Browsed by
Tag: Cisco

NordVPN IKEv2/IPsec with Cisco IOS

NordVPN IKEv2/IPsec with Cisco IOS

NordVPN is one of the more popular VPN providers. However, I couldn’t find any guides online for using their IKEv2/IPsec with Cisco IOS. This guide shows how to use EAP MSCHAP and certificate based authentication with NordVPN and IOS. I hope this helps others get their VPN running more quickly than I did. I had to upgrade the code on my router for this to work. I have this working on a Cisco 1941 running c1900-universalk9-mz.SPA.155-3.M5.bin. On older versions (early…

Read More Read More

ACS 5.2.0.26 Upgrade Hangs

ACS 5.2.0.26 Upgrade Hangs

I had a problem when upgrading from 5.1.0.44 to 5.2.0.26. I’d see the following: Saved the running configuration to startup successfully Then the CLI would just hang, after an hour I CTRL+C ‘d out of it. Stopping the ACS process and re-running the install fixed the issue. ACS/user# application stop acs Stopping ACS. Stopping Management and View…………………………………………………… Stopping Runtime…………………… Stopping Database………….. Cleanup…. ACS/user# application upgrade ACS_5.2.0.26.tar.gz repo Do you want to save the current configuration ? (yes/no) [yes] ? Generating…

Read More Read More

VPLS Unicast Flooding

VPLS Unicast Flooding

Unicast flooding problems, usually associated with switched networks, can also impact VPLS. If traffic is forwarded asymmetrically through a VPLS instance, unicast flooding of unknown frames can occur. I’ll step through a scenario where this could happen. I set a LAB up with two CSR 1000V routers acting as PE routers, providing a VPLS instance. GNS3 was used to run the IOS routers acting as CE and C routers. In this scenario we could imagine that CE3 and CE4 are…

Read More Read More

MPLS MRU

MPLS MRU

The purpose of the MPLS MRU (Maximum Receive Unit) is to indicate the maximum size of a packet, including MPLS labels, that the local router router can forward without fragmenting. MRU is only locally significant. If an incoming packet belonging to a particular FEC (Forwarding Equivalence Class) exceeds the MRU calculated for that FEC, the packet will require fragmentation prior to it being transmitted on the outgoing interface. The MRU for each FEC varies depending on the MTU of the…

Read More Read More