Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,I'm running the above router with a few catalyst switches. Config for the ISR attached.The problem being I want to use the router for tertiary DNS - I already have 2 x pi-holes internally taking care on a day to day basis for DNS.When I SSH t...
Hello again fellow Cisco community.
As per the title - I'm running a Cisco 1100 series ISR which currently has 2 vlans internally.
I need to connect to a commercial VPN supplier for one of the VLANS. They support IKEv2 which seems like the best prot...
Hi folks. My first attempt at configuring a ZBF on a 1117-4p ISR (I'm ccent studying for CCNA).
Prior to the ZBF commands being added to the running-config I was getting internet access (albeit with no security). Following this I get nothing - I ca...
Hi folks - as per the title.
Currently programming a 1117-4P ISR router and found that my ZONE commands are missing. I'm currently CCENT - self taught studying for CCNA so this is all very new to me.
I'm guessing that my license doesn't cover the fi...
Resolved this with some assistance from Nick Shaw of Always Networks.e.g.permit tcp host 8.8.4.4 eq domain any gt 1024permit udp host 8.8.4.4 eq domain any gt 1024 Applying this to the Internet to Self Zone permits the return traffic solely from the ...
Hi Georg - and thanks for your input.I had the same thought and I implemented this briefly.If I add the IP any in to the inbound rules it does work.However - I'm not comfortable with allowing IP any any to my WAN interface.Surely that's a great big s...
Mine works - try splitting out this section into two policy maps.You have an inspect and a pass both contained within a single PM (one for each CM) and finally a drop log.The drop log is most probably applying to the latter 'pass' rule and thus not l...
Good Morning Rob,I have a little time to do some more work on this.I get the concept of what you're saying - that I need a VRF otherwise any traffic on the new VLAN will route through the default gateway rather than via the tunnel.VRFs again - I've n...
