|
InferiorWang posted:I'm looking at a 2960G as the "backbone" for an iScsi HA cluster. What sort of configuration considerations should I have as far as VLANs go?
|
#
¿
Apr 16, 2007 17:13
|
|
|
|
| # ¿ Apr 19, 2024 08:53 |
|
|
I setup a VPN on a PIX 515e and connect with the Cisco VPN client software. It works great, however I'm no longer able to route to the Internet, just the private internal network. Is there a way to have it route ALL my traffic through the PIX. I know a split tunnel is possible, but I don't want to do that. I heard somewhere that a PIX can't route traffic out the same interface it comes in on, so what I'm asking may not be possible without a VPN concentrator or whatnot.
|
|
#
¿
Sep 22, 2007 20:54
|
|
|
XakEp posted:Out of curiosity, why dont you want to do a split tunnel?
|
|
#
¿
Sep 23, 2007 04:58
|
|
|
Tremblay posted:This is applicable to 7 and 8. If your are running 6 let me know and I can dig up that too.
|
|
#
¿
Sep 23, 2007 15:14
|
|
|
I have a pair of stacked 3750's with a couple VLANs. One VLAN is used for Internet based traffic and the other is private SAN traffic. I'd like to use an mtu of 9000 for the second vlan, however from what I've read the mtu can only be set system wide and not per interface or vlan. How will having a sys mtu of 9000 affect internet traffic that upstreams to a pair of ASA's that have an mtu of 1500?
|
|
#
¿
Dec 5, 2007 05:23
|
|
|
jwh posted:If someone has a box running 12.4(15)T1, or can get a box running 12.4(15)T1, I'd like to see if they can reproduce a CEF problem with SSL VPN and VRF.
|
|
#
¿
Dec 5, 2007 05:26
|
|
|
I want to VPN in to a ASA 5510. I'm confused by the webvpn, ssl vpn, easyvpn options. Can someone post a simple ipsec config for use with the cisco client, or even pptp if its supported. I want to authenticate local users only.
|
|
#
¿
Dec 7, 2007 08:01
|
|
|
Girdle Wax posted:Do you have ASDM installed on the device? If so, go to VPN in ASDM, click "VPN Wizard". It's probably the easiest and quickest way to configure VPN on an ASA/PIX. I don't believe its a firewall issue on my client side because I can connect to other L2TP VPNs just fine.
|
|
#
¿
Dec 7, 2007 18:24
|
|
|
Here is more info on error "789" when Windows XP tries to connect L2TP VPN to my ASA 5510. Says "Phase 2 Mismatch". I followed the sample on Cisco's site to the letter.code:code:brent78 fucked around with this message at 19:45 on Dec 9, 2007 |
|
#
¿
Dec 9, 2007 19:40
|
|
|
Tremblay posted:
|
|
#
¿
Dec 10, 2007 06:25
|
|
|
I have a pair of ASA 5520's protecting a cluster of around 40 servers. I want to create a class-map that will rate limit SSH and FTP connections by source IP to 5 per minute to cut down on dictionary attacks and the like. Can someone help be find the configuration I'm looking for?
|
|
#
¿
Dec 28, 2007 20:11
|
|
|
Is it possible to rate limit traffic by IP on a Catalyst 3750?
|
|
#
¿
Jan 26, 2008 01:58
|
|
|
Girdle Wax posted:If DirecTV already has some, they're probably not Nexus since I don't think it's shipping yet, the other Cisco full rack routers would be the CRS-1 single chassis, and I think there's also a GSR (XR) that takes up a full bay.
|
|
#
¿
Jan 29, 2008 06:37
|
|
|
I'm picking up a GigE IP circuit from Internap and going to push about 500 Mbit of traffic through it. I'm aggregating 12 cabinets which all use different subnets. What sort of router should I look at? I'm not doing BGP. Would a 3750 do this?
|
|
#
¿
Feb 27, 2008 00:39
|
|
|
inignot posted:internap is smoke and mirrors.
|
|
#
¿
Feb 27, 2008 01:27
|
|
|
inignot posted:I'm aware of that and acknowledged it in what you quoted. My point is that, at best, Internap is selling a voodoo black box that creates asymmetry as their competitive advantage without acknowledging it only works unidirectionally.
|
|
#
¿
Feb 27, 2008 05:32
|
|
|
I'm seeing poor speeds over an ipsec tunnel between two Cisco 3825's. I noticed that our DFS shares at each location are only replicating at about half the speed they should. I have outbound QOS on the routers set to 10 Mbit, however I never really see more than 5 Mbit. This got me thinking that maybe it's a MTU issue? netperf shows double the speed when using a udp_stream over tcp. netperf -t TCP_STREAM -H rwc-vm-dev Recv Send Send Socket Socket Message Elapsed Size Size Size Time Throughput bytes bytes bytes secs. 10^6bits/sec 87380 16384 16384 10.10 500.21 netperf -t UDP_STREAM -H rwc-vm-dev Socket Message Elapsed Messages Size Size Time Okay Errors Throughput bytes bytes secs # # 10^6bits/sec 126976 65507 10.00 18319 0 959.94 126976 10.00 0 0.00
|
|
#
¿
Apr 10, 2008 23:33
|
|
|
jbusbysack posted:nevermind, just read IPSEC tunnel, not metro ethernet like I thought.
|
|
#
¿
Apr 11, 2008 01:13
|
|
|
Can someone post or email a config for a Cisco AP1100 that's using WPA/TKIP, 802.1x / PEAP.
|
|
#
¿
Jan 19, 2009 21:06
|
|
|
I have a pair of stacked 3750's (love em), with a few vlans. One vlan carries public traffic, another is dedicated to SAN (iSCSI). I'd like to set the system mtu to 9000 to use jumbo frames on the SAN for better performance. What's going to happen to traffic on my public vlan that uses an mtu of 1500? Will it work?
|
|
#
¿
Jan 25, 2009 23:16
|
|
|
We're hiring a Network Engineer in Austin, TX. Must have CCNP or equivalent, will relocate. http://trionworld.com/career.php?jid=102
|
|
#
¿
May 25, 2009 15:56
|
|
|
I'm trying to configure a 3825 that I bought refurb. I throw a console cable on it and boot, but after the following messages I don't get a prompt or anything (I hit return multiple times). Any ideas? System restarted -- Cisco IOS Software, 3800 Software (C3825-ADVIPSERVICESK9-M), Version 12.4(24)T, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Wed 25-Feb-09 22:21 by prod_rel_team *Aug 22 00:03:56.967: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold start *Aug 22 00:03:57.515: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF *Aug 22 00:03:57.515: %CRYPTO-6-GDOI_ON_OFF: GDOI is OFF *Aug 22 00:03:57.515: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF *Aug 22 00:03:57.515: %CRYPTO-6-GDOI_ON_OFF: GDOI is OFF *Aug 22 00:03:57.731: %LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to administratively down After these last lines I get no response from the console
|
|
#
¿
Aug 22, 2009 05:14
|
|
|
Are there any small/free Windows apps that would allow me to access Cisco CDP information?
|
|
#
¿
Nov 5, 2009 21:14
|
|
|
I thought this would be appropriate for the thread. Configuring some switches for our new datacenter that will be all 10GbE. In this pic: 6509-V-E, Nexus 5010, ASR 1002, everything is redundant with VSS. Using the 5010's for top of rack aggregation back to the core. I have all this stuff running in the back of my office, no extra A/C. Get's about 82 degrees in there.
brent78 fucked around with this message at 23:55 on Jun 15, 2010 |
|
#
¿
Jun 15, 2010 23:53
|
|
|
Powercrazy posted:That looks extremely similar to what we might do for our data center. But we were planning on just keeping everything layer2 with cross chassis port channels between Nexus 5020s and the servers. What kind of topology are you going to use? brent78 fucked around with this message at 16:58 on Jun 16, 2010 |
|
#
¿
Jun 16, 2010 16:54
|
|
|
Powercrazy posted:Must be nice have blade chassis with 10G uplinks, lots of ours have individual 1G links which makes it a pain especially since Dell and Cisco went separate ways. http://h18000.www1.hp.com/products/blades/components/ethernet/10-10gb-f/index.html
|
|
#
¿
Jun 16, 2010 22:29
|
|
|
I need to find a contractor in the Sacramento, CA area that can do some BGP/routing work on some 3800's. Can someone point me in the right direction?
|
|
#
¿
Apr 14, 2011 21:56
|
|
|
Tremblay posted:How are you paying them? I'll ask if anyone is interested in pulling a side gig.
|
|
#
¿
Apr 15, 2011 04:05
|
|
|
Trying to configure an IPSEC tunnel on a 3925 (config)#crypto isakmp policy 10 ^ % Invalid input detected at '^' marker. Edit: Problem may be my image Version 15.0(1r)M6 c3900-universalk9-mz.SPA.150-1.M3.bin brent78 fucked around with this message at 08:20 on Jan 5, 2012 |
|
#
¿
Jan 5, 2012 08:07
|
|
|
Powercrazy posted:You are probably not using a "k9" IOS chain, so crypto doesn't exist. Alternatively it may be a licensing issue and you have to "activate" encryption, in addition to having a "k9" code. code:
|
|
#
¿
Jan 5, 2012 08:24
|
|
|
How / where do I buy the securityk9 license for a 3925 router? Cisco's website makes my head hurt.
|
|
#
¿
May 24, 2012 05:30
|
|
|
Cisco 2911/K9 (C2900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1) Shouldn't this be supported? code:
|
|
#
¿
Jul 24, 2012 03:28
|
|
|
|
| # ¿ Apr 19, 2024 08:53 |
|
|
Need a router that can do 500-800 Mbps of AES256 crypto. I'm looking at the ASR1001, but not familiar with the entire Cisco line these days.
|
|
#
¿
Sep 12, 2012 02:38
|
|