A network management/monitoring system would be appropriate for that.
Also, it seems a little Philistine to put your name byline (From:) in
lower case while obnoxiously capitalising your subject line.
shariq qamar wrote:
Dear All ,
I want to get messages sent to the syslog server when the
Hi matt ,
Thanks for immediate response
we have a syslog server on which we are using KIWI demon as a SYSLOG client
, my requirement is to configure my PIX Firewall in such a way so that it
start sending any messeges to syslog specially those messeges when my
firewall CPU
utilization crossess a
Dear All ,
I want to get messages sent to the syslog server when the pix CPU reaches a
threshold. This way I am alerted of heavy usage on the pix . i m using PIX
535 with SOFT VER 6.3
Its actually like CPU threshold notification to my syslog server .
Thanks in Advance
--
Regards,
Shariq Qama
I have also used -hierarchical- ingress policing (because egress policing/shaping wasn't
supported) and it works quite well. I just have to be more restrictive on the policing rates.
--
Tassos
Church, Charles wrote on 06/01/2009 02:28:
Agree. We've used this inbound as well on our links to ou
Agree. We've used this inbound as well on our links to our peers for
P2P traffic. Works pretty well, as long as it's TCP and you're shaping
it.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Brett Looney
Sent:
> It is a bit dissapointing to know that you cant really manipulate
> the types of traffic inbound only outbound. I understand why though.
I've used inbound policing and shaping on heavily congested links with some
success - it has the effect of applying back-pressure to the incoming
streams - del
Thanks for all the comments guys you have clarified this for me.
It is a bit dissapointing to know that you cant really manipulate the
types of traffic inbound only outbound. I understand why though.
Thanks,
Aaron.
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisc
The appropriate line would look like:
copy running-config tftp://192.168.0.10/
So, if you want it to be firewall-config
copy running-config tftp://192.168.0.10/firewall-config
If you have a sub-directory on your tftp server like "firewalls" it would be
copy running-config tftp://192.168.0.10/
Aru you sure you are running tftp server agent on 192.168.0.10?
-원본 메시지-
보낸 사람: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.
nether.net] 이(가) 다음 사람 대신 보냄: Seth Mattinen
보낸 날짜: Monday, January 05, 2009 11:35 AM
받는 사람: cisco-nsp@puck.nether.net
제목: Re: [c-nsp] ASA tftp
We have our PPTP connections terminated to a server inside our network to
avoid the PIX hair-pinning restriction.
Frank
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Jorge Evangelista
Sent: Monday, January 05, 2009 2:07
I suggest that you configure a proxy server for Internet Traffic, you can
use it as cache or accelerator, only if you want user surf to the outside
internet over that tunneled connection.
By this way, you can control what kind information is allowed when
they connect to corporate network.
On Mon,
chloe K wrote:
Hi
I have a problem to backup the running config to tftp
How it works? Thank you
firewall# copy running-config tftp
Usage: copy capture: tftp:/// [pcap]
copy http[s]://[:@][:]/
flash[:[image | pdm]]
copy tftp[:[[//location][/pathn
Hi
I have a problem to backup the running config to tftp
How it works? Thank you
firewall# copy running-config tftp
Usage: copy capture: tftp:/// [pcap]
copy http[s]://[:@][:]/
flash[:[image | pdm]]
copy tftp[:[[//location][/pathname]]] flash[:[im
On Mon, January 5, 2009 3:38 pm, Networkers wrote:
> I¹ve taken a look at
> some sample configs on the Cisco site but they all seem to be similar to
> this. My thinking is that the dial pool doesn¹t get NATed properly, but
> I¹m unsure on what to do to the config to fix this. Normal 192.168.100.x
Uhm, that's split-tunneling.
If you want to use internet at the router site then follow this guide:
http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration
_example09186a008073b06b.shtml
Regards,
Luan Nguyen
Chesapeake NetCraftsmen, LLC.
[W] http://www.netcraftsmen.net
[M] l.
Create ACL 101 permit 10.0.0.0 0.0.0.255 any
Then under the " crypto isakmp client configuration group SomeVPN"
Add "ACL 101"
Regards,
Luan Nguyen
Chesapeake NetCraftsmen, LLC.
[W] http://www.netcraftsmen.net
[M] l...@netcraftsmen.net
[Blog] http://cnc-networksecurity.blogspot.com/
-Origi
Great, Thanks you all, i will try it.
What about using "crypto isakmp identity hostname" command.
Remote site can be identitifed by a hostname or FQDN instead of an IP
adress, less secure?
On Mon, Jan 5, 2009 at 5:29 PM, Seth Mattinen wrote:
> Manu Chao wrote:
>
>> Hello,
>>
>> I need centra
Gert Doering wrote:
Hi,
On Mon, Jan 05, 2009 at 02:38:17PM +, David Freedman wrote:
Even when you get it, it is only implemented for link-local addresses
so you have to use RA or static routes :(
Unfortunate, indeed. Do you know whether there is work in progress to
get it fixed/improved
Looking at this, I'm making 2 assumptions.
1) The client is connecting on the S0/0 interface to establish the VPN
connection and
2) You're not using split-tunneling.
If both of those are the case, then this is a classic PIX/ASA 'problem'. You're
trying to 'hairpin' the traffic. A PIX/ASA won't
I¹m trying to solve a problem with setting up the remote VPN access using
the Cisco VPN software client. I have gotten it to the point where a user
can remotely tunnel to the router from their Doze PC, log in, receive an
IP in the 10.x.x.x network, and ping something on the 192.168.100.x
network.
Manu Chao wrote:
Hello,
I need central and remote Cisco IOS configuration example when using a
router with 3G module on a remote site.
IP adress of remote site is dynamic: DHCP/3G.
How to configuration central site IPSec peer configuration when remote site
IP @ is dynamic due to DHCP/3G?
Centr
Hello,
I need central and remote Cisco IOS configuration example when using a
router with 3G module on a remote site.
IP adress of remote site is dynamic: DHCP/3G.
How to configuration central site IPSec peer configuration when remote site
IP @ is dynamic due to DHCP/3G?
Central and Remote site
> Aaron Riemer wrote:
>
>> ...I am trying to achieve is to police virus updates
>> from our server so that this traffic can only obtain
>> 128Kbps of the remote sites bandwidth.
>
> Attaching this as an outbound policy-map at the remote site will only
> affect traffic outbound from that site. You'l
Hi,
On Mon, Jan 05, 2009 at 02:38:17PM +, David Freedman wrote:
> Even when you get it, it is only implemented for link-local addresses
> so you have to use RA or static routes :(
Unfortunate, indeed. Do you know whether there is work in progress to
get it fixed/improved to handle "global" r
Even when you get it, it is only implemented for link-local addresses
so you have to use RA or static routes :(
Dave.
Michael K. Smith - Adhost wrote:
> Hello:
>
> Does anyone know if IPv6 HSRP support will ever be written into the 12.0S
> code, specifically for GSR's?
>
> Regards,
>
> Mike
Aaron Riemer wrote:
> ...I am trying to achieve is to police virus updates
> from our server so that this traffic can only obtain
> 128Kbps of the remote sites bandwidth.
Attaching this as an outbound policy-map at the remote site will only
affect traffic outbound from that site. You'll need to e
26 matches
Mail list logo