Re: Pix and conduits vs. access-list [7:66386]
It is my understanding that cisco will be discontinuing support for the conduit function in the near future. You should migrate those statements to ACLs especially using ios 6.2. I had some unusual difficulties using a few conduits with 6.2. ""Aaron Ajello"" wrote in message news:[EMAIL PROTECTED] > I recently inherited responsibility for a Pix - version 6.2(2). It's > configured with conduits and I'm thinking about changing them all to access > lists a litte bit down the line, after I do the research and really learn > what I'm doing. The reason being access lists seem easier to organize, read > and understand and also to stay current. So far, the only advice I've read > is to not "mix access lists and conduits." But I'm assuming that means to > not have lists and conduits overlapping, where some servers are protected by > both. > What I'd like to do is gradually convert conduits to access lists which > would mean I'd have both for a little while, but I'd be careful to not have > them overlap and have each server either have conduits OR access lists, but > not both. > If anyone has opinions on why this is a good or bad idea and any kind of > recommendations on the proper way to go about it, I'd appreciate the input. > If the whole idea is wrong headed and I should leave it all with conduits, > that'd be useful info also - it just seems like a good idea to go with > access lists. > thanks. > -Aaron Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66395&t=66386 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Multilink PPP [7:66087]
interface Serial0/0 no ip address encapsulation ppp keepalive 10 ppp multilink multilink-group 1 ! interface Serial0/1 no ip address encapsulation ppp keepalive 10 ppp multilink multilink-group 1 ! interface Multilink1 ip address x.x.x.x m.m.m.m ppp multilink multilink-group 1 ""Joshua Vince"" wrote in message news:[EMAIL PROTECTED] > Anyone have a sample config for Multilink PPP w/ 2 serial ports > (WIC-1T). > > Thanks. > > Josh Vince Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66098&t=66087 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX question [7:65769]
In my opinion it is smarter and safer to use a DMZ interface on a PIX firewall vice having a switch/hub before the firewall. This is because if one of your DMZ nodes are attacked from the internet you can easily close the hole and block the attack source. With a hub before firewall you will have to rely on the OS to block the attack or disconnect the node from the switch/hub. It may be work to create static NAT translations and ACLs, but you definitely have control over what is being accessed exactly. ""Sam"" wrote in message news:[EMAIL PROTECTED] > Hey there > > Mostly, firewall design includes a dmz. In most companies, within this DMZ, > is it more likely to see the servers directly being given registered public > IP's, > > OR > > Is it more likely to see the servers being given private IP's and then a nat > translation created for internet users to access the servers. > > > Also, what are the pros and cons for the above two situations? > > thx Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65958&t=65769 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP V6 [7:65452]
Have you read RFC 2460? That is the current draft of this standard. ""Don Kanicki"" wrote in message news:[EMAIL PROTECTED] > Hi all, > Was reading the article on IPV6 in the latest packet magazine and needless > to say Im completely lost.Was wondering if anyone could suggest a book that > would explain it in detail. > > > TIA > Don K. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65465&t=65452 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: frame relay and leased line [7:65397]
Our carrier for LL is AT&T. Their pricing was intrastate and interstate. Mileage wasn't considered. ""supernet"" wrote in message news:[EMAIL PROTECTED] > I was told that leased line price depends on distance but frame relay > doesn't. Is this true? Thanks. Yoshi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65442&t=65397 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX question [7:64518]
Unfortunately, you cannot copy the IOS off the flash. The good news is Cisco retains a majority of the PIX IOS on the CCO software center website. I encountered this as I built a project plan for upgrading PIX firewalls. I found the old version of my IOS software on their website and used that successfully to back out a change. ""Joupin"" wrote in message news:[EMAIL PROTECTED] > Hi > > How could I back up a PIX IOS with TFTP ? Seems that its not as easy as > router or Switch IOS BACKUP > > Regards > joupin > www.joupin.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64528&t=64518 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPP vs HDLC [7:64362]
Actually, I use PPP so that I can combine two T1 lines into a single virtual interface (multilink PPP). There wasn't the capability of doing this with HDLC. ""Stuart Pittwood"" wrote in message news:[EMAIL PROTECTED] > It has been mooted to me that we might get better performance from our > 1Mb line by using HDLC rather than PPP. > > > > Is this correct? > > > > If so is it just a case of changing the Encapsulation PPP to > Encapsulation HDLC on both ends of the link? > > > > Are there any implications I should be aware of? > > > > Thanks > > > > _ > > Stuart Pittwood, MCSE > > IT Technician > > Amery-Parkes Solicitors Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64374&t=64362 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Switch Port Traffic [7:64105]
Well within the IOS you could generate topN reports detailing utilization, errors, etc (usage: show top 10 utilization). You could also use NGenius Realtime Monitor that comes with Ciscoworks 2000 or purchase it standalone from ngenius.com. ""Sam"" wrote in message news:[EMAIL PROTECTED] > Is there any way to find out what kind of traffic is passing through a > switch port in terms of input/output packets? > > Or some kind of historical traffic statistics? > > Or if i could set up an smtp monitoring station. > Anything would do...i need some ideas > > Sam Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64114&t=64105 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Certification question [7:63982]
This is true, but they mention 'any exam bearing the prefix 642'. As I see it there are no exams number that begin with 642-XXX. Maybe 640-XXX. Perhaps, Cisco is going to release a new wave of exams shortly with that prefix. ""Priscilla Oppenheimer"" wrote in message news:[EMAIL PROTECTED] > Stuart Pittwood wrote: > > > > Hi all, > > > > > > > > My CCNA cert is due to expire in Feb 04, if I start the CCNP > > track now & > > don't complete it before the CCNA cert expires, do I need to > > recert the > > CCNA before I can continue the CCNP, would I have to redo any > > CCNP exams > > completed? > > Good news. Cisco just changed the policy. Here's what they say on the CCNA > page: CCNA certifications are valid for three years. To recertify, pass the > current certification exam or any new exam at the Professional or Cisco > Qualified Specialist level, bearing the prefix 642. > > See this URL: > > http://www.cisco.com/warp/public/10/wwtraining/certprog/lan/programs/ccna.ht ml > > Priscilla > > > > > > > > Stu Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63999&t=63982 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]