CiscoFan

If Linus wants to use Cisco equipment, I have already put together a topology they could use. LinusTechTips.pdf

what did you set the IP address on the domain controller?

Here is my updated topology.

You can also set up a VPN server using a Cisco router like a 2911. They go for about $100 on eBay. All you have to do is type this config into the router. I know it is quite a handful of config, that is why I am doing the hard work for you so that all you have to do is modify the variables and copy and paste it into the router. To configure Cisco AnyConnect for the router, you can follow this guide as well. I also recommend Namecheap to get a domain name and an SSL certificate for the SSLVPN. http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/904-cisco-router-anyconnect-webvpn.html enable configure terminal interface GigabitEthernet0/0 description LAN interface here. ip address 192.168.1.1 255.255.255.0 ip nat inside no shutdown interface GigabitEthernet0/1 description WAN here ip nat outside no shutdown if the company has a static address then it will be: ip address x.x.x.x x.x.x.x if the company only has a dynamic address then it will be ip address dhcp ip access-list standard NAT permit 192.168.1.0 0.0.0.255 if the company has a block of static IP addresses and is routed to the WAN facing interface then it will be ip nat pool NAT-POOL <start address here> <end address here> netmask <netmask here> ip nat inside source list NAT pool NAT-POOL if the company doesn't have a block of static IP addresses then it will just be ip nat inside source list NAT interface g0/1 overload username admin secret <your own password here for management> line con 0 login local line aux 0 login local line vty 0 4 login local hostname <hostname here> ip domain-name <domain name here> (if the company has a domain name) crypto key gen rsa modulus 1024 ip ssh version 2

How is the page for the IETF just facts and not education materials? I beg to differ. I will post some links to the IETF for DHCP as well to take a look at. https://tools.ietf.org/html/rfc1541 https://tools.ietf.org/html/rfc2131 OP: All you need to do to release the IP address is just reboot the Xfinity Gateway.

I am doing OSPF and there are limitations with the equipment that I have. I have my routers connected to my Cisco ASAs, so that is where I resolved to use OSPF. I only have DHCP for my ISP connections as well, so I can't use VRRP or any other first hop redundancy protocols.

I figured it out last night, turns out the routers I am connecting to in LV.Net and at my friend's house that runs https://voiptek.info was misconfigured on BGP and then I did redistribute while modifying the metric for 100 being the primary and 105 being the backup. When I failover, I change the OSPF metric for the default-information originate to 110 and change the metric for redistributing the routes from BGP into OSPF to 110 so that the backup with the lower metric wins the routing decision.

Basically, what I do for failovers is: log into the Primary router. conf t router bgp 64512 neighbor EBGP route-map Failover in neighbor EBGP route-map Failover out router ospf 1 default-information originate metric 110 what is supposed to happen is the routes are supposed to go through my CenturyLink circuit with the OSPF metric of 105 and then it is supposed to change the metric for BGP to 10000 and then prepend 64512 about 7 times and the Failover route map gets prepended 9 times making the prepend of 7 times more desirable with the metric 10000.

My failover testing plan is to failover BGP using the Failover route-map and then going into OSPF and increase the metric for the default route on the primary edge router. When I execute the failover plan, I can't ping the tunnel addresses but I can ping the networks behind them.

Hello Everyone, I am having an issue with failing over to my backup internet connection. How I have my home network set up is 2 internet connections, going to 2 different routers. I have OSPF routing inside my home and then going to my friends I have BGP set up between me and them. Anyways, without further ado, here is my configuration. Please let me know if there is something wrong with them. I put the configuration into spoilers so that way it doesn't take up too much space. Router A: Router B:

You put the static address as the source address and then the destination IP it will be 0.0.0.0. I would recommend putting your device as DSCP EF so you have top priority in your network.

Oh, alright, I recommend setting static addresses on your devices and use source based addressing QoS on the modem.

Just out of curiousity, are there any faster plans with CenturyLink that you can upgrade to?

I would get a standalone cable modem and if you want to go with enterprise equipment, I would recommend Cisco equipment. If not, then get a consumer router that can create static routes. How I have my network set up is Cable Modem -> Edge Router (Cisco 2951) -> Cisco ASA 5510 x2 -> Cisco Catalyst 3560-X -> Cisco Meraki MR33

Oh, it would be more expensive than my house as well lol

Here is my speedtest with Paris from Nevada, I have Cox Communications. I pay for 300/30 with Cox.

Damn!!! That is awesome! What is the circuit connecting to? Cisco ASR 9000?

You are correct, you will need to give Spectrum the HFC MAC address and the serial number of the modem. The router doesn't have to get approved by the ISP.

Why not get your own modem from the store as well as another router to replace the TG1862. I would personally invest in some enterprise hardware as well, you can pick up a Cisco router on eBay for about $65 (depending on the model). Here is what the topology would look like: -> AP 1 ISP -> Modem -> Router -> Switch | -> AP 2

It is too much over kill lol, but it never hurts to practice setting up redundancy lol.

The configs are basic for the switches, VLAN 99 on the switches before the ASAs and then I will have VLANs 10, 20, 30, 75, and 100 on the switches after the ASAs with no switchports going to the ASAs. The core is going to be 172.16.1.0/28 and then after that, it is going to be 172.16.2.0/28 for after the ASAs. I am going to have a default route going to 172.16.1.1 which is the HSRP address.

Here is my new network topology for my home lab. I am diving into the realm of security now. It seems to be an all-out enterprise network but it is in a home. Just 4 Cisco Catalyst 3560Gs, 2 Cisco ASA 5510s, 2 Cisco 2911, and the Cisco Unified Communications Suite. This is one highly redundant home network.

Basically it is set up and forgotten but everyday, I log into the router to make sure I don't forget anything.

I don't even have a CCNA and I already have live hardware being put to good use in my internet connection.

Oh