Lately I’m busy to configure Cisco IOS routers in combination with Remote offices where we place Meraki Appliances (like the MX64, MX65 or the Z1) When we do this we create also a VPN connection (site to site). In this setup the Main office has a Cisco IOS router. Configuration of the Main Office. (Cisco […]
Since a couple of years actually I noticed that when I use recent IOS versions on a Cisco ISR device. That there are some struggles with NAT rules in combination with a VPN client. In somecases you have to put the access-list for the NAT rule with a Permit like below. ip access-list extended ACL_OUTSIDE_NO_NAT
Cisco | IOS version difference in case of use NO_NAT Read More »
Some times you will see on a Cisco IOS router the following message in your show logging: 009357: Jul 8 09:28:22.214 CDT: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:104330552 1492 bytes is out-of-order; expected seq:104304632. Reason: TCP reassembly queue overflow – session <internal host>:1535 to <external host>:80 This message can be very annoying if you see it.
Get rid Cisco IOS router message: %FW-4-TCP_OoO_SEG: Dropping TCP Segment Read More »
Cisco ISP Failover IOS Router. Today I figured out I had a problem. With a tracking on the router with 2 ISP connections. After some trouble shooting I found the problem. And fixed it with the configuration below. Number of the track. So you can see which track is related to the default route. track 10 ip
ISP Failover Cisco IOS Router Read More »
How to simplify your access-list changes on a cisco IOS Router. There is a manner how to do this. The following steps you need to know or have to change are. 1. To know which access-list you need / want to change 2. The name of the access-list written as in the show running-config 3.
How to simplify your access-list changes on a Cisco IOS Router Read More »
Today I was busy with a configuration between a Cisco Router 871 and a Cisco Catalyst 2960. It was in an enviroment with lots of other switches ( Catalyst 3560 PoE ) So i had to create a good routing infrastructure. Situation: Cisco Catalyst 3560 ( main infrastructure ) Cisco Catalyst 2960 ( Customer infrastructure
Cisco Inter-vlan configuration Cisco Router 871 Cisco Catalyst 2960 Read More »
One-time passwords on Cisco routers Cisco routers preconfigured for SDM have default username/password cisco/cisco. As many users forget to disable or change the default username after configuring their router with SDM, they could end up with an exposed router. Cisco has patched this vulnerability in IOS release 12.4(11)T that includes the one-time password/secret option of
One-time passwords on Cisco routers Read More »
Below I put an example configuration of enabling the Wireless functionality of the Cisco Router Series 870W. This configuration is easier than what your options are in the webinterface. And now you can disable also the ip http server on the router with no ip http server. dot11 syslog ! dot11 ssid EXAMPLE authentication open
Configuration Example Wireless for a Cisco Router 87xW Read More »