[Help] IP NAT'ing between two Cisco routers

vanquish23

I have been trying to figure out this for the last two weeks and I am not getting anywhere with it.

Here is the topology I have:

Cisco 3640: (Connected to ISP)

Fa0/0: Connection to Cable Modem

Fa1/0: Connection to LAN (Laptops, Desktops, etc)

Fa2/0: Connection to Cisco 878 Wifi Router (Phone, PS3, Xbox)



Cisco 878 Wifi Router: (Running IOS does not support EIGRP, only RIP)

Fastethernet0: Connected to Cisco 3640, Fa2/0

Fastethernet1/2/3: Not used


-From the Cisco 3640, I can ping to 192.168.10.2 (fastethernet0 on Cisco 87
-From within the CLI of the Cisco 878 I can ping all devices transmitting Radio signals, Phone, PS3, wtc.
-From within the CLI of the Cisco 878 I can ping Google, fa0/0. fa1/0, fa2/0
-Phone and PS3 connect and authenticate with the Radio interfaces, and show up in the ARP table.

When I browse to 8.8.8.8 on my phone, or even Google, it returns nothing. When I do a connection test on the PS3, DHCP issues the PS3 an IP, but fails the Internet Check. I am not sure if I have my ACL's and NAT working correctly or if it is something else. About 3 weeks ago, I had the PS3 hard cables to the Cisco 3640 router and the PS3 worked fine. Thank you for your help!



Cisco 3640 Running Config:

Current configuration : 1859 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname SkynetPOProuter
!
!
ip subnet-zero
!
!
ip domain-name skynet.com
ip name-server x.x.24.10
ip name-server x.x.24.11
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface FastEthernet0/0
description WAN Connection to ISP
ip address x.x.75.202 255.255.252.0
ip nat outside
duplex auto
speed auto
no cdp enable
!
interface Serial0/0
no ip address
shutdown
clockrate 2000000
!
interface FastEthernet1/0
description Inside LAN to SkynetCore0
ip address 192.168.1.1 255.255.255.224
ip nat inside
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
!
interface Serial1/1
no ip address
shutdown
clockrate 2000000
!
interface FastEthernet2/0
description Link to Fa2/0 connection to SkynetWLAN
ip address 192.168.10.1 255.255.255.252
ip nat inside
ip summary-address rip 192.168.10.0 255.255.255.252
ip summary-address rip 192.168.5.0 255.255.255.224
ip summary-address rip 192.168.6.0 255.255.255.224
duplex auto
speed 100
!
interface Serial2/0
no ip address
shutdown
clockrate 2000000
!
interface Ethernet3/0
no ip address
shutdown
half-duplex
!
interface Serial3/0
no ip address
shutdown
!
router eigrp 1
redistribute connected
redistribute static
network 192.168.1.0
network 192.168.2.0
no auto-summary
!
router rip
version 2
network 192.168.5.0
network 192.168.6.0
neighbor 192.168.10.2
distance 1
no auto-summary
!
ip default-gateway x.x.72.1
ip nat inside source list 1 interface FastEthernet0/0 overload
no ip classless
ip route 0.0.0.0 0.0.0.0 x.x.72.1
ip route 192.168.10.0 255.255.255.252 FastEthernet2/0
ip http server
!
access-list 1 permit 192.168.0.0 0.0.255.255
!
!
dial-peer cor custom
!
!
!
!
line con 0
exec-timeout 60 0
line aux 0
line vty 0 4
login
!
end

Cisco 878 Wifi Running-Config

SkynetWifi#show run
Building configuration...

Current configuration : 5479 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SkynetWifi
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$k3vU$nlBT2Ofka4pK6BL1gmv3r/
enable password 7 05280F1C22431F5B4A44
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
!

dot11 syslog
!
dot11 ssid SkynetGuest
vlan 20
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 142E421E2F24243F037B27642C
!
dot11 ssid SkynetWLAN
vlan 10
authentication open
authentication key-management wpa
wpa-psk ascii 7 0026061255580A085E731F0F
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool VLAN10
import all
network 192.168.5.0 255.255.255.224
default-router 192.168.10.2
domain-name skynet.com
lease 30
!
ip dhcp pool VLAN20
import all
network 192.168.6.0 255.255.255.224
default-router 192.168.10.2
domain-name wr
!
!
ip domain name skynet.com
ip name-server x.x.24.10
ip name-server x.x.24.11
!
!
!
username skynetadmin privilege 15 password 7 096F471A1A0A4640584D
!
!
archive
log config
hidekeys
!
!
controller DSL 0
line-term cpe
!
!
bridge irb
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet0
description WAN Connection to SkynetCore0
switchport access vlan 2
!
interface FastEthernet1
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet2
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet3
switchport access vlan 10
spanning-tree portfast
!
interface Dot11Radio0
no ip address
no dot11 extension aironet
!
encryption vlan 10 mode ciphers tkip
!
encryption vlan 20 mode ciphers tkip
!
ssid SkynetGuest
!
ssid SkynetWLAN
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2412
station-role root
no cdp enable
!
interface Dot11Radio0.10
encapsulation dot1Q 10
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 spanning-disabled
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
!
interface Dot11Radio0.20
encapsulation dot1Q 20
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 spanning-disabled
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
!
interface Vlan1
no ip address
!
interface Vlan2
ip address 192.168.10.2 255.255.255.252
ip nat outside
ip virtual-reassembly
!
interface Vlan10
description SkynetWLAN
no ip address
ip nat inside
ip virtual-reassembly
bridge-group 10
bridge-group 10 spanning-disabled
!
interface Vlan20
description SkynetGuest
no ip address
ip nat inside
ip virtual-reassembly
bridge-group 20
bridge-group 20 spanning-disabled
!
interface BVI10
description Bridge to Internal Network
ip address 192.168.5.1 255.255.255.224
ip nat inside
ip virtual-reassembly
!
interface BVI20
description Bridge to Guest Network
ip address 192.168.6.1 255.255.255.224
ip nat inside
ip virtual-reassembly
!
router rip
version 2
network 192.168.5.0
network 192.168.6.0
neighbor 192.168.10.1
distance 1
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.10.1
!
ip http server
ip http secure-server
ip nat inside source list 1 interface FastEthernet0 overload
!
access-list 1 permit 192.168.0.0 0.0.255.255
!
!
!
control-plane
!
bridge 10 route ip
bridge 20 route ip
!
line con 0
password 7 123A0C0411045D56796A
no modem enable
line aux 0
line vty 0 4
!
scheduler max-task-time 5000

Routing Protocol is "eigrp 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 1
Redistributing: connected, static, eigrp 1
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
192.168.1.0
192.168.2.0
Routing Information Sources:
Gateway Distance Last Update
Distance: internal 90 external 170

Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 16 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: rip
Neighbor(s):
192.168.10.2
Default version control: send version 2, receive version 2
Automatic network summarization is not in effect
Address Summarization:
192.168.10.0/30 for FastEthernet2/0
192.168.5.0/27 for FastEthernet2/0
192.168.6.0/27 for FastEthernet2/0
Maximum path: 4
Routing for Networks:
192.168.5.0
192.168.6.0
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 1)

atorven

The problem is interface FastEthernet0 on the wireless device connecting to the 3640, you either need to make it a layer 3 interface or a trunk.

vanquish23

Well I applied switchport access vlan 2 to fastethernet0, because the ports are only switchport capable. So you think this Cisco 878 will not work for this design?

• 4-port 10/100 managed switch with VLAN support

Routing Protocols and General Router Features

• Routing Information Protocol (RIPv1 and RIPv2)
• Layer 2 Tunneling Protocol (L2TP)
• Cisco Express Forwarding (CEF) Port Address Translation (PAT)
• RFC 1483/2684
• Point-to-Point Protocol over ATM (PPoA) (DSL models only)
• PPP over Ethernet (PPPoE)
• 802.1d Spanning Tree Protocol (STP)
• Dynamic Host Control Protocol (DHCP) server/relay/client
• Access control lists (ACLs)
• Generic routing encapsulation (GRE)
• Dynamic DNS Support for Cisco IOS

http://www.cisco.com/en/US/prod/collateral/routers/ps380/ps6200/product_data_sheet0900aecd8028a976.html

vanquish23

Also, I found out that the Cisco 878 by default runs Advanced Security services IOS, and that I might need Advanced IP services for Vlan and routing protocols, which require Fash and possible DRAM upgrade.

Hondabuff

Your DHCP pools are not handing out a DNS IP.

vanquish23

Hondabuff wrote: »

Your DHCP pools are not handing out a DNS IP.

Corrected that, and still not working.

vanquish23

atorven wrote: »

The problem is interface FastEthernet0 on the wireless device connecting to the 3640, you either need to make it a layer 3 interface or a trunk.

I made the Cisco 878 fastethernet0 a truck port. Now I am getting up/down on the fastethernet2/0 on the Cisco 3640. I am unable to make Fa2/0 a truck port. I thought upgrading the IOS to c3640-ik9o3s-mz.124-25d would work, since it supports 802.1q and 802.1x but I am unable to apply the commands to fa2/0 on the Cisco 3640 fa2/0.

Features
Half bridge/half router for CPP and PPP
RSVP - Resource Reservation Protocol
PPP
IP Routing
Local Area Transport (LAT)
Protocol Translation (PT)
Network Time Protocol (NTP)
Remote Source-Route Bridging (RSRB)
CT1/RBS (Robbed Bit Signaling)
Enhanced Local Management Interface (ELMI)
Frame Relay FRF.9 Payload Compression
Multihop VPDN
CEF/dCEF - Cisco Express Forwarding
Time-Based Access Lists
L2TP Layer 2 Tunneling Protocol
OSPF Packet Pacing
IEEE 802.1Q VLAN Support
IP Multilayer Switching (IP MLS)
X.25 Load Balancing
Dynamic Multiple Encapsulation for Dial-in over ISDN
Low Latency Queueing (LLQ)
PRI/Q.931 Signaling Backhaul for Call Agent Applications
Bidirectional PIM
QSIG Protocol Support
RSVP support for LLQ
Parser Cache
NAT - Support for NetMeeting Directory (Internet Locator Service - ILS)
CUG Selection Facility Suppress Option
Frame Relay Fragmentation with Hardware Compression
RSVP Support for Frame Relay
PPPoE Radius Port Identification
X.25 Closed User Group
AAA Server Group
X.28 Emulation
RADIUS
ISO CLNS
DLSw V2
IPSec Network Security
Circuit Interface Identification Persistence for SNMP
Secure Shell SSH Terminal-line access
PPPoE Client
DHCP Option 82 Support for Routed Bridge Encapsulation
AAA DNIS Map for Authorization
OSPF Stub Router Advertisement
VPDN Group Session Limiting
Two-Rate Policer
IPSec MIB Support for Cisco IPSec VPN Management
Frame Relay Access Support (FRAS) Host
DLSw+ Peer Group Clusters
Customer Profile Idle Timer Enhancements for Interesting Traffic
Redial Enhancements
Multicast Source Discovery Protocol (MSDP)
Asynchronous Line Monitoring
SIP - Session Initiation Protocol for VoIP Enhancements
SLB: Stateless Backup
SLB: Alternate IP Addresses
SLB: TCP Session Reassignment
SLB: Slow Start
Commented IP Access List Entries
ISDN-NFAS with D Channel Backup
IP Precedence for GRE Tunnels
RIF Passthru in DLSw+
Dialer Idle Timer Inbound Traffic Configuration
Multi-Chassis Hunting for Voice over Frame Relay
QoS Packet Marking
Frame Relay - Multilink (MLFR-FRF.16)
BGP Named Community Lists
SIP - Intra-gateway Hairpinning
DHCP Server - On Demand Address Pool Manager
SNMP Support for vLAN (ISL, DOT1Q) Subinterfaces
Dialer Map VRF Aware
Dialer Watch Connect Delay
Generic Routing Encapsulation (GRE) Tunnel Keepalive
NBAR Real-time Transport Protocol Payload Classification
SIP - Enhanced Billing Support for Gateways
RADIUS Route Download
VoiceXML For Cisco IOS
Digital J1 Voice Support
X.25 Over TCP Profiles
IGMP Snooping
Switch Port Analyzer (SPAN) - Multiple Source Port Selection
Spanning Tree Protocol (STP) - Uplink Fast Convergence
Pre-fragmentation For Ipsec VPNs
IS-IS HMAC-MD5 Authentication
MGCP PRI backhaul and T1-CAS support for Call Manager (IP-PBX)
MGCP Standalone Remote Office Support for Call Manager (IP-PBX)
Frame Relay Tunnel Switching
Multicast-VPN: Multicast Support for MPLS VPN
BGP Hybrid CLI Support
IS-IS Mechanism to Exclude Connected IP Prefix from LSP Advertisements
BGP Policy Accounting Output Interface Accounting
Enhanced Debug Capabilities for Cisco Voice Gateways
Modular QoS CLI (MQC) Three-Level Hierarchical Policer
X.25 Terminal Line Security for PAD Connections
SIP - Redirect Processing Enhancement
Multiclass Multilink PPP
SIP and H.323 Fax Enhancements
VPDN Multihop by DNIS
Mobile IP - Generic NAI Support and Home Address Allocation
Mobile IP - Proxy Mobile IP and Proxy CHAP
Mobile IP - Private Addressing Support
GRE Tunnel IP Source and Destination VRF Membership
OSPF Support for Fast Hellos
V.92/V.44 Support for Digital Modems
ATM Cell Loss Priority (CLP) Bit Marking
H.323v4 - Enhanced Call Usage Reporting
Manual certificate enrollment (TFTP and cut-and-paste)
No Service Password-Recovery
RSVP Message Authentication
IP SLAs - Scheduler
Frame Relay Switched Virtual Circuits (SVC) over ISDN
CallManager Express (CME) 3.0
Direct http enroll with CA servers
SNMP Support over VPNs - Context Based Access Control
Cisco IOS Certificate Server
VoIP Internal Error Codes
VLANs over IP Unnumbered Sub-Interfaces
Synchronous Data Link Control (SDLC)
Accounting server connectivity failure and recovery detection
Mobile IP - HA Redundancy for Dynamic Mobile Networks
NAT - Rate Limiting NAT Translation
SIP - Debug Output Filtering Support
PPP MLP MRRU negotiation configuration
IPv6 Policy-Based Routing
Key Rollover for Certificate Renewal
Memory Leak Detector
IPv6 QoS: MQC Weighted Random Early Detection (WRED)-Based Drop
IPv6 Access Services: PPPoE
OSPF Area Transit Capability
SNMP over IPv6
TACACS+ Per VRF
MPLS VPN VRF Selection using PBR (Policy Based Routing)
Mobile IP - Foreign Agent "Local Routing" of mobile
Enhanced cRTP for links with high delay, packet loss and reordering
IPv6 Multicast: Bootstrap Router (BSR)
NAT - Support for H.323 Fragmented Control Messages
BGP Support for Sequenced Entries in Extended Community Lists
MGCP Fax Rate Control
SIP - Gateway HTTP Authentication Digest
Monitoring Control Characters on Async Lines
L2TP - IPSEC Support for NAT and PAT Windows Clients
ClickStart
Snapshot routing
Lock and Key
SRB - Source-Route bridging
BSTUN (Block Serial Tunneling)
Channelized E1 Signaling
DLSw+ SNA Type of Service
X.25 over TCP (XOT)
PPP over ATM
CLI String Search
Mobile IP
ISDN LAPB-TA
IS-IS Multiarea Support
Asynchronous Rotary Line Queuing
Dial Peer Enhancements
DHCP Client
WCCP Redirection on Inbound Interfaces
PPP over ATM SVCs
ISDN Progress Indicator support for SIP using 183 Session Progress
Tunneling of Asynchronous Security Protocols
SDLC-to-LAN conversion (SDLLC)
IPv6 (Internet Protocol Version 6)
DF Bit Override Functionality with IPSec Tunnels
BGP Link Bandwidth
SIP - Gateway support for Third Party Call Control
Distinguished Name Based Crypto Maps
H.323 Call Redirection Enhancements
Challenge Handshake Authentication Protocol (CHAP)
Advanced Voice Busyout (AVBO)
OSPF ABR type 3 LSA Filtering
Crashinfo Support
Timer and Retry Enhancements for L2TP and L2F
V.92 Modem on Hold
Optimized PPP Negotiation
DHCP Server Options - Import and Autoconfiguration
BGP Soft Reset
Inter-Domain Gateway Security Enhancement
IGMP Version 2
Transparent Bridging
Local Proxy ARP
Multicast NAT
Gatekeeper Ecosystem Interoperability
Answer Supervision Reporting
SLB: Delayed Removal of TCP Connection Context
Busyout Monitor
Open Settlement Protocol (OSP)
SIP - INVITE Request with Malformed Via Header
IPv6 Services: DNS Lookups over an IPv6 Transport
Large Scale Dial Out (LSDO) VRF Aware
SIP - Gateway Support of TEL URL
Spanning Tree Protocol (STP) - Portfast BPDU Guard
Internal Cause Code Consistency between SIP and H.323
SIP - INFO Method for DTMF Tone Generation
Multicast Music on Hold support for Call Manager (IP-PBX)
TCL IVR 2.0 Call Initiation and Callback
VoIP and Policy Based Routing (PBR) Interoperability
DLR Enhancements: PGM RFC-3208 Compliance
Auditing Raw Buffers on a Channel Associated Signaling Interface
Mobile IP - NAT Detect
SIP - Enhanced 180 Provisional Response Handling
Dynamic Multipoint VPN (DMVPN) Phase 1
IPSec Through Network Address Translation Support
Percentage-Based Policing and Shaping
Mobile IP - IPSec for HA-FA Tunnel
MLPPP Bundling - DSL Interfaces
Easy VPN Remote Enhancements
HTTPS - HTTP with SSL 3.0
Mobile IP - HA Accounting
Mobile IP - Mobile Networks Tunnel Templates for Multicast
SIP - ISDN Suspend/Resume Support
VRF aware IPsec
Gateway Codec Order Preservation and Shutdown Control
Firewall Authentication Proxy for FTP and Telnet Sessions
IS-IS Incremental Shortest Path First (i-SPF) Support
ISDN Generic Transparency Descriptor (GTD) for Setup Message
IP SLAs - Frame Relay Interfaces
GLBP MD5 Authentication
Import of RSA keypair in PEM format
VoIP Debug Filtering
Integrated ISIS Global Default Metric
NetFlow Input Filters
ACL IP Options Selective Drop
NAT - Performance Enhancement - CEF Switching Support
NBAR User-Defined Custom Application Classification
SEAL Encryption
TCP - Explicit Congestion Notification
RBSCP (Rate Based Satellite Control Protocol)
NAT - Stateful Fail-over for Embedded Addressing
IPv6 Multicast: PIM Sparse Mode (PIM-SM)
OSPF Link State Database Overload Protection
EIGRP MPLS VPN PE-CE Site of Origin (SoO)
BGP Support for Dual AS Configuration for Network AS Migrations
NAT - Stateful Fail-Over - Asymmetric Outside-to-Inside Support
BGP Support for Named Extended Community Lists
NAC - Network Admission Control
VRRP MD5 Authentication
Easy VPN Remote Phase 4.1 Enhancements
CNS - Frame Relay Zero Touch
Default Route on a PPP Virtual Access Interface
EzSDD Phase III
OER Support for Policy-Rules Configuration and Port-Based Prefix Learning
Class-Based Packet Marking Enhancements
ARP-Auto Logoff
Easy VPN Remote Web Based Activation
Mobile IP - Mobile IPv6 Home Agent
IPSec Anti-Replay Window: Expanding and Disabling
Granular Protocol Inspection
VRF Aware Cisco IOS Firewall
Frame Relay Traffic Shaping (FRTS)
Virtual Private Dial-up Network (VPDN)
Automatic modem configuration
STUN (Serial Tunnel)
Policy-Based Routing (PBR)
BGP
Downstream PU concentration (DSPU)
Virtual Profiles
Layer 2 Forwarding-Fast Switching
MS-CHAP Version 1
Named Method Lists for AAA Authorization and Accounting
Firewall Feature Set
Parse Bookmarks
DHCP Server
IPSec Triple DES Encryption (3DES)
WCCP Version 2
Airline Product Set Enhancements (MATIP)
DLSw+ Ethernet Redundancy
IP Multicast Multilayer Switching (MMLS)
Secure Shell SSH Version 1 Integrated Client
Source Specific Multicast (SSM)
Interface Range Specification
Class Based Ethernet CoS Matching & Marking (802.1p & ISL CoS)
Voice Over IP (VoIP)
EIGRP Stub Routing
Certification Authority Interoperability (CA)
IKE Mode Configuration
Switched Multimegabit Data Service (SMDS)
ISDN Leased Line at 128kbps
ATM-DXI
SLB (Server Load Balancing)
Netflow Multiple Export Destinations
MGCP CAS PBX and AAL2 PVC
Control Plane DSCP Support for RSVP
MGCP Basic CLASS and Operator Services
SIP - Diversion Header Implementation for Redirecting Number
TCL IVR Disconnect Cause-Code Manipulation
X.25 Annex G Session Status Change Reporting
Class-Based Frame-Relay DE-Bit Matching and Marking
CNS - Event Agent
Connection-Mode Network Service (CMNS)
NAT - Stateful Fail-over of Network Address Translation (SNAT) Phase 1
Diffie-Hellman Group 5
Frame Relay Access Support (FRAS) Border Access Node (BAN)
V.120 Support
SLB: Server NAT
Enhanced Password Security
HSRP - Hot Standby Router Protocol and IPSec
SLB: SynGuard
SLB: Maximum Connections
SLB: Client-Assigned Load Balancing
SLB: Automatic Unfail
SLB: Weighted Round Robin
NetFlow Policy Routing (NPR)
ISDN Cause Code Override
RADIUS for Multiple User Datagram Protocol Ports
Custom Queueing (CQ)
Frame Relay Switching
PIM Multicast Scalability
CNS - Flow Through Provisioning
DHCP Server - Option to Ignore all BOOTP Requests
DHCP Client - Dynamic Subnet Allocation API
SIP - DNS SRV RFC2782 Compliance
IKE - Initiate Aggressive Mode
IEEE 802.1Q ISL VLAN Mapping
Broadcast/Multicast Suppression
Classless InterDomain Routing (CIDR) IP Default Gateway
Spanning Tree Protocol (STP) - Backbone Fast Convergence
Quality of Service (QoS) Queuing
Voice DSP Control Message Logger
SIP - Multiple 18x Responses
IPv6 Services: Extended Access Control Lists
Multicast Subsecond Convergence
Gateway Load Balancing Protocol (GLBP)
BGP Route-Map Policy List Support
BGP Convergence Optimization
Privilege Command Enhancement
VoIP Outgoing Trunk Group Identification and Carrier ID for Gateways
ATM Multilink PPP Support on Multiple VCs
ATM Subinterface MIB/Traps
NAT - Default Inside Server Enhancement
IPv6 QoS: (Quality of Service)
Mobile IP - Single IDB Tunnel Support
Mobile IP - Support NAI Based MNs that are serviced by many HAs
Cisco IOS Telephony Service (ITS) Version 2.01
Cisco IOS Telephony Service (ITS) Version 2.02
SRST: Survivable Remote Site Telephony Version 2.02
HTTP 1.1 Web Client
Firewall N2H2 Support
IPv6 Tunneling: ISATAP Tunnel Support
SRST: Survivable Remote Site Telephony Version 2.1
Bridge Control Protocol (BCP) Support
Source Interface Selection for Outgoing Traffic with Certificate Authority (CA)
IP SLAs - Path Jitter Operation
IP SLAs - SNA LU2 Echo
BGP Route-Map Continue
Source Specific Multicast (SSM) Mapping
Authorization for Protocol Translation
Invalid Special Parameter Index (SPI) Recovery
Loadsharing IP packets over more than six parallel paths
Netflow Multicast Support
Performance Enhancements for IOS ACL
PPPoE Service Selection
IEEE 802.1x - VPN Access Control
OSPF MIB Support of RFC 1850 and Latest Extensions
Silent Operation Mode
CEF Support for Dialer Profile
Integrated ISIS Protocol Shutdown Support Maintaining Configuration Parameters
IPv6 QoS: MQC Packet Classification
IPv6 QoS: Queueing
IPv6: ICMPv6 Redirect
IPv6 Data Link: VLANs using IEEE 802.1Q Encapsulation
IPv6 Access Services: AAA Support for Cisco VSA IPv6 Attributes
AutoQoS for the Enterprise - Suggested Policy
Virtual Fragmentation Reassembly
Policy Based Routing: Recursive Next Hop
IPSec and Quality of Service
X.25 Station Type For ISDN D-Channel Interface
Configuration Replace and Configuration Rollback
Crypto Access Check
IPv6 Access Services: DHCPv6 Relay Agent
Role-Based Access Control CLI commands (RBAC)
MLPP for Cisco IOS Voice Gateways
IPv6 BSR Bi-Dir support
Email Inspection Engine
VoIP Alternate Path Fallback SNMP Trap
FTP Support for Downloading Software Images
Compression Control Protocol
OSPF Not-So-Stubby Areas (NSSA)
Tacacs SENDAUTH function
OSPF On Demand Circuit (RFC 1793)
Fast-Switched SRTLB
Multichassis MultiLink PPP (MMP)
IP Named Access Control List
BGP 4 Soft Config
Native Client Interface Architecture (NCIA) Server
ISDN Caller ID Callback
MS Callback
Committed Access Rate (CAR)
Flow-Based WRED
Class Based Weighted Fair Queuing (CBWFQ)
Frame Relay End-to-End Keepalive
IP SLAs - FTP Operation
Voice Busyout Enhancements
Modem PassThrough over Voice over IP
Caller ID
Transparent Common Channel Signaling (T-CCS)
NAT - Enhanced H.225/H.245 Forwarding Engine
Single Rate 3-Color Marker for Traffic Policing
ATM Cell Loss Priority (CLP) Setting
VoIP Call Admission Control using RSVP
NBAR - Network-based Application Recognition
Frame Relay Fragmentation (FRF.12)
Wildcard Pre-Shared Key
CNS - Configuration Agent
IVR: Enhanced Multilanguage Support
Using 31-bit Prefixes on IPv4 Point-to-Point Links
AutoInstall over Frame Relay-ATM Interworking Connections
Dialer CEF
BGP Prefix-Based Outbound Route Filtering
Port to Application Mapping (PAM)
Firewall Authentication Proxy
Context-Based Access Control (CBAC)
MD5 File Validation
COPS for RSVP
Trusted Root Certification Authority
IPSec VPN High Availability Enhancements
Additional Vendor-Proprietary RADIUS Attributes
IP Summary Address for RIPv2
User Maximum Links
Inverse Multiplexing over ATM (IMA)
BGP Hide Local-Autonomous System
OSPF Sham-Link Support for MPLS VPN
DTMF Relay for SIP Calls Using Named Telephone Events (NTE)
Multiple RSA Keypair Support
SRST: Survivable Remote Site Telephony Version 2.0
IEEE 802.3x Flow Control
MAC Address Filtering
Switch Port Analyzer (SPAN) - Disable Receive Traffic Destination Port
VoIP Trunk Group Label Routing Enhancement
ISDN Network Side for ETSI Net5 PRI
VoIP Gateway Trunk and Carrier Based Routing Enhancements
Voice Call Tuning
RADIUS Centralized Filter Management
RADIUS EAP Support
Frame Relay - PVC Bundles with MPLS QoS Support
Modular QoS CLI (MQC) - Based Frame Relay Traffic Shaping
IPsec NAT Transparency
Low Latency Queuing (LLQ) for IPSEC Encryption Engines
Session Limit Per VRF
Subscriber Service Switch
Gateway Support for Advanced Busy Out for Gatekeeper Registration
Compressed RTP (cRTP) - DSL interfaces
Frame Relay Voice Adaptive Traffic Shaping
Gateway Enhancements to Enable v4-v2 Interworking
HTTP 1.1 Web Server
Firewall Intrusion Detection (IDS) Signature Enhancements
OSPF Forwarding Address Suppression in Translated Type-5 LSAs
Enhanced Tracking Support / Enhanced Object Tracking / EOT
MS-CHAP Version 2
IP SLAs - DLSW+ Operation
IP SLAs - UDP Echo Operation
OSPF Incremental Shortest Path First (i-SPF) Support
SIP - Transfer Using the Refer Method and Call Forwarding
Exporting and Importing RSA Keys
CPU Thresholding Notification
Ignore revocation check and expired certs based on CERT ACL
Real-time Resolution for IPsec Tunnel Peer
Call statistics on voice-enabled gateways
Inactive Call Detection
NBAR PDLM Versioning
Reliable Static Routing Back-up using Object Tracking
DHCP - Configurable DHCP Client
Query Mode Definition Per Trustpoint
Multicast Fast Switching Performance Improvement
IPv6 Neighbor Discovery
IPv6 Routing: Multiprotocol BGP Extensions for IPv6
IPv6 Access Services: PPPoA
IPv6 Multicast: PIM Source-Specific Multicast (PIM-SSM)
IPv6 Tunneling: Automatic 6to4 Tunnels
Multi-VRF Support (VRF lite)
Mobile IP - GRE encapsulation for Cisco Mobile Networks
Reverse SSH Enhancements
SIP - Audible Message Waiting Indicator for FXS Phones
OCSP (Online Certificate Status Protocol)
DHCP - Static Mapping
IDS Support of Security Device Event Exchange (SDEE)
IPSEC Preferred Peer
IPv6 Access Services: DHCPv6 Prefix Delegation via AAA
Login Password Retry Lockout
IP SLAs Sub-millisecond Accuracy Improvements
IPv6 BSR Scoped Zone support
Option to Disable Hardware Crypto Engine Failover to Software Crypto Engine
TCP MSS Adjust
WCCP Version 1
OSPF
Dial Backup
Generic Traffic Shaping (GTS)
Qualified Logical Link Control (QLLC)
BGP 4
Native Service Point over DLSW+
HSRP - Hot Standby Router Protocol
BGP 4 Multipath Support
ISL VLAN
IP Enhanced IGRP Route Authentication
Frame Relay Router ForeSight
X.25 Switching between PVCs and SVCs
Virtual Templates for Protocol Translation
Bandwidth Allocation Control Protocol (BACP)
Dialer Watch
E1 R2 Signaling
DLSw CO features
Airline Product Set (ALPS)
Triggered RIP
X.25 over Frame Relay (Annex G)
Firewall Intrusion Detection System
L2TP Dial-Out
Multicast BGP (MBGP)
MGCP - Media Gateway Control Protocol
H.323 Support for Virtual Interfaces
Frame Relay Switching Enhancements: Shaping and Policing
Transparent CCS and Frame Forwarding Enhancements
MGCP support for CallManager (IP-PBX)
Class-Based Marking
PSTN Fallback
T.38 Fax Relay for VoIP H.323
SDLC SNRM Timer and Window Size Enhancements
IP DSCP marking for Frame-Relay PVC
Interworking Signaling Enhancements for H.323 and SIP VoIP
AAA Broadcast Accounting
Frame Relay PVC Interface Priority Queueing
DLSw+ Border Peer Caching
DLSw+ Support For Transporting LLC1 UI Traffic
Dial on Demand Authentication Enhancements
IKE Security Protocol
IKE Shared Secret Using AAA Server
Shell-Based Authentication of VPDN Users
Interface Index Display
Virtual Profile CEF Switched
Password Authentication Protocol (PAP)
L2TP Security
Frame Relay Access Support (FRAS) Dial Backup over DLSW+
X.25 Failover
DLSw+ Enhanced Load Balancing
Stack Group Bidding Protocol (SGBP)
HSRP over ISL
Reverse Route Injection (RRI)
LSDO: L2TP Large-Scale Dial-Out
SLB: Port-Bound Servers
Default Passive Interface
AAA Server Groups Based on DNIS
Priority Queueing (PQ)
Certificate - Enrollment Enhancements
Virtual Router Redundancy Protocol (VRRP)
SIP - Gateway Support for the Bind Command
HSRP support for ICMP Redirects
SIP - Call Transfer Using Refer Method
Encrypted Vendor Specific Attributes
SIP - T.38 Fax Relay
SIP - Gateway Support of RSVP
SIP - T.37 and Cisco Fax
RADIUS Packet of Disconnect
Adaptive Frame Relay Traffic Shaping for Interface Congestion
ADSL - Asymmetric Digital Subscriber Line Support
Easy VPN Server
IPv6 Security: Secure Shell SSH support over IPv6
CNS - Agents SSL Security
Switch Port Analyzer (SPAN)
ATM SVC Troubleshooting Enhancements
CEFv6/dCEFv6 - Cisco Express Forwarding
OSPF Support for Multi-VRF on CE Routers
H.323 Dual Tone Multifrequency (DTMF) Relay Using Named Telephone Events
X.25 Calling Address Insertion and Removal Based on Input Interface
VoiceXML Transfer Enhancements
X.25 Dual Serial Line Management
Software IPPCP (LZS) with Hardware Encryption
RADIUS Interim Update at Call Connect
SIP - Core SIP Technology Enhancements
Reverse Path Forwarding - Source Exists only
Packet Classification using Frame-Relay DLCI Number
X.25 Suppression of Security Signaling Facilities
XGCP Bind Command for Control and Media Packets
Mobile IP - HMAC-MD5 support
RSVP Local Policy Support
Tunable Tx-Ring buffer-DSL interfaces
Cisco IOS Telephony Service (ITS) Version 2.1
H450.2 & H450.3 Support In IOS
Asynchronous Call Queueing by Role
DHCP On Demand Address Pool (ODAP) Manager for non-MPLS VPN pools
Firewall Support for SIP
NSF Awareness - OSPF
NetFlow v9 Export Format
SIP - Hold Timer Support
Firewall Support of Skinny Client Control Protocol (SCCP)
IP SLAs - MPLS VPN Awareness
IP SLAs - HTTP Operation
IS-IS Limit on Number of Redistributed Routes
FHRP - VRRP - Object Tracking
MTree crypto data structure optimizations
SRST: Survivable Remote Site Telephony Version 3.0
Customizable Tone Download to Cisco IOS MGCP Gateways from Cisco Call Manager
RFC 2576: SNMP v1/ v2c pdu conversions for proxy forwarder
IP Traffic Export (RITE)
IPv6 Routing: OSPF for IPv6 (OSPFv3) Authentication Support with IPsec
SIP - SIP Header/URL support and Subscribe/Notify for external triggers
Mobile IP - Mobile Networks Dynamic Collocated Care-of-Address
NAT - Performance & Scalability enhancement - Timer Wheel
EasyVPN Server Enhancements
IP SLAs - UDP Based VoIP Operation
NBAR Extended Inspection for HTTP Traffic
IPv6 IOS Firewall
IPv6: Neighbor Discovery Duplicate Address Detection
Cisco IOS Login Enhancements
Netflow MIB and Top Talkers
DHCP - Statically Configured Routes Using a DHCP Gateway
AutoQoS: AutoDiscovery Trust Option
IP SLAs VoIP Call Setup (Post Dial Delay) Monitoring
SIPv-vGateway Reason Header & Buffered Calling Name Completion
IPSec VTI - Virtual Tunnel Interface
IPv6 IOS Firewall FTP Application Support
MGCP Line Control Signaling Package
DHCP Enhancements for Edge-Session Management
Memory Traceback Recording
CDP (Cisco Discovery Protocol) Version 2
Dial-on-demand
PIM Version 1
BGP 4 Prefix Filter and In-bound Route Maps
Down Stream Physical Unit (DSPU) over DLSw+
Selective Packet Discard (SPD)
ACL - Reflexive Access Lists
Double Authentication
ISDN NFAS
National ISDN Switch Types for BRI and PRI Interfaces
TO BE DELETED from JFIT-jrider18
SNMPv3 (SNMP Version 3)
ATM LANE Fast Simple Server Redundancy Protocol (LANE Fast SSRP)
Subnetwork Bandwidth Manager (SBM)
Secure Shell SSH Version 1 Server Support
Voice over Frame Relay Configuration Updates
Voice over ATM
Class-Based Shaping
CEF Support for IP Routing between IEEE 802.1Q vLANs
Feature Group D Support
SNMP Support for IOS vLAN Subinterfaces
IGMP Version 3
Interface Index Persistence
PPP Over Fast Ethernet 802.1Q
Frame Relay Switching Diagnostics and Troubleshooting
Configurable per ATM-VC Hold Queue size
Diffserv Compliant WRED
QoS for Virtual Private Networks
FXO Answer and Disconnect Supervision
Secure Copy (SCP)
PIM MIB Extension for IP Multicast
BGP Multipath Load Sharing for Both eBGP and iBGP in an MPLS-VPN
NetFlow ToS-Based Router Aggregation
Call Admission Control for H.323 VoIP Gateways
Dialer Persistent
H.323 Scalability and Interoperability Enhancements for Gateways
Mobile IP - Mobile Networks
NAT - Ability to use Routes Maps with Static Translations
DHCP Relay Agent Support for Unnumbered Interfaces
Link Fragmentation and Interleaving (LFI) for Frame Relay and ATM Virtual Circuits
PPTP with MPPE
Ability to Disable Xauth for Static IPsec Peers
Uni-Directional Link Routing (UDLR)
Local Voice Busyout (LVBO)
H.323 Redundant Zone Support
SLB: Sticky Connections
SLB: Weighted Least Connections
x Digital Subscriber Line (xDSL) Bridge Support
NetFlow Aggregation
Selective Virtual-Access Interface Creation
VPN Tunnel Management
Certificate - Auto Enrollment
IGMP Version 3 - Explicit Tracking of Hosts, Groups, and Channels
DHCP Client on WAN Interfaces
IPv6 Static Cache Entry for Neighbor Discovery
BIP - BSC to IP Conversion for Automated Teller Machines
NAT - Support for SIP
Policer Enhancement - Multiple Actions
TCP Window Scaling
Tunnel Type of Service (TOS)
T.37 Store and Forward Fax
Cisco IOS Telephony Service (ITS) Version 2.0
IEEE 802.1Q VLAN Trunking
Advanced Encryption Standard (AES)
SRST: Survivable Remote Site Telephony Version 1.0
SIP - Session Timer Support
Enhanced Codec support for SIP using Dynamic Payloads
SIP - Carrier Identification Code
Modem Relay Support on VoIP Platforms
OSPF Shortest Paths First Throttling
IEEE 802.1p Support
SIP - Extensions for Caller Identity and Privacy
Enhanced ITU-T G.168 Echo Cancellation
Show Command Redirect
Modular QoS CLI (MQC) Unconditional Packet Discard
Mobile IP - Challenge/Response Extestions
Mobile IP - Support for FA Reverse Tunnelling
Mobile IP - HA Policy Routing
Address Resolution Protocol (ARP)
BGP Cost Community
AutoQoS - VoIP
Certificate - Security Attribute-Based Access Control
H.323V4 Gateway Zone Prefix Registration Enhancements
Mobile IP - Mobile Networks Static Collocated Care of Address
OSPF Inbound Filtering using Route Maps with a Distribute List
SIP - Accept-Language Header Support
T.38 Call Agent Driven Fax for Cisco IOS Gateways
QoS Priority Percentage CLI Support
IP SLAs - Reaction Threshold
Enhanced Call and IVR Control for Rotary Call Set Ups
Random Sampled NetFlow
X.25 Call Confirm Packet Address Control
X.25 Data Display Trace
OSPF Support for Link State Advertisement (LSA) Throttling
OSPF Limit on Number of Redistributed Routes
NAT - Support for H.323v3 and v4 in v2 Compatibility mode
SIP - Survivable Remote Site Telephony (SRST)
Peer Pool Backup Support
Crypto Conditional Debug Support
End of Record functionality for DCN networks
NAT - Static IP Support
SIP - Gateway Support Enhancements for Bind Command
Mobile IP - Dynamic Security Association and Key Distribution
FHRP - HSRP - Hot Standby Router Protocol V2
Control Plane Policing - Time based
Query Multiple Servers during Certificate Revocation Check
TCP - TCP Congestion Avoidance
IPv6 QoS: MQC Traffic Policing
IPv6 Switching: CEFv6 Switched Automatic IPv4-compatible Tunnels
IPv6 Routing: RIP for IPv6 (RIPng)
IPv6 Services: AAAA DNS Lookups over an IPv4 Transport
IPv6 Tunneling: Manually Configured IPv6 over IPv4 Tunnels
IPv6 Tunneling: IPv6 over IPv4 GRE Tunnels
IPv6 Access Services: Prefix Pools
IS-IS Caching of Redistributed Routes
AutoSecure Customization and Audit Trail Enhancements
NBAR-NAT Integration & RTSP
Optimized Edge Routing (OER)
NetFlow Layer 2 and Security Monitoring Exports
Persistent Self-Signed Certificates
Dynamic DNS Support for Cisco IOS
Dialer Profiles
ISIS
Enhanced IGRP (EIGRP)
SNMP (Simple Network Management Protocol)
DLSw+
Bisync (BSC)
Line Printer Daemon (LPD)
Per-User Configuration
RTP Header Compression
Easy IP (Phase 1)
PIM Version 2
Always On Dynamic ISDN (AO/DI)
Asynchronous Serial Traffic Over UDP (aka UDPTN)
DNS based X.25 routing
X.25 Remote Failure Detection
X.25 Switch Local Acknowledgement
AAA Server Group Enhancements
Frame Relay ELMI Address Registration
Hoot and Holler over IP
Trunk Conditioning for FRF.11 and Cisco Trunks
Network Side ISDN PRI Signaling, Trunking, and Switching
NAT-Support of IP Phone to Cisco Call Manager
NAT - Support of H.323v2 Call Signaling (FastConnect)
RGMP - Router-Port Group Management Protocol
QoS Device Manager (QDM)
HTTP Security
PPP over Frame Relay
Authentication Proxy Accounting for HTTP
MLPPP - Multilink PPP
DLSw+ Asynchronous TCP Enhancements
IKE Extended Authentication (Xauth)
Tunnel Endpoint Discovery
Response Time Reporter (RTR)
Direct Inward Dial (DID)
Interface Alias Long Name Support
RSVP Scalability Enhancements
Modem Chat Script and System Script Support in LSDO
RADIUS Tunnel Preference for Load Balancing and Fail-over
NAT - Static Mapping Support with HSRP for High-Availability
Frame Relay Access Support (FRAS) Boundary Network Node (BNN)
OSPF Update Packet-Pacing Configurable Timers
Modular QoS CLI (MQC)
SLB: Automatic Server Failure Detection
Standard IP Access List Logging
Message Banners for AAA Authentication
L2TP Tunnel Preservation of IP TOS
RADIUS Attribute 44 (Accounting Session ID) in Access Requests
BGP Conditional Route Injection
Weighted RED (WRED)
Trustpoint CLI
Frame Relay Encapsulation
BGP Policy Accounting
Source Specific Multicast (SSM) - IGMPv3,IGMP v3lite, and URD
Unicast Reverse Path Forwarding (uRPF)
ACL Authentication of Incoming RSH and RCP
Rotating Through Dial Strings
SIP - Configurable PSTN Cause Code Mapping
IPv6 Routing: IS-IS Support for IPv6
CEF on Multipoint GRE Tunnels
Contact Closure Network Module
WRED Enhancement - Explicit Congestion Notification (ECN)
Quality of Service (QoS) - Classification Only
Analog Centralized Automatic Message Accounting E911 Trunk
VoiceXML Voice Store and Forward
OSP Debug Enhancement
Mobile IP Home Agent (HA) Redundancy
RADIUS Attribute 82: Tunnel Assignment Id
VoIP and Cisco Express Forwarding (CEF) Interoperability
IGMP State Limit
RSVP Refresh Reduction and Reliable Messaging
BGP Increased Support of Numbered as-path Access Lists
Globalized Cadence and Tone for Cisco IOS Gateways
Enhanced G.168 Echo Cancellation
Enhanced Packet Marking
Call Release Source Reporting in Gateway-Generated Accounting Records
Mobile IP - Mobile Networks Asymmetric Link and Dynamic Network
SIP - Call Transfer Enhancements Using Refer Method
Mobile IP - Dynamic DNS and Multiple DHCP Support
DHCP ODAP Server Support
IPv6 Routing: IS-IS Multitopology Support for IPv6
NSF Awareness - IS-IS
Firewall Stateful Inspection of ICMP
Firewall Support of SSL Encrypted HTTP Authentication Proxy Sign-on
Firewall Websense URL Filtering
Measurement-Based Call Admission Control for SIP
IPv6 Routing: OSPF for IPv6 (OSPFv3)
RSVP Support for RTP Header Compression
IPv6 Switching: CEFv6 Switched Configured IPv6 over IPv4 Tunnels
UDP forwarding support of IP Redundancy Virtual Router Group (VRG)
Configurable RAS Retries and Timers
PKI Integration with AAA Server
IP SLAs - ICMP Path Echo Operation
IP SLAs - UDP Jitter Operation
IP SLAs - One Way Measurement
IP SLAs - SNMP Support
DHCP Authorized ARP
QSIG Backhaul (TCP based) for Cisco IOS Gateways
SNMP Support for Named Access Lists
HSRP MD5 Authentication
IS-IS Support for Priority-Driven IP Prefix RIB Installation
OSPF Support for Unlimited Software VRFs per Provider Edge (PE) Router
PBR Support for Multiple Tracking Options
Firewall ACL Bypass
ACL Support for Filtering IP Options
APIP - Async PoS to IP Conversion
Contextual Configuration Diff Utility
IPv6: Anycast Address
AAA Double Authentication Secured by Absolute Timeout
Extended Simple Mail Transfer Protocol (ESMTP) for IOS Firewall
ACL - Support for Non-Contiguous Port Ranges on an ACE
IP SLAs - VoIP Threshold Traps
Netflow for IPv6 Unicast traffic
IPv6: ICMPv6
IPv6 QoS: MQC Traffic Shaping
IPv6 Data Link: VLANs using Cisco Inter-Switch Link (ISL)
IPv6 Switching: CEF/dCEF Support
IPv6 Services: Standard Access Control Lists
IPv6 Tunneling: Automatic IPv4-compatible Tunnels
BGP Cost Community Support for EIGRP MPLS VPN PE-CE
EIGRP Support for Route Map Filtering
FHRP - Object Tracking List
Protocol Translation Ruleset
MFIB : Display Enhancements
PKI AAA Authorization Using the Entire Subject Name
Embedded Event Manager (EEM) 2.1
Inspection of Router-Generated Traffic
Netflow Egress Accounting
Facility Debug Enhancements
Re-Enroll Using Existing Certificate
Config Logger Enhancements for EAL4+ Certification
RADIUS attribute 5 (NAS-Port) format specified on a per-server group level
FHRP - VRF Aware VRRP
Tacacs Single Connection
RIP
NAT - Network Address Translation
Generic Routing Encapsulation (GRE)
RMON events and alarms
On Demand Routing (ODR)
Frame Relay
Random Early Detection (RED)
X.25
Integrated routing and bridging (IRB)
Next Hop Resolution Protocol (NHRP)
DHCP Proxy Client
ISDN
SSRP for LANE
PAD Subaddressing
SNMPv2C
DRP Server Agent
Fast-Switched Policy Routing
SNMP Inform Request
Microsoft Point-to-Point Compression (MPPC)
Response Time Reporter (RTR) enhancements
DLSw+ RSVP Bandwidth Reservation
Multicast Routing Monitor (MRM)
SIP - Session Initiation Protocol for VoIP
Low Latency Queueing (LLQ) for Frame Relay
OSPF Flooding Reduction
AAA Server Group Deadtimer
Configurable Timers in H.225
ATM Routed Bridge Encapsulation (RBE)
Voice over ATM with AAL2 Trunking
Bridging between IEEE 802.1Q vLANs
AutoInstall Using DHCP for LAN Interfaces
PIM Dense Mode State Refresh
V.110 support for Digital Modems
Voice over Frame Relay (FRF.11)
Virtual Interface Template Service
Low Latency Queueing (LLQ) with Priority Percentage Support
iBGP Multipath Load Sharing
NAT - Support of H.323v2 RAS
SNMP Support over VPN
NetFlow
DLSw+ Backup Peer Extensions for Encapsulation Types
Distributed Management Expression MIB persistence
NAT - Translation of external IP Addresses only
SRB over Frame Relay
Frame Relay Access Support (FRAS) DLCI Backup
G.SHDSL Symmetric DSL Support
CGMP - Cisco Group Management Protocol
Modem User Interface Option
Class-Based Policing
Large Scale Dialout (LSDO)
SLB: Dynamic Feedback Protocol (DFP)
SLB: Bind ID Support
SNMP Manager
Spanning Tree Protocol (STP) Extension
Time-Based Access Lists Using Time Ranges(ACL)
Weighted Fair Queueing (WFQ)
IPv6 Services: Cisco Discovery Protocol (CDP) - IPv6 Address Family Support for Neighbor Information
Cisco Discovery Protocol (CDP) over ATM
VPDN Default Group Template
NFAS Enhancements
DHCP Relay - MPLS VPN Support
IEEE 802.1Q Tunneling
Spanning Tree Protocol (STP)
MLPPP Minimum Links Mandatory
MGCP Generic Configuration Support for Call Manager (IP-PBX)
DTMF Events Through SIP Signaling
ACL Sequence Numbering
NetFlow Subinterface Support
Frame Relay Queuing and Fragmentation at the Interface
L2TP Extended Failover
L2TP Redirect
Packet Classification Based on Layer3 Packet-Length
Content Engine Network Module for Caching and Content Delivery
Mobile IP - Fastswitching Support on FA
Frame Relay - FRF.5 & FRF.8
NSF Awareness - BGP
DHCP Accounting
NSF Awareness - EIGRP
Malicious Caller Identification (MCID) Invocation Support for Enterprise Networks
Mobile IP - Mobile Networks Priority HA Assignment
SIP - Support for Media Forking
DHCP Secured IP Address Assignment
Telephony Gateway Registration Protocol (TGREP) on Cisco IOS Gateways
IP SLAs - History Statistics
IP SLAs - TCP Connect Operation
IPSec VPN Accounting
Embedded Syslog Manager (ESM)
Security and QoS features802.X and ToS for QoS )
PPPoE Session Recovery After Reload
ISDN BCAC and Round-Robin Channel Selection Enhancements
PAD Subaddress Formatting Option
Encrypted Pre-shared Key
RTP Header Compression over Satellite Links
DHCP Lease Limit per ATM/RBE unnumbered interface
Security Device Manager (SDM)
IS-IS Support for IP Route Tags
ACL - TCP Flags Filtering
AutoRP Enhancement
SIP - RFC3261 Enhancements
UDI - Unique Device Identifier
Configuration Change Notification and Logging
Protected Private Key Storage
CallManager Express (CME) 3.1
IP over IPv6 Tunnels
OSPF Link-local Signaling (LLS) Per Interface Basis
CLI Views
IPv6 QoS: MQC Packet Marking/Remarking
VRF Aware Dialer Watch
IPv6 Stateless Auto-configuration
IPv6 MTU Path Discovery
IPv6 Routing: Static Routing
IPv6 Routing: Route Redistribution
IPv6 Routing: Multiprotocol BGP Link-local Address Peering
IPv6 Access Services: Stateless DHCPv6
IPv6 Multicast: Scope Boundaries
IPv6 Services: Generic Prefix
IP SLAs - Multi Operation Scheduler
EIGRP Prefix Limit Support
IPSec Dead Peer Detection (DPD) Periodic Message Option
Call Admission Control for IKE
Express RTP and TCP Header Compression on Dialer interfaces
Voice Application HTTP Client Cookie Support
HTTP Server - Enabling of Applications
Easy Secure Device Deployment (Easy SDD) - Phase 4
NAT - Scalability for Stateful NAT

vanquish23

atorven wrote: »

The problem is interface FastEthernet0 on the wireless device connecting to the 3640, you either need to make it a layer 3 interface or a trunk.

Im going to take your advice and give it a shot once I order the memory upgrade. As stated in the Advanced IP serves which is not the default IOS that comes with the Cisco 878 (Advanced Security) I can setup trucking and vlans with the Advances IP services.

Zartanasaurus

Did you really need to paste that entire thing in?

vanquish23

Zartanasaurus wrote: »

Did you really need to paste that entire thing in?

Yes, if it makes you feel better.

vanquish23

A few months ago I posted this thread to help troubleshoot the connection between the Cisco 878 and the 3640 router. A great TE user suggested to configure the fastethernet0 port on the 878 router as a trunk. I ended up moving the 878 to the 3640 instead of my 3550 switch.

While I have my 878 router talking through my 3640 on fastethernet2/0 port. My wireless devices can locate the broadcasted SSID of "SkynetGuest", authenticate correctly with the 878, and shows it has received the mac address of the laptop:

SkynetWifi#
*Mar 1 08:40:11.576: %DOT11-6-ASSOC: Interface Dot11Radio0,

Station 2477.039f.7e10 Associated SSID[SkynetGuest]

AUTH_TYPE[OPEN] KEY_MGMT[WPA PSK]



Now, when I do a show mac-address-table command I do not see the wireless laptop at Layer 2

SkynetWifi#show mac-address-table
Destination Address Address Type VLAN Destination Port

---

---

----

---

9caf.ca45.632f Self 1 Vlan1
0001.4271.41a1 Dynamic 2 FastEthernet0
0026.9947.c630 Dynamic 2 Vlan2
9caf.ca45.632f Self 2 Vlan2



I have spent three days trying to figure this out, and should be ready to take the exam after all this troubleshooting....lol.


My routing table is working correctly from the 878 to the 3640:


S* 0.0.0.0/0 [1/0] via 192.168.10.1
192.168.5.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.5.0/27 is directly connected, BVI10
L 192.168.5.1/32 is directly connected, BVI10
192.168.6.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.6.0/27 is directly connected, BVI20
L 192.168.6.1/32 is directly connected, BVI20
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/27 is directly connected, Vlan2
L 192.168.10.2/32 is directly connected, Vlan2



SkynetWifi#ping Cisco Systems, Inc
Translating "www.cisco.com"...domain server (209.55.24.10) [OK]

Translating "www.cisco.com"...domain server (209.55.24.10) [OK]

Translating "www.cisco.com"...domain server (209.55.24.10) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 184.26.0.170, timeout is 2

seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =

28/29/32 ms



SkynetWifi#show vlans

Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: Dot11Radio0

This is configured as native Vlan for the following interface(s) :
Dot11Radio0

Protocols Configured: Address: Received: Transmitted:
Other 0 6

2 packets, 226 bytes input
6 packets, 794 bytes output

Virtual LAN ID: 10 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: Dot11Radio0.10

Protocols Configured: Address: Received: Transmitted:
Bridging Bridge Group 10 0 0
Other 0 32

0 packets, 0 bytes input
32 packets, 11703 bytes output

Virtual LAN ID: 20 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: Dot11Radio0.20

Protocols Configured: Address: Received: Transmitted:
Bridging Bridge Group 20 18 557
Other 0 1

1143 packets, 111615 bytes input
560 packets, 44066 bytes output



I dont know what else to do here. I have looked over the configuration plenty of times. Maybe I am missing something?

dot11 syslog
!
dot11 ssid SkynetGuest
vlan 20
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 13061E0108030723382727
!
dot11 ssid SkynetWLAN
vlan 10
authentication open
authentication key-management wpa
wpa-psk ascii 7 ciscociscociscocisco
!
ip source-route
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool VLAN10
import all
network 192.168.5.0 255.255.255.224
domain-name skynet.com
default-router 192.168.10.2
lease 30
!
ip dhcp pool VLAN20
import all
network 192.168.6.0 255.255.255.224
default-router 192.168.10.2
domain-name wr
!
!
!
ip cef
ip domain name skynet.com
ip name-server 209.55.24.10
ip name-server 209.55.24.11
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
archive
log config
hidekeys
vtp mode transparent
username cisco password 7 094F471A1A0A
!
!
controller DSL 0
!
vlan 2
name WANGateway
!
!
!
!
!
bridge irb
!
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet0
description WAN Connection to SkynetCore0
switchport access vlan 2
no ip address
!
interface FastEthernet1
switchport access vlan 10
no ip address
spanning-tree portfast
!
interface FastEthernet2
switchport access vlan 10
no ip address
spanning-tree portfast
!
interface FastEthernet3
switchport access vlan 10
no ip address
spanning-tree portfast
!
interface Dot11Radio0
no ip address
no dot11 extension aironet
!
encryption vlan 10 mode ciphers tkip
!
encryption vlan 20 mode ciphers tkip
!
ssid SkynetGuest
!
ssid SkynetWLAN
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0

18.0 24.0 36.0 48.0 54.0
channel 2412
station-role root
no cdp enable
!
interface Dot11Radio0.10
encapsulation dot1Q 10
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 spanning-disabled
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
!
interface Dot11Radio0.20
encapsulation dot1Q 20
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 spanning-disabled
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 192.168.10.2 255.255.255.224
bridge-group 10
!
interface Vlan10
description SkynetWLAN
no ip address
ip nat inside
ip virtual-reassembly in
bridge-group 10
bridge-group 10 spanning-disabled
!
interface Vlan20
description SkynetGuest
no ip address
ip nat inside
ip virtual-reassembly in
bridge-group 20
bridge-group 20 spanning-disabled
!
interface BVI10
description Bridge to Internal Network
ip address 192.168.5.1 255.255.255.224
ip nat inside
ip virtual-reassembly in
!
interface BVI20
description Bridge to Guest Network
ip address 192.168.6.1 255.255.255.224
ip nat inside
ip virtual-reassembly in
!
router rip
version 2
network 192.168.5.0
network 192.168.6.0
neighbor 192.168.10.1
distance 1
no auto-summary
!
ip forward-protocol nd
ip http server
ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 192.168.10.1
!
access-list 1 permit 192.168.0.0 0.0.255.255
!
!
!
!
!
!
!
control-plane
!
bridge 10 route ip
bridge 20 route ip
!
line con 0
password 7 123A0C0411045D56796A
no modem enable
line aux 0
line vty 0 4
transport input all
!
scheduler max-task-time 5000
end

vanquish23

Added a static route to the 3640 WAN router, all wireless devices can now talk by pinging out. Currently troubleshooting a DNS issue.

vanquish23

Added static route to the Cisco 3640 WAN router, as well as adding the ip domain-lookup command. All works well now. Thanks every one for helping me out. Case closed.