Lately I’m busy to configure Cisco IOS routers in combination with Remote offices where we place Meraki Appliances (like the MX64, MX65 or the Z1) When we do this we create also a VPN connection (site to site). In this setup the Main office has a Cisco IOS router. Configuration of the Main Office. (Cisco […]
Since a couple of years actually I noticed that when I use recent IOS versions on a Cisco ISR device. That there are some struggles with NAT rules in combination with a VPN client. In somecases you have to put the access-list for the NAT rule with a Permit like below. ip access-list extended ACL_OUTSIDE_NO_NAT
Cisco | IOS version difference in case of use NO_NAT Read More »
Solved a problem with a Cisco IOS router in combination with office365. In the situation they used a proxy server from Trustwave Webmarshal. On the cisco router was configured that port 80 and 443 for users were denied so the users had to use the proxy server to go online. Webmarshal configuration: Needed information for
Few days ago. Me and my colleague were struggling with a configuration to enable internet access to a Fiber internet connection of KPN (it wasn’t a business line but a home user internet connection) To enable this configuration. You can do the following: On the internet interface (we used a HWIC-4ESW) the following commands. (With
Today I faced the problem to create a U-Turn on a IOS router for Cisco VPN Clients. The Red line is the internet traffic which is going to be used over the Cisco VPN client and the blue line is the normal internal LAN traffic. Well no I know how to do it and it
How to create a U-Turn on a Cisco IOS Router for a Cisco VPN Client Read More »
Today I was configuring a Cisco router ( ISR2 ) 3945 and on the moment that I configured the Radius settings for the VPN login. Did i get a message ( warning ) “The CLI will be deprecated soon ‘radius-server host <IP address>’ Please move to ‘radius server <name>’ CLI.” Well okay first was it
Change Radius-server host to Radius server Read More »
How to create a Site-to-Site VPN Between a cisco ASA to a Cisco IOS router with 2 BGP interfaces and a Loopback Interface. I had some days ago a problem. I had a vpn connection but there was no traffic going over this connection. Below in the diagram how I created this solution and how
Some times you will see on a Cisco IOS router the following message in your show logging: 009357: Jul 8 09:28:22.214 CDT: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:104330552 1492 bytes is out-of-order; expected seq:104304632. Reason: TCP reassembly queue overflow – session <internal host>:1535 to <external host>:80 This message can be very annoying if you see it.
Get rid Cisco IOS router message: %FW-4-TCP_OoO_SEG: Dropping TCP Segment Read More »
Few weeks ago I struggled with a configuration that contained BGP and NAT. First I made some really difficult configuration which worked in GNS3 but eventually it didn’t worked on a real router. [ My configuration is based on a cisco router 2951 ] To create a configuration with BGP and NAT you’ve to do
Simple cisco router configuration BGP [ 2 links] and NAT Read More »
Today I was lucky to work and had to add and additional IP range to an Fiber connection of a dutch ISP ( KPN ) And the company where I was working got an extra ip range on their fiber connection. the IPS redirect that ip range to your own router connect. which i configure
How to get another IP range on a KPN Fiber-connection internet. Read More »