.168.1.x) was able to access the DVR/NVR camera system using it's address of 10.1.10.101. However, now that address is pingable from the 192.168.1.x network, but no other network access works (ie. the NVR software can't connect to it). The NVR system is still accessible from offsite by using the public static ip of the ISP gateway which has port forwarding to the NVR device. In an ideal world, I would have had the camera system installed behind the network firewall so all devices were on the same ip network. So I am looking for some input on what might be going on here. Why would the old ISP gateway allow the communication but the new gateway appears to not. Is there something that we should communicate to the ISP to change in their gateway to fix this issue?

Any insight is appreciated.
Network-Diagram.pdf

18 Comments

CompTIA Cloud+

LVL 19

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Hi.

I am setting up a SOHO.
Equipment is as follows.
1) 4 security cameras that record to the cloud through a Northern system
2) Home wireless system mesh network
3) Usual computers, printers, etc
4) Other "internet of things devices" such as thermostats, lights.
5) I have a total of 10 Ethernet jacks in our home, but only 6 in current use.

I will be installing a 19 inch 6U Wall Mount Patch Panel Bracket - 13.75 inch deep (also 24 port Cat 5E patch panel etc)
Gigabit internet.

I have concerns about putting all these things on one switch. I like the idea of segmenting my network.
I have heard good things about the Ubiquiti. I am not an expert on routers, but I not a unfamiliar either.
I am thinking about a router/switch capable of VLANS and POE for the cameras. If I am misguided, then new insights are welcome.

With that in mind, I would appreciate any help in selecting a router / switch that would be appropriate but not more expensive than I need.

Thank you for your help.

9 Comments

I am trying to log sonicwall capture logs to an FTP server but it fails I have attached a pcap file of the failurefailed-ftp.pcapng

3 Comments

How to backup the existing running configuration of Cisco routers and switches? So that l can load the configuration to another replacement device if failure

9 Comments

I have a network with the range 10.4.240.x to 10.4.243.x. I should be able to reach / ping any device on the network from any address. For the most part, I can. The servers /printers and other resources are all on the 10.4.240.x subnet. From any other subnet I can ping the servers and printers and access them fine. What I can't ping or access is the routers gateway on 10.4.240.125. It does not respond to a ping request and isn't accessible. Any computer on anything other than 10.4.240.x does not have internet access because the device can not see the gateway. I have no idea why this one ip address isn't responding.

I'd appreciate any ideas to try to resolve this problem.

Regards,

Bill

5 Comments

Customer is connected to their DC via Internet. Is there a way we can support WAN Acceleration over Internet to their cloud? We are looking for a way to support Acceleration ,if it can be. Riverbed Steelheads can be supported for Both POP and Customer DC.

Site -- Internet 1G ---> Our POP ---> Customer Cloud DC

14 Comments

I have a user of an 8 port managed router. I got two of the ports up and running. Now the user wants the other 6 ports up and running. They seem to want to just want to use the ports to add to their network. When I go to "light the ports up", I take it I will turn them on and just use the same scope of IP addresses, Correct? It is a Ubiquiti router.

3 Comments

Ubiquiti Edgemax Edgerouter X

Router has been working without issue for the past few months. Today, over the past hour I have been losing internet connectivity. At first I thought it was an ISP problem but logs show that is fine.

The router is not showing any logs indicating it is having a problem but if I reboot the router everything returns to normal.

This just started today.

I am online for about 15 min, then offline for about 5 min, then online again and then offline again. Cycling over and over.

No config changes, no maleware, virus, or other.

Thoughts?

Thanks.

6 Comments

OSPF Visibility of the Network.

Unlike RIP and EIGRP, OSPF is a Link State protocol, what does that mean ? does it mean a router configured with OSPF knows the topology in every router that is configured with OSPF ?at least the routers that are in t same area ?

Reading about SDN , this technology has a capability to have visibility of the whole network topology. is it the same as OSPF routers in the same area ?

Thank you

3 Comments

I have a wi-fi router in my home, and have been less than careful in allowing guests to login with my password. Is there any way they can maliciously access my personal data through my wi-fi router? Or through my modem (which has the same password)?

Thanks,

Phil

2 Comments

Physical Parts of Control/Data/Management Plane.

reading about Control/Data/Management Planes , if I understand :

Control plane is where the Routing table is built.
Data Plane or also called Forwarding plane contains a copy of RIB
Management Plane , I am not sure what it is, probably it is just the interface of the router or the switch to which we connect to.

What I need to know, is the hardware that the above elements run on.

for instance does Control plane encompasses CPU , Memory , or it is completely different Chip ? the same question applies for Data plane and Management Plane, on which hardware do they run on?

Thank you

6 Comments

I would like to ask what is better for DHCP , to provided by router or by server?

I know that there are these 2 options but i don't know what is better to use.

14 Comments

Hello,

I am trying to announce a test prefix via BGP to test a new expressroute circuit we have setup. I have a cisco 3850 layer switch and I would like to know the commands needed to setup this test prefix so I can do it without disrupting our current traffic. Tks in advance.

peer_asn = 650XX
primary_peer_address_prefix = "172.16.0.0/30"
secondary_peer_address_prefix = "172.16.0.4/30"
vlan_id = 150

7 Comments

I have a small business office from which the following network activity occurs:
1) I provide VPN access from the outside world into a server in my office
2) I have wired devices in my home/business network.
3) I have wireless devices in my home/business network.
4) I connect from my home/business network via a VPN to a remote network.

Relative to Item 1): My ISP supplies a COMTREND modem for internet connectivity. I have a Static Public IP for this device. It has been placed in full bridged mode. Behind it I have installed a new Linksys LRT214 VPN gigabit modem. It has a PPPoE connection to the COMTREND device and has been configured correctly with the help of Linksys support personnel. To provide access to the server via a VPN connection, this Linksys has an “OpenVPN” setup menu. All pertinent info that allows connectivity is entered into the correct fields and a config file is automatically created. This, too, has been accomplished with the help of Linksys personnel. This config file is installed on the client pc’s that will reach the server I provide to them. This has been tested and the client pc’s reach the server on my network with no problems.
The LRT214 is distributing addresses to all devices plugged in to it with the following addressing scheme: 192.168.3.xxx. It’s own settings are as follows:
Static IP address: 192.168.3.1
Subnet Mask: 255.255.255.0
Gateway: 72.xx.xxx.xx (Hidden for obvious reasons, but given to me …

12 Comments

LVL 2

Question by

amigan_99

2019-11-12Solved

Multiple DVPN Hubs?

I am doing some discovery on a spoke of a DMVPN. I don't have access to the hub/hubs.
In the configuration seen below I have several ip nhrp map multicast statements and ip nhrp.
Is this indicating that this spoke has six different hubs to which it *could* register if the first one goes down? Thank you.

ip nhrp map multicast 66.66.8.129
ip nhrp map 10.77.126.1 66.66.8.129
ip nhrp map multicast 66.66.8.130
ip nhrp map 10.77.126.2 66.66.8.130
ip nhrp map multicast 66.66.8.136
ip nhrp map 10.77.126.3 66.66.8.136
ip nhrp map multicast 66.66.8.138
ip nhrp map 10.77.126.5 66.66.8.138
ip nhrp map multicast 66.66.8.134
ip nhrp map 10.77.126.7 66.66.8.134
ip nhrp map multicast 66.66.8.131
ip nhrp map 10.77.126.9 66.66.8.131

1 Comment

This is driving me batty. I just had my internet upgraded to 1GBPS. All of my devices (with the exception of my gaming machine).

Doing a speed test from my router to the internet I am getting 924mbps down and 30mbps up. Which is correct.
I have a 6000$ gaming machine with a built in Intel gigabit ethernet adapter getting 1GBS connection and I can only get 130mbps down.
I thought maybe it was the card so I bypassed it and connected an ethernet to USB adapter ASIX AX88179 USB 3.0 to gigabit adapter same issue (yes its in the 3.0 slot)
I have had the modem in router and bridge mode made no difference.
I totally removed my linksys wireless router and connected directly to the back of the modem which is a Hitron no matter what port and still only get 130mbps down. Verified in the modem itself it was getting a 1gbps connection as well.
My phone is getting 300-400mbps on 5g why the heck cant my machine get more than 130mbps down? On 2 different nic interfaces!! Rebooted the modem, factoried the modem its in bridge mode on my router working just fine. This is driving me crazy!
Also I have tried duplexing full mode and auto negotiate no difference! Even my cell phone on 5G is getting 300-400mbps down. I have tested this in several browsers as well including IE11 as well as totally disabling my NIC in the bios only using the external USB to Ethernet connection. The router has the latest firmware as well. Both Ethernet cards have the …

10 Comments

I have a remote site that is connected to our main site using a WAN between two Cisco routers. The Cisco GRE tunnel is up and stable.
At the remote site I have a mix of Windows 7 and Linux PCs on a single 192.168.37.x subnet with mask 255.255.255.0. The gateway is 192.168.37.10.

At my central site I have two RDS servers on a single subnet. The servers IPs are 192.168.39.246 and 192.168.39.222. with subnet mask 255.255.255.0. I use EIGRP and RIP across both subnets and the route tables in the routers are good. The gateway is 192.168.39.10.

At the remote site all of the Windows 7 PCs can remote access both servers using mstsc.exe.
At the remote site only some Linux PCs can access both servers using rdesktop/ping.

I have three out of five Linux PCs at the remote site that can only access the server with IP address 192.168.39.222. They cannot reach the server address 192.168.39.246 using rdesktop or even ping. The server firewalls are the same. The Linux installations are identical, having been cloned from the same image. This was working until about a week ago. Now these three machines can only see the one server. There are no ACLs on the Cisco routers that would cause this. There are no firewall settings on the Linux boxes that I can see. I have numerous Linux PCs on the central site - all can see both servers. If I try reaching the remote PCs from the ~246 server, only the two that can reach it can be pinged or accessed using VNC. The Linux PCs that cannot see …

9 Comments

hi,
got a dlink layer3 switch
got vlan1- management
got vlan2- voice
got vlan3- data
switch is doing the inter vlan routing.
and got default route going to router ip

the part I want to know : - —— how do I connect the dlink switch to the router ??? the port in switch should I make it trunk ? In router what am I doing ?

6 Comments

LVL 1

Question by

Yashy

2019-11-05Solved

How to add SD-WAN capability

hi guys,

At the place I work at, we have a primary internet line and a secondary internet line. The secondary isn't being used as it is a failover. However, the primary line with a Cisco 1941 has got its CPU usage to almost 90% every single day. The secondary line is not being utilised at all. That also has a Cisco 1941.

We have a change freeze window coming up for almost 2 months! So we can't do anything from this Friday onwards.

The future plans will be to upgrade WAN bandwidth and change the Cisco routers. But for now, if I wanted the secondary line to become utilised, would you use a Meraki Mx68 to do the load balancing? So that it would sit in front of the two routers and it would load balance the traffic to one or the other to turn it into an SD-WAN capable system?

Are there any other ways that you can think of?

Thanks for helping
Yash

12 Comments

JavaScript Best Practices

LVL 19

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.

Question by

itsmevic

2019-11-04SolvedPrivate

Router Logs

I'd like to pipe my router logs into Splunk which I will use for educational reasons. I know how to ingest the data into Splunk properly, but would like to know where on my routers interface where I could redirect the logs so that AIO (all-in-one) can ingest them and index them into Splunk where I can read them. So the questions isn't really about Splunk, it's only about where i can I found my router logs at once I've logged into it's interface?

I'm running a Sagemcom F@st 5260 WIFI router.

2 Comments

We wish to monitor vpn dial in access, we are currently doing this using VPN Graph under diagnostics which is giving us what we need but unfortunately it only shows data for the past week or so. Is there a way to monitor long term vpn access. We have connected a usb stick to the draytek to record logs but this doesn't seem to record vpn access.

4 Comments

Question by

totaram

2019-11-02Solved

1000Base-LX SMF

Experts;
We are going to be getting 1000Base-LX from provider but customer is all cabled up w/ MMF wiring and MMD SFP on router, the device is at around 100Mts from the demarc. Can you please shine some light if this setup will work, the change is going to cost and was wondering if there is a real need for a change?

Thanks;

6 Comments

Hi,

I've been working on an Edgerouter X for the past week trying to get a VPN client to connect to it. I've tried everything I can think of but I cannot get either a Windows 10 client to connect and an iPhone VPN to connect. I'm sure that I have something set incorrectly on my Edgerouter. Just now I upgraded the firmware from 1.10.1 to 1.10.10. I don't dare go to 2.0.6 as I've had a lot of problems with that firmware. Here is what I programmed into my Edgerouter (I've removed the sensitive data):

set firewall name WAN_LOCAL rule 30 action accept
set firewall name WAN_LOCAL rule 30 description ike
set firewall name WAN_LOCAL rule 30 destination port 500
set firewall name WAN_LOCAL rule 30 log disable
set firewall name WAN_LOCAL rule 30 protocol udp

set firewall name WAN_LOCAL rule 40 action accept
set firewall name WAN_LOCAL rule 40 description esp
set firewall name WAN_LOCAL rule 40 log disable
set firewall name WAN_LOCAL rule 40 protocol esp

set firewall name WAN_LOCAL rule 50 action accept
set firewall name WAN_LOCAL rule 50 description nat-t
set firewall name WAN_LOCAL rule 50 destination port 4500
set firewall name WAN_LOCAL rule 50 log disable
set firewall name WAN_LOCAL rule 50 protocol udp

set firewall name WAN_LOCAL rule 60 action accept
set firewall name WAN_LOCAL rule 60 description l2tp
set firewall name WAN_LOCAL rule 60 destination port 1701
set firewall name WAN_LOCAL rule 60 ipsec match-ipsec
set firewall name WAN_LOCAL rule 60 log disable

Open in new window

…

6 Comments

LVL 2

Question by

amigan_99

2019-11-01Solved

Advertising eBGP a subnet from a larger block

Client has a /16 and wants to advertise a /24 within the /16 via a new carrier at one of their smaller sites. Are there any things I need to discuss with the current carrier or the new carrier to make sure the new peering doesn't interfere with the existing route advertisements? Any other gotchas to consider in this operation? Thanks!

2 Comments

Hi Anyone know why the command "transport output none" cannot work? That means i still can ssh from R1 to any other device based on the below config. Did I miss some command？ Thank you!

R1
line vty 0 4
login
transport input telnet ssh
transport output none

Routers

1 Comment

Routers

Related Topics

Routers

Related Topics