Hi there, I have been thrown in the deep end of the networking pool, our network engineer is in isolation and we are having issues with our Cisco 1941 router that is a million years old (roughly) randomly rebooting.
The connection is a basic ASA5515 --> 1941-->Telstra ethernet hand off thing.
I have an old 3945e sitting in the store room that I got up and running with MOST of the same config but I have hit a snag.
When I copy the config over there are 2 parts that either don't work or seemingly dont exist? The section below is where I fall apart. I can’t put a vlan on the 3945e. I can do a "vlan?" and it says database and I can manually create a vlan 1 in there but then I cant configure it at all.
Here are the parts with sanatiser on them:
ip inspect name fw1 tcp
ip inspect name fw1 udp
ip inspect name fw1 icmp
ip inspect name fw1 ftp
and the 3945e doesn’t know what they are, is this a firewall thing? I see it on the gi 0/0 interface on the 1941 but I don’t know what its for
interface GigabitEthernet0/0
description connection to internet
bandwidth 200000
ip address xxx.xxx.xxx.xxx 255.255.255.252
ip access-group ISP1-in in
ip inspect fw1 out
duplex full
speed auto
ipv6 address xxxx:xxxx:xxx:xx::x/64
service-policy output pm-shape-queue-out
!
interface GigabitEthernet0/1
description Firewall External Interface
no ip address
duplex auto
speed auto
!
interface Vlan1
ip address yyy.yyy.yyy.yyy 255.255.255.248
ipv6 address yyy:yyy:yyy:yyy::y:yy/64
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx (Gi0/0 next hop address)
!
ip access-list extended ISP1-in
remark #-------- General Policy -------#
deny lotsa stuff
permit icmp any any echo-reply
permit icmp any any unreachable
permit icmp any any time-exceeded
permit icmp any any echo
permit lotsa stuff
ipv6 route xxxx:xxxx:xxxx::/56 xxxx:xxxx:xxxx:xxxx::x:x (this is the next hop on the vlan 1 ipv6 address)
ipv6 route ::/0 (Gi0/0 IPV6 address)
Any help would be greatly appreciated, and feel free to explain it like im not a network guru, because... well I'm not
No comments:
Post a Comment