Routers

46K

Solutions

23

Articles & Videos

30K

Contributors

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Share tech news, updates, or what's on your mind.

Sign up to Post

I'm in the market for a new router.  I want a hardware DMZ.  I currently have a NetGear ProSafe FVS338, which is fine except for it lacks a hardware DMZ.
I do not need VPN support.
The other feature I'm interested in is ease of setup.  It doesn't need to be dummy-proof (i.e.  I don't want a "wizard" to do the setup for me).   I just don't want to deal with configuration like what's required for a SonicWall, with a completely un-intuitive UI and setup.
And no bells and whistles that require subscriptions / fees, por favor.

Please only post responses based on your personal experience.  I can Google for routers on my own time... looking for actual real-life recommendation here.
0
Easy, flexible multimedia distribution & control
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Which traffic will use the next hop in the PBR? The DENY traffic or PERMIT traffic under the ACL? I am pretty sure it means the PERMIT traffic will use the PBR but just want to double check


ip access-list extended PBR
 deny   ip 10.90.28.224 0.0.0.15 any
 deny   ip 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255
 permit ip 10.0.0.0 0.255.255.255 any


route-map PBR permit 10
 match ip address PBR
 set ip next-hop 10.255.14.1

Open in new window

0
Getting Msg:-
boot: cannot determine first executable file name on device "flash:"
0
First, If I am correct:
Standard Access-list  can match traffic based on Source IP address only
Extended Access-list can match traffic based on Source/Destination IP address , port number, protocol, etc...

well, there is also  Named Access-list. We can have Standard Named Access-list and Extended Named Access-list
  Is Standard Named Access-list similar to Standard Access-list, it can match traffic based on Source IP address only ?
Is Extended Named Access-list  similar to Extended  Access-list ,it can match traffic based on Source/Destination IP address , port number, protocol, etc. ?

Thank you
0
Experts,
We are using 6 classes of services w/ our network, ED, AF4, AF3. AF2 AF1 and DE. If DE is all full, but there is some room left in AFx class, can it is used by DE? Meaning can a lower priority can take over the higher priority Class? Please let me know.

Thanks
0
I need to know the difference between :

Access-List 100 permit .....
IP Access-list extended 100.  
  ip access-list extended name

if I have forgotten other access-list types , please list and explain it :)

Thank you
0
I have a remote client with an ASA 5200. They are going to get fiber, but for now are using their building's internet. The ASA config is below (edited for anonymity). It is able to ping the gateway (10.133.30.177), as well as 8.8.8.8 and other IPs. When attached to the 0/2 interface, a machine gets an IP in the 192.168.220.0/24 and can ping 192.168.220.1, but no further (not even 10.144.30.190). I've run "packet-tracer input inside icmp 192.168.220.102 8 0 8.8.8.8 detailed"

Here is my config:
    ASA Version 8.3(2)
    !
    hostname NY-ASA5200
    names
    !
    interface GigabitEthernet0/0
     shutdown
     nameif FIBER
     security-level 0
     ip address 172.16.0.1 255.255.255.0
    !
    interface GigabitEthernet0/1
     nameif INET
     security-level 0
     ip address 10.144.30.190 255.255.255.240
    !
    interface GigabitEthernet0/2
     nameif INSIDE
     security-level 100
     ip address 192.168.220.1 255.255.255.0
    !
    interface GigabitEthernet0/3
     shutdown
     no nameif
     no security-level
     no ip address
    !
    interface Management0/0
     shutdown
     no nameif
     no security-level
     no ip address
    !
    ftp mode passive
    dns server-group DefaultDNS
    object network inside-subnet
     subnet 192.168.220.0 255.255.255.0
    object network outside
     host 10.144.30.190
    access-list inside_out_acl extended permit ip any any
    access-list inside_out_acl extended permit icmp any any
    pager lines 24
    

Open in new window

0
In the example below, which wildcard mask will cover  the 4 subnets only
192.168.146.0
192.168.147.0
192.168.148.0
192.168.149.0

I though 0.0.7.255 is correct, but it will cover more than those 4 subnets.

Any wildcard mask calculator link, will be helpful.


Thanks
0
Hi all,

I am not a fan of Powerline devices, but sometimes I just have no other option then to use these device to get my signel to te area where it is needed. So therefor I would like to know which brand is best and what specifications to consider when making a certain choice.

I know it is best to use it on the same power group to get the best results. Therefor I often place an extra power outlet so that I work in the same power group. But I am wondering:

- Does brand make a difference
- Does speed make a difference in distance or stability (perhaps a 200MB goes further than a 1000MB)
- Do extension cords with adapters (i.e. a phone charger) have influence on speed and stability

And so on, so to sum up: how to get the best results with Powerline.

Thank you,
0
Which VLAN   to enable ARP inspection

I would like to know which VLAN to enable ARP Inspection. Is it going to be on the same VLAN where the Trusted DHCP server resides on ?
Or on every VLAN in the network ?

Switch(config)#ip arp inspection vlan <VLAN Name>



I also wants to know about the DHCP Option 82 configuration.
Using IP helper-address <IP address> is enough or  we need to add:
ip dhcp relay information option

Thank you
0
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Hi, does anyone know any weakness of Cisco devices (router, switch, Firewall)? Is there any way/tool to assess their vulnerabilities?
0
Hi, we are preparing the rules for Zone-based Policy Firewall on Router c3925, however we need to confirm which traffic usually pass through a router, so that the rule will not block/allow any useful/bad traffic. So can we have a method to see it?

Is there a way other than: "show ip cache flow", "sh ip traffic" ?  

Many thanks in advance,
0
Hi All,

I'd like to get the config file off both these makes of cisco equipment does anyone know the proper command config to do so/

thank you for your help
0
Hi, we are having Router Cisco 3925 between LAN and WAN, however it seems like the money is required for AnyConnect VPN on Cisco 3925. We found that pfSense (Free) can be deployed to serve VPN connections however we need to understand its pros and cons.
-So can anyone explain please?
-Should we deploy it or purchase license for AnyConnect?
-Do you know any free Cisco VPN solution that we can configure inside our C3925?

Our priority is:
- Compatible with current environment with minimum impacts to about 400 users
- Easy to configure and troubleshoot
- Price  

Many thanks in advance,
0
Dear All

Background:
1. I set up an L2TP over IPsec VPN Server in China.
2. I am using Mac Air (L2TP VPN) to connect to the VPN Server in china.
3. The Client to Server connection is successful.

However, I noticed that when the L2TP VPN connection is on, all my web requests (http/https) is routed to china and from there it tried to get to the URL.
(The problem is china disallow visiting Facebook/google/youtube ..etc).

Therefore, the ideal situation for me is that
A. When I request internet access (not china domain / IP), it is not using the VPN.
B. When I request China IP internet access, it is using the VPN.

How am I able to achieve the above?
Experts, please kindly provide some smart ideas?
0
Hi, the title said it all. Can anyone draft me some pros and cons of stacking switches?

And is it possible to simulate this techniques in GNS3, Packet Tracer or something else?
0
I'm sure I have done something wrong here. This is such a basic config. Can you tell me why my router can communicate outside, but my PCs cannot?

!
! Last configuration change at 17:48:41 UTC Sat Jun 10 2017
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MYROUTER
!
boot-start-marker
boot-end-marker
!
enable secret 5 <obscured>
enable password <obscured>
!
no aaa new-model
!
no process cpu extended history
no process cpu autoprofile hog
memory-size iomem 20
dot11 syslog
ip source-route
no ip routing
!
!
!
!
no ip cef
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
license udi pid CISCO1841 sn FTX1104Z0BG
!
redundancy
!
!
! 
!
!
!
!
!
!
interface FastEthernet0/0
 description OUTSIDE
 ip address dhcp
 ip nat outside
 no ip virtual-reassembly
 duplex auto
 speed auto
 no cdp enable
!
interface FastEthernet0/1
 description INSIDE
 ip address 172.16.254.1 255.255.255.0
 ip flow ingress
 ip nat inside
 ip virtual-reassembly
 no ip route-cache
 speed auto
 half-duplex
 no cdp enable
 no mop enabled
!
interface ATM0/0/0
 no ip address
 no ip route-cache
 shutdown
 no atm ilmi-keepalive
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 101 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 dhcp
!
access-list 101 permit ip any any
no cdp run

!
!
!
snmp-server community public RO
!
!
control-plane
!
!
line con 0
 

Open in new window

0
Assuming I have 2 switches connecting to each other.
on one switch I configure  Port-channel Load-balance src-mac
and on the other switch I configure Port-channel Load-balance dst-mac

I have not tried yet it, but wonder if it will work

Thank you
0
Hi, if my router showed this when hit "show lic", how many VPN user can we have?

Index 2 Feature: securityk9
        Period left: Life time
        License Type: Permanent
        License State: Active, In Use
        License Count: Non-Counted
        License Priority: Medium
Index 3 Feature: uck9
        Period left: 8  weeks 4  days

        License Type: Evaluation
        License State: Active, Not in Use, EULA not accepted
        License Count: Non-Counted
        License Priority: None
Index 4 Feature: datak9
        Period left: 8  weeks 4  days

        License Type: Evaluation
        License State: Active, Not in Use, EULA not accepted

What are the Index3 and Index4 licenses? If I understand correctly, I did activate the trial license of 60 days, so what will happen after this period? Do I have to pay any fee after that? And how can I stop the trial period?

Many thanks as always!
0
Building an interactive eFuture classroom
Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

I have a new customer the VPN going straight to the customer was working fine with Comcast crappy router, I install a pfsense and created a rule under nat for VPN, setup server with a static IP etc. somehow this does not work. any help greatly appreciated
0
Here is my router's configurations (with fake public IP addresses;-)

interface GigabitEthernet0/0
 ip address 113.160.61.14 255.255.255.252

 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto

interface GigabitEthernet0/1
 ip address 101.96.10.141 255.255.255.192

 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 
interface GigabitEthernet0/2
 ip address 172.16.2.28 255.255.255.248
 ip flow ingress
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto

ip nat inside source list ftth interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 113.160.61.13 100
ip route 0.0.0.0 0.0.0.0 101.96.10.129 200


ip access-list extended ftth
 permit ip 192.168.7.0 0.0.0.255 any
 permit ip 192.168.1.0 0.0.0.255 any
 permit ip 192.168.8.0 0.0.0.255 any
 permit ip 192.168.9.0 0.0.0.255 any

This is a result from "show ip int b"
Interface                            IP-Address         OK?     Method Status            Protocol
GigabitEthernet0/0         113.160.61.14    YES        NVRAM  up                    up
GigabitEthernet0/1         101.96.10.141  YES        manual up                    up
NVI0                          113.160.61.14    YES         unset  up                    up

==================================================================

So as you can see we have 2 WAN interfaces to 2 different ISPs, we change some configurations and saw …
0
Hi,

I have two Cisco routers with 3 interfaces

Fe0/0 is a /30 network for a Public IP.  All IP are used in this subnet.  None available
Fe0/1 is a /29 network  for a Public IP subnet.  All IP are used in this subnet.  None available
Fe0/2 is not used (plan is for a decicated link for HSRP)

The idea is to track the Fe0/2 link state which will be a crossover cable with the Fe0/2 of the second router for HSRP and failover to the second router in case  of a failure of the first

So the IP of Fe0/0 and Fe0/1 must use a public IP and I have none left for a Real IP and a Standby one

If a use private IPs on my Fe0/2 can I achieve this ?

Will the two interface Fe0/0 (and Fe0/1) avec the same IP in both routers ?

Any example of what kind of configuration I need ?
0
Hi guys, is there an software/environment which can simulate HP Aruba Switch/router? Or can we simulate it on GNS3? If so, does anyone got any link of ISO/IMAGE file?
0
Hi Experts, is there a method to have both Load balancing and Fail-over at the same time on Cisco Router which has 2 connections to 2 different ISPs ?

As my understanding, Load balancing is Active-Active whereas Fail-over is Active-Standby, am I right?
0
hi I need some assistance setting up the wan on a new pfsense appliance, I followed the instructions somehow I still can't browse.
how do I setup the wan on this, most tutorials show an older version of pfsense and honestly I'm a total noob on pfsense.
0

Routers

46K

Solutions

23

Articles & Videos

30K

Contributors

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.