Re: Access Lists on a Cisco 7200

2001-01-19 Thread Scott S. 

Thanks everyone for helping out.  I think Jason's suggestion along with the
permit any/any line  is probably the way to go for us. So basically, I will
have the following:


access-list 101 deny udp any 195.50.79.0 0.0.0.255 range 137 139
access-list 101 deny tcp any 195.50.79.0 0.0.0.255 range 137 139
access-list 101 permit ip any any


Then, I will type the following:

 en
# config terminal
(config) int Hssi1/0
(config-if) ip access-group 101 in

I'm assumming I need the "in" part because the default appears to be out on
the test router I am experimenting on and I want this to apply to incoming
traffic.  Is this correct?


Thx again,

Scott





"J Roysdon" [EMAIL PROTECTED] wrote in message
946a0p$7vo$[EMAIL PROTECTED]">news:946a0p$7vo$[EMAIL PROTECTED]...
 Remember, the fewer lines an ACL is, the faster it is parsed, the faster
 packets pass:
 access-list 101 deny   udp any 195.50.79.0 0.0.0.255 range 137 139
 access-list 101 deny   tcp any 195.50.79.0 0.0.0.255 range 137 139

 --
 Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
 List email: [EMAIL PROTECTED]
 Homepage: http://jason.artoo.net/
 Cisco resources: http://r2cisco.artoo.net/


 "John Starta" [EMAIL PROTECTED] wrote in message
 5.0.2.1.2.20010117135118.037b0d10@popcorn">news:5.0.2.1.2.20010117135118.037b0d10@popcorn...
  Scott,
 
  The following example will block the full suite of NetBios inbound to
you
  (presumably 195.50.79.0/24). This is not a complete ACL -- it will be
  necessary to either specifically allow the traffic you desire inbound,
or
  add another line to the bottom (currently commented out) permitting
  everything else.
 
  access-list 101 deny   udp any 195.50.79.0 0.0.0.255 eq netbios-dgm
  access-list 101 deny   udp any 195.50.79.0 0.0.0.255 eq netbios-ns
  access-list 101 deny   udp any 195.50.79.0 0.0.0.255 eq netbios-ss
  access-list 101 deny   tcp any 195.50.79.0 0.0.0.255 eq 137
  access-list 101 deny   tcp any 195.50.79.0 0.0.0.255 eq 138
  access-list 101 deny   tcp any 195.50.79.0 0.0.0.255 eq 139
  ! access-list 101 permit ip any any
 
  jas
 
  At 07:35 PM 1/17/01 +, Scott S. wrote:
  Our WatchGuard FireBox seems to be getting overloaded by the number of
  NetBios packets it is denying.  We are thinking that it might be a good
 idea
  of blocking these at our router instead.  It is a Cisco 7200 with a
 pretty
  light load.  Does this sound like a sensible idea?  If so I was
thinking
 the
  following rule would be appropriate:
  
  access-list 101 deny any 195.50.79.0 eq 137
  
  
  Is this correct, or am I way off?
  
  
  Thanks in advance for any replies.
  
  
  Sincerely,
  
  Scott
  
 


 _
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
 Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]



_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Access Lists on a Cisco 7200

2001-01-17 Thread Scott S. 

Our WatchGuard FireBox seems to be getting overloaded by the number of
NetBios packets it is denying.  We are thinking that it might be a good idea
of blocking these at our router instead.  It is a Cisco 7200 with a pretty
light load.  Does this sound like a sensible idea?  If so I was thinking the
following rule would be appropriate:

access-list 101 deny any 195.50.79.0 eq 137


Is this correct, or am I way off?


Thanks in advance for any replies.


Sincerely,

Scott


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Homemade console cable for 1601

2000-09-24 Thread Scott S. 

Hi. I was wondering if anyone could help. I have a Cisco 1601 and no
console cable. Based on what I have learned online, I have done the
following:

1. I took a cat-5 straight through cable, pulled off the rj-45 connector

and stuck it back on upside down to make a roll-over cable.

2. I purchased a RJ45/DB9F adapter.

The problem is that the RJ45/DB9F adapter comes in two pieces and the
wires
must be manually inserted into the DB9F (serial) side of the adapter
from
the RJ45 side of the adapter. I'm not sure which wire goes where.

There are 8 wires:

1. slate (gray)
2. brown
3. yellow
4. green
5. red
6. black
7. orange
8. blue

There are 9 numbered holes on the DB9F side of the adapter. Does anyone
know which wire goes in which hole (i.e., slate wire goes in hole 1,
etc.)?

Thanks,

Scott

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco CCNA Exam 640-507 Certification Guide (ODOM)

2000-06-01 Thread Scott S. 

Anybody read this book?  I am about to start studying for the CCNA and
am wondering whether I should get this or the new edition of Lammle's
Sybex book.


Sincerely,

Dr. Rock

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]