Robert,
Aux could only work if you had configured the router
before now to accept Aux connections.
The only posible solution is for you to go through the
console port.
Using a PC with a Terminal emulator set its parameters
to:
9600 baud rate
No parity
8 data bits
1 stop bit
No flow control
If you take one of the 3 specialized courses plus MCNS
exam, you become a Specialist in that area eg
1. CSPFA+MCNS = Firewall Specialist
2. CSVPN+MCNS = VPN specialist
3. IDSPM+MCNS = IDS Specialsit
For a Limited time more:
CSPFA+CSVPN+IDSPM+MCNS = CSS1
Also
CSPFA+CSVPN+IDSPM+MCNS+SAFE= CCSP
Robert,
Aux could only work if you had configured the router
before now to accept Aux connections.
The only posible solution is for you to go through the
console port.
Using a PC with a Terminal emulator set its parameters
to:
9600 baud rate
No parity
8 data bits
1 stop bit
No flow control
Hi group,
I want to get it right the first time. I intend
setting up my CCIE lab at home. I will appreciate if
someone that have taken the lab or preparing for it,
tell me what Switches, Routers, materials I need to
buy.
Also information about the various needed blades on
the switches is
Hi,
They will send a congratulatory letter, a certificate
and nothing moreno ID card.
Enjoy
--- Dwayne Saunders wrote:
Hi all
Was Just wondering after completing your Cisco
Qualified specialist
exam what does Cisco send out if anything
[EMAIL PROTECTED]
Hello,
I know the focus of any certification is not the certificate nor the logo,
the
joy of scaling through all the hurdles, the additional knowledge and
responsibilies it brings, etc out weighs the the certificate or the logo you
are given to put on your complimentary card of letter heading.
Am very grateful to you all. The group really helped me through out my CSS1
exam track. It has been a big learn place where knowledge is shared.I sat and
passed the Cisco Secure Intrusion Detection Systems with Policy
Manager(CSIDSPM) version 2.1 exam today to complete the CSS1(Cisco Security
Hi all,
I have just 2 hours between me and my Cisco Secure Intrusion Detection
Systems
with Policy Manager(CSIDSPM) version 2.1 exam. It is the last lap to my CSS1
certification.
Please any last minute tips, advice and offcourse prayers would be
appreciated. Send an offline message where
You can still use your former ISP's DNS records while using the new ISP's
bandwidth. It does not matter who owns the DNS server. Everybody have access
to it once they are in the internet. Except when they are specifically
filtered.
The only drawn back is that, Your new ISP have to forward the
There are alot one cannot say because of NDA, however it would be safer you
read and know SNA very well.
Enjoy.
Regards.
Oletu
- Original Message -
From: Emil
To:
Sent: Monday, February 18, 2002 1:46 AM
Subject: SNA in CCDP [7:35717]
Hello
I'm a little bit confusing about CCDP
The new Cisco Secure PIX Firewalls book edited by David and Andy is an
excellent guide. In case you decide going into cisco security certification,
the book will help with the PIX exam as well.
Good hands on you new baby-PIX 501.
Regards.
Oletu
- Original Message -
From: Juan Blanco
Look at it from both the Router and the Interface perpective.eg if the
interface facing your LAN is E0 and the interface to the internet is S0.
For traffics coming from your LAN into the Router through the E0 interface,
as the traffic is entering that interface from your LAN it is 'in' and as it
O boy user Network Scanner na?
Regards.
- Original Message -
From: sami natour
To:
Sent: Saturday, February 09, 2002 12:13 PM
Subject: hacking a firewall [7:34978]
Hi ,
I am trying to test how secure BigFire firewall.I need
to run some tests in other words I want to find if I
can
I guess you are behind the news. I thin Cisco have pulled them to Court to
answer some questions, that was few months ago.
However, I have not heard anything about the final outcome of the case.
Regards.
Oletu
- Original Message -
From: Kazan, Naim
To:
Sent: Tuesday, February 05,
He should be getting ready for retirement so that the youngs ones should
take over.
- Original Message -
From: Jeff Buehler
To:
Sent: Sunday, February 03, 2002 2:22 PM
Subject: Re: CCIE starting pay [7:33899]
Change the original posters question to include:
How about a CCNA, CCDA,
Buy Cisco Presss books for the series.
- Original Message -
From: Aslam Rafay
To:
Sent: Monday, February 04, 2002 1:06 PM
Subject: CCNP EXAM [7:34373]
Guys
I am taking CCNP cource, any one who recently passed all CCNP exams tell
me
good resources i can utlitize to pass my exmas..
thinking
about
going after my CSS1 after I pass the Checkpoint CCSA and CCSE tests.
-dlb
Godswill HO wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi Priscilla,
Questions like which answer doesnt not belong means what??? Is Cisco
implying that the double negati
That might be the likely case. But what stops them from correcting these
mistakes each time they review their questions? Why do we have such frequent
typo errors in other exams like microsoft, checkpoint, etc?...just thinking
aloud.
Regards.
Oletu
- Original Message -
From: brian hall
Try specifying the exact IP address of the PC from where you want to
initiate the Telnet session and not the block of IP.
Regard.
Oletu
- Original Message -
From: Dante Martins
To:
Sent: Tuesday, January 29, 2002 10:50 AM
Subject: PIX: Telnet to inside through VPN [7:33589]
How can
encryption des
isakmp policy 10 hash sha
isakmp policy 10 group 1
isakmp policy 10 lifetime 3600
telnet 172.16.3.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
terminal width 80
-Original Message-
From: Godswill HO [mailto:[EMAIL PROTECTED]]
Sent: Saturday, January 26, 2002 7:43
Hi Priscilla,
Questions like which answer doesnt not belong means what??? Is Cisco
implying that the double negative means positive as we were taught years ago
in algebra class or it should be ignored and taken for one negative.
Am currently taking my CSS1 track, I wrote Cisco Secure VPN
- Original Message -
From: chenyan
To: Godswill HO
Sent: Saturday, January 26, 2002 8:38 PM
Subject: Re: help me with the pix problem! [7:33287]
hi,thanks your help.
As you said, if the ping need the reply by the access-list, then the nat
command for the traffic to the outside need
Hi,
The command:
PIX#conduit permit icmp any any
might just be your life saver. Do not forget that though by default traffics
are permitted from any inside interface to an outside interface, you have to
creat an except for the echo-reply packet from the outside interface to the
inside interface.
I know you can have a maximum of 16 groups and a maximum of 16 servers in
each group bring the total of allowable servers to 256.
Regards.
Oletu
- Original Message -
From: Joel Satterley
To:
Sent: Monday, January 28, 2002 3:50 AM
Subject: Cisco Secure ACS Server [7:33415]
Anyone
YES!
- Original Message -
From: cage
To:
Sent: Sunday, January 27, 2002 12:55 AM
Subject: pix [7:33352]
By using NAT 0#,the lower security traffic can connect to the higher
security part, but is it necessary to use the access-list access-groupp
commands to allow the reply into
Yes!!! offcouse,
aaa authenticate login telnetusers tacacs+
!
!
!
Line vty 0 4
login authentication telnetusers
!
!
Henceforth anybody that login including users must be aunthenticated by the
tacacs+, however you have to be very careful with this command, because if
you tacacs+ server become
Have try using nat/pat to allow both subnets in the inside interface access
to the internet? eg
#nat (inside) 1 0 0
#global(outside) 1 216.72.201.1
Will allow all inside users to initiat an outbound connection to the
internet using the public address 216.72.201.1 ie PAT.
Regards.
Oletu
-
No, though the PIX allow traffic from a higher security interface to a lower
one, you cannot ping the dmz interface from the inside interface
successfully because the echo-reply (response from the dmz interface) will
be disallowed from entering the inside interface, so you will end up having
Hi,
It really depends on what you want to do or implement for the DNS. The DNS
guard on PIX is enabled by default and it cannot be disabled not configured.
It help to prevent against DoS attacks by tearing down the UDP conduit on
the PIX firewall as soon as the DNS response is received not
Hi,
Check lists...
1. Did you Logon to the Domain?
2. Make sure that Client for MS Network and File and Print sharing related
services
are on.
3. Try allow Ports 137, 138 and 139
Good Luck
Regards.
Oletu
- Original Message -
From: Navin Parwal
To:
Sent: Friday, January
Hi,
Try the following:
IP access-list standard allowed
Permit 10.10.10.40 0.0.0.7
Permit 10.10.10.49 0.0.0.0
The first permit statement allow addresses n.n.n.40 to n.n.n.48, while the
last one allow address n.n.n.49. There is no way you can deny whole range
without affecting other addresses
I think is all originated from the principles of:
1 = Do not Cares (Matches everything and anything)
0 = Cares ( Matches only identical corresponding digit)
Maybe it is a hang-on from the old binary digit stuff. Man you have no
choice than to do the inverse, else your access-list would not work,
Hi,
It is genral knowledge that a PIX firewall can not be telneted into from the
outside interface, however some documentations am reviewing recently seem to
say the opposite. If you workstation IP address is eg 216.72.211.12, try the
command below:
PIX(config)#Telnet 216.72.211.12
Enable this feature in the user group option in the Cisco Secure Access
Server on your Windon NT machine. All you need to do is to check the 'CLID'
box in the 'user group' option.
Then go to each individual account in the ACS and check this button as well,
but this time add the callers' phone
Hi Festus,
I do not see anyway one access-list command can help you achieve your
objective. If you were talking of chatting and other stuffs that uses a
particular port number, then an access-list would be the answer. To use
access-list, am afraid you have to know the IP addresses of these sites
Hi Patrick,
In respective of the date you started any of your CCNP or CCDP track, you
are certified on the very date you wrote the last exam in each of the
serials. eg If I write Routing 2.0 on 1/1/2001 and wrote the other two any
date in between, but for one reason or the other I now write the
Hi Sarah,
Since all you need is just five usable subnets, the way I go about it is:
2 raise to the power of 3=8 subnets. (You cannot use 2 raise to the power of
2, cos that would give me 4 subnets but I need at least 5 subnets).
It means you can not get exactly five subnets, you will have 3
You Probably have to provide more information.
1. Are your users dialing into a router(Access server) or through a RAS card
on a
computer system?
2. The answer to ques1 is through a router, then is the router also the
router that
connect to the internet or you have another gateway
38 matches
Mail list logo
