881G router configuration - k9
pls I need some guidelines for configuration for the router in 881G - k9
See if this helps:
Specific IOS:
The security configuration:
http://www.Cisco.com/en/us/docs/iOS/security/configuration/guide/12_4t/sec_12_4t_book.html
Tags: Cisco Wireless
Similar Questions
-
Whenever I open my router configuration page, I am never prompted to enter a user name or password. Of course, it is a security problem for me. I even reset my router to its factory default settings. Yet, it is not yet solve the problem. I also want to be able to change the user name and password to make it more secure. It is indeed a cause for concern? If so, anyone have any suggestions to solve this problem? Thank you
Hello
Configuration page of your router is nothing to do with the Windows operating system.
You will need to contact the router manufacturer for instructions on how to change the default settings.
See you soon.
-
Unable to access the router configuration
I have a problem accessing my WRT54G Router configuration screen
I tried to reset it by default (pressing the button of reset for 30 sec.)
However, the default connection information does not work for me (username: empty password,: admin)
Can someone help me?
Hi shopping,.
You can download the file to the router firmware WRT54G version 7 from this link:
Hope that helps. :-)
Good luck!
-
Policy Based Routing Configurations 6500 and 4948 Switches
Hello!
I'm looking for good examples of the strategy for the 6509 and 4948-based routing Configuration.
I have installation of base ACB, but can not find good IPSLA configurations to pair with them.
The 4948 has IPSLA, but doesn't seem to have orders to attach it to the ACB roadmap.
I'm not find effective IPSLA configurations for the 6500 as well.
My hope is that someone has config IPSLA I can use, or direct me to an example of configuration is complete.
This is for the redirection of a WAN accelerator to monitor.
What I have so far for the 4948:
interface GigabitEthernet1/11
Description to_dis_pri:g2/0/11
No switchport
IP 11.11.11.10 255.255.255.252
political ownership intellectual-card route Silverpeak
Speed 1000
full duplexSilverpeakACL extended IP access list
IP enable any 12.12.12.0 0.0.0.255ALS IP 99
ICMP echo - 14.14.14.14
Timeout 2000
frequency 10
Annex IP SLA 99 life never start-time nowSilverpeak allowed 10 route map
corresponds to the IP SilverpeakACL
IP 14.14.14.14 jump according to the valueI don't see how this will stop Policy Based Routing in the event where the WAN Accelerator dies.
If you know where I can get the config, or give it here, I would be very happy!
Hi Ganesh, It did take that command, and this is the output:: #sho track 99 Track 99 IP SLA 99 reachability Reachability is Up 1 change, last change 00:00:16 Latest operation return code: OK Latest RTT (millisecs) 1 Will this tie it all together? Also, will this be the same config for the 6509?
Hello
I think that you apply IP SLA on edge device where you want automatic failover, if she applies then the 6509.
Once this output is ok then apply the command track with map of the route according to the first post.
It could be that useful...
-GI
Rate if this can help...
-
Hei guys,.
Please help me on this one because I'm stuck enough on her...
I am trying to connect to a Cisco 3700 router configured as a VPN server by using a VPN client and the VPN connection does not settle.
This is an extract from the log:
130 12:48:30.585 07/01/11 Sev = Info/5 IKE / 0 x 63000001
Peer supports XAUTH
131 12:48:30.585 07/01/11 Sev = WARNING/3 IKE/0xE3000057
The HASH payload received cannot be verified
132 12:48:30.600 07/01/11 Sev = WARNING/2 IKE/0xE300007E
Failed the hash check... may be configured with password invalid group.
133 12:48:30.600 07/01/11 Sev = WARNING/2 IKE/0xE300009B
Impossible to authenticate peers (Navigator: 904)
134 12:48:30.600 07/01/11 Sev = Info/4 IKE / 0 x 63000013
SEND to > ISAKMP OAK INFO (NOTIFY: INVALID_HASH_INFO) for 200.100.50.173I enclose the whole journal extract... The message "BOLD" is quite obvious, you mean, but I'm 100% sure, in the login entry, I typed correctly the group password: pass
My topology is very basic, as I am setting this up only to get a clue of the operation of the Cisco VPN. It is built in GNS3:
-2 3700 routers: one of them holds the configuration of the VPN server and the other would be the ISP through which the remote worker would try to establish a VPN connection. I am also attaching the configuration file for the router configured as a VPN router.Behind the second router there is a virtual XP machine on which I have installed VPN client...
My connection entry in the customer is to have the following parameters:
Host: 200.100.50.173 , //which is the IP address of the VPNServer
Authentication-> authentication-> name group: grup1 password: pass / / I'm quite positive that I typed the correct password... even if the log messages are linked to a misidentification.I use public addresses only, because I noticed there is a question about behind the NAT VPN connections and is not not very familiar to the NAT.
Another aspect which can be of any importance is that "allow Tunneling of Transport" in the tab Transport to the input connection is disabled
and the VPNServer router logs the following error message when you try to establish the connection:
* 01:08:47.147 Mar 1: % CRYPTO-6-IKMP_NOT_ENCRYPTED: IKE 200.100.50.34 package was not encrypted and it should have been.
* 01:08:47.151 Mar 1: % CRYPTO-6-IKMP_NOT_ENCRYPTED: IKE 200.100.50.34 package was not encrypted and it should have been.You have no idea why I can't connect? Y at - it something wrong with my configuration of VPN server... or with the connection entry in the VPN client?
Thank you
Iulia
Depending on the configuration of the router, the group name is grup1 and the password is baby.
You also lack the ipsec processing game that you would need to apply to the dynamic map.
Here is an example configuration for your reference:
http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_configuration_example09186a0080235197.shtml
Hope that helps.
-
The incomplete 1941W Cisco router configuration
Good day all.
I was running a business of small ecommerce for the last 5 years on a Linksys wireless router. Now that I have more than 14 posts and 6 networked printers, it was time to take a step towards the top.
I bought a 1941W SRI CISCO to take us to the Gigabit speed in the next decade with a CISCO switch. I assume that the 1941W, although robust with scalability, would provide the installation of it, simple as the product Linksys (Cisco) or at least a simple 1-2-3 How to get basic connections made. I was wrong and now I find that I have some difficulty to negotiate Internet on the router again.
Included below is my config NVRAM. I hope someone could tell where I can have a few gaps in my config.
Please note: this config is derived from an example on the net that seemed simple enough, so if you find yourself asking, "why did do that?", I hope that this provides the perspective.
TEST router configuration
28/07/2010Objective: Complete the basic configuration to connect (and ping) to the internet
Problem: Cannot conect to the internet; Incomplete suspected configuration; Maybe bad config NAT or DNS issue
Comments: In the process.TEXT OF HYPERTERMINAL CONNECTION TO THE CONSOLE:
User access audit
User name: admin
Password:TESTROUTER > activate
Password:
TESTROUTER #ping 8.8.8.8Type to abort escape sequence.
Send 5, echoes ICMP 100 bytes to 8.8.8.8, time-out is 2 seconds:
.....
Success rate is 0% (0/5)TESTROUTER #show config
With the help of 2615 off 262136 bytes
!
! 01:33:34 CST configuration was last modified Thursday, July 29, 2010 by admin
!
version 15.0
no service button
tcp KeepAlive-component snap-in service
a tcp-KeepAlive-quick service
horodateurs service debug datetime msec show-time zone
horodateurs service log datetime msec show-time zone
encryption password service
!
hostname TESTROUTER
!
boot-start-marker
boot-end-marker
!
logging buffered 16000
recording console critical
enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXX
enable password 7 XXXXXXXXXXXXXXXX
!
AAA new-model
!
!
AAA authentication login default local
the AAA authentication enable default
!
!
!
!
!
AAA - the id of the joint session
iomem 10 memory size
clock timezone CST - 6
Service-module wlan-ap 0 autonomous bootimage
!
No ipv6 cef
no ip source route
inaccessible 2000 IP icmp rate-limit
IP icmp rate-limit unreachable DF 2000
IP cef
!
!
!
!
no ip bootp Server
no ip domain search
8.8.8.8 IP name-server
IP-server names 8.8.4.4
name of the IP-server 209.18.47.61
name of the IP-server 209.18.47.62
Authenticated MultiLink bundle-name Panel
!
!
!
license udi pid CISCO1941W-A/K9 sn XXXXXXXXXXX
ISM HW-module 0
!
!
!
admin password username 7 XXXXXXXXXXXX
!
!
!
!
!
!
interface GigabitEthernet0/Wlan-0
Description interface connecting to the AP the switch embedded internal
Shutdown
!
interface GigabitEthernet0/0
Description of connection to the internet to transfer Ethernet/fiber TWC (ISP)
address IP AA. BB. CC.149 255.255.255.0
IP access-group 115 to
no ip unreachable
no ip proxy-arp
NAT outside IP
IP virtual-reassembly
no ip-cache cef route
no ip route cache
automatic duplex
automatic speed
No cdp enable
!
wlan-ap0 interface
description of the Service interface module to manage the embedded AP
no ip address
ARP timeout 0
No mop enabled
No mop sysid
!
interface GigabitEthernet0/1
Internal description of the connection to the local network
IP 10.10.10.1 255.255.255.0
IP access-group 116 to
no ip proxy-arp
IP nat inside
IP virtual-reassembly
no ip-cache cef route
no ip route cache
automatic duplex
automatic speed
No cdp enable
No mop enabled
!
interface Vlan1
no ip address
Shutdown
!
IP forward-Protocol ND
!
no ip address of the http server
no ip http secure server
!
IP nat inside source list 1 interface GigabitEthernet0/0 overload
IP route 0.0.0.0 0.0.0.0 AA. ABM CC.1
IP route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
!
access-list 1 permit 0.0.0.0 255.255.255.0
access-list 115 deny ip 127.0.0.0 0.255.255.255 everything
!
not run cdp!
!
control plan
!
!
Line con 0
line to 0
line 67
no activation-character
No exec
preferred no transport
transport of entry all
transport output pad rlogin lapb - your MOP v120 udptn ssh telnet
line vty 0 4
password 7 XXXXXXXXXXXXXX
!
Scheduler allocate 20000 1000
endTESTROUTER #.
END OF HYPERTERMIAL TO THE TEXT OF THE CONSOLE
Thanks in advance to those who consider a response.
Daniel
Daniel
You have a LCD 115 on the external interface and it is just a line in this acl which is a refusal. Be aware that an acl has implicit deny all the end anyway so basically that this acl blocking all incoming which responses return icmp (ping) traffic. Because you run the command ping to the router using an IP address not not a DNS then NAT or DNS name is a problem at present.
I suggest that rewrite you the acl - 115
access-list 115 permit icmp host 8.8.8.8 entire echo response
and test again with your ping. If it works then it's the acl that is the problem and you need to write your acl so that is what you want to allow before that you want to deny.
Jon
-
Find the best modem / router configuration.
Be 'stuck' with wimpy CenturyLink DSL service (read 4 Mbps), I try to get every ounce of speed that I can with my configuration of a Wi - Fi. The material in question is a Technicolor C1100T modem/router/WiFi and a current model Apple AirPort Extreme.
The question is, whose Setup is faster:
[A] C1100T in Bridge Mode (i.e. modem only) > AirPort Extreme all the PPPoE router / WiFi work, or
[B] C1100T modem handling / PPPoE - router work > AirPort Extreme in Bridge Mode, just do a Wi - Fi connection?
The C1100T goes only up to speed "n" where the Airport manages 'ac '. So my thought is the configuration 'B' may have an advantage. I thought I would ask the collective wisdom of the community of Apple before playing with all the related parameters. Speaking of which, overall the Apple hardware, the PPPoE "Account name" is always shown as formatting as an email (e.g. [email protected]) address. In the C1100T admin settings, the PPP username (PPPoE) is in the format ABC123456789. Formats in the case of AirPort Utility parameters (i.e. it will accept Qwest format)?
As long as we talk about press speed, are there any other tricks, for example by selecting the best channels 2.4 GHz and 5 GHz (assuming that one is faster than the other)? Literally, living in the Woods, there is no one else around with any related Wi - Fi signal to interfere.
As always, thanks for the help!
The question is, whose Setup is faster:
[A] C1100T in Bridge Mode (i.e. modem only) > AirPort Extreme all the PPPoE router / WiFi work, or
[B] C1100T modem handling / PPPoE - router work > AirPort Extreme in Bridge Mode, just do a Wi - Fi connection?
Not trying to be cute here, but if the products work correctly, the results will be the same.
However... speed could be one thing and another reliability. Setting PPPoE Apple are old and is not known for their reliability. As you know, in theory, you want the device that provides identification of connection information to connect directly to the Internet service. This would mean that have C1100T PPPoE c would probably be a better way to do things, reliability wise.
The C1100T goes only up to speed "n" where the Airport manages 'ac '. So my thought is the installation of 'B' may have an advantage
Not in terms of connection to the Internet. If you are thinking about speed on your local network, the airport would be the way to go. Just ignore the C1100T, or turn off the wireless feature if you feel that it can interfere with wireless the wireless AirPort.
Speaking of which, overall the Apple hardware, the PPPoE "Account name" is always shown as formatting as an email (e.g. [email protected]) address. In the C1100T admin settings, the PPP username (PPPoE) is in the format ABC123456789. Formats in the case of AirPort Utility parameters
No, but I would not use PPPoE over airport. If you have tons of time and be ready to experiment and put up with connections, more broken then you could try PPPoE on the airport.
As long as we talk about press speed, are there any other tricks, for example by selecting the best channels 2.4 GHz and 5 GHz (assuming that one is faster than the other)?
N ° the most convenient airport at startup, it automatically scans to select a channel that meets the criteria set by Apple engineers. As soon as it finds one, he chooses.
If someone really knew what could be the real criteria you had tons of time on your hands, in theory, it may be possible to guess and select a channel as good as who will pick up the airport.
-
HP ps 5520 eprint configuration which router configuration is necessary?
I need to configure on my ps hp eprint 5520, but it cannot download the firmware. The printer is properly installed via radio one by one 192.168.xxx.xxx local/static ip, dns is the high 8.8.8.8 and 8.8.4.4. the computer is on the same local area network and 7 64 home. the router is netgear dg 834. I tried to install the printer in the demilitarized zone, I tried to inbound and outbound on port 80 to 5347 and authorized installation service. THERE IS NO WAY TO INSTALL EPRINT.
Thanks for advantage
Problem is actively debated the post below.
Photosmart HP 5520. First installation cannot start configuration eprint. Could not be updated
-
The router configuration E3200 using USB Modem (wireless) to connect to internet
How to configure a router E3200 using a USB wireless modem to connect to internet? It's my only choice, I don't have a wired connection and I do not have telephone wires and there is no authority to act differently. PLEASE I NEED IMMEDIATE HELP. I WAS TOLD THAT I COULD DO THAT!
The only option is to use a computer to connect to the internet and then see the E3200 as access point and switch.
-
Failover for the RV320 router configuration
Hello
I have a RV320 router with a WAN connection to the office LAN and USB 3 G modem for failover.
However the switch is malfunctioning.
When I unplugged the cable to WAN it works as expected, the 3 G modem take longer after a few seconds.
But when I have trouble with connection overseas, WAN is still in place and the router is not switch to the 3 G modem.
Is it possible to configure the router so that regularly ping a specific IP address, and if the ping command fails, he move to the 3G connection?
Thank you.
The parameter you need is under System Management > Dual WAN
- Select 1 WAN, then click on modify.
-Under Network Service detection, you can specify an internet host to act as the trigger for failover.
-
The router configuration VPN VTI adding a third site/router
Hello
I currently have two cisco routers configured with a connection to a primary WAN interface and a connection to an Internet interface. I have a VPN configured using a VTI interface as a secondary path if the primary circuit WAN fails. IM also using OSPF as a dynamic routing protocol. Failover works and itineraries are exchanged. The question I have is that if I want to put a third-party router in this configuration I just add another interface tunnel with the tunnel proper Public source and destination IP and new IP addresses for a new tunnel network.
The current configuration of the VTI is below:Any guidance would be appreciated.
Thank you
Andy
Router1_Configurtation_VTI
crypto ISAKMP policy 1
BA 3des
preshared authentication
Group 2
ISAKMP crypto key Cisco12345 address 0.0.0.0 0.0.0.0
Crypto IPsec transform-set esp-3des esp-sha-hmac T1
Crypto IPsec profile P1
game of transformation-T1
!
interface Tunnel0
IP 10.0.1.1 255.255.255.0
IP ospf mtu - ignore
load-interval 30
tunnel source 1.1.1.1 Internet Source * Public
2.2.2.1 tunnel * Public Destination Internet destination
ipv4 IPsec tunnel mode
profile P1 IPsec tunnel protection
!
Router2_Configuration_VTI
crypto ISAKMP policy 1
BA 3des
preshared authentication
Group 2
ISAKMP crypto key Cisco12345 address 0.0.0.0 0.0.0.0
Crypto IPsec transform-set esp-3des esp-sha-hmac T1
Crypto IPsec profile P1
game of transformation-T1
!
interface Tunnel0
10.0.1.2 IP address 255.255.255.0
IP ospf mtu - ignore
load-interval 30
2.2.2.1 tunnel source * Source public Internet
1.1.1.1 tunnel * Public Destination Internet destination
ipv4 IPsec tunnel mode
profile P1 IPsec tunnel protection
Since this config is configuration of keys ISAKMP using address 0.0.0.0 0.0.0.0 is not required for a new encryption key isakmp with the new address of the site. Simply configure the VTI on the new router and one or both of the existing routers.
One of the aspects of this application that should consider the original poster, that's how they want data to flow when the third-party router is implemented. With both routers, you have just a simple point-to-point connection. When you introduce the third-party router do you want one of the routers to use hub? In this case, the hub router has tunnels each remote Ray. Each remote RADIUS has a tunnel to the hub. Talk about communication talk is possible but will have to go to the hub and then out to the other remote. The other option is a mesh configuration where each router has VTI tunnel to the other router.
HTH
Rick
-
891 wireless router configuration
I read somewhere when researching this router that the built in AP could be converted into a light and controlled device via a controller centralized. I'm trying to understand how to do this however I can't find any documentation that is supported. Someone at - it any information on that? Or does anyone have a decent example of how to configure the wireless at all? The documentation is very basic
Hello
The links below will provide us with the detailed explantion...
http://www.Cisco.com/en/us/prod/collateral/routers/ps380/data_sheet_c78-519930.html (support LWAPP)
http://www.Cisco.com/en/us/docs/routers/access/800/860-880-890/software/configuration/guide/wlan_ps380_TSD_Products_Configuration_Guide_Chapter.html (configuration of the access point for the standalone mode)
> If you need this add-on AP to act as a LWAPP AP then... enter in the CLI of the AP and the command
Archive Download-sw/force-reload/crush tftp: / /image
Concerning
Surendra
-
multiple server Raduis on Cisco router configuration
I have a cisco router, who works as a PPPoE NAS Server I need to configure multiple raduis servers each one is dedicated to an interface, so I will each of my clients to authenticate via the server correct raduis
Thanks in advance
Hello
a brief overview of the steps config:
AAA new-model
create 2 separate radius servers, use the modern syntax with host and key in the same line
host 10.1.1.1 XXXXXXXXX RADIUS server key.
radius-server host 10.1.1.2 key XXXXXXXXX
Create 2 separate aaa-servers in a group radgroup1 and radgroup2 and add each of the servers to a server group aaa
aaa group server radius radgroup1
server 10.1.1.1
aaa group server radius radgroup2
server 10.1.1.2create 2 lists different servers as a method of authentication with groups aaa:
AAA authenticate ppp login1 group radgroup1
AAA authenticate ppp Connexion2 group radgroup2
Use the two authetications on what appropriate interfaces:
Router (config) #interface {name-of-interface-1}
Router(Config-if) #ppp login1 chap authentication
Router (config) #interface {name-of-interface-2}
Router(Config-if) #ppp Connexion2 chap authentication
Rgds,
MiKa
-
General VPN router configuration
Hello experts,
I need to connect to a VPN with my router cisco a Cisco Asa version 7.2
I need advice to see if this configuration looks like just because I'm confused with the phases 1 & 2:
Phase 1 - required
Encryption PROTOCOL: IPSEC
VARIOUS - HELLMAN: GRUPO2
Encryption algorithm: 3DES
Hash: SHA
Lifetime: 86400 SECONDS
MODe: HAND
-I have configured:
key, testkey address 1.1.1.1 crypto ISAKMP xauth No.
crypto ISAKMP policy 21
BA 3des
preshared authentication
Group 2
* sha does not appear because I read that it is default
battery life does not appear
----------------------
Phase 2 - required
Encapsulation: ESP
Encryption: 3DES
Authentication: SHA
PFS: group2
Life expectancy: 8 hours
LIfetimeKB: 4608000
-I have configured:
Crypto ipsec transform-set esp-3des esp-sha-hmac test
17 3desmap of ipsec-isakmp crypto map
defined peer 1.1.1.1
Set transform-set test
PFS group2 Set
match the address acltest
My questions:
1. Transform-set phase is 2?
2. where can I configure the lifetime of 8 hours?
Thank you
the game of transformation is the phase 2 (and the isakmp policy is phase 1).
You can set the duration of life under the isakmp policy. I believe you can leave it as, and during the negotiation if the two peers differ on periods of life, she should choose the smallest value.
-
remote router configuration with EzVPN NEM by VPN
I have the following scenario: Some 836 routers Cisco EzVPN network are connected to a hub VPN 3005 in the main façade.
The work of LAN-to-LAN connection and I can also telnet via the VPN from a PC to the main façade of a router to a remote site using the address LAN IP of the remote router as a destination. But does not work for example do a "copy run tftp" on the remote router to the LAN of the main façade.
My questions now are:
Is it possible to transfer the remote routers configuration file or via the VPN IOS image between the remote router and the LAN at the main façade?
And, if possible, how do we?
Thanks in advance
Mark
When you make a "copy run tftp" from the remote router, it goes to the source of its external interface TFTP packets, not its interior. The external interface to your local network packets are NOT included in the list of packages to be encrypted, and therefore they lose.
You must specify the router to the source its TFTP packets from the interface IP address inside, then these will be correctly encrypted and sent through the tunnel.
The following command should do the trick for you:
IP tftp source-interface
Maybe you are looking for
-
I changed some numbers in a box at the start and I lost all my savedsites (Favorites)
everything still works, but I have lost all my saved searches
-
I can not install the audio driver for my Satellite A200 (PSAECE)
I bought a Satellite A200, and it has been pre-installed with Vista. I changed and made with Windows XP Home edition. I found all the drivers, but the driver audio sound not be install. I have download the version for the laptop on the Toshiba site,
-
How can I activate my ipod I disabled
How can I activate my ipod I disabled
-
Need driver of Bus SM for HP Pavilion G6-1b60us controller
I had to replace the hard drive on my HP Pavilion G6 1b60us, reinstalled an operating system of Windows 7, but finds it difficult to get a driver for the SM Bus controller. I tried other solutions suggested in the forums for those having a similar p
-
all users need to install the vista updates
I have several users on my Vista pc.Each user is being invited to install the Vista updates. Is this necessary? Can I download the updates only once and install for all users at once.Otherwise I'm Download 4 GB just to update my software.An update sh