Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a pair of Cisco 891W routers, deployed one at each site. I have site to site (L2L) IPSec VPN configured and working using crypto maps. All traffic is allowed from one LAN to the other, as far as I know. Today I dicovered that I need to put ...
Hi all. As I look at the thread headings fo rthe other posts I'm struck by how simple my request must seem I hope this is an easy one! Using 891W routers, I would like to be able to save the running-config out the WAN port (gig0). The most common...
Hi all. Normally for an IOS update I'll do the copy tftp: flash: process. Yet for embedded access points on a router, for example the one I work with on the 891W router, the following seems to be the command to use: AP#archive download-sw /force-re...
Hi all, The thread title makes this sound like a big post but it's not. If my router has say., 193 VTY lines as a maximum, but by default running-config has only a portion of those mentioned, should I set any configs I do on all lines, or just on th...
Hi all. Recently I came to learn through trying to configure my 891 router that when configuring the zone-baesd firewall to protect SSH access to the router from the Internet, you cannot use match protocol ssh in the class map and apply an inspect a...
I think so, but it's been 2 years. Wow time flies. I still recall the impression I had of your excellent help though as well as our friend in Costa Rica. I don't recall the specifics of this case but I am fairly sure we fixed it since the router h...
Sorry Julio, I just realized I never answered about the packet log. Well first of all, there is no self-out zone pair, just out-self. As I udnerstand it, no self-out means that since no pair is defined, all traffic in that direction is allowed. b...
I guess where I get confused most with this is that the destination is the TFTP server on the Inside zone (LAN) on one router, and the source is the self zone on a different router. What is really confusing me is this VPN thing. I have much reading...
Hi Julio, Self zones in use are only the OUT-SELF. No SELF-OUT. The L2L VPN works now. The ZBFW setup to allow the VPN to work is one ACL within a 2nd class map inside the OUTSIDE-INSIDE policy map allowing all traffic from one LAN network to the...
