use Sh mod
>From: "Bill" >Reply-To: "Bill" >To: [EMAIL PROTECTED] >Subject: PIX Questions [7:63226] >Date: Tue, 18 Feb 2003 04:46:29 GMT > >Everybody. How are you guys. > >1)WS-G5484, WS-G5486, and WS-G5487 are all Optical GBICs -What command can >I >use on a 6500 switch to identify which of the above GBIC's currently >installed in the switch? >sh ver doesn't seem to give me information on this. > >2) Conceptual questions on PIX (i am learning pix in a lab environment) > a)will a higher-security interface always be able to initiate connections >to a lower-security interface without configuration of an access-list,etc ? >So, with a pix consisting of 8 interfaces, will e7(dmz with security70) be >able to initiate a connection to e5(dmz with security50) but not the other >way around? > > b)access-list 101 permit tcp any host 175.1.1.254 >access-list 101 deny tcp any host 175.1.1.254 eq www >What is the effect of the above access list in regards to www traffic? > > c)access-list 1 deny tcp host 10.0.1.2 >This access-list is applied to interface e1(ip:10.0.1.1) and thus i expect >that 10.0.1.2 cannot initiate any communications. However it could reach >internet websites. When I used the same command but with a 'eq www' at the >end, the access-list worked and denied the host access to the web. Why is >that? I was under the impression that my access-list would simply deny all >traffic which would normally be the case on a router, but this seems to be >working differently on a pix. > >Thank you in advance. >Bill _________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63232&t=63226 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
