The recommended design for PIX to have your Webserver in a private network
segment hanging off at the dmz port, and then statically map private IP
address to public IP address.
In this design before customer decided to have PIX for security they were
running their webserver with atleast 25 virtua
I have a network corporate side is connected to four branch offices with
full T1 and branches are also connected to each other through Frame-Relay in
a full mesh topology as a backup.
Everything is working fine, all the branches have installed the preferred
route through T1 link to reach the corp
Does anyone know what TAP port is on a catalyst Switch? All I know it is
something to do with Diagnostic.
Regards,
Ali
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34793&t=34793
--
FAQ, list archives, and subscription inf
By default, the Network Address FFFE is taken by IPX default route.
What you gotta do is to disable this in global configuaration mode. The
command is "NO IPX DEFAULT-ROUTE". Turn this off and then you will be able
to assign network FFFE.
Abbas
-Original Message-
From: Brian [m
I have just installed a PIX firewall with three interfaces. The Inside
network is 192.168.1.0 and the DMZ network is 192.168.2.0.
There are a few webservers on a dmz network that need to have an access to
all the servers on the inside network. Technically I am going to have to
statically map ea
To add,
Make sure that subnet masks are all configured properly. Beleive me that
could be the problem. Wrong subnet masks are hidden problems that would
allow you to do certain thing and deny certain things. It may allow you to
ping, but not to telnet.
Abbas
-Original Message-
From: T
On my 2600 router, I configured the T1 0/0 controller, and the below message
is keep appearing.
"00:23:10: %CONTROLLER-5-UPDOWN: Controller T1 0/0, changed state to down
(RAI de
tected)
00:23:12: %LINK-5-CHANGED: Interface Serial0/0:0, changed state to reset
00:23:13: %LINEPROTO-5-UPDOWN: Line p
Hello Folks,
I need help understanding this logic.
I have Catalyst 6509 switch with 4 Vlans. I have done configuration which
is recommended by Cisco.
Here is the details.
VLAN 2 Users: Subnet 10.0.2.0/24
VLAN 3 Servers Subnet 10.0.3.0/24
VLAN 4 PBX Appli
Has anyone ever configured IDS module for catalyst 6500 series router? I
tried browsing Cisco Website, but did not find any help in terms of
installing and configuring the IDS blade. Can someone point me to correct
link?
Regards,
Ali
Message Posted at:
http://www.groupstudy.com/form/read.p
It means that if you isolate your managment vlan with your user's vlan then
it will help you reaching the managment interface and it totally makes
sense. But do you think that isolating your managment vlan will also help
you securing your network from hackers?
Regards,
Ali
-Original Mess
Hello Maverick,
You mentioned that isolating managment vlan from traffic vlans helps when
there is a broadcast storm which will allow you to connect to your managment
port since the management port is in a different vlan. I
thought about this last night and need some clarification if my logic is
In simplest ISDN configuration I should be able to ping, but unfortunetly I
can't. This week is very tough nothing seems to work I guess.
I have two routers connected through ISDN. Here is the config. I should be
able to ping, but can't ping the local and the remote interface.
Any Clue.
R
Hello Folks,
In ISDN configuration, there is an option to use hostname in the mapping
command. For example,
rtrA:
dialer map ip 138.2.80.2 name rtrB broadcast 2005
rtrB:
dialer map ip 138.2.80.1 name rtrA broadcast 2004
What is the main purpose of using the remote hostnames in the mapping
c
Is there any guidelines we could download to learn techniques regarding how
to quickly search for stuff in Cisco Documentation CD. This is the only
resource available in CCIE Lab if one doesn't know what to do.
Some CCIEs recommend to learn how to navigate Cisco Documentation CD
thoroughly.
Reg
Does PIX allow you to do authentication between windows NT computers?
For Example, If I have a Windows NT server on a DMZ Port and and a Windows
NT domain Controller on an Internal Network. How can I configure PIX to
logon to PDC on Internal Network. This is a same concept in router by
providing
It is correct, but according to my knowledge, it will still show down/down
even the cable is attached. The only way to bring it to up/up if other side
is also connected along with the encapuslation and other parameters. It is
different then Ethernet where the physical port will go up as soon as
If you can remember the questions then you should be able to find you own
answers. You are violating the Cisco's policy. Please be careful.
Regards,
Ali, Abbas
-Original Message-
From: Yang Jun (Ike Yang) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 11, 2001 9:50 AM
To: [
--Original Message-
From: james mensah [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 11, 2001 11:32 AM
To: Ali, Abbas; [EMAIL PROTECTED]
Subject: RE: CCIE written questions [7:28862]
Abbas are you new to this group and do you have some respect for Cisco NDA
and for that matter ethics?
I took my CCIE Written yesterday and passed it. I got 78%. The good thing
that it allowed me to review the questions, but the bad thing was that in
multiple choice questions, the only hint you will get "CHECK MULTIPLE
ANSWERS".
Some questions were really confusing. If anyone is preparing mak
I have scheduled my CCIE Lab for 06/25/02. This is the earliest I could
have gotten. I want to take it in March. If anyone has scheduled for March
and Like to exchange, please let me know.
Regards,
Ali
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29590&t=29590
---
Here is the challenging questions I think it is doable, but needs to know
for sure before I give green signal to my customer.
Customer has only one web server sitting on a physical public IP address
68.112.1.5, and has about 10 virtual IP addresses mapped to different names.
They ran out of addr
Is it possible to remove default Vlans 1, 1002-1005 from ISL trunking? I am
setting up a ISL trunking between Catalyst 2924 and 3640 router.
I am running IOS on Catalyst XL 2924 and only want certain vlan on my link.
IOS does it, but then it also inserts default vlan 1 and 1002-1005
automaticall
There is a CCIE practice Lab in Virginia. I believe the author of the great
book Bridges,Routers and Switches (Caslow) used to teach for that Lab.
www.arslimitedtraining.com.
-Original Message-
From: Olympia Ric [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 03, 2002 1:41 PM
To: [E
I am receiving lot of errors on my Ethernet Line Cards in 6509 switch. For
example, Ports have different errors in FCS, CRC, Runts, Giants, and
Collisions. Is it possible to narrow down whether it could be NIC Card, Bad
Cable, auto negotiation etc? One of the users has a brand new computer and
I have a 525 PIX and running normal configuration. Inside network is in
10.0.0.0/16 segment and doing NAT with public address. Here is the
situation. I have a client where I need to have an access through my PIX
with VPN. The client is using VPN Concentrator and also has 10.0.0.0/16 for
their
You also need to consider to use the newer Cisco method which is "IP OSPF
NETWORK TYPE". Neighbor command is an old mehtod of doing it and not
recommended anymore.
Abbas
-Original Message-
From: Hire, Ejay [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 10, 2002 10:28 AM
To: [EMAIL P
You can assign an IP address to the interfaces and ping each other. You
don't have to have hosts connected to the interface for the interface
connectivity.
-Original Message-
From: Stephane Wantou Siantou [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 11, 2002 2:18 PM
To: [EMAIL PROTEC
I have a router in my main office which is connected to four different
locations through full T1 for each location.
For example,
Router A: Main office router
Router B: Branch B
Router C: Branch C
Router D: Branch D
Router E: Branch E
All the branch routers are also connected through Fr
The branch router is 2600 with built in T1 module. My configurtion is:
routere(config)int s0/0
service-module T1 timeslots 1-6 speed 64 along with linecode and framing
just to let you know. I did not specifically assign bandwidth parameter at
the interface level. I assumed that that the timesl
I learned PIX from the book which comes with the PIX itself. Have you read
it yet? It really explains everything in details with examples. Try if you
haven't read it.
AA
-Original Message-
From: Richard Deal [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 25, 2002 10:37 AM
To: [EMAIL
Two important rules about PIX. Any outside traffic or I should say any
traffic from the lower security to the higher security, you must have static
and conduit commands. And any traffic from higher security to lower
security you must have global pool and nat depends if you are doing
translation
Is your 2501 router booting correctly? If it is booting in rommon, then you
will not be able to access the router through console with the standard
settings. What you need to do is to change your baud rate to 38400, and
keep increasing unless it sees it. Don't change the baud rate and then
expe
I have a network where corporate is connected to 3 branch offices through
Point to Point. The branch office are also connected together in a full
mesh frame-relay toplogy as a backup. The corporate office is also
connected to few other small branches in a hub and spoke frame-relay
topology. I w
Test email
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43186&t=43186
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hello Everyone,
I really need someone to help me with CCIE bootcamp.
I was actually gonna sign up for one of the practice lab (Cisco Approved),
but later I found out that this lab is designed to be on your own. No
instructor help.
Someone recommended to take the bootcamp offered by ARSLimited
This is not a good idea to run two different protocols in a router unless
you have criteria. For example, the router is going to perform
redistribution.
-Original Message-
From: Michael Paulson [mailto:[EMAIL PROTECTED]]
Sent: Sunday, October 21, 2001 4:49 PM
To: [EMAIL PROTECTED]
Subjec
Hello Everone,
I am studying for CCIE Written. Any recommendations.
I have been studying Andrew Bruce Caslow's book and also reviewing CCNP
materials.
Thanks,
Abbas Ali, AVVID, CCDP, CCNP, MCSE
Network Engineer II
>
Tel: 714.428.3367
Pager: 714.748.4817
Email: [EMAIL PROTECTED]
Mes
I have a problem with DMZ configuration.
Here is the scenerio.
DMZ port has UNIX Sendmail Server.
IP Address 206.2.34.1
Internal Port has Exchange Server.
IP Address 206.6.182.75
Here is what I did to make it work.
static (dmz,outside) 155.254.128.7 206.2.34.1 netmask 255.255.255.255 0 0
stat
38 matches
Mail list logo
