RE: telnet access to pix
Watch the line wrap: From http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/config/com mands.htm#xtocid1604970 "If IPSec is operating, PIX Firewall lets you specify an unsecure interface name, typically, the outside interface. At a minimum, the crypto map command must be configured to specify an interface name with the telnet command." So the answer is yes, but with caveats. Tommy > -Original Message- > From: Frank Kim [mailto:[EMAIL PROTECTED]] > Sent: Friday, February 09, 2001 3:42 PM > To: [EMAIL PROTECTED] > Subject: telnet access to pix > > > Hey guys, > I got eth0= security0 and eth1=security100. I'm able to > telnet from the > inside network. Is there any way for me to telnet from the > outside? Pix > has disabled this by default. > > -Frank > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VoIP Lab
It really depends on what you want to do. Using an ICS7750 sounds like you want to do something more like IP Telephony. So in addition to the server and a switch, you'll have to use get a handful of Cisco IP phones, not your typical office phone. If you're just interested in voice over IP, you can use a couple of routers with FXS cards (1700s work well for this). These will accept your standard analog phones and provide dialtone. Set the routers up back to back and make calls over your little mock-up wan. Tommy > jim klane <[EMAIL PROTECTED]> wrote: > Could someone tell me what is needed to use cisco's voice over ip . > I would like to connect 5 phones in my office but i can not seem to find the > necessary info to help me choose the components , > I figure i should need > 1 cisco ics7750 > 1 catalyst switch _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Security
In case you should stumble upon it, avoid the syngress book "Managing Cisco Network Security." I don't know what the Cisco Press book will be like, but it has to be better than this collection of technical mistakes and bad editing. The IPSec and CBAC chapters from "Enhanced IP Services for Cisco Networks" are excellent, so that should give you a start. Other than that there's nothing but docs and practice. And that is why I believe they increased the requirements for the Security Specialization. The MCNS exam is far too elementary to qualify someone as a security specialist. Tommy "Jon Cuthbert" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone know of any good books for the 4 exams now required for > the Security specialisation. > > I know the Managing Cisco Network Security book by Cisco Press is due > out. But what about the PIX and other exams. > > Also I wonder why they've suddenly increased the exams for this > specialistation compared with the others. > > Thanks > > Jon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pix FireWall
Try pixlog at http://cs.calvin.edu/~mpost89/pixlog/ It's really just a perl script that sits on syslog and reads messages as they come in. There are some screen shots so you can actually see what happens. If you want something more robust (but not free) have a look at Private-I from www.opensystems.com. Tommy > -Original Message- > From: Abro Toufic [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 08, 2001 4:57 AM > To: [EMAIL PROTECTED] > Subject: Pix FireWall > > > Dear Sir, > I have a small question about Pix Firewall and syslog, > what I am looking for any web browser reporting tools can I use it > and some thing like that > any comment > any help > thanks > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP Security - Adv. Firewall
Does anyone know if the security specialization test Cisco Secure Pix Firewall Advanced is 4.x or 5.x specific? I was surprised to take the MCNS 2.0 exam and see that the Pix questions were all about conduits and outbound commands instead of the newer access lists. Do they introduce any of the new 5.x commands, do they hit both versions, or what? Thanks, Tommy Mitchell Network Engineer Matrix Networking Group, LLC www.matrixnetworking.net _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Any body know about Cisco Content Switch
Yes, they can unless you're trying to load-balance firewalls. Try to load-balance firewalls and you have to go active-standby. Tommy - Original Message - From: "Muhammad Faheem" <[EMAIL PROTECTED]> To: "cisco@groupstudy. com (E-mail)" <[EMAIL PROTECTED]> Sent: Wednesday, January 10, 2001 7:26 AM Subject: Any body know about Cisco Content Switch > Hi All > > Just wanted to know that Cisco Content Switch (CSS-11000 & CSS-11800) can > work as Active - Active or not. > > Thanks for Input > > Muhammad Faheem > Systems Engineer > Afcomp > Hello : (9714)-3933878 / 3027338 > Fax : (9714)-3933832 > Web : www.afcomp.com > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MNCS 2.0 [7:1651]
However, I took MCNS on Jan 5, 2001 and they still sent me the CCNP+Sec cert and list me as such on the tracking page. Go figure. Tommy Jason J. Roysdon wrote: > No, that expired Dec. 31st, 2000. I took mine while on Christmas vacation > for that very reason. Now you only need a CCNA + the 4 security tests for > the "Security Specialist 1" cert. > > -- > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > List email: [EMAIL PROTECTED] > Homepage: http://jason.artoo.net/ > > > > ""Cooper, David"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> Does anyone know if you pass the MNCS before 14 May do you still get the >> +security cert if you have your CCNP already? Thanks >> >> >> >> Dave Cooper - CCNP, CCDP, NNCSS >> FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > >> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2074&t=1651 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MNCS + Security [7:1860]
Cooper, David wrote: > I have received multiple answers to the question about the + security cert > for CCNP. I guess the best question is has anyone that is a CCNP and taken > the test after 1 Jan 2001 gotten the +security cert? I took MCNS on Jan 5, 2001 and got the +Sec cert and am listed that way on the tracking site. Tommy Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2075&t=1860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Secure PIX Firewall Advanced (9E1-571) [7:1481]
I would say that there is a fair amount of subject matter overlap, but that the CSPFA questions are significantly harder. The MCNS didn't have any type in questions and those are abundant on CSPFA. The MCNS questions I remember on the Pix and IOS Firewall were really pretty easy and more conceptual than anything. CSPFA tests the details more. Tommy ""Dropped Packet"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > For those who have taken this and MCNS, how much overlap was there? What > materials did you use to prepare? Thanks! > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2549&t=1481 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question about Teltone ISDN demonstrator [7:2687]
""Raul F. Fernandez"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have 2523,2521,2504..if I get a demonstrator(Teltone) will I need > external NT1s ? No. It comes with both S/T and U interfaces. Tommy Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2724&t=2687 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN [7:5070]
""Michelle Sanderson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > After configuring my router for ISDN connectivity, I tried to ping the other > side of the line. This causes the line to be activated, but, the ping > doesn't actually work; why? A dial is triggered, but is the call ever actually set up? Try looking at debug ppp negotiation and debug ppp authentication on both ends to see what could be failing. Do a "no ip route-cache" on your other WAN interfaces if you have any. Tommy Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=5178&t=5070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco PIX and Websense [7:6404]
""Moiz Badr"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, I hope somebody with PIX & Websense guru can help, > I condigured a Websense server in the DMZ on the PIX > 520 with 3 interfaces, now, Websense can not see the > users and groups i.e Windows directory services, Why does it need to be in the DMZ? The only thing talking to it is the Pix itself, right? I'd have to believe you're doing more harm opening those services from the DMZ to the inside than you could possibly gain by putting the websense server on the DMZ. Do you have some pressing reason for doing this? Tommy Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6410&t=6404 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
