Posts with #cisco routers tag
Cisco 2900 Series Integrated Services Routers (ISR), designed to power the next phase of branch-office evolution, deliver highly secure connectivity with multiservice integration that can transform the workplace with a broad set of integrated services, rich-media support, and operational excellence.
As a type of router for small to medium enterprise with high performance, Cisco 2900 series ISRs offer embedded hardware encryption acceleration, voice- and video-capable digital signal processor (DSP) slots, optional firewall, intrusion prevention, call processing, voicemail, and application services. In addition, the platforms support the industries widest range of wired and wireless connectivity options such as T1/E1, XDSL, copper and fiber GE.
More Cisco 2900 Series support follow here:
High availability and increased business uptime through Cisco IOS Software, hardware redundancy, and failover capabilities.
Modular support for the broadest set of Cisco network and security services, as well as customizable "on demand" virtual services.
Video-ready architecture supports rich media unified communications capabilities.
Defends against malicious attacks and threats to data, voice, video and mobility.
High speed wireless access enables employees to be more productive when they are away from their desks.
Give remote staff and teleworkers secure access to company assets over a highly secure connection.
Cisco 2900 Series Integrated Services Routers offer a range of features, including:
High-performance, nonstop connectivity with integrated services enables deployment in high-speed WAN environments
Modular design delivers optimal service flexibility
Available enhanced Ether Switch modules enable integrated switching capabilities
Innovative Services-Ready Engine (SRE) enables deployment of services on demand
3G backup WAN access to support business continuity
Support for Cisco Unified Communications Manager Express enables secure collaboration for up to 150 users
Optional integrated high-speed 802.11n wireless access point supports secure mobility
Integrated network security defends against malicious attacks and threats to data, voice, video, and mobility
VPN support enables secure collaborative communications with Group Encrypted Transport VPN (GETVPN), Dynamic Multipoint VPN (DMVPN), or Enhanced Easy VPN
Enhanced redundancy, including diagnostics and backup power supplies increase fault tolerance and business uptime
Operational simplicity, energy efficient design, and Green credentials deliver low total cost of ownership
Cisco 2900 Series Models:
There are four models of Cisco 2900 router: Cisco 2901, Cisco 2911, Cisco 2921, and Cisco 2951. And the reflection from market we are clear that models of Cisco 2900 series are hot required by Cisco customers, such as Cisco 2951/K9, Cisco 2911/K9, Cisco 2921/K9, Cisco 2901/K9…
Take Cisco 2911 as an example; check its features in detail:
3 integrated 10/100/1000 Ethernet ports (RJ-45 only)
1 service module slot
4 enhanced high-speed WAN interface card slots
2 onboard digital signal processor (DSP) slots
1 Internal Service Module slot for application services
Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE
Embedded hardware-accelerated VPN encryption for secure connectivity and collaborative communications Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering
Identity management using authentication, authorization, and accounting (AAA) and public key infrastructure
High-density-packet voice DSP module, optimized for voice and video support
Standards-certified VoiceXML browser services
Cisco Unified Border Element capabilities
Cisco Unity Express voicemail support
Support for Cisco Communications Manager Express and Survivable Remote Site Telephony
Overall, the Cisco 2900 Series offers unparalleled total cost of ownership savings and network agility through the intelligent integration of security, wireless, unified communications, and application services.
In the networking industry there's Cisco and then there's everyone else. But in LAN switching it's even more so.
If we posed the question to IT pros: What's more reliable, your phone network or data network? Most would now tell us that it's a dumb question, they're the same network.
That transition over the past decade makes the LAN ultra-critical for companies today, just as critical as keeping the lights on and the coffee flowing. So it's not at all surprising that in our recent IT Pro Ranking, 444 IT professionals, who either use, have used, or have evaluated the products and vendors we asked about, placed product reliability and product performance as their two most important factors for evaluating LAN vendors and products.
In fact, those two factors rated so high in importance, and Cisco did so well against them, the story almost begins and ends there. Of our 11 criteria, Cisco rated a 4.0 (out of 5) or better on four of the criteria, while no other vendor did that well on more than two. Others making our survey (getting at least 50 responses to our poll) included: Brocade, HP, Juniper, Dell, and Netgear.
Cisco also got the lowest score in our survey, scoring a 3.0 for acquisition cost, whereas no other vendor scored below a 3.2. Operation cost was second lowest for Cisco at 3.5. Meanwhile, HP scored 3.9 and 3.8 on those criteria respectively, Dell came in at 4.1 and 3.8, and Netgear registered 4.2 and 3.0. But cost is not the primary concern for network architects and Cisco knows it. It also knows that when it sets prices, others will move theirs accordingly. No matter what Cisco did with its prices, others will set theirs lower.
Such is the nature of a mature market with reasonable margins and market share leader the likes of Cisco. And lead it does. In our survey, 85% of respondents said they have used or evaluated Cisco products. HP ranks a distant second with 33%, then Dell and Netgear at 22%, Juniper at 20%, and Brocade at 12%. Included in our survey, but not getting enough responses to qualify for inclusion were: Avaya, IBM, Alcatel-Lucent, Extreme, Enterasys, NEC, Arista, and Force 10, all of which had less than 8% reporting use.
In our standard overall weighted score, Cisco ended up with 77%, followed by a three-way tie between HP, Juniper, and Brocade, all at 73%. Dell and Netgear followed with 71% and 70% respectively. The nature of our survey methodology tends to bunch vendors together when we calculate the aggregate score. High-function products are offset by their high prices, while low-function products are boosted by their typically lower prices.
Along with our standardized 11-point rating system, we also asked about 15 features specific to LAN switching. When we asked product users to rate these criteria, cost per port, management software, port density, dynamic port configuration, and pre-port security were deemed most important while layer 2 encryption, proprietary features in advance of standards, and 40-Gbps or 100-Gbps uplinks turned as least important. Here again, in aggregated scores, Cisco came out on top with 75%, then Brocade at 71%, HP and 70%, Juniper at 69%, Dell at 68%, and Netgear at 63%.
All this seems like great news for Cisco, and at least for the moment it is. As report author Mike Fratto points out, the Catalyst 6500 is the product of choice for many LAN architects. But eventually, it too will run out of steam. But when Cisco execs spend a sleepless night worrying about how to maintain their enviable market share and profit margins, they don't worry about any of the vendors I've mentioned here, at least not individually. The company they worry about is Broadcom.
Broadcom now produces a broad range of high-performance chips that let equipment manufacturers build high-density switches with relatively few parts, including its StrataXGS chips, which supports 100-Gbps Ethernet for carriers and 40-Gbps Ethernet for the enterprise. The system-on-a-chip design can support 64 10-Gbps ports and supports relevant standards from DCB to TRILL to OpenFlow. In other words, Cisco has to count on the attractiveness of some pretty esoteric features in its own silicon to beat out any vendor who decides to spin out a switch based on Broadcom's chips.
Users who take the time to make careful side by side comparison between products built on Cisco's own silicon and those built on Broadcom's may not find much of a difference--at least in the features that matter most to them.
This being a mature product category, we weren't all that surprised to see that 60% of responden7ts saying that they had no interest in replacing or adding new LAN switch vendors. That's good news for Cisco. But when we asked that 60% what it would take to get them to reconsider, the top response by a good margin was substantial capital cost savings.
For vendors looking to unseat Cisco as the king of the hill, the task is still daunting. Many will read the survey results and find that it doesn't match the reality of current product offerings. And while that may be true, our survey represents the perceptions of actual product users and as such, it's going to be tough sell to an audience who're pretty much saying, "We'd consider changing vendors if you were giving the stuff away."
Cisco 3900 Series Integrated Services Routers (ISR), designed to power the next phase of branch-office evolution, offers unparalleled total cost of ownership savings and network agility through the intelligent integration of security, wireless, and application services.
As a popular Cisco router item, Cisco 3900 series offers an upgradable motherboard which allows owners to update hardware as more powerful options become available without having to purchase a new router. Cisco also appeals to environmentally conscious consumers with their EngeryWise dual power supplies, which lower electricity costs and support essential redundancy requirements. It is occasionally necessary to reset this powerful networking device, restoring it to factory default settings.
About “3945 router password recovery”
I understand that the password has to be changed the first time we login to Cisco 3945 router but i failed to do that and it’s not allowing me to connect using default username/password.
Can someone help me in getting this addressed??” ---From vnirmal112
Answers from others
“You can but you don't have to change the password the first time you login to the 3900. Are you trying to connect using the console port or telnet?”
“Logged onto router via console...was about to configure a new router...I got a clear message saying that i cannot login next time if i don’t change password, which i saw after logging off only :-(...”
“I am running 12.4.24. If you have another flash card, you can put a different IOS on it and boot it with that and see if you can get in. The other thing you can do is to try the password recovery and see if you can get in that way. Did you ever assign any passwords to it?”
Also frustrated with this Cisco 3900 resetting? Instructions help you reset Cisco 3900 series in detail
1. Enter "config-register 0x2102" from the router's command prompt window. This gives you access to global configuration mode.
2. Enter "show version." The response should read:
router# configure terminal
router (config) #config-register 0x2102
router (config) #end
Repeat the "show version" command.
The response should now read "will be 0x2102 at next reload."
3. Enter the command "write erase." This will erase the current start-up configuration.
4. Reload the software by entering the "reload" command. Do not save when prompted.
The system display should read:
System configuration has been modified. Save? (yes/no): n
Proceed with reload? (confirm)
Confirm that you want the reload to proceed.
5. Wait for the reload. The dialog box will read:---System Configuration Dialog---
Would you like to enter the initial configuration dialog? (yes/no)
The router has been reset.
1. Enter the command "config-register 0x2142."
The response should read:
Router (config)#config-register 0x2142
Repeat the "show version command."
The response should now read "will be 0x2142 at next reload."
2. Reload the software by entering the "reload" command. Do not save when prompted. The system should read:
System configuration has been modified. Save? (Yes/no): n
Proceed with reload? (Confirm)
Confirm that you want the reload to proceed.
3. Wait for the reload. The dialog box will read:
---System Configuration Dialog---
Would you like to enter the initial configuration dialog? (Yes/no) Enter "no."
4. Change the configuration register setting to 0x2102. Enter "config-register 0x2102." Enter "write memory." This will overwrite the running configuration.
5. Enter the "reload" command. The system configuration dialog will appear again. The router is reset.
Cisco 3845 routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements. The Cisco 3845 router features a console port, auxiliary port, dual Universal Serial Bus (USB) ports, four high-speed WAN interface card (HWIC) slots, two 10/100/1000 Gigabit Ethernet RJ45 ports, four Enhanced Network Module (ENM) slots, small form factor pluggable (SFP), power inlets, and Compact Flash (CF) drive.
Cisco 3845 supports two internal advanced integration modules (AIMs) 1, and two Ethernet connections. Figure 5 shows the front panel and Figure 6 shows the rear panel. The front panel consists of 7 LEDs: CF LED, PVDM0 LED, PVDM1 LED, PVDM2 LED, PVDM3 LED, AIM0 LED, and AIM1 LED. The back panel consists of 6 LEDs: SYS LED, ACT LED, SYS PWR1 LED, AUX PWR1 LED, SYS PWR2 LED, and AUX PWR2 LED.
Q: How I can configure the cards for Slots 0/0, 0/1, 0/2, 0/3?
How to Configure Cisco 3845? To follow step here
Using 3487 out of 491512 bytes
! Last configuration change at 13:23:09 PCTime Mon Nov 9 2009 by cisco
! NVRAM config last updated at 13:23:10 PCTime Mon Nov 9 2009 by cisco
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
! card type command needed for slot/vwic-slot 0/0
! card type command needed for slot/vwic-slot 0/1
! card type command needed for slot/vwic-slot 0/2
! card type command needed for slot/vwic-slot 0/3
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$KG3Z$oYVvBSpD//tgRXSsPcO7V.
no aaa new-model
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
no ip source-route
ip tcp synwait-time 10
no ip bootp server
ip domain name oxnardad.org
ip ssh time-out 60
ip ssh authentication-retries 2
crypto pki trustpoint TP-self-signed-3416983991
crypto pki certificate chain TP-self-signed-3416983991
certificate self-signed 01 nvram:IOS-Self-Sig#3104.cer
username vlaguna privilege 15 secret 5 $1$PukE$4.mxdXURqELD/42ERYz1s1
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$ES_LAN$$FW_INSIDE$
ip address 172.20.1.20 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no mop enabled
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no mop enabled
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
logging trap debugging
no cdp run
banner exec ^C
% Password expiration warning.
Cisco Router and Security Device Manager (SDM) are installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
IOS adds in proxy features to forward web traffic to cloud web security offering
Cisco launched this feature to the market at Interop. In a nutshell, it provides IOS routers with intelligent, identity aware, traffic redirection to the Cisco ScanSafe web security cloud offering. ScanSafe provides the following web security features as a cloud service:
- URL Filtering
- Zero-day malware prevention
- Protection against Phishing attacks
- Granular Reporting with a multi-tenant design
- 100% uptime over the last 8+ years
- Heuristic Malware identification
Here is a graphical look at how each web request is processed in the cloud:
This means that http and https traffic will be redirected from the router to the ScanSafe cloud where it will be filtered according to your policy settings. In addition to the redirection of traffic, the ISR G2 will also provide identity (group and user based) to ScanSafe for granular policy selection. Identity can be obtained using multiple methods (AD, web auth, etc) but Active Directory will probably be the most popular. The router encrypts all identity info before it is sent to the cloud.
This type of feature will allow companies to securely stop back-hauling web traffic from remote site VPNs to the central site and back out again. It also allows for a common web security policy across remote sites, central sites, and even remote hosts with the AnyConnect ScanSafe integration. Sending web traffic directly to the Internet results in performance and user satisfaction improvements and decreased bandwidth requirements for HQ. Here is a simple graphic to illustrate this intelligent redirection of web traffic.
Now on to how you configure this on the router/Cisco routers.
First configure Identity on the router. This example will focus on active directory
Ldap server ad-server
transport port 3268
bind authenticate root-dn cn=scansafe,cn=users,dc=test,dc=localdomain password 7 4424A34232
search‐filter user‐object‐type top
Next, create an ldap group
Aaa group server ldap ad-servers
Now Define ip admission control:
Aaa authentication login cs-aaa group ad-servers
Aaa authorization network cs-aaa group ad-servers
Aaa accounting network cs-aaa none
Ip admission virtual-ip 126.96.36.199
Ip admission name csauth ntlm
Ip admission name csauth order ntlm
Ip admission name csauth method-list authentication cs-aaa authorization cs-aaa accounting cs-aaa
Ip http server
Ip admission csauth
Now that we have identity configured we move on to configuring the scansafe redirection commands:
parameter-map type content-scan global
server scansafe primary ipv4 188.8.131.52 port http 8080 https 8080
server scansafe secondary ipv4 184.108.40.206 port http 8080 https 8080
license 0 source interface GigabitEthernet0/0
timeout server 30 user-group ciscogroup username ciscouser
logging server scansafe on-failure block-all
Turn on content scanning on the external interface:
ip address 220.127.116.11 255.255.255.0
ip nat outside
ip virtual-reassembly in
ip virtual-reassembly out
To whitelist sites you create a parameter map like the following example:
parameter-map type regex site_param
parameter-map type regex browser_param
whitelist header user-agent regex browser_param
whitelist header host regex site_param
Supported Cisco ISR G2 Platforms and requirements include
-19xx, 29xx, 39xx
-Security feature license or higher is required
-Valid Cisco ScanSafe license
Cisco will release the IOS code end of this month. It will be 15.2(1)T. You can find more information at these links.
The Cisco 2821 router comes equipped with a software-based firewall. To configure the firewall on a Cisco 2821, you must be familiar with Cisco's security-based commands to restrict access across the network. Administrative privileges and terminal emulation software are necessary to complete this task.
Things You'll Need
- Terminal emulation software
- RS-232 serial cable
- Cisco router with IOS firewall
Instructions to Configure a Firewall on Cisco 2821 Router
1. Connect the router directly to the administrator workstation using an RS-232 cable.
2. Use the router's installation CD to install and open the terminal emulation software. If you prefer to use a third-party emulation software, that is acceptable.
3. Turn on the router and the initial boot sequence will begin. If the router has been previously configured, a prompt with the username will appear, otherwise, the prompt will appear as "Router>."
4. Type "enable" and press "Enter." Type in the router's password when the password prompt appears.
5. Type "conf t" and press "Enter." This will put the router into global configuration mode. The prompt will change to "Router (config) #."
6. Type "ip inspect?" and press "Enter." If the router is configured with the Cisco IOS software, a list of commands will appear that are specifically designed for configuring your router. If the computer displays "% Unrecognized Command," then you will need to download and install the Cisco IOS software (see Resources).
7. Use the list of available commands to configure your router. For examples of router configurations, navigate your browser to the Cisco website (see Resources).
8. Type "CNTL/Z" and press "Enter" once the configuration process is complete. This will return the terminal emulation software back to privileged mode.
9. Type "show ip route" and press "Enter." A list of all neighboring IP addresses will be displayed, indicating that the configuration is complete and the router is communicating with known workstations.
10. Type "show running-config" and press "Enter." Your new running configuration will display.
11. Type "copy running-config startup-config" and press "Enter." This will copy your current configuration to your start-up configuration and save it to the router's memory.
Tips & Warnings
- If you have never configured a router, this task can become frustrating in a hurry. If you are not sure of your ability to configure your router, it is best to contact a qualified network administrator to help you.
For a business that depends on technology, Cisco 1900 Series Integrated Services Routers (ISRs) deliver high-performance, highly secure connectivity with multiservice integration that can transform the workplace with a broad set of services, rich-media support, and operational excellence.
There are several Cisco 1900 popular stars including Cisco 1921/K9, Cisco 1921-SEC/K9, Cisco 1941/K9, Cisco 1941-SEC-SRE/K9, Cisco 1941-SEC/K9, CISCO1941W-A/K9, etc. Maybe it is hard for you to decide which one is the most suitable?
Cisco 1941 router or Cisco 1921 router? Not that complicated, look at some discussion from Cisco 1900 users or buyers, you will be clear about it:
The Cisco 1921 Integrated Services Router (ISR) brings you extremely protected data, portability, and application services as whatever you’re expecting. The primary features includes 2 integrated 10/100/1000 Ethernet ports, 2 enhanced High-Speed WAN Interface Card (EHWIC) slots, it has a ability to support 802.3af this power modules as well. if you concern the security it has a built in hardware encryption, together with this you can have extremely protected mutual communications.
Though you have mentioned two product with their series but let me tell you that there are multiple product with the same series, such as CISCO1941/K9 and C1941-SEC-SRE/K9 so still with the 1941 series you can have too many models, according to me you should first of make your own configuration and after that look for the model, after that you’ll be able to figure out which one would be better for yourself.
According to me you should prefer CISCO1941W-E/K9, it has a ability to support over 10 routing protocol such as OSPF, BGP, EIGRP, PIM-SM, IGMPv3, static IPv4 routing, static IPv6 routing and many more. The router is a evolutionary platform with multicore CPUs, if you have glance at the specification of this model, it will come to know that the hardware it has through which you can have very good performance, some of the features includes firewall protection, VPN support, Syslog support, IPv6 support, CBWFQ, WRED.
Key features of Cisco 1900 series
Cisco 1900 Series Integrated Services Routers support:
- Nonstop connectivity: High availability and increased business uptime through Cisco IOS Software, hardware redundancy, and failover capabilities.
- Flexible services: Modular support for the broadest set of Cisco network and security services, as well as customizable "on demand" virtual services.
- Best-in-Class security: Defends against malicious attacks and threats.
- Secure mobility: High-speed wireless access enables employees to be more productive when they are away from their desks.
- Flexible VPN support: Give remote staff and teleworkers secure access to company assets over a highly secure connection.
Cisco 1900 Series Integrated Services Routers offer a range of features including:
- High-performance, nonstop connectivity with integrated services enables deployment in high-speed WAN environments
- Modular design delivers optimal service flexibility
- Available EtherSwitch modules enable integrated switching capabilities
- Innovative Services-Ready Engine (SRE) enables deployment of services on demand
- Optional integrated high-speed 802.11n wireless access point supports secure mobility
- Best-in-class security—including firewall, intrusion prevention system, and content filtering—defends against malicious attacks and threats
- VPN support enables secure collaborative communications with Group Encrypted Transport VPN (GETVPN), Dynamic Multipoint VPN (DMVPN), or Enhanced Easy VPN
- Enhanced redundancy, including diagnostics and backup power supplies increase fault tolerance and business uptime
- Operational simplicity, energy efficient design, and Green credentials deliver low total cost of ownership
If you need to get some info about Cisco 1900 series’ price and Cisco 1900 selling, you can visit Cisco 1900/Cisco 1941/Cisco 1921 at router-switch.com
Cisco 1900 series: Quite Simply the Best
Get on-demand services, rich-media capabilities, and unparalleled reliability.
Q. What are the Cisco 1800 Series Integrated Services Routers?
Q. Why did Cisco Systems introduce the Cisco 1800 Series?
A. Cisco introduced the Cisco 1800 Series to allow the secure deployment of multiple, integrated services at wire-speed performance. In general, the integrated services router product line provides high performance while running simultaneous services such as data, security, and quality of service (QoS) in one integrated routing platform. The best-in-class Cisco 1800 Series architecture has been specifically designed to meet requirements of small-to-medium-sized businesses (SMBs) and small enterprise branch offices as well as service provider-managed services applications. The Cisco 1800 Series delivers secure concurrent services at wire-speed performance and allows for lower operational and capital expenditures because of the high degree of integration and ease of installation, management, and deployment.
Q. What is the Cisco 1841 Integrated Services Router?
A. The Cisco 1841 is a modular router that is designed to intelligently integrate data and security services into one single, resilient system for fast, scalable delivery of mission-critical business applications. It is specifically engineered for customers who want to securely deploy multiple, concurrent services at wire-speed performance with security and QoS features enabled. The Cisco 1841 comes in a desktop form factor with two modular WAN-interface-card (WIC) or high-speed WIC (HWIC) slots for data connectivity. It offers hardware-based encryption for Data Encryption Standard (DES), Triple DES (3DES), Advanced Encryption Standard (AES), and Secure Sockets Layer (SSL) VPN as well as Cisco IOS® Firewall and Cisco IOS Intrusion Prevention System, which can be enabled through an optional Cisco IOS Software security image. The Cisco 1841 router provides two integrated 10/100BASE-T Fast Ethernet ports onboard, an integrated USB port (1.1), as well as an internal advanced-integration-module (AIM) slot. The modular form factor of the Cisco 1841 helps ensure investment protection with WICs and HWICs that are compatible with the Cisco 2800 and Cisco 3800 Series Integrated Services Routers.
Q. With the introduction of the Cisco 1800 Series, what are the plans for the current Cisco 1700 Series Modular Access Routers?
A. The Cisco 1700 Series will reach end of sale on March 27, 2006. New feature development for the Cisco 1700 Series will be available through Cisco IOS Software Release 12.4T with bug-fix support through Cisco IOS Software Release 12.5 Mainline.
Q. Does the Cisco 1841 offer a bundled security, data, and broadband solution similar to the Cisco 1700 Series?
A. Yes. Bundled security solutions with support for hardware-based encryption for DES, 3DES, AES, SSL VPN, Cisco IOS Firewall, and Cisco IOS Intrusion Prevention System are available for the Cisco 1841. Bundled data and DSL solutions are also available for the Cisco 1841.
Q. What is the performance of the Cisco 1841?
A. The Cisco 1841 is a new-generation, best-in-class router platform designed to deliver multiple concurrent services at wire-speed performance up to single T1/E1/xDSL speeds. Chassis performance has been increased up to five-fold, and security performance increased up to seven-fold compared to the Cisco 1700 Series. The single T1/E1/xDSL value quoted here represents IMIX packet sizes in higher-than-typical Cisco 1841 services configurations. In less service-heavy environments, actual WAN throughput
will be higher.
Q. How does the Cisco 1841 router compare to the Cisco 1721 router that is the current Cisco 1700 Series data-only version?
A. The Cisco 1841 router provides significant additional value compared to the Cisco 1721 router by offering more than a five-fold performance increase. It also integrates hardware-based encryption that can be enabled with an optional Cisco IOS Software security image while simultaneously supporting multiple services such as security, data, and QoS, and providing increased slot performance and density. Also, more than 30 existing Cisco 1700 Series WICs and multiflex trunk interface cards (voice WICs [VWICs]) (for data only) are supported. Further, both of the modular slots on the Cisco 1841 router are HWIC slots that offer greater speeds and higher port density.
Note: The WIC/HWIC/VWIC (in data mode only) slots on the Cisco 1841 router do not support Cisco product-based inline power,
or Power over Ethernet (PoE). This support is offered beginning with the Cisco 2801 Integrated Services Router as part of the Cisco 2800 Series.
Q. What are the basic specifications for the Cisco 1841 router?
Table 1.Product Specifications
Q. How do the Cisco 2800 Series Integrated Services Routers differ from the Cisco 1841 Integrated Services Router?
A. Cisco 2800 Series is targeted at medium-sized businesses and small to medium-sized enterprise branch offices with even higher performance and interface density requirements. Further, the Cisco 2800 Series not only offers even higher security performance and support of network modules (except the Cisco 2801) but also voice support, including the optional integration of voicemail.
• Secure integrated services¾Using its new best-in-class, secure, high-performance architecture; the optional integration of an AIM module; a wide array of interface cards; and the rich Cisco IOS Software services capability, the Cisco 1841 router offers the ability to easily integrate the functions of standalone network appliances and components in an interface card or AIM and supports multiple services at wire-speed performance.
• Secure network connectivity for data¾The Cisco 1841 router features leading advanced, integrated, end-to-end security for the delivery of converged services and applications. The integration of security functions directly onto the router provides optimal performance for security solutions such as Dynamic Multipoint VPN (DMVPN) applications, Secure Sockets Layer VPN (SSL VPN), network admission control (NAC) for antivirus defense, inline intrusion prevention, and a transparent Cisco IOS Firewall.
WICs, VWICs, and HWICs
A. An HWIC slot supports HWICs. It is a newly architected, high-performance version of the current WIC slot. Both modular slots on the Cisco 1841 router support HWICs. The HWIC card can offer greater speeds and higher port density than the current WIC. In addition, the HWIC slots support Cisco product-based inline power and PoE. However, PoE is not offered on the HWIC slots of the Cisco 1841 router. The HWIC slots also support most of the more-than 30 existing WICs and VWICs (on the Cisco 1841 router in data-only mode).
Q. Is online insertion and removal (OIR) supported for cards in the HWIC slots?
Q. Does the Cisco 1841 router support all the current WICs?
A. Most existing modules are carried forward for the Cisco 1800 Series Integrated Services Routers. Refer to the Cisco 1841 data sheet for a detailed listing of all supported modules: http://www.cisco.com/en/US/prod/collateral/routers/ps5853/product_data_sheet0900aecd8016a59b.html
Q. Are any WICs not supported on the Cisco 1841 router?
Table 2.WICs Not Supported on Cisco 1841 Router
Q. Does the Cisco 1841 router support all the current multitflex trunk interface cards (VWICs)?
Q. Does the Cisco 1841 router support VICs?
Advanced Integration Modules
A. An AIM is an advanced integration module that can be plugged into the internal AIM slot of the Cisco 1841, Cisco 2600 Series,
Cisco 2800 Series, Cisco 3700 Series, and Cisco 3800 Series routers. The AIM slot provides a way of integrating additional functions and offloading processor-intensive functions from the main CPU without reducing the LAN or WAN density of the Cisco platform by otherwise occupying an external modular slot. The encryption AIM (part number AIM-VPN/BPII-PLUS) and the SSL VPN AIM (AIM-VPN/SSL-1) are currently available for use in the Cisco 1841 router.
Q. Does the Cisco 1841 router support all the current AIMs?
Note: The VPN module supported on the Cisco 1700 Series (part number MOD1700-VPN) is not supported on the Cisco 1841 router. Instead, the encryption AIM (part number AIM-VPN/BPII-PLUS) and SSL VPN AIM (part number AIM-VPN/SSL-1) are supported on the Cisco 1841 router.
Q. Are any AIMs not supported on the Cisco 1841 router?
Table 3.AIMs Not Supported on Cisco 1841 Router
Q. How many internal AIM slots are available on the Cisco 1841 router?
Q. Is the Cisco 1841 rack-mountable?
Q. When was the rack-mount capability introduced on the Cisco 1841?
A. All Cisco 1841 chassis shipping since Q4FY06 are rack-mountable. Cisco 1841 chassis with the following starting serial numbers have the rack-mount screw holes: FTX1009W0Z3 (United States), FCZ100812UR (Europe, Middle East, and Africa), and FHK100653JL (Asia Pacific).
Q. Are all Cisco 1841 chassis rack-mountable?
A. All Cisco 1841 chassis shipping since Q4FY06 are rack-mountable. Please refer to the serial numbers provided above to find out whether a specific chassis has the rack-mount screw holes to be rack-mountable with the optional rack-mount kit. All chassis currently shipping are rack-mountable with the optional Cisco 1841 rack-mount kit.
Universal Serial Bus
A. The Cisco 1841 router has an integrated USB port (1.1). The USB port is configurable to work with an optional USB token for secure configuration distribution and off-platform storage of VPN credentials.
Q. Can I use the USB port as a console port?
A. The Cisco 1841 router uses a universal internal standard power supply that is applicable for all countries. There are no country-specific power supplies. The AC input voltage of this universal standard power supply spans from 100 to 240V, the frequency
from 50 to 60 Hz, and the AC input current is 2.0A. The maximum power output is 50W for the Cisco 1841 router.
Q. Does the Cisco 1841 router support 802.3af PoE?
Q. Does the Cisco 1841 router support a redundant power supply (RPS)?
Q. Does the Cisco 1841 router support DC power?
A. No, the Cisco 1841 router does not support DC power. Within the integrated services router product line, DC power support starts with the Cisco 2800 Series Integrated Services Routers, specifically with the Cisco 2811.
A. The Cisco 1841 router uses SDRAM. The default DRAM for the Cisco 1841 router is 128 MB, which is fixed onboard. The Cisco 1841 has a DIMM slot onboard that can be populated with additional DRAM memory.
Q. What is the default and maximum DRAM memory in the Cisco 1841 router?
Table 4.Default and Maximum Memory
Q. What kind of flash memory does the Cisco 1841 router use?
A. The Cisco 1841 Router has a single, external compact flash memory. This is the only flash memory for the system and should never be removed whenever ROM Monitor (ROMMON) is being updated with a new image or configurations or when the compact flash LED light "busy" is on.
Q. What is the flash memory used for?
A. Cisco IOS Software is stored in flash memory. In addition, configuration files can be saved in flash memory. Also, flash memory allows software upgrades to be downloaded over the WAN or LAN link and to be stored in the flash memory.
Q. What is the default and maximum compact flash memory in the Cisco 1841 router?
Table 5.Default and Maximum Compact Flash Memory
Q. What is the ROM monitor?
A. The ROM monitor is a ROM-based program that is executed upon system power-up or reset. It performs various functions, including a power-on confidence test, hardware initialization, a system boot process, system failure debug, and file system support.
Q. What is required to upgrade the ROM monitor?
A. The boot flash device on the Cisco 1841 router is a 4-MB, fixed flash device that is not field-replaceable. The ROM monitor image can be upgraded by downloading new software. The first image in ROM is a read-only image that cannot be erased. The upgrade image is a read-write image that is stored in ROM flash memory as the second image. You can configure the router to boot ROM monitor from either of the two images, primary or secondary if it exists, in the flash memory. In order to upgrade the ROM monitor on the Cisco 1841 router, you need to have a ROM monitor image available to copy from a remote server or from the external compact flash memory.
Q. What is new about the architecture of the Cisco 1841 router?
A. The Cisco 1800 Series with the Cisco 1841 router was designed as a high-performance routing platform to integrate and support secure, concurrent multiple services. The entire architecture provides significant performance increases over the Cisco 1700 Series as well as security through the hardware-based encryption on the motherboard that can be enabled with an optional Cisco IOS Software security software image. Combining faster discrete components such as CPU and memory with a higher bus speed and custom silicon, the Cisco 1841 router can maintain high throughput levels while running a complex set of services.
Q. Does the architectural design of the Cisco 1841 router include a real-time clock?
Q. What security functions are available for the Cisco 1841 router?
A. The Cisco 1841 router integrates hardware-based encryption onboard that can be enabled with an optional Cisco IOS Software security software image that not only enables the encryption (DES/3DES/AES) but also provides Cisco IOS Firewall and Cisco IOS Intrusion Prevention System support. Other standard security features supported are access control lists (ACLs); authentication, authorization, and accounting (AAA) features such as Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP); TACACS+, RADIUS, and token authentication; and Lock & Key. Further, NAC for antivirus defense can be enabled on the Cisco 1841 router.
Q. Can I use the Cisco 1841 router as a firewall?
A. Yes. The Cisco IOS Firewall feature set is supported in the Cisco 1841 router. This feature set includes enhanced firewall functions such as context-based access control (CBAC), which enables securing a network on a per-application basis. Additional firewall security features include Java applet blocking, denial-of-service (DoS) detection and prevention, and more advanced logging capabilities.
Q. What is the difference in features and performance between the encryption and SSL VPN AIM and the onboard cryptographic engine?
A. The IPSec and SSL VPN AIM modules (AIM-VPN-BPII-PLUS and AIM-VPN/SSL-1) offer more than double the performance of the onboard cryptographic accelerator and more than five times the number of remote VPN tunnels. The AIM modules also offer IP Payload Compression Protocol support (IPPCP Layer 3 compression) in hardware. The AIM-VPN/SSL-1 additionally supports SSL VPN in hardware with two times the number of users supported when compared to the software-based SSL encryption feature in Cisco IOS Software.
Q. What Cisco IOS Software release and feature set are needed to use Cisco IOS SSL VPN on the Cisco 1841?
Q. What is the maximum number of SSL VPN sessions that are supported on the 1841?
Q. Does the Cisco 1841 router work with the Cisco VPN client?
Q. Does the Cisco 1841 router function with Cisco Easy VPN remote client-server mode?
A. Yes. The term Easy VPN server denotes any headend model that supports the Cisco Unity® voice messaging system workgroup specification for VPN server. The term Easy VPN client denotes any customer premises equipment (CPE) that receives IPsec configuration from an Easy VPN server. The Cisco 1841 router can serve as both an Easy VPN server and an Easy VPN client.
The Cisco 1841 router can push IPsec configurations to an Easy VPN client and can receive IPsec configurations from another Easy VPN server.
Q. Can the Cisco 1841 router perform software Lempel-Ziv-Stac (LZS) compression with the AIM VPN modules?
A. Like all Cisco routers, the Cisco 1841 router can be managed with Simple Network Management Protocol (SNMP), with a Telnet session, and through a directly connected terminal or PC running terminal emulator software.
Q. Does the Cisco 1841 router support CiscoWorks Resource Manager Essentials (RME), CiscoWorks CiscoView, the CiscoWorks VPN/Security Management Solution (VMS), and the Cisco IP Solution Center (ISC)?
Q. Does the Cisco Router and Security Device Manager support the Cisco 1841 router?
Q. Is Cisco Voice Manager supported on the Cisco 1841 router?
For more information about the Cisco 1800 Series Integrated Services Routers, visit http://www.cisco.com/go/1800 or contact your local account representative.
To select the appropriate switch for a layer in a particular network, you need to have specifications that detail the target traffic flows, user communities, data servers, and data storage servers. Company needs a network that can meet evolving requirements.
Traffic flow analysis is the process of measuring the bandwidth usage on a network and analysing the data for the purpose of performance tuning, capacity planning, and making hardware improvement decisions.
Network switches come in different sizes, features and functions, choosing a switch to match a particular network sometimes constitute a daunting task.
Consider what will happen if the HR or HQ department grows by five employees or more’ A solid network plan includes the rate of personnel growth over the past five years to be able to anticipate the future growth. With that in mind, you would want to purchase a switch that can accommodate more than 24 ports, such as stackable or modular switches that can scale.
When selecting a switch for the* access, **distribution, or ***core layer, consider the ability of the switch to support the port density, forwarding rates, and bandwidth aggregation requirements of your network.
Access layer switches facilitate the connection of end node devices to the network e.g. PC, Modems, IP phone, Printers etc. For this reason, they need to support features such as port security, VLANs, Fast Ethernet/Gigabit Ethernet, PoE(power over Internet, and link aggregation. Port security allows the switch to decide how many or what type of devices are permitted to connect to the switch. This is where most Cisco comes in, they all support port layer security. Most renowned network administrator knows this is the first line of defence.
Distribution Layer switches plays a very important role on the network. They collect the data from all the access layer switches and forward it to the core layer switches. Traffic that is generated at Layer 2 on a switched network needs to be managed, or segmented into VLANs, Distribution layer switches provides the inter-VLAN routing functions so that one VLAN can communicate with another on the network.
Distribution layer switches provides advanced security policies that can be applied to network traffic using Access Control Lists (ACL). This type of security allows the switch to prevent certain types of traffic and permit others. ACLs also allow you to control, which network devices can communicate on the network.
Core layer switches: These types of switches at the core layer of a topology, which is the high-speed backbone of the network and requires switches that can handle very high forwarding rates. The switch that operates in this area also needs to support link aggregation (10GbE connections which is currently the fastest available Ethernet connectivity.) to ensure adequate bandwidth coming into the core from the distribution layer switches.
Also, core layer switches support additional hardware redundancy features like redundant power supplies that can be swapped while the switch continues to operate. Because of the high workload carried by core layer switches, they tend to operate hotter than access or distribution layer switches, so they should have more sophisticated cooling options. Many true, core layer-capable switches have the ability to swap cooling fans without having to turn the switch off.
For example, it would be disruptive to shut down a switch at the core layer to change a power supply or a fan in the middle of the day when the network usage is at its Peak. To perform a hardware replacement, you could expect to have at least a 10 to 15 minute network shutdown, and that is if you are very fast at performing the maintenance. In more realistic circumstances, the switch could be down for 30 to 45 minutes or more, which most likely is not acceptable. With hot-swappable hardware, there is no downtime during switch maintenance.
Another characteristic one needs to put into consideration is port speed, which at times depend on performance requirements, choosing between fast Ethernet and Gigabit Ethernet Switch Ports.
Fast Ethernet allows up to 100 Mb/s of traffic per switch port while Gigabit Ethernet allows up to 1000 Mb/s of traffic per switch port. Fast Ethernet is adequate for IP telephony and data traffic on most business networks; however, performance is slower than Gigabit Ethernet ports..
Port density is the number of ports available on a single switch. Fixed configuration switches support up to 48 ports on a single device, with options for up to four additional ports.
High port densities allow for better use of space and power when both are in limited supply. If you have two switches that each contain 24 ports, you would be able to support up to 46 devices, because you lose at least one port per switch to connect each switch to the rest of the network. In addition, two power outlets are required. On the other hand, if you have a single 48-port switch, 47 devices can be supported, with only one port used to connect the switch to the rest of the network, and only one power outlet needed to accommodate the single switch.
Modular switches can support very high port densities through the addition of multiple switch port line cards, as shown in the figure. For example, the Cisco Catalyst 6500 switch can support in excess of 1,000 switch ports on a single device.
Switches have different processing capabilities at the rate in which they process data per second. Processing and forwarding data rates are very important when selecting a switch, the lower the processing, the slower the forwarding this results to the switch unable to accommodate full wire-speed communication across all its ports. A normal fast Ethernet port attains a 100Mb/s , while Gigabit Ethernet does 1000Mb/s.
For example, a 48-port gigabit switch operating at full wire speed generates 48 Gb/s of traffic. If the switch only supports a forwarding rate of 32 Gb/s, it cannot run at full wire speed across all ports simultaneously.
The more ports you have on a switch to support bandwidth aggregation, the more speed you have on your network traffic,. e.g. , consider a Gigabit Ethernet port, which carries up to 1 Gb/s of traffic in a network. If you have a 24-port switch, with all its ports capable of running at gigabit speeds, you could generate up to 24 Gb/s of network traffic. If the switch is connected to the rest of the network by a single network cable, it can only forward 1 Gb/s of the data to the rest of that network. Due to the contention for bandwidth, the data would forward more slowly. That results in 1 out of 24 wire speed available to each of the 24 devices connected to the switch.
Power over Ethernet (PoE)
Another characteristic you consider when choosing a switch is Power over Ethernet (PoE). This is the ability of the switch to deliver power to a device over the existing Ethernet cabling. IP phones and some wireless access points can use this feature, you can be able to install them anywhere you can run an Ethernet cable.
More tips: If you are looking for more info of Cisco switches, you can visit router-switch.com----Cisco switches: Cisco Catalyst 2960, Cisco Catalyst 3560,Cisco 3750, Cisco 4500, Cisco 6500 series, etc...
The Cisco 3750 switch has contributed greatly to Cisco's success in the networking hardware market. Its features provide efficient and reliable network switching services. You can find a pre-owned 3750 model at a good price, and if you do buy a pre-owned Cisco 3750 switch, you may need to change the password before you are able configure it to work on your network. Fortunately, Cisco has provided a built-in procedure that allows you to change the password.
Things You'll Need
Cisco 3750 switch and serial cable
Computer with terminal emulation software
How to Change the Password on a Catalyst 3750 Switch？
1. Connect your computer to the 3750 switch using the blue serial cable that typically comes with it. Connect the 9-pin d-shell connector to your computer's serial port, and connect the RJ-45 connector to the switch's console port.
2. Configure a terminal session to the switch. Power up your computer, open a terminal emulator application, and configure a terminal session with the following settings:
1 stop bit
8 data bits
Xon/Xoff flow control
Save the configuration with a name that you can recognize later.
3. Hold down the "Mode" button on the left front of the Cisco 3750 switch, and plug in the power cable. Five seconds after the Stat LED goes off, release the "Mode" button. The SYST LED should start to blink amber.
4. At the command prompt, issue the following commands to the switch to prepare it for the reset procedure, and rename the current configuration file:
rename flash:config.text flash:config.old
5. Boot the 3750 switch by issuing the "boot" command and pressing "Enter." At the "System Configuration Dialog" prompt, answer "n" and press "Enter" twice. This should display the "Switch>" prompt.
6. Issue the "en" command at the prompt, and press "Enter." You should see the prompt change from "Switch>" to "Switch#." Rename the configuration file with the following command:
rename flash:config.old flash:config.text (press "Enter")
Press "Enter" to accept the destination filename default.
7. Copy the configuration file into the 3750 memory with the following command:
copy flash:config.text system:running-config
Press "Enter" when prompted for a destination filename to accept the default.
8. eate new passwords for the 3750 switch with the following commands:
enable secret spswd (spswd = your new secret password)
enable password enpswd (enpswd = your new enable password)
line vty 0 15
password tpswd (tpswd = your new terminal password)
line con 0
password cpswd (cpswd = your new console password)
The 3750 will issue a "Building Configuration" message. When you see the [OK] message at the Sw1# prompt, you have completed the password change for the Cisco 3750 switch.
Tips: More info of Cisco 3750 switches you can visit at cisco.com