yes.
configure the interface to get a dhcp assigned
address.
--- [EMAIL PROTECTED]
wrote:
I know this came up once before but did anyone
figure out how, or if it is
possible to make the PIX grab a DHCP address from
the ISP?
Thanks in advance!
Steve Smith
[EMAIL PROTECTED]
try some router rental labs that you can access
online. there are some links on the groupstudy home
page itself.
--- a. ahmad wrote:
Dear All,
Thanks for some valueable suggestions. One more
thingif one is willing
to be a great networker, young, energatic but unable
to get hands on
what is the difference between router and a device
that does packet forwarding between its interfaces.
example:
can a plain NT box with two network cards (with IP
forwarding enabled) be called as a router ? or it is
just doing packet forwarding.
in my understanding even routers like say cisco
after giving the command for disabling nat with nat 0
command why and what does this warning mean ?
access-list protocol or port will not be used
__
Do You Yahoo!?
Sign up for SBC Yahoo! Dial - First Month Free
http://sbc.yahoo.com
Message
specifies what node is allowed to
hit the HTTP Server,
while the PDM command defines the host allowed to
log into the PDM App.
I'm sure someone will rightly correct me if I'm
wrong. :)
-Mark
-Original Message-
From: John Green [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 23
that's exactly what i am trying to find.
do we need a static command as well in addition to the
access-list to allow traffic from lower security to a
higher security ?
static command is for mapping ip addresses ? right ?
and access list is the one that allows the access ?
right ??
--- Peter
i am using pix without nat
(hence using the nat 0 command)
in addition to the access-list command to allow
outside hosts to get into internal network is there
any else needed. do i need a static command as well ?
__
Do You Yahoo!?
Yahoo! Health
if there are no address translations then
for connections initiated from outside to internal
network, is static command needed ? (I am providing
an access list for connections initiated from the
outside network though, anything else needed ??)
--- John Green wrote:
this setup is simple
two questions here:
first so no static command would be needed ? is that
correct ?
second, about the nat statement
nat (inside) 0 0 0
the cisco docs show actually 4 zeros, the last being
flags while the first two meaning 0.0.0.0 right ? did
you miss out the last zero ?
--- Peter zhang
this setup is simple with two networks
with no address translations anywhere.
10.1.1.0/24 ---PIX--- 10.1.2.0/24
i have put in two access lists, one each for both
interfaces
access-list access_in permit ip any any
access-list access_out permit ip any any
access-group access_in in
to allow a workstation access so as to be able to use
and configure via the PDM, we give the command
http server enable
http 165.12.55.12 255.255.255.255 inside
what is the purpose for the command
pdm location 165.12.55.12 255.255.255.255 inside
do we need both the commands to allow the
how to read the SSH RSA key in pix and a cisco router
?
what is the command and where is it stored ? nvram ?
__
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/
Message Posted at:
INTERNET
|
| 205.11.22.9
PIX
| 10.10.10.1
---
| | |
| | |
10.10.10.2 10.10.10.3 10.10.10.4
WEB SERVER host host
requirement : web server running at 10.10.10.2 at port
reposting as i got just one reply
[7:39972]
what is this cisco secure authentication agent ?
CS ACS server is understood fine, but what is this
authentication agent ? can someone explain ?
__
Do You Yahoo!?
Yahoo! Greetings - send holiday
where or how to read the pix's key ?
what is the command ?
--- Kent Hundley wrote:
John,
3 ways to verify the host key:
1) Connect over a network which you have a
reasonable degree of confidence
is secure. This would normally mean connecting over
a LAN to the host in
question to
what is the difference between
feature based and connection based activation key ?
the activation key is generated by the pix itself or
it gets loaded by factory settings when pix is sent to
the customer ? how does this thing work ?
what is inside the BIOS flash ?
now what is this cisco secure authentication agent ?
CS ACS server is understood fine, but what is this
authentication agent ? can someone explain ?
also can we run the ACS for windows on NT workstation.
(the docs mention only server though, but asking the
list if someone has installed it fine
but when i connect using the ssh client i get this
security alert. do you know what this means ?
PuTTY security alert
The server's host key is not cached in the registry.
You have no guarantee that the server is the computer
you think it is. The server's key fingerprint is
2048
is the Cisco Secure ACS server a TACAS+ server ?
ie the pix is acting as a tacas+ client to the ACS
server ? is that correct ?
if yes, then the protocol for user authentication and
later access-control between the pix and ACS server
called as TACAS+ protocol ? is this correct ?
lastly if pix is
i downloaded ttssh.exe (freeware) and it does not seem
to run.
any one know of a URL where i could download a free
version of SSH client. (windows 95)
__
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy Awards.
http://movies.yahoo.com/
so Broadcast domains and Bandwidth domains are the
same ? (i guess so)
For Ethernet broadcast and collision domains are the
same. right ?
--- Priscilla Oppenheimer wrote:
A bandwidth domain is an area of a network where all
devices can hear each
other's transmissions. A collision domain
side is same. is it not ?
--- Priscilla Oppenheimer wrote:
At 01:02 PM 3/27/02, John Green wrote:
so Broadcast domains and Bandwidth domains are the
same ?
Of course not. We said that bandwidth and collision
domains are the same on Ethernet.
(i guess so)
For Ethernet broadcast
PIX questions
how to find the time/date when the config file was
last modified. (to find if any one else has tampered
with it)
how to find who is telnetted into the pix or who is
using the PDM into the pix
how to configure a particular IP address to be allowed
to manage pix via the PDM and no
the CableModem has a MAC address. right ? what is this
interfaces' IP-address ? i guess it does not have ?
but then it does have MAC address. its hard to
understand how an interface can have a MAC and not an
IP address. cannot reason this out ? can you help with
this ?
reposting as i got just one response
MTU for
Ethernet is 1500 bytes
SLIP is 576 bytes
Frame Relay ???
Token Ring ???
__
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy Awards.
http://movies.yahoo.com/
i know there are many more knowledgeable here but just
lets get started with this thread.
Source sends a syn packet to the destination and this
packet contains sequence number(say x) and ACK bit not
set
The destination receives it and sends a syn and ack.
this packet contains its sequence
MTU for
Ethernet is 1500 bytes
SLIP is 576 bytes
Frame Relay ???
Token Ring ???
__
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy Awards.
http://movies.yahoo.com/
Message Posted at:
is any one aware of any issue with PIX501 and
connecting via cable modem to get an ip address (dhcp)
?
internet-cable-PIXHOST
modem 501
without the pix, the HOST is able to get the dhcp ip
address fine. the pix is configured to get an
ipaddress from dhcp for
my box (windows workstation) is connected to a cable
modem (i guess motorola) and cable modem connects to
my cable tv network and in turn to internet.
--- Priscilla Oppenheimer wrote:
At 08:05 PM 3/18/02, John Green wrote:
i guess you are right that there is some sort of
filtering being
what is TCP feature in IOS ? (is this related to the
tcp syn attack and is kind of a counter measure
towards it ?)
the closest reference to it in the cisco web site is
in this
http://www.cisco.com/warp/public/732/Tech/matrices/tcp_matrix.html
what is Socket API over TCP ? what exactly is this
the routing decision consumes the bulk of the CPU
bandwidth, shovelling the rest of the packet through
is low-overhead.
say a router connects a between ethernet and Frame
Relay or between two dissimilar Layer2 networks. Then
the router would be stripping off one networks' layer2
frame and
can someone explain what does this statement mean ?
(with an example of a non-routable protocol)
As we need to cater some non-routable protocols,
bridging is also enabled at all routers.
and how is bridging enabled at a router ? (is this
referring to switching being enabled ?)
--- dovelet
is there a change in the syllabus as well ?
in case you guys missed it:
Cisco Systems has announced the release of a new Cisco
Certified Network Associate exam, CCNA #640-607. This
immediately replaces the #640-507 exam, and introduces
performance-based testing elements that will measure
your
which IOS version is (are) GD certified ?
also if someone knows for pix as well ?
__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/
Message Posted at:
i guess you are right that there is some sort of
filtering being done.
because the arp command gives the same physical
address of the hosts in my subnet.
Internet Address Physical Address Type
211.16.12.1 00-05-5f-ee-e0-54 dynamic
211.16.13.14 00-05-5f-ee-e0-54
C and D (info about links and routes) is always true
for all routing protocols because that is what is
routing is all about.
A (periodic updates): RIP does that for sure. not sure
for ospf and bgp.
B: hello mechanism... not sure if all do, but i guess
it is true as well (guess though)
--- mlh
a node connects to a switch and switch in turn
connects to all other nodes. hence in effect when a
node transmits it is the only one transmitting on that
wire and hence gets the full bandwidth in its transmit
wire (eg in 10BaseT). (csma/cd not applicable
here,right ? because it is the only
Is it ok to refer to a router as a Layer 3 switch ?
cisco 6500 was referred to as a Layer 3 switch.
question: does it(6500) have routing capabilities ?
-
to connect to different vlans one needs a router.
right ?? (as shown below)
switchA
or unique when
they are neither.
Regards,
Kent
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
John Green
Sent: Thursday, February 28, 2002 9:13 AM
To: [EMAIL PROTECTED]
Subject: question about stateful inspection
[7:36817]
what
new or unique when
they are neither.
Regards,
Kent
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
John Green
Sent: Thursday, February 28, 2002 9:13 AM
To: [EMAIL PROTECTED]
Subject: question about stateful inspection
[7:36817
Routers use Layer 3 switching to route a packet,
and Layer 2 switches use Layer 2 switching to forward
frames.
above is from the cisco web site. Layer 2 switches use
layer2 (ie datalink) for forwarding frames. fine.
but for Routers also it says that it uses layer3 for
routing, although it is
.
Nadeem
==
John Green wrote:
Routers use Layer 3 switching to route a packet,
and Layer 2 switches use Layer 2 switching to
forward
frames.
above is from the cisco web site. Layer 2 switches
use
layer2 (ie datalink) for forwarding frames. fine.
but for Routers also
I am reading a document and cannot fully comprehend
what it means. can someone explain, atleast
briefly
it basically talks about network design...
the traffic that comes off the router (towards
internal network) is split into following depending
upon the upper layer protocol.
it may go to a
what is multilayer stateful inspection ?
stateful inspection is understood fine. but what does
the prefix multilayer denote or mean ?
state refers to the state of a session information
that is temporarily kept in a state table for open
connections and is wiped or erased when the session
ends.
is it true that there is no support for firewall
feature set for 4000 series cisco routers ?
though they are supported in 7100 and 7200 series.
why not 4000 series ? any specical reason. (rest all
series are supported like 3600, 2500 and 2600 etc)...
cisco access control server provide AAA services.
has anyone here worked with either the access-control
server on solaris or NT ?
i have not worked on it and want to things like how
is the GUI for it, what user accounts can be set,
what
sort of reports ie audit can be generated, what
kinds
ibm says that its chip can run at 110 GHz.
who makes the chips or processors for cisco routers
and switches. also what about juniper ?
who and which companies use chips made by IBM ? is IBM
into networking products ?
__
Do You Yahoo!?
Yahoo!
i need some quick help with this. please post asap.
thanks
--
Network Access Server and Network Access Control
Server are two different boxes ?
eg CiscoSecure Access Control Server (unix) is a
software that is installed on Solaris box, to which
seems all jobs have just vanished. well then who runs
the networks and equipment ? it's real bad out there
in the job market.
any web sites to put the resume ? seems dice, monster,
headhunter are not producing any results.
how long is this goind to last ?
ok tell me this guys.
the 2523 and 2514 are not available in like
used_hardware / online / acution sites.
seems these two are pretty popular ones. why ?
i have been trying to get hold of 2514 (has 2 ethernet
interfaces) but have been unsuccessful yet.
--- Circusnuts wrote:
All you need is @
i am sure we have lots of people here would know about
this first hand.
there is almost a difference of more than 5000 bucks
between these two models. what is the difference
between these two models to make such a big
difference. do they run different ios versions. do
they have different
If any one is a member of IEEE, please let me know so
that i can ask you specific questions , if not
off-topic. i know we have lots of people here who may
be members of specific socities of ieee or other
professional bodies.
well i need to know which membership would suit, say a
person who is
there is a sybex product called as
CCNA Virtual Lab e-trainer
By Todd Lammle and William Tedder
If someone knows or has used it, let me know,
how effective is it in simulating just like an actual
login to the router and entering the configuration
commands.
second after having configured the
anyone knows how effective or good are the router
simulators. sybex has one from Tod Lamle.
any others out there. do they adequately simulate the
router configuration for training purposes ?
__
Do You Yahoo!?
Yahoo! GeoCities - quick and easy
-
and what would this mean ??
where exactly is the equipment replicated ? is it one
at customer
access point and the other at the carrier provider's
end? is this what
is duplication and what is the context for
Multiple networks ?
IP and ATM failed to deliver ?
well i don't say this but got this from the web site
of a competitor of cisco!!
But that is besides the point. Below I have reproduced
the text verbatim.
what it says that both IP and ATM failed as carriers
to carry puredata
due to different reasons as explained
the IP address alloted by the dhcp server to my home
computer (via cable ie cable modem connection) is
IP address 24.15.125.255
subnet mask 255.255.248.0
def gw 24.15.125.1
ok look ar the last quad it is 255 !!!
i can't believe this.
do you how this is possible ? 0 and 255 are
Architect
Cendant IT
A+,MCSE,CCNA,CCDA,CCNP,CCDP,
CQS-SNA/IPSS
John Green wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
the IP address alloted by the dhcp server to my
home
computer (via cable ie cable modem connection) is
IP address 24.15.125.255
sub
please let me know about the IOS release versions
eg, what exactly would the following mean ? i need to
decipher the P ,T ,XE stuff.
11.2(11)P and above
11.(3)3T and above
12.0, 12.0(1)T - 12.0(4)T, 12.0(4)XE
thanks
__
Do You Yahoo!?
Yahoo!
please let me know about the IOS release versions
eg, what exactly would the following mean ? i need to
decipher the P ,T ,XE stuff.
11.2(11)P and above
11.(3)3T and above
12.0, 12.0(1)T - 12.0(4)T, 12.0(4)XE
thanks
__
Do You Yahoo!?
Yahoo!
please let me know about the IOS release versions
eg, what exactly would the following mean ? i need to
decipher the P ,T ,XE stuff.
11.2(11)P and above
11.(3)3T and above
12.0, 12.0(1)T - 12.0(4)T, 12.0(4)XE
thanks
__
Do You Yahoo!?
Yahoo!
what exactly is this technology "content distribution"
?
how content is distributed over the internet ?
any links/info/tutorials/... etc
__
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year!
how does this work practically.
selling one's part of bandwidth ?
how is actually implemented by the service provider ?
any other details please email me if this is not
exactly suited to this list
thanks
__
Get personalized email addresses
this post(s) was posted a couple of days back and just
wanted some more list memebers to see if this correct
before we take this as gospel truth.
---
Neil Desai [EMAIL PROTECTED] wrote:
To my knowledge serial links don't have a MAC
address. Since
here is what the cisco web site says that "
Platforms
The CBAC feature is supported on the following
platforms:
Cisco 1600 series
Cisco 2500 series"
is this correct ? cbac feature is supported by a
IOS version. I mean it should have been worded as
following IOS versions support cbac feature.
what is cisco smartnet maintenance ?
i am buying some cisco stuff and i have a option
for buying the cisco smartnet maintenance for an
additional amount ?
what benefits would it give.
what is covered under standard cisco warranty, if
i don't but smartnet ?
thanks and please email me a cc as
-
From: John Green [EMAIL PROTECTED]
To: Donald B Johnson Jr [EMAIL PROTECTED]
Sent: Tuesday, November 14, 2000 2:43 PM
Subject: Re: CCIE written using the univer cd?
can we order this CD for personal use.
if yes, please let me know as to how and what are
the
requirements
what is a cisco CGS router ?
__
Do You Yahoo!?
Yahoo! Calendar - Get organized for the holidays!
http://calendar.yahoo.com/
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
The cisco 2509 router has 2 serial, 1 ether, 8 async
ports.
what is 8 async ports ?
i do not have this router with me hence please let me
know as to what are these async ports. what are these
used for ?
if some one has used it, then in what kind of
environment would one install such a router.
continuing on the router selection.
well, i too posted today as to what are the async
ports that a 2509 has. It turns out that these are to
connect to the modems.
now to prepare for the tests as well as learing as
well what would be the router to buy ? it is better to
ask now better than
cisco 2509 router has 8 async ports that can be used
to dial in or out.
if configured for dial out, each asyn interface would
be allotted an IP address when it dials into its ISP
and establishes a PPP link.
8 PPP links would mean 8 IP address. why would one
have such a configuration and what is
i was at the groupstudy web site and there all i found
for routers was individual routers for sale. well this
is fine but what about vendors who sell used routers.
can we have some list of such vendors.
i did not find one on the web site. if there are
please let me know. yes there is one Teltone
351-018 (Security Qualification Exam)was the number
that was mentioned in this list for cisco security
beta exam. I checked up the cisco site and it confirms
that :
* The Security beta will only be available from
October 20, 2000 to November 10, 2000.
but in the prometric web site under the
Ehernet uses csma-cd and hence multiple
computers(hosts)
can access and send data according csma-cd protocol.
fine...
now what about FR and ATM. they are just serial links.
right ?
ie only two computers (hosts etc) can connect across.
right ?
if the above is fine then
across this line
DNS = domain name server
domain name servers host the database for the
mapping between domain names and IP addresses.
This is how you go to a www.yahoo.com etc.
also this is how when you address email to say
[EMAIL PROTECTED] is sent to the mail server which
is accepting mail for the domain
i have a old 2514 with IOS 11.3.
is there a way i can upgrade to one with firewall
feature set...
oops... first, does 11.3 has firewall
feature set ?
thanks all
john
--- Daniel Cotts [EMAIL PROTECTED] wrote:
Read the Docs. Use ConfigMaker to create a ballpark
view. Edit as needed.
76 matches
Mail list logo