Re: IOS firewall feature set for Cisco 2514 [7:47523]
Unless I'm not reading this right, they will support it til 2007. http://www.cisco.com/warp/public/cc/general/qrg/eol_ai.htm Dan Penn wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... No Rick that guy is MOST mistaken some of the 2500 series has been EOS'd. However cisco is pledging software support until 2005. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Sent: Wednesday, June 26, 2002 8:31 PM To: [EMAIL PROTECTED] Subject: Re: IOS firewall feature set for Cisco 2514 [7:47523] Where did you find info that Cisco does not support 25xx series anymore? I have 156 support contracts on 2509, 2511, and 2520's. I also just finished a network wide upgrade of IOS on these same boxes. I am concerned that Cisco just announced this and this leaves me with a serious problem. S M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm looking for Cisco 2514 IOS w/ firewall feature set. Cisco doesn't supports 25xx series anymore. Does anyone point me in the right direction to get the software. Thanks SM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47564t=47523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS firewall feature set for Cisco 2514 [7:47523]
Brad, Check out the bottom of this page: http://www.cisco.com/warp/public/cc/pd/rt/2500/2509/prodlit/1154_pp.htm Dan -Original Message- From: Brad Ellis [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 26, 2002 10:14 PM To: Dan Penn Subject: Re: IOS firewall feature set for Cisco 2514 [7:47523] dan, where did you hear/read about them pledging support on the 2500's until 2005? thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.ccbootcamp.com/quicklinks.html (Cisco Training) www.@!#$.com (Cisco RS CCIE Discussion groups) www.securityie.com (Cisco Security CCIE Discussion groups) www.optsys.net (Cisco hardware) Voice: 248-299-8114 FAX: 509-271-9288 - Original Message - From: Dan Penn Newsgroups: groupstudy.cisco Sent: Thursday, June 27, 2002 12:01 AM Subject: RE: IOS firewall feature set for Cisco 2514 [7:47523] No Rick that guy is MOST mistaken some of the 2500 series has been EOS'd. However cisco is pledging software support until 2005. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Sent: Wednesday, June 26, 2002 8:31 PM To: [EMAIL PROTECTED] Subject: Re: IOS firewall feature set for Cisco 2514 [7:47523] Where did you find info that Cisco does not support 25xx series anymore? I have 156 support contracts on 2509, 2511, and 2520's. I also just finished a network wide upgrade of IOS on these same boxes. I am concerned that Cisco just announced this and this leaves me with a serious problem. S M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm looking for Cisco 2514 IOS w/ firewall feature set. Cisco doesn't supports 25xx series anymore. Does anyone point me in the right direction to get the software. Thanks SM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47555t=47523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS firewall feature set for Cisco 2514 [7:47523]
You are right, the link I was reading was on a few low volume 2500's like the FRAD etc. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Kaberna Sent: Thursday, June 27, 2002 8:43 AM To: [EMAIL PROTECTED] Subject: Re: IOS firewall feature set for Cisco 2514 [7:47523] Unless I'm not reading this right, they will support it til 2007. http://www.cisco.com/warp/public/cc/general/qrg/eol_ai.htm Dan Penn wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... No Rick that guy is MOST mistaken some of the 2500 series has been EOS'd. However cisco is pledging software support until 2005. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Sent: Wednesday, June 26, 2002 8:31 PM To: [EMAIL PROTECTED] Subject: Re: IOS firewall feature set for Cisco 2514 [7:47523] Where did you find info that Cisco does not support 25xx series anymore? I have 156 support contracts on 2509, 2511, and 2520's. I also just finished a network wide upgrade of IOS on these same boxes. I am concerned that Cisco just announced this and this leaves me with a serious problem. S M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm looking for Cisco 2514 IOS w/ firewall feature set. Cisco doesn't supports 25xx series anymore. Does anyone point me in the right direction to get the software. Thanks SM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47575t=47523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS firewall feature set for Cisco 2514 [7:47523]
I'm looking for Cisco 2514 IOS w/ firewall feature set. Cisco doesn't supports 25xx series anymore. Does anyone point me in the right direction to get the software. Thanks SM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47523t=47523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS firewall feature set for Cisco 2514 [7:47523]
www.cisco.com It is most certainly still supported and available if you have download privileges. Did you even check? S M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm looking for Cisco 2514 IOS w/ firewall feature set. Cisco doesn't supports 25xx series anymore. Does anyone point me in the right direction to get the software. Thanks SM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47524t=47523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS firewall feature set for Cisco 2514 [7:47523]
Where did you find info that Cisco does not support 25xx series anymore? I have 156 support contracts on 2509, 2511, and 2520's. I also just finished a network wide upgrade of IOS on these same boxes. I am concerned that Cisco just announced this and this leaves me with a serious problem. S M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm looking for Cisco 2514 IOS w/ firewall feature set. Cisco doesn't supports 25xx series anymore. Does anyone point me in the right direction to get the software. Thanks SM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47528t=47523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS firewall feature set for Cisco 2514 [7:47523]
Yes, that's quite bull. Cisco still supports the 2500's. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Kaberna Sent: Wednesday, June 26, 2002 6:41 PM To: [EMAIL PROTECTED] Subject: Re: IOS firewall feature set for Cisco 2514 [7:47523] www.cisco.com It is most certainly still supported and available if you have download privileges. Did you even check? S M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm looking for Cisco 2514 IOS w/ firewall feature set. Cisco doesn't supports 25xx series anymore. Does anyone point me in the right direction to get the software. Thanks SM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47532t=47523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS firewall feature set for Cisco 2514 [7:47523]
No Rick that guy is MOST mistaken some of the 2500 series has been EOS'd. However cisco is pledging software support until 2005. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Sent: Wednesday, June 26, 2002 8:31 PM To: [EMAIL PROTECTED] Subject: Re: IOS firewall feature set for Cisco 2514 [7:47523] Where did you find info that Cisco does not support 25xx series anymore? I have 156 support contracts on 2509, 2511, and 2520's. I also just finished a network wide upgrade of IOS on these same boxes. I am concerned that Cisco just announced this and this leaves me with a serious problem. S M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm looking for Cisco 2514 IOS w/ firewall feature set. Cisco doesn't supports 25xx series anymore. Does anyone point me in the right direction to get the software. Thanks SM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47536t=47523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Firewall Feature Set -Blocking Attacks [7:40141]
If you know it's really him, send him RST-enabled TCP packets. Or use an IDS and that will shun him. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, You can configure a simple inbound access-list at your outside interface of your router to deny inbound connection from the specific host to web server. or the other way is to enable ip audit on the router and in the action specify it as reset. Kind Regards /Thangavel -- CCIE (qual),CCS,CCDP,CCNP,MCSE 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk -- The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela Clayton Dukes To: [EMAIL PROTECTED] Fax to: Sent by: Subject: IOS Firewall Feature Set -Blocking Attacks [7:40141] nobody@groups tudy.com 02/04/2002 06:44 Please respond to Clayton Dukes Hi everyone, I have a specific IP address that constantly tries to attack my webserver. How can I block that IP address while allowing all others through? My config uses NAT extendable to translate the outside Ip to port 80 on an internal address. I want to allow the world to access that port EXCEPT for ip z.z.z.z, Can someone recommend a good way? TIA! Clayton Dukes Cisco Info Center SE Micromuse, Inc. CCNA, CCDA, CCDP, CCNP, NCC (h) 904-292-1881 (c) 904-477-7825 ** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40166t=40141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS Firewall Feature Set -Blocking Attacks [7:40141]
Or as a simple solution, put a route for his IP address to Null0. His return traffic will never make it. This will not stop a denial of service, But it will stop any return traffic like port scans and such. This machine will effectively Disappear to him... Thanks Larry -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 2:19 AM To: [EMAIL PROTECTED] Subject: Re: IOS Firewall Feature Set -Blocking Attacks [7:40141] Hi, You can configure a simple inbound access-list at your outside interface of your router to deny inbound connection from the specific host to web server. or the other way is to enable ip audit on the router and in the action specify it as reset. Kind Regards /Thangavel -- CCIE (qual),CCS,CCDP,CCNP,MCSE 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk -- The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela Clayton Dukes To: [EMAIL PROTECTED] Fax to: Sent by: Subject: IOS Firewall Feature Set -Blocking Attacks [7:40141] nobody@groups tudy.com 02/04/2002 06:44 Please respond to Clayton Dukes Hi everyone, I have a specific IP address that constantly tries to attack my webserver. How can I block that IP address while allowing all others through? My config uses NAT extendable to translate the outside Ip to port 80 on an internal address. I want to allow the world to access that port EXCEPT for ip z.z.z.z, Can someone recommend a good way? TIA! Clayton Dukes Cisco Info Center SE Micromuse, Inc. CCNA, CCDA, CCDP, CCNP, NCC (h) 904-292-1881 (c) 904-477-7825 ** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40200t=40141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS Firewall Feature Set -Blocking Attacks [7:40141]
Hi everyone, I have a specific IP address that constantly tries to attack my webserver. How can I block that IP address while allowing all others through? My config uses NAT extendable to translate the outside Ip to port 80 on an internal address. I want to allow the world to access that port EXCEPT for ip z.z.z.z, Can someone recommend a good way? TIA! Clayton Dukes Cisco Info Center SE Micromuse, Inc. CCNA, CCDA, CCDP, CCNP, NCC (h) 904-292-1881 (c) 904-477-7825 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40141t=40141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Firewall Feature Set -Blocking Attacks [7:40141]
Hi, You can configure a simple inbound access-list at your outside interface of your router to deny inbound connection from the specific host to web server. or the other way is to enable ip audit on the router and in the action specify it as reset. Kind Regards /Thangavel -- CCIE (qual),CCS,CCDP,CCNP,MCSE 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk -- The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela Clayton Dukes To: [EMAIL PROTECTED] Fax to: Sent by: Subject: IOS Firewall Feature Set -Blocking Attacks [7:40141] nobody@groups tudy.com 02/04/2002 06:44 Please respond to Clayton Dukes Hi everyone, I have a specific IP address that constantly tries to attack my webserver. How can I block that IP address while allowing all others through? My config uses NAT extendable to translate the outside Ip to port 80 on an internal address. I want to allow the world to access that port EXCEPT for ip z.z.z.z, Can someone recommend a good way? TIA! Clayton Dukes Cisco Info Center SE Micromuse, Inc. CCNA, CCDA, CCDP, CCNP, NCC (h) 904-292-1881 (c) 904-477-7825 ** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40152t=40141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS firewall feature set
You would need a different features of th IOS on your router. Here is the the URL with all the details (you will need CCO login): http://www.cisco.com/warp/customer/432/features.html Perhaps you will need more RAM as well. Use IOS uprade planer on TAC to learn the upgrade path. You can download the software from there as well. I think your IOS must have letter "o" in order to support firewall. Cheers Igor Glavanic _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS firewall feature set
Hi to all I would like to know how to activate a IOS firewall on 2600. The router is running IOS 12.0 T3 (c2600-i-mz.120-3.T3) with 8 meg flash and 24576K/8192K bytes of memory. Do I need to buy a separate software or there is an activation key. Thanks in advance for your help. --- Moe Kazemian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS Firewall Feature set vs PIX
This is a bit confusing when it comes to Cisco security products. What is the advantage of buying a PIX when I have a Cisco IOS with the Firewall feature set? It looks like it is doing a lot of packet inspection too. Does IOS Firewall feature set support stateful information? Please let me know any major advantages of using PIX over IOS Firewall feature set. Thank you in advance. -- Oscar Rau [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Firewall Feature set vs PIX
Oscar, Generally, the PIX is a dedicated appliance that does one thing - firewall. Therefore it is optimized to do that one job and do it well. Large corporations/businesses could have hundreds (thousands) of users going through the firewall to the internet - PIX (the right size of course) will handle this type of traffic load without much effort. The IOS Firewall Feature Set - which is now called "Cisco Secure Integrated Software" (CSIS), is working along with the normal duties that the router is doing. Therefore you may have to add more memory and things may slow down a bit (or really slow down) the more users you have going through it. However, CSIS also has some Integrated intrusion detection system (IDS) capabilities built in - but again you're adding more overhead to the router. So, size does matter. Small offices could probably use CSIS without much problem. Larger organizations should look at the PIX. For CSIS look at http://www.cisco.com/go/csis For PIX look at http://www.cisco.com/go/pix Kevin Wigle CCDP/CCNP/MCSE/CBE. - Original Message - From: "Oscar Rau" [EMAIL PROTECTED] To: "Cisco GroupStudy" [EMAIL PROTECTED] Sent: Saturday, 02 September, 2000 08:04 Subject: IOS Firewall Feature set vs PIX This is a bit confusing when it comes to Cisco security products. What is the advantage of buying a PIX when I have a Cisco IOS with the Firewall feature set? It looks like it is doing a lot of packet inspection too. Does IOS Firewall feature set support stateful information? Please let me know any major advantages of using PIX over IOS Firewall feature set. Thank you in advance. -- Oscar Rau [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
