Search results for query: *

I would set hte clocks on the SS Manualy, and then sync the CS1k to the sig servers, as their clocks tend to stay in sync better than the cs. Then when your customer hooked up the main lan, you can clock the sig servers to the customer AD / NTP Source. Bill

you need to enable the dns server on the router ip dns server Bill

I would move your lan to fe2-9, and assign your inside configuration from fe1 to Vlan1 (which by default is all of the 8 switch ports). Basically Fe0 and Fe1 are meant to be WAN ports, and the 8 port switch is for the LAN devices. Bill

Also make sure the ISP's gateway is pingable. Trying pinging 4.2.2.1 also I also cant remember if you need a x-over cable with an 1841. Bill

It shouldnt just "quit" working, Are you using a serial cable to the console port to program it? Bill

You can assign vlans directly to the interfaces of the switchcard if you want. setup the vlan's then switchport mode access vlan X on the interface Bill

Im pretty sure those cards are Layer2 only, you need to assign them to vlans RT(config-if)#no switchport mode RT(config-if)#ip address 1.1.1.1 255.255.255.0 % IP addresses may not be configured on L2 links FastEthernet0/0/1. Bill

You can modify your route map access lists so that certain traffic from the specific inside hosts always uses 1 interface Bill

Cisco actually explains it quite nicely and they recommend against setting a static route to a dhcp via the interface name. http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml "If you point a static route to a broadcast interface, the route is inserted into the...

No problem. I think burtsbees makes a living on these forums :D hah. I just browse when im trying to keep my knowledge up to date and challenge myself with more problems. Bill

Another note (Really wish you could edit on these forums): Change ip route 0.0.0.0 0.0.0.0 FastEthernet0 to ip route 0.0.0.0 0.0.0.0 dhcp Bill

Also do this: no ip cef accounting non-recursive Let us know how its been working. Bill

Technically you dont need to enable rip on it at all, if you dont need it, just disable it so its setup as a dumb switch. I'll wait till monday for any other suggestions when im sure burtsbees will chime in again also :) Bill

you could also play with these values to see what works out for you: I have used these for a home connection: ip nat translation tcp-timeout 512 ip nat translation udp-timeout 512 Look up the details on what they do, on cisco's website. Setting them lower causes the translation to expire...

The amount of connections you are establishing is causing the router to run out of memory. Can you post a Sh Run (wihtout passwords) so we can see what features are enabled? You might have to turn down the timeouts on connections to fix this. Also, you could upgrade the memory on the router...

Im assuming you added the NAT that burt suggested to the remote site, so that all traffic from that site appears to come from 200.2.10.1 Im pretty sure if you add a route on hte firewall to 172.22.1.0/24 Next Hop: 172.16.1.70 You could then remove the nat on the remote router. Im just trying...

Could you post the working configs so we can take a final look? Bill

Can you add the Remote Network (172.22.1.70/24) to the NAT on your firewall? Also, the remote network should only need 1 route on it, the default route of: ip route 0.0.0.0 0.0.0.0 200.2.10.2 Could you test both these scenarios and let us know? Bill

The Rsts, and Stray segments proved to just be crappy traffic. The http downloads were failing due to the edonkey p2p filter we had been using. You should never need the permit established when you use the CBAC/Zone firewalls. (Unless im wrong here, hah) Bill

you would add inspect ftp and inspect esmtp and such to handle higher level inspection of those protocols. In the case of ftp, its not just 1 port that it uses, and without the higher level of inspection (or deeper level whatever) it wont work properly. Bill