Quality of Service within a VPN tunnel over Dialer-Interface

Today I will show you how to configure QoS for outgoing SIP VoIP traffic who goes throw a VPN tunnel / crypto-map. To solve this we need to create class-maps for all IP traffic and for our SIP traffic and bind them to the crypto map and the outgoing interface because VPN traffic is encapsulated … Read more

Router on a stick

Today I will show you how to build a so called “Router-on-a-stick” environment. In this example we have one Cisco router, one HP ProCurve switch and three subnets: First we configure inspection firewall profiles, so when someone requests packets from the internet, packets can come back through our inbound WAN interface access-list ip inspect name … Read more

Copy IOS image to a Cisco router from ROMmon

If you accidentally erased your flash or have a Cisco router with an empty flash, you can upload an IOS image from ROMmon to recover the device to a functional router. Connect your router via console-cable to a PC and use PuTTY to connect to your device. I use TFTPD32 from Philippe Jounin. When starting … Read more

Password- and configuration-recovery for Cisco IOS router

You bought a used Cisco router at eBay configured with a password? You loose your password but still need the current configuration? No Problem! You can easily reset the configuration/passwords. You need to connect to the serial port of the Cisco router. I’m using always a USB-RS232-serial-adapter and PuTTY for this. To boot your router … Read more

Site2Site IPSec VPN Tunnel with Cisco EasyVPN

In Germany some internetprovider doesn’t offer a static WAN IP address. So the easiest way to connect a branch office router via IPsec VPN protocol to the central network address is using a Cisco EasyVPN connection with network-extension mode. In this example we have two networks: The IP subnet of our mainoffice is 192.168.1.0 /24 … Read more

Understanding ip nat outside Rules

One of my customers has a separated network within their internal network. Mobile devices (Android Phones, iPhones, etc.) are connected to a consumer access point which is connected behind the Cisco Router 876:       The Traveler service is also rechable via internet (configured with PAT pointed to the Traveler server). In the past, … Read more

Hello World!

Welcome to my new site! My name is Michel, currently Iā€™m living in germany. I installed a new wordpress blog for sharing my knowledge (primarily about networking) from products from Cisco, Sophos, Astaro and HP. Feel free to share my posts and use this platform to comment and discuss your/our problems and contribute to solve … Read more