networking-computers-music-health & everything else!
I decided to downgrade to IOS c870-advsecurityk9-mz.124-15.T6.bin so I could try ADSL firmware AMR-3.0.043.bin, ver 20/22 of this IOS doesnt work with this firmware.
So far ive noticed 3.0.043 has slightly less Reed Solomon/CRC/Header errors, and notice improved performance. On previous firmware I noticed on upstream, I would get quite a few errors upon sync however with this firmware it seems fine and shows 0.
9 CommentsAre you running a server, utorrent or some other application which requires a port to be forwarded back to your internal network?
Its very simple and easy to do on the Cisco 877.
Direct Forwarding
a) We have a webserver on port 80 and we wish to forward port 80 from outside back to internal
ip nat inside source static tcp 10.108.1.6 80 interface Dialer1 80
b) A torrent type port forward:
ip nat inside source static tcp 10.108.1.1 61437 interface Dialer1 61437
As we can see basically we are opening external ports on the router, and allowing that port to be routed back to our internal network on the specified IP address. (Remember to substitute your internal IP address above and the port you wish to use. You may also need to change the Dialer, either Dialer1 or Dialer0 depending how your device is configured)
Re-Direct Forwarding
In your internal network you may have 3 machines which all run RDP on port 3389. Now you cannot map 3389 three times, only 1 port can be used at a time.
So what you can do, is setup a redirection so that the external port numbers are different but map to the same 3389 port numbers internally.
Example:
ip nat inside source static tcp 10.108.1.1 3389 interface Dialer1 4321
In this example, port 4321 is opened externally which maps back to the internal IP address on port 3389 (RDP)
ip nat inside source static tcp 10.108.1.10 3389 interface Dialer1 1832
Another example opening another external port to redirect to a different host inside the internal network for RDP
Another good example is you might be running a SSH server on your inside network on port 22, while externally you can configure it to be seen as port 6211.
ip nat inside source static tcp 10.108.1.10 3389 interface Dialer1 6211
This is a good security practice, so that you do not get constantly probed by bots on port 22 to try hack into your box with username/password combinations.
I started to learn a bit more about network monitoring tools and how to monitor the network. One of these tools is “Whats UpGold”, which can monitor uptime on devices, probe for interface bandwidth utilization and various other items. I have just begun using this software to monitor 300+ cisco devices for uptime, bandwidth utilisation, and recommend it highly. One thing about it I like, you can setup maps of a town/city/state with dot points and if a device goes down the dot shows red, and if its up its green, so you exactly know when/where it goes down.
See website below for more info.
Ipswitch WhatsUp Gold is the world’s leading network management software with over 70,000 networks reliably managed worldwide. Built on a scalable and extensible architecture offering automated device discovery and network mapping, real-time SNMP and WMI monitoring, and versatile alerting, notification, and reporting functionality, WhatsUp Gold delivers 360° visibility, actionable intelligence, and complete control.
Now if you have the $$$ this other superb tool offers far more in-depth monitoring called CA eHealth, it has a deeper inspection inside the network such as utilization, latency, uptime between interfaces, and capacity planning, and other very detailed reports, compared to WhatsUp Gold.
Apparently this tool for enterprises costs around $500,000AUD to have it setup, which is why this is only used by the best of the best network operation centres to monitor large and complex networks.
For more info http://www.ca.com/us/network-performance.aspx
Help ensure the network performance and availability of LANs, WANs, routers, switches and the technologies and the network services provided over them. CA eHealth® Network Performance Manager provides comprehensive, vendor-independent technology that enables you to pinpoint areas of network performance degradation and generate real-time management reports to identify the causes of problems.
Now you are probably wondering what about some FREE monitoring tools?! I personally use CACTI which is a fantastic monitoring tool for my home network, but can be used for business/large enterprise also. The tool is open source, and has a great support forum which is excellent. The tool is a network graphing solution and many examples can be found on its website what can be monitored.
Cacti is a complete network graphing solution designed to harness the power of RRDTool‘s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices.
3 Comments