Re: RADIUS or TACACS
Keep in mind, plain TACACS will not do accounting- only TACACA+ will.. Jim Bond <[EMAIL PROTECTED]> wrote in article <[EMAIL PROTECTED]>... > Hello, > > Which one is more popular on the market? > Thanks in advance. > > Jim > > __ > Do You Yahoo!? > Get Yahoo! Mail Free email you can access from anywhere! > http://mail.yahoo.com/ > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: connectivity problem
hubs usually don't have NICs for their ports. they are functionally layer 1 devices, so therefore don't understand what a MAC address is. Bridges and Switches, on the contrary, are layer 2 devices and do unnderstand MAC addresses.. Dick Silva wrote: > > / Question here: > You say if you have six hosts (workstations) and the hub you have 7 MAC > addresses. > Now I understand the six workstations have NICs. But does the hub port also > have a NIC? > Would a printer connected to the same hub port have a NIC also? I > understand that the hub port and printer would each be considered a host. > So does this mean that all hosts also have NICs? > Dick Silva > > -Original Message- > From: Chris H <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; [EMAIL PROTECTED] > <[EMAIL PROTECTED]>; [EMAIL PROTECTED] <[EMAIL PROTECTED]> > Date: Tuesday, July 11, 2000 10:53 PM > Subject: RE: connectivity problem > > > > >The ARP cache should contain all MAC addresses for the port you have the > hub > >connected to. So for the sake of arguement, you have 6 workstations > >connected to that hub, the switch should cache 7 MAC addresses, the 6 > >workstations and the hub. > > > >show ip arp fastethernet [port number] > > > >Make sure you also have spanning tree enabled on that port. If it doesn't > >work, like someone else said, check layer 1, replace the hub, etc. etc. > >etc > > > >I also know that the old Bay hubs have some type of Management Menu driven > >code loaded as well. I'm not sure if you have to specify an uplink port or > >what, but you may want to check the hub itself. > > > > > >Chris > > > >>From: Daniel Cotts <[EMAIL PROTECTED]> > >>Reply-To: Daniel Cotts <[EMAIL PROTECTED]> > >>To: "'Don Dettmore'" <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > >>Subject: RE: connectivity problem > >>Date: Tue, 11 Jul 2000 09:52:18 -0500 > >> > >>Maybe a layer one problem? > >>Seems that the switch can see the hub. The hub can't see the switch. Do > you > >>have link both ends? Have you substituted the patch cable between them? > >>Alternatively do you have a packet analyzer such as EtherPeek to stick in > >>the hub to see if it sees the pings, arp requests from the switch side? > >> > >> > -Original Message- > >> > From: Don Dettmore [mailto:[EMAIL PROTECTED]] > >> > Sent: Tuesday, July 11, 2000 8:04 AM > >> > To: [EMAIL PROTECTED] > >> > Subject: connectivity problem > >> > > >> > > >> > Here is an interesting problem. > >> > > >> > I have a client with a Cisco 2924XL switch. Most stations are > >> > directly connected to the switch, however off of one of the switch > >> > ports is an old Bay 10mb/s hub. > >> > > >> > The problem is that stations connected to the hub cannot communicate > >> > with stations connected to the switch. Switch stations CAN > >> > communicate with switch stations, and hub stations CAN communicate > >> > with hub stations. > >> > > >> > The switch port connected to the hub appears to recognize the hub - > >> > it is up/up and has detected 10mb half duplex. I tried manually > >> > entering these settings with no effect. > >> > > >> > It appears to be an arp problem - if I debug arp and then try to ping > >> > a station connected to the hub, arps are sent out, but no replys are > >> > received. This happens whether the switch itself tries to ping a hub > >> > host, or a if a switch station does so. Interestingly enough tho, if > >> > a hub station pings another hub station, the arp shows up on the > >> > switch debug console - it is definitely seeing the traffic! > >> > > >> > Any suggestions would be greatly appreciated. > >> > > >> > Thanks! > >> > > >> > Don Dettmore > >> > CCNP, MCSE, CNE > >> > > >> > ___ > >> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > >> > FAQ, list archives, and subscription info: http://www.groupstudy.com > >> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >> > > >> > >>___ > >>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > >>FAQ, list archives, and subscription info: http://www.groupstudy.com > >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > >___ > >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > >FAQ, list archives, and subscription info: http://www.groupstudy.com > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: ht
Re: Firewall feature set ?
you can use CBAC (Context Based Access Control) which dynamically configures (applies and removes) from a given interface.. I believe IOS 11.3 is required. here's a link with more info.. http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113t/113t_3/firewall.htm John Green wrote: > > i have a old 2514 with IOS 11.3. > is there a way i can upgrade to one with firewall > feature set... > oops... first, does 11.3 has firewall > feature set ? > > thanks all > john > > --- Daniel Cotts <[EMAIL PROTECTED]> wrote: > > Read the Docs. Use ConfigMaker to create a ballpark > > view. Edit as needed. > > Best to know exactly what you want to do. Use a > > protocol analyzer such as > > EtherPeek to test and verify. Easy with two > > interfaces. More interesting > > with three or more. > > > > > -Original Message- > > > From: Jeff Walzer > > [mailto:[EMAIL PROTECTED]] > > > Sent: Monday, July 10, 2000 2:48 PM > > > To: 'Cisco' > > > Subject: Firewall feature set feedback > > > > > > > > > We are looking at going to the IOS that has the > > Firewall > > > feature set and I > > > was wondering if someone could provide me with > > some feedback > > > about it. We > > > are going to implement the Firewall IOS on two > > 1720 routers. > > > > > > Thanks, > > > Jeff > > > > > > ___ > > > UPDATED Posting Guidelines: > > http://www.groupstudy.com/list/guide.html > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com > > > Report misconduct and Nondisclosure violations to > > [EMAIL PROTECTED] > > > > > > > ___ > > UPDATED Posting Guidelines: > > http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > __ > Do You Yahoo!? > Get Yahoo! Mail Free email you can access from anywhere! > http://mail.yahoo.com/ > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SMTP access list
the algorithm is designed to exit the moment it finds a match. so, as soon as there is a match, the remaining lines of the access-list are never looked at. > "Deloso, Elmer G." wrote: > > Hi, all. > Just to verify my understanding of extended access-lists: this > continues to parse the entries even > after a match has already been found, so if the first few lines have a > "permit" and later down the last few lines it encounters a "deny", > what does the router do? > > Example: > access-list 176 permit tcp 193.128.233.177 0.0.0.0 any eq smtp log > access-list 176 permit tcp 203.23.83.180 0.0.0.0 any eq smtp log > access-list 176 permit tcp 203.35.182.133 0.0.0.0 any eq smtp log > . > . > . > . > access-list 176 deny ip 193.0.0.0 0.255.255.255 any log > access-list 176 deny ip 203.0.0.0 0.255.255.255 any log > > Any help would be greatly appreciated. > > Elmer Deloso ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access List Question
you can't remove a single line from an access-list, unless it is a named access-list... Russell Lusignan wrote: > > yeap! use: > > no access-list 101 permit tcp any any eq 23 - or whatever the access-list > particulars are. > > Hope that helps > Russ.. > > ""Scott M. Trieste"" <[EMAIL PROTECTED]> wrote in message > 8kf6re$91d$[EMAIL PROTECTED]">news:8kf6re$91d$[EMAIL PROTECTED]... > > Is there anyway to remove a specific line from an access list without > > erasing the entire thing. Thanks in advance. > > > > Best Regards, > > > > Scott M. Trieste > > > > > > ___ > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > --- > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Priority Question
yep.. use priority queuing Ole Drews Jensen wrote: > > Hello, > > I was asked a question the other day that I have not been able to find > anything about in any of my books, so I was wondering of someone could help > me out. > > If you have a router (A) connected to another router (B) over a WAN > connection and you want to give traffic from A to B destined for let's say > port 1582 a higher priority than all other traffic - Can that be done? > > I believe the routers are the 2600 series. > > Thanks in advance, > > Ole > > ~ > Ole Drews Jensen > Systems Network Manager > MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > ~ > > ___ > FAQ, list archives, and subscription info: http://www.groupstudy.com > Posting Guidelines: http://www.groupstudy.com/list/guide.html > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
