[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Routers

47K

Solutions

30K

Contributors

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Share tech news, updates, or what's on your mind.

Sign up to Post

Please see the below in asr1000 trying to establish bgp neighbor. Do we have to use address-family ipv4? Thank you

router bgp 22
 bgp log-neighbor-changes
 neighbor 55.66.77.8 remote-as 33
 !
 address-family ipv4
  neighbor 55.66.77.8 activate
  neighbor 55.66.77.8 soft-reconfiguration inbound
  neighbor 55.66.77.8 prefix-list ine in
  neighbor 55.66.77.8 prefix-list out out
0
Big Business Goals? Which KPIs Will Help You
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

DR(designated router) is for sending source message to receiver. I am not sure DR is located between source and RP, or between RP to receiver? Anyone can give some idea? Thank you
0
What is the best way to expand the number of physical ports available on a five (5) port router to six (6) without having to configure a whole new router?
0
Hi there,
I have to provide internet connection to three offices which are far away from each other. The scheme adopted was to take a single cable from the main ADSL+ router and take to first office (Offiice-1). A TP-Link router in Office-1 is then used to provide connection to Office-1, Office-2 and Office-3 (Office-2 and Office-3 are at almost same distance, but in different direction). Cable used is Cat5.
The problem is when PC is connected directly to cable coming from ADSL+ router, internet works fine. But when the same cable from ADSL+ router is plugged in the WAN port of TP-Link router, the WAN connection LED turns on for brief duration, then goes off for almost same duration, then again turns on. This cycle is continuously repeated.
Please tell where is the problem and how to rectify it.

P.S: Both straight wire scheme and cross-over wiring schemes have been used with no effect.
0
Apple Airport vs. eero mesh network - iPad Pro wireless network loses connection 

As Apple is ceasing manufacturing Airport router, l want to replace with router with greater signal in 2335 sq. ft. single story rectangular home. Issue is MLB.TV signal. Currently Spectrum signal is 100 mbps with Cat5 connection @ Mac OS. Wireless is less than 60 mbps. At opposite end of house iOS signal is less than 30mbps Ookla).

No MLB.TV connection issues with Apple TV CAT5 connected to router.

Frequent MLB.TV  signal loss with iPad Pro, similar loss with YouTube, both require iPad reboot. Message suggests trying alternate account for login - not true, reboot required.

Would something like eero 2nd gen. Mesh network help?
0
I am trying to backup Cisco routers and switches here in the office to a central server so those configs can be backup offsite.  I have figured out how to automate the back and schedule the automated backup.  My concern is with security aspects of the transfer from the routers and switches to the repository for theses files.  I was planning on using Tftp64 as the server, but I cannot see any way to harden that program.  Is there another way to download these files? Does Cisco allow anything other than TFPT to transfer these files?  Or is there  some explanation to pass along to security to get them to allow the TFTP?
0
How to get mngt network to a NATing router 2921

192.168.168.0/24   Office Network
192.168.170.0/24   Guest Network enclave
10.10.10.0/30      MNGT Network

==============-------SW---------==================
Switch gi0/7 connected to OUTSIDE interface_gi0/0 (2921 RTR):
!
interface Vlan200
 description mngt_vlan
 ip address 10.10.10.3 255.255.255.0
end
!
interface GigabitEthernet0/7
 description to_RTR_OUTSIDE_gi0/0
 switchport access vlan 200
 switchport mode access
!
==============-------RTR---------==================
2921 RTR interface:
  !
interface GigabitEthernet0/0
 description OUTSIDE_to_SWITCH_gi0/7
 ip address 192.168.168.231 255.255.255.0
 ip nat outside
!
interface GigabitEthernet0/0.1
 encapsulation dot1Q 200
 ip address 10.10.10.9 255.255.255.224
!
interface GigabitEthernet0/1
 description INSIDE
 ip address 192.168.170.1 255.255.255.0
 ip nat inside
!
===========----------NAT----------==============
!
ip nat inside source list GUEST_ACL interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.168.1
!
ip access-list extended GUEST_ACL
 permit ip 192.168.170.0 0.0.0.255 host 192.168.168.1
 deny   ip 192.168.170.0 0.0.0.255 192.168.168.0 0.0.0.255
 permit udp 192.168.170.0 0.0.0.255 host 192.168.168.1
 deny   udp 192.168.170.0 0.0.0.255 host 192.168.168.1
 permit ip 192.168.170.0 0.0.0.255 any
 deny   ip host 0.0.0.0 any
 deny   ip any any
!
=============-------SOLUTIONS------------==================
0
Can't get my management network connected to an enclave built with a 2921 router subinterface.  192.168.168.0/24 is the operational network.  10.10.10.0/27 is management network.

==============-------SW---------==================
Switch gi0/7 connected to OUTSIDE interface (2900 RTR):
!
interface Vlan200
 description mngt_vlan
 ip address 10.10.10.3 255.255.255.0
end
!
interface GigabitEthernet0/7
 description Guest_RTR
 switchport access vlan 200
 switchport mode access
 storm-control broadcast level 20.00
 storm-control action trap
 no cdp enable
 spanning-tree portfast
 spanning-tree bpduguard enable
 spanning-tree guard root
!
==============-------RTR---------==================
2921 RTR interface:
  !
interface GigabitEthernet0/0
 description OUTSIDE
 ip address 192.168.168.231 255.255.255.0
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.1
 encapsulation dot1Q 200
 ip address 10.10.10.9 255.255.255.224
!

===========----------NAT----------==============
!
ip nat inside source list GUEST_ACL interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.168.1
!
ip access-list extended GUEST_ACL
 permit ip 192.168.170.0 0.0.0.255 host 192.168.168.1
 deny   ip 192.168.170.0 0.0.0.255 192.168.168.0 0.0.0.255
 permit udp 192.168.170.0 0.0.0.255 host 192.168.168.1
 deny   udp 192.168.170.0 0.0.0.255 host 192.168.168.1
 permit ip 192.168.170.0 0.0.0.255 any
 deny   ip host…
0
Need to block network users from being able to access BitTorrent (BMTORRENT).   I have a Sonicwall TZ-215 along with the premium content filtering.  I can block the URL of the usage, but can not determined the proper ports to target the service to block.  

Goal is to not have to upgrade to the "Application Control" that can detect the signature of the traffic or such.  I am fine with blocking the defaults or making more difficult for the person.  I understand that they could use other methods to avoid detection.
0
Dear Experts, I need suggestions on this network design. Is there anything we need to consider for improving HA, security, performance? Could you please help? Many thanks!

net.PNG
Core SW1, SW2: Cisco 3850 IP service
Access SW1, SW2: Cisco 2960 LANBase

- Between C1 and C2: EtherChannel Trunking native vlan 88
- Between C1 and C2, C1 and A1, A2, C2 and A1, A2: trunking interfaces native vlan 88
- C1: VTP Servers, other switches are VTP clients, version2
- VLAN 10 (LAN), 11 (LAN), 88 (management) synchronize between switches

- C1:
STP root primary for VLAN10, secodary for VLAN11
HSRP Active for  VLAN10, HSRP Standby for VLAN11 (standby .254)
DHCP pool VLAN10A, VLAN11A, default GW is .254, exclude address .1 - .50 and .53 - .254  (so 2 addresses .51, .52 are available, just for test)

- C2:
STP root primary for VLAN11, secodary for VLAN10
HSRP Active for  VLAN11, HSRP Standby for VLAN10
DHCP pool VLAN10B, VLAN11B, default GW is .254, exclude address .1 - .250 and .253 - .254  (so 2 addresses .251, .252 are available, just for test)

- Access switches: sw mode access / define VLAN on interfaces connected to PCs
0
HTML5 and CSS3 Fundamentals
LVL 12
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

I have a Cisco 2811 router with 2 interfaces on it (f0/0 & f0/1) and I'm trying to get interface f0/1 line protocol up but it won't let.  Does anyone know how to get the line protocol on that interface up?  I also have a Cisco 3750G 48 port switch and want to know how to get a port on the switch to connect to the router.  If you could help me with that also would be greatly appreciated.  I'm trying to learn Cisco networking configuration to help me find a better job.

Thanks
Steve Backhus
0
Dear experts, DHCP on Cisco core switch vs on Windows server 2012, which one is better? Can you please suggest pros and cons? We have 500 users, 2000 IP addresses and 20 subnets. Many thanks!
0
Hi Experts,

I have a network with some switches to my gateway, all vlan0.
Now I have to setup a new vlan 253. Some VMs has to work in this vlan.

How to route this vlan to my gateway to get internet access ?
0
My ISP is Comcast and I am assigned a range of 5 external IP addresses.

How can I determine which external IP address the SonicWALL VPN is using so that when I configure the VPN clients on Windows 10 computers I will put in the right external IP address?

The SonicWALL router is a TZ600.
1
We've just installed a new next-gen firewall and I need some assistance getting some communication between two of the interfaces.
It's a Watchguard T35 and we have our WAN on Eth0, LAN1 on Eth1, and LAN2 on Eth2.
Our WAN has a static IP, but we have /27 block of public IP's routed (at the ISP level) to our WAN for use by public facing servers.

I have that part of it working OK.  Servers connected to the LAN2 all have their static IP assignment and IP checks on the internet show the correct IPs.  This interface in the Watchguard is set as "Optional".

LAN1, is our private LAN and is set as "Trust".  Internet traffic and NAT/port forwarding is all working OK, but I cannot seem to get access to LAN2 from LAN1 devices.

I've created a firewall policy with "ANY" for the packet filtering and have set both 192.168.1.0/24 and 203.xx.xx.0/27 in both the To and From boxes.  The rule is set to allow and enabled.
But I cannot browse (using the IP or UNC name) or access any of the LAN2 resources from LAN1.  Nor can LAN2 access any of the LAN1 resources.

I'm new to Watchguard and thought I might ask here for any things I may have overlooked before lodging a support ticket with Watchguard support.
1
Dear Experts,

I have a set of fortigate firewall policies which I need to duplicate on a cisco router.

I have done most of the point A to point B.

The issue I have now is the NAT and there is an IP Pool, is there a guide on how I can translate the rules from firewall to cisco router?

Any help is appreciated.
0
I work for a company called CompanyA and we had a Ubiquiti EdgeRouter and I'm replacing it with a Draytek 2960, the internet is provided via a Leased Line with 20 static public IP Addresses.  There is a company in the same building as us called CompanyB and they share our leased line, previously the leased line went direct into the EdgeRouter and companyB's router plugged into one of the LAN ports on the EdgeRouter and this worked fine, I cant seem to replicate the setup on the Draytek to get internet traffic to CompanyB's router.  CompanyB have a Fortinet router which Im not familiar with.  I have a cable running from LAN2 on the Draytek into WAN1 on the Fortinet router, the Fortinet router on the WAN1 interface has a static address set of 50.50.50.50/255.255.255.248 which hasnt been changed since it worked with the EdgeRouter  The guy who originally setup the connection gave me the following notes
Gateway IP for CompanyB: 50.50.50.49
Usable IP Range: 50.50.50.50-50.50.50.54

All of the 20 IP Addresses including the above IP's have been added to the router WAN setup as aliases.

As you can tell im using fake IP addresses but you get the idea.

Please Help!!
0
We would like to monitor when a server, switch, router, and firewall goes down. We have a remote site that's "unattended", however, we would like to keep an eye when a device mentioned before goes down?

Do you have a suggestion that we can consider? Thanks so much.

Regards,
0
CISCO 4321
I have connected to the cisco via putty and configured passwords, interface gigabiteither 0, and also 0/0/0. I can ping it on the management port and on 0/0/0, but I cannot access the gui via https://192.168.1.1.

This Guide does not tell much at all and I have not found much on google either. Can someone please point me in the right direction. This is router is not in production.

Current configuration : 1429 bytes
!
! Last configuration change at 20:54:05 UTC Thu Sep 13 2018
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname cisco4321
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family

!
no aaa new-model
no process cpu autoprofile hog
!
!
!
!
!
!
!
!
!
!
!



!
!
!
!
!
!
!
!
!
!
subscriber templating
!
multilink bundle-name authenticated
!
!
!
!
license udi pid ISR4321/K9 sn FDO21062QE7
!
spanning-tree extend system-id
!
!
redundancy
 mode none
!
!
!
!
!
vlan internal allocation policy ascending
no cdp run
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet0/0/1
 no ip 

Open in new window

0
Determine the Perfect Price for Your IT Services
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

How Telnet works in GRE Tunnel

t
in the topology above I have created a GRE tunnel between R1 and R3. The configuration is shown below:
R1#show running-config 
Building configuration...

Current configuration : 2295 bytes
!
! Last configuration change at 09:31:13 CET Wed Sep 5 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
!
redundancy
!
!
!
class-map match-all MAPMYGRE
 match access-group name MYGRE
class-map match-all MAPTELNET
 match access-group name MYTELNET
!
policy-map MYPOLICE
 class MAPTELNET
  police 128000
 class MAPMYGRE
!
! 
!
!
!
!
!
!         
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Tunnel0
 ip address 172.16.13.1 255.255.255.0
 tunnel source 192.168.12.1
 tunnel destination 192.168.23.3
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
 service-policy output MYPOLICE
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown

Open in new window

0
Hello,
I have the topology (upper one in the figure below) where an ESX is directly connected to a Cisco Router. And the link between the two, is TRUNK link handling three VLANs.

I would like to use a Cisco switch c2960 between the router and the ESX server to connect other servers to one of the VLANs.  (lower one in the figure above)
Configuring the ports of the Cisco switch as trunk ports didn't help.
I would like to know what i should do to make everything work correctly.
Thank you.
0
Fortigate 200D in HA cluster

i have a problem (user "accidentaly started wizard" to change gateway)....

and fortinet stoped routing as expected, as it seems nothing has changed.
static routes are the same as before, route lookup hits the right route, traffic seems to hit the right policy.

Monitoring the traffic it says       "Accept: session timeout" for everything

i can ping port to internal network from CLI, i can ping something on Internet (WAN) from CLI

but nothing gets thru from external(WAN) to internal network (PORT1) or viceversa
0
I have a server, with a combined apache website and sql gaming server on same server.  I have the domain being routed to a different nameserver/proxy with ddos protection, and made a seperate subdomain there that goes directly to the game server because it is game traffic and cannot use the services.  Everything works fine, but I want to block the incoming subdomain from accessing anything but the game server port on the destination server.  

Question: On the game server firewall, how can I only allow the incoming subdomain traffic to use a specific port, and block all other ports?  I don't want it to impact the website traffic using the domain name and ports 80/443
0
Precedence in Cisco Qos:

in QoS Precedence, there is a list of precedence settings as shown, below.. I would like to know in which case should I select which precedence in the list..
For instance , in case of Voice, or Video, or specific protocol HTTP or HTTPS or FTP or TELNET or SSH, etc how  would I know which on this list to select ?

Thank you


R2(config-pmap-c)#set precedence ?
  <0-7>           Precedence value
  cos             Set packet precedence from L2 cos.
  critical        Match packets with critical precedence (5)
  flash           Match packets with flash precedence (3)
  flash-override  Match packets with flash override precedence (4)
  immediate       Match packets with immediate precedence (2)
  internet        Match packets with internetwork control precedence (6)
  network         Match Packets with network control precedence (7)
  priority        Match packets with priority precedence (1)
  qos-group       Set packet precedence from QoS Group.
  routine         Match packets with routine precedence (0)
  tunnel          Set tunnel packet precedence

Open in new window

0
I need to know how to reset the password in a Calix E5-121, 100-01230, VDSL2-24 PORT switch.  I don't have access to the previous passcode, so I just need to be able to reset mine.  Thanks in advance.
0

Routers

47K

Solutions

30K

Contributors

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.