Hello,   the easiest way to test would to just ping e.g. 8.8.8.8 using the IP address or the interface of the backup.   ping 8.8.8.8 source   ... View more

Hello,   since you are not using NAT, what other device is in between your 4451 and the Internet ? An ASA ? ... View more

Hello,   while I was working on the specifics, it looks like Giuseppe already provided the answer. Either way, I'll post what I have come up with anyway, sorry if I am being redundant. I have summarized your 192.168.x.x networks into one statement, if you don't want that, you need to specify each subnet in one separate line. I have also added the internal networks connected to your switch to the NAT access list, so they can access the Internet (optional of course, if you don't want that).   Changes/additions are marked in bold:   Router    version 15.7 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname yourname ! boot-start-marker boot config usbflash0:CVO-BOOT.CFG boot-end-marker ! logging buffered 51200 warnings ! aaa new-model ! aaa authentication login default local aaa authentication login vpn_xauth_ml_1 local aaa authentication login sslvpn local aaa authorization network vpn_group_ml_1 local ! ip dhcp excluded-address 10.10.10.4 10.10.10.6 ! ip dhcp pool cvo-pool import all network 10.10.10.0 255.255.255.248 default-router 10.10.10.1 dns-server 8.8.8.8 8.4.4.8 lease 0 2 ! ip domain name yourdomain.com ip name-server 8.8.8.8 ip name-server 8.4.4.8 ip inspect name DEFAULT100 ftp ip inspect name DEFAULT100 h323 ip inspect name DEFAULT100 icmp ip inspect name DEFAULT100 netshow ip inspect name DEFAULT100 rcmd ip inspect name DEFAULT100 realaudio ip inspect name DEFAULT100 rtsp ip inspect name DEFAULT100 esmtp ip inspect name DEFAULT100 sqlnet ip inspect name DEFAULT100 streamworks ip inspect name DEFAULT100 tftp ip inspect name DEFAULT100 tcp ip inspect name DEFAULT100 udp ip inspect name DEFAULT100 vdolive ip cef no ipv6 cef ! multilink bundle-name authenticated ! controller VDSL 0 no cdp run ! class-map type inspect match-all INTERNAL_DOMAIN_FILTER ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 ! crypto isakmp policy 2 encr 3des hash md5 authentication pre-share group 2 ! crypto isakmp client configuration group ****************** key ************ pool vpn_client_pool acl vpn_resources max-users 10 crypto isakmp profile vpn_ike_profile match identity group ************* client authentication list vpn_xauth_ml_1 isakmp authorization list vpn_group_ml_1 client configuration address respond virtual-template 2 ! crypto ipsec transform-set vpn_transform esp-3des esp-sha-hmac mode tunnel ! crypto ipsec profile vpn_profile set transform-set vpn_transform ! interface ATM0 no ip address no atm ilmi-keepalive ! interface ATM0.1 point-to-point description PrimaryWANDesc_WAN pvc 0/38 pppoe-client dial-pool-number 1 ! interface Ethernet0 no ip address shutdown ! interface FastEthernet0 description Downlink to 3750 Switch switchport mode access switchport access vlan 4 spanning-tree portfast ! interface FastEthernet1 no ip address spanning-tree portfast ! interface FastEthernet2 no ip address spanning-tree portfast ! interface FastEthernet3 no ip address spanning-tree portfast ! interface Virtual-Template2 type tunnel ip unnumbered Vlan1 tunnel mode ipsec ipv4 tunnel protection ipsec profile vpn_profile ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$CVO$ ip address 10.10.10.1 255.255.255.248 ip nat inside ip virtual-reassembly in ip tcp adjust-mss 1412 ! interface Vlan4 description Downlink to 3750 Switch ip address 172.16.1.1 255.255.255.252 ! interface Dialer0 no ip address no cdp enable ! interface Dialer1 description PrimaryWANDesc_WAN_0.1 mtu 1492 ip address negotiated no ip redirects no ip unreachables no ip proxy-arp ip mtu 1452 ip nat outside no ip virtual-reassembly in encapsulation ppp ip tcp adjust-mss 1412 dialer pool 1 dialer idle-timeout 0 dialer-group 1 ppp mtu adaptive ppp authentication chap callin ppp chap hostname ************************ ppp chap password 0 ************************** ppp ipcp dns request accept ppp ipcp route default ppp ipcp address accept no cdp enable ! ip local pool vpn_client_pool 10.10.10.4 10.10.10.6 no ip forward-protocol nd no ip http server ip http authentication local no ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! ip dns server ip nat inside source list 10 interface Dialer1 overload ip route 0.0.0.0 0.0.0.0 Dialer1 ip route 192.168.144.0 0.0.15.255 172.16.1.2 ! ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr ! ip access-list extended vpn_resources permit ip 10.10.10.0 0.0.0.255 any permit ip 192.168.144.0 0.0.15.255 ! dialer-list 1 protocol ip permit ipv6 ioam timestamp ! access-list 10 permit 10.10.10.0 0.0.0.255 access-list 10 permit 192.168.144.0 0.0.15.255 access-list 10 remark nat-pool access-list 23 permit 10.10.10.0 0.0.0.255 access-list 23 remark vty access-list 23 deny any log ! ipv6 access-list V6-FILTER permit icmp any any deny ipv6 any any log ! ipv6 access-list ipv6_deny deny ipv6 any any ! control-plane ! mgcp behavior rsip-range tgcp-only mgcp behavior comedia-role none mgcp behavior comedia-check-media-src disable mgcp behavior comedia-sdp-force disable ! mgcp profile default ! line con 0 logging synchronous no modem enable line aux 0 line vty 0 4 access-class 23 in privilege level 15 ipv6 access-class ipv6_deny in transport input telnet escape-character 3 ! scheduler allocate 20000 1000 ! end   Switch   version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname SW-5 ! no aaa new-model system mtu routing 1500 ip subnet-zero ip routing ! mls qos map cos-dscp 0 8 16 26 32 46 48 56 mls qos srr-queue input bandwidth 90 10 mls qos srr-queue input threshold 1 8 16 mls qos srr-queue input threshold 2 34 66 mls qos srr-queue input buffers 67 33 mls qos srr-queue input cos-map queue 1 threshold 2 1 mls qos srr-queue input cos-map queue 1 threshold 3 0 mls qos srr-queue input cos-map queue 2 threshold 1 2 mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7 mls qos srr-queue input cos-map queue 2 threshold 3 3 5 mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15 mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7 mls qos srr-queue input dscp-map queue 1 threshold 3 32 mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23 mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48 mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56 mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63 mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31 mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47 mls qos srr-queue output cos-map queue 1 threshold 3 5 mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7 mls qos srr-queue output cos-map queue 3 threshold 3 2 4 mls qos srr-queue output cos-map queue 4 threshold 2 1 mls qos srr-queue output cos-map queue 4 threshold 3 0 mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47 mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31 mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55 mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63 mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23 mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39 mls qos srr-queue output dscp-map queue 4 threshold 1 8 mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15 mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7 mls qos queue-set output 1 threshold 1 138 138 92 138 mls qos queue-set output 1 threshold 2 138 138 92 400 mls qos queue-set output 1 threshold 3 36 77 100 318 mls qos queue-set output 1 threshold 4 20 50 67 400 mls qos queue-set output 2 threshold 1 149 149 100 149 mls qos queue-set output 2 threshold 2 118 118 100 235 mls qos queue-set output 2 threshold 3 41 68 100 272 mls qos queue-set output 2 threshold 4 42 72 100 242 mls qos queue-set output 1 buffers 10 10 26 54 mls qos queue-set output 2 buffers 16 6 17 61 mls qos ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface FastEthernet0 ip address 192.168.140.1 255.255.255.0 ! interface GigabitEthernet0/1 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/2 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/3 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/4 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/5 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/6 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/7 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/8 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/9 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/10 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/11 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/12 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/13 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/14 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/15 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/16 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/17 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/18 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/19 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/20 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/21 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/22 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/23 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/24 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/25 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/26 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/27 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/28 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/29 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/30 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/31 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/32 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/33 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/34 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/35 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/36 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/37 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/38 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/39 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/40 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/41 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/42 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/43 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/44 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/45 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/46 description Building 5 LAN switchport access vlan 2 switchport mode access spanning-tree portfast ! interface GigabitEthernet0/47 description Building 5 LAN switchport access vlan 2 switchport mode access auto qos voip trust spanning-tree portfast ! interface GigabitEthernet0/48 description P2P LINK BUILDING 4 switchport trunk encapsulation dot1q switchport trunk native vlan 3 switchport mode trunk spanning-tree bpdufilter disable spanning-tree bpduguard disable ! interface GigabitEthernet0/49 switchport trunk encapsulation dot1q ! interface GigabitEthernet0/50 description Uplink to Router switchport mode access switchport access vlan 4 spanning-tree portfast ! interface GigabitEthernet0/51 ! interface GigabitEthernet0/52 ! interface TenGigabitEthernet0/1 switchport trunk encapsulation dot1q ! interface TenGigabitEthernet0/2 description P2P LINK BUILDING 3 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree portfast ! interface Vlan1 ip address 192.168.153.1 255.255.255.0 ! interface Vlan2 description BUILDING 5 ip address 192.168.150.254 255.255.255.0 ! interface Vlan3 description BUILDING 4 ip address 192.168.151.254 255.255.255.0 ! interface Vlan4 description Uplink to Router ip address 172.16.1.2 255.255.255.252 ! ip classless ip route 0.0.0.0 0.0.0.0 172.16.1.1 ip route 192.168.151.0 255.255.255.0 192.168.151.1 ip route 192.168.153.0 255.255.255.0 192.168.153.254 ip http server ! control-plane ! line con 0 line vty 0 4 password ******** login length 0 line vty 5 15 login length 0 ... View more

Hello,   I assume the 3750 is doing the inter-Vlan routing ? Can the Vlans on the 3750 reach the 10.10.10.0/29 address space defined on the router ? One thing: you cannot have Vlan1 on both the router and the switch, in two different address spaces.   Best to post the full configuration of your 3750 as well...  ... View more

Hello,   the 1841 is a very old model, end of life date was I think 2010, so you might have a problem with the flash memory. Try and reseat, or possible reformat, the external compact flash card... ... View more

Hello,   make sure you have followed the guidelines as outlined in the attached document:   SPA-8XCHT1/E1, you must either: Note • Remove the SPA-8XCHT1/E1 from current slot and reinsert the SPA to another slot. The slot in • which the SPA-8XCHT1/E1 is being reinserted must not have previously been installed with a SPA-8XCHT1/E1. This is because the CLI configuration is stored for a slot or subslot and not for a SPA.OR • Reload the router without saving the configuration.   https://www.cisco.com/c/en/us/td/docs/interfaces_modules/shared_port_adapters/configuration/ASR1000/asr1000-sip-spa-book/asr-spa-t1serial-config.pdf ... View more

Hello,   just a thought, but what do the L2TP Properties on your client (Windows 10 ?) look like ? Do you have MS-CHAP v2 enabled ?   Also, since (I assume) you have been using the document linked below as a template, make sure that the key 'Cisco123' matches what you have configured on the client (the document below use 'cisco123' with small caps)...   crypto isakmp key Cisco123 address 0.0.0.0 0.0.0.0   https://community.cisco.com/t5/security-documents/l2tp-over-ipsec-on-cisco-ios-router-using-windows-8/ta-p/3142831 ... View more

Hello,   you might be hitting the bug below. The EEM script mentioned in the workaround would look like this:   event manager applet SKU_RELOAD event syslog pattern "Unknown modem on SKU type C881G-4G-GA-K9" action 1.0 cli command "enable" action 2.0 cli command "reload"   C881G-4G-GA-K9 4G connection Not getting IP address CSCuz49252 Description Symptom: 4g connection drops randomly with error message "%PLATFORM-4-CELLULAR_MODEM_SKU_MISMATCH: Mismatch detected between installed modem Unknown modem on SKU type C881G-4G-GA-K9. Conditions: platform C881G-4G-GA-K9 Modem MC7304 Modem Firmware = 5.5.58 Unable to capture dm logs when we loose connection. Workaround: Reboot of the route fixes the issue Further Problem Description: Creating an EEM script to capture the last 3 dm logs during the time of connection loss. ... View more

Hello,   which switch models do you have, and what Ios versions are you running ? ... View more

Hello,   hard to say what you are missing, can you post the running config ? Make sure your VLANs are active, below is a sample:   N7K# configure terminal N7K(config)# vlan 2 N7K(config-vlan)# name DATA N7K(config-vlan)# state active N7K(config-vlan)# no shutdown   N7K# configure terminal N7K(config)# interface ethernet 1/10 N7K(config-if)# switchport access vlan 2 N7K(config-if)# spanning-tree portfast ... View more