Routers

47K

Solutions

30K

Contributors

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts, I'm testing this network diagram with EVE-NG

11.PNG
Without the NAT translation and access-list, all 3 VLAN PCs can ping to 8.8.8.8, SLA also work OK to switch from default route to backup route.

With the NAT and access-list, PCs from VLAN11 and 12 could not ping 8.8.8.8 although I allowed icmp on R1's interface. The PC on VLAN13 (not it NAT and access-list still could ping to 8.8.8.8). How can I fix it with NAT and access-list?

I attached the configuration files.
Desktop.zip
0
Cloud Class® Course: Microsoft Office 2010
LVL 12
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

Hello,
I want to allow my wifi users to work only with WhatsApp so is there any list of domains or ip pool for whatsapp
I have mikrotik and I will use it to do that.
thanks.
0
So i have a Standard home broadband Netgear router (DGND3700v2) it connects  to ADSL using a phone line.

can I use a RJ11 TO RJ45 converter and then plug that phone line straight into the outside ethernet port of an ASA5506 and then configure the port to use PPPoe with the credentials from my ISP? would that work?

Thanks
J
0
Hey Guys,

 I am a complete newbie to Cisco so excuse my ignorance,

I have just setup the device and want the Outside interface  to receive traffic from my  home Netgear broadband router and then pass it through to inside interface.

How do i go about doing this? I have tried different ways but none seem to work.

All I want is the ASA to act as the firewall.

current setup is as follows



Netgear Router / Modem 10.0.1.1 (gets dynamic ip from ISP using PPPOA and does the NAT) Please note my router does NOT have bridge mode option
ASA 5506 Outside Interface ip 10.0.1.7 (Static)
ASA 5506 Inside Interface ip 192.168.1.1

The bit i can't work out it adding static routes and do I need to NAT on the ASA as the router already does that

Thanks
J
0
Dear Experts, is there any simulation apps (such as EVE-NG, GNS3, packet tracer) which can represent the stacking process of Cisco switch? or HP aruba switch?
Many thanks!
0
GigaVue connection. Please see the attached diagram. The orange device is GigaVue. In order to get each device message,  each device needs addition cable connected to the GigaVue. If we use vlan to connet each device via core switch(each device connected to core switch), can we also use line card inserted in core switch? The line card has GigaVue function. This way we do not need addition cable connected to Gigavue. My question is do we have this kind of line card? Thank you
Capture.PNG
0
Hello,

We're in the process of configuring a Cisco CSR router within Azure. Users connect to the Cisco CSR router via the AnyConnect VPN client and authenticate via Azure MFA. Users are able to connect to the VPN and authenticate successfully with Azure MFA. However, we are unable to connect to any devices/services within Azure once we are connected to VPN. The Cisco CSR router can ping all devices/services within Azure without any issues, but users are unable to communicate with any devices/services while connected via VPN.

Any ideas?

Thanks!
0
Hello Experts-
We have subscribed to MPLS IPVPN via Service Provide to connect our branch offices with HQ.
We have been given /30 subnet at HQ and each offices and running BGP between CE Router and ISP. We suppose to send the routes to ISP and then take will foreward via MPLS Cloud.

We want to install firewall at the HQ between MPLS Router and L3 Switch.

I am just concerned what routing protocol I should between MPLS Router and L3 Switch at HQ so that all HQ hosts can reach to branch offices.. Shall I used IGP or Static Routes ?
How to inject the routes from MPLS routes to firewall ? Is it advisable to run a routing protocol between them
How I can achieve redudancy if a router or firewall fails in HQ Office.

I am attaching a basic design.
Any suggestions and comments are welcome.
0
Hi ,

we have subsidiary company with around 150 Users . it is linked to us (HO ) over IPVPN (1 MB)  and services getted from Us are :

1- CISCO IP telephone ( currently around 75 Users)
2- ERP ( about 50 USers)

thier existign Setup :

1- Domain COntroller ( seprate totally from us ) + Antivirus server ( 1 physical box)
2-finance system
3-Backup Server
4-Sonicwall NSA2600
5-Switches
7-Router for IPVPN

the managment is thinking to host the setup for the subsidary company so my questions are:

1- how I can do the proper sizing for the link ? so i ensure the users are not feeling slowness
2-what equipment should i move from there and what i should not ? best desing fro myour experince
3- how the internet should be provided to thier users ? from us or locally ?
4- what are the adv and disadvanage for such plan? should we recommend this plan or let them continue as they are
5- risks?
6- what are the pre requisits needed in the HO Data Center for hosting those equipment
0
Need 400 to 600 people to be able to access wifi. I was going to use ubiquiti access points but I understand each unit can handle about 40 connections. How do I accomplish this?

The unifi access points have a hard limit of 127 users but recommend no more than 40. So I would need more than 10 access points to balance the load for 600.
0
Free Tool: Path Explorer
LVL 12
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Hi,

I have a Cisco 890 with IOS 15. Please help me solve the following two problems related to NAT.

1. I would like to access a NVR from both inside and outside the network using the same public IP.
2. I would like to access internal VLANs without any NAT between them.

If I configure ip nat enable, the first problem gets solved but the second does not.
If I configure ip nat inside/outside, the second problem gets solved but the first one does not.

Following is the configuration.

interface Null0
 no ip unreachables
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
 isdn termination multidrop
!
interface Ethernet0
 no ip address
 shutdown
!
interface GigabitEthernet0
 switchport mode trunk
 no ip address
!
interface GigabitEthernet1
 switchport access vlan 10
 no ip address
!
interface GigabitEthernet2
 switchport access vlan 10
 no ip address
!
interface GigabitEthernet3
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface GigabitEthernet4
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface GigabitEthernet5
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface GigabitEthernet6
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface GigabitEthernet7
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface …
0
Hello Experts,

We have 4 Ethernet Point 2 Point link between my 2 branch office location 1 & location 2 distance between both office is 1430 KM
and getting end to end latency 25-32 ms. From both sides all links connected with Cisco 2811 Router (HWIC Port) & configure as a eigrp 100

once i send traffic (download or upload) from location 1 to location 2 why its using only one interface, it should be distributed & forwarded from using
all 4 interfaces as a single (marge) speed.

please suggest configuration to forward traffic using all interface as a equal- equal bandwidth

 
Location 1 Router

interface FastEthernet0/0
 ip address 192.168.10.1 255.255.255.0
 ip flow ingress
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description 4MBPS Link
 ip address 1.1.1.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/0/0
 description 2 MBPS Link
 ip address 2.2.2.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/0/1
 description 2 MBPS Link
 ip address 3.3.3.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1/0
 description 2 MBPS Link
 ip address 4.4.4.1 255.255.255.0
 duplex auto
 speed auto
!
!
router eigrp 100
 network 1.1.1.0 0.0.0.3
 network 2.2.2.0 0.0.0.3
 network 3.3.3.0 0.0.0.3
 network 4.4.4.0 0.0.0.3
 network 192.168.10.0


 
Location 2 Router
 
 interface FastEthernet0/0
 ip address 192.168.207.1 255.255.255.0
 duplex auto
 …
0
It seems that the documentation about IPsec/IKE setup on an SRX to Azure s2s VPN is conflicting.  There are 3 pain points:

1.  Can IPsec/IKE be used on a policy-based VPN for Azure? It seems that Azure is clear about "no" but the suggested Azure config includes IPsec & IKE config
2.  Which IKE version is best for SRX to Azure - v1 or v2, when using Policy Based or Route-Based VPN? (see attachment)
3.  If a trust sec zone (internal interf.) and an unstrust sec. zone (exter. interf.) already exists, how can I add interfaces that are in one of those zones already to a new "Internal & Internet Zone" for the Azure VPN Tunnel as documentation suggests?  I receive an SRX error about adding interfaces to multiple zones prohibited and if using PB VPN there is no st0.x to that config and/or I don't understand how to utilize or place the traditional interface under the st0.x iface.

SRX ERROR:

commit check
[edit security zones security-zone Internal]
  'interfaces ge-0/0/1.0'
    Interface ge-0/0/1.0 already assigned to another zone
error: configuration check-out failed



I found this on Azure's site - https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-ipsecikepolicy-rm-powershell

Azure IKE Doc found on Azure Site
Azure States no IPsec for Policy-Based
Azure IKE Doc found on Azure Sitejuniper-no-ikev2.png
0
I have a Netgear R7000V2 router as my primary router.  I have connected a second router flashed with Tomato which servers as my secondary router.  One of the LAN ports from the secondary router is connected to the WAN port of the primary router.  My configuration is as follows:

Primary (WAN port connected to Internet)
LAN IP Address 192.168.0.1
DHCP enabled serving 192.168.0.100 - 192.168.0.149
Static Route added - Destination IP 192.168.2.0 ; IP Subnet Mask 255.255.255.0 ; Gateway IP Address 192.168.0.110
Metric 2
IP Address reserved for secondary router 192.168.0.110

Secondary Router
WAN Configuration:
IP Address 192.168.0.110
Subnet Mask 255.255.255.0
Gateway 192.168.0.1

LAN Configuration
IP Address 192.168.2.1
Subnet Mask 255.255.255.0
DHCP enabled serving addresses 192.168.2.100 - 192.168.2.149
Router Mode
Firewall disabled via firewall script
# disable firewall
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

I need both subnets communicate with each other for filesharing etc.  I also need internet access for all PCs across both subnets.  Currently I am able to communicate between the subnets using IP addressing but not able to use hostnames.  PCs on the secondary router (192.168.2.0 subnet) are not able to access the internet.  From the secondary router I'm able to ping google.com and other various …
0
Hi

i configured OSPF between cisco ASR and Juniper router (service Provider).

OSPF neighbour has formed and exchange routes.

but ASR is logging a message " Cannot see ourself in hello from <juniper router id>, state INIT"

This is not happening all the time. its happening randomly once or twic a week. Mostly happening duing the peak hours of the business (but traffic is not hitting the maxium BW).

Due to this i can see some of the remote sites having high latency connecting to the DC for 2 -3 min and then when OSPF is normal the high latency is goiing away.

Not sure why the OSPF is flapping. Any particular config i need to add between juniper and Cisco ASR to Work.

regards
Logesh
0
Hello guys!
First of all, i want you to know that i am german, so please excuse some of my grammar mistakes.
So my problem is that i am currently working on a project and therefore have to use Putty to connect my router with my computer. All settings should be right, but to be sure i will write them down:

serial line: COM3
speed: 115200 bauds
connection type: serial
data bits: 8
stop bits: 1
parity: none
flow control: none

So at first these settings worked fine for me, but all of a sudden the terminal just stayed blank. It didnt react to anything i typed in (mainly because i couldn't even type something in). I checked the connection to the FTDI adapter i am using, and as i can tell, everything should be fine. If i press keys on my keyboard, the little lamp is flashing, so that means the connection from the FTDI to my computer is alright. It just seems that the terminal program is not getting any information from my router.

I really hope someone can help me with this problem. I am working on an important project to hack my current internet router, and therefore necessarily have to use putty (Windows etc.)
Thanking you in anticipation,
Max
0
SonicWall NSA 250 router. Just updated firmware to SonicOS Enhanced 5.9.1.10-1o. Have DPI enabled on router, not concerned with DPI-SSL. Am setting up a new Firewall access rule and need to avoid DPI for that rule. When setting up these rules, under the 'Advanced' tab in the setup for the rule, there should be a checkbox 'Disable DPI' so that rule is excluded from DPI if desired.... in my situation this new rule is related to Skype and maybe Office365 and detection of EKE, encrypted key exchange... due to Skype... a supposed way to stop the detection (and many many log entries), is to create address objects for certain Skype FQDNs and IPs and then add to an address group, then create the firewall access rule per instructions and in Advanced select 'Disable DPI'....
'Disable DPI' checkbox is absent.... for other access rules I have created in the past - its missing in all of them too. This is the first access rule I have needed to disable DPI in... DPI IS enabled (versus SPI)...  I cannot find an answer Googling - not even close. URL for this rule creation:

https://www.sonicwall.com/en-us/support/knowledge-base/170505477596414

Appreciate any help on this....  there's always 'something'... Thanks!
0
Good afternoon All

I am looking for community help to get me started on a Dell PowerConnect X4012 (2switch stack) configuration for 3 Dell XC servers with Nutanix on them.  I also have a TOR switch stack of 2 x Dell 3024 switches.  I have found in the past best practice documents for configuring Dell kit for VMware but I can't find anything conclusive for the above.

What vlans am I going to require for Nutanix AHV HCI?  

Any help gratefully received.

Thanks
0
I have cisco 3650-24TD with IOS version 16.3.5b. Before it was on 3.6.6. Lately twice we had power outage and both the times the 1G sfp link connected to ATT switch didn't came back once the power was restored. Upon reboot it came back but someone has to go to the site, console into it and reboot it.

The config on the port is:
switchport trunk allowed vlan 10
switchport mode trunk
speed nonegotiate

Can someone help me with this issue, why this is happening? Is the cable, sfp or the port on the switch bad or what else.
0
Free Tool: SSL Checker
LVL 12
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Looking for a firewall/router that will let me blacklist all sites but 1 and allow app store and google play updates for less than $300 that will allow 50+ users
0
I just received a new V03 RV320.
I'm trying to set up the default VLAN 1 on port LAN4 untagged for the management interface.
And, I've tried to exclude port LAN1-3 on this VLAN 1.

I also set up VLAN 100
I want to exclude port LAN4 from this VLAN .
I want to have LAN1-3 tagged for this VLAN. (But just one port would be fine).

I keep getting an error:
A VLAN port can only be untagged to one VLAN ID (LAN1)

This is very frustrating as it seems a simple configuration task.
What am I doing wrong?
0
Experts,
I am having an issue with one user who is unable to browse to a site over VPN. Instead of going to the address specified, it brings up google search list for the address. Without VPN user is able to browse to the site. Any suggestions or ideas?
0
I have 1 Cisco 2911 router with single ISP connected
And i have 1 Fortinet firewall

Is it possible to configure dual ISP like a failover using this single router and single firewall...???

I have attached the firewall pic here..
0
I have 10 workstations 2 of which needs to be subnetted differently. Its 2 registers...
Its a basic 192.168.1.1 network. Basic Linksys router. How do I accomplish this?
0
Query:

Ccna security & ccnp security - use same asdm & asa5505 or above hardware ?
0

Routers

47K

Solutions

30K

Contributors

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.