Hello Andriy,
Thank you for good suggestion.
From: Andriy Bilous [mailto:andriy.bil...@gmail.com]
Sent: Monday, December 10, 2012 7:13 PM
To: Murat Kaipov
Cc: Cisco-NSP Mailing List
Subject: Re: [c-nsp] Redistributing OSPF into another OSPF process
Redistribution of networks local to
Hello Adam,
I use ospf configuration under interface
For example:
interface Vlan42
mtu 1532
ip address 172.24.200.38 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
ip ospf cost 20
carrier-delay msec 300
mpls ip
end
-Original Message-
From: Adam Vitkovsky
Hello,
I've linked a number of EX3200's together with various Cisco switches [3560,
3750, ME3600X off the top of my head] in a former life. I wouldn't necessarily
say this is the right way to do it, but it worked for me.
Working from memory, I think the port on the Cisco side was configured as
Greetings-
I am trying to get an ipsec tunnel up between a cisco router and a Fortinet
200B for a customer. I've got IKE phase 1 completing, but phase 2 won't
complete because the router's proposal isn't matching the firewall's-
2012-12-11 09:29:50 ike 1:SJCGW:324472:144706408: specified
According to the transceiver matrix, GLC-T is not supported in ASR1k, only
the SFP-GE-T. If you meant that, still you might either need speed 1000
or if that's not supported, it might not work in SFP+ ports which is the
case for ME3600X (also confirmed by the matrix pdf).
Hi folks,
I have an edge-facing PE router that has a full table inside vrf inet. That
edge PE speaks MP-BGP as an RR to a few other PEs that don't have the capacity
to handle a full table but need access to the world via vrf inet. Those PEs
receive internal+default from this edge PE to
You can find help on the following links:
http://docs.fortinet.com/fgt/handbook/40mr3/fortigate-ipsec-40-mr3.pdf
http://docs.fortinet.com/fgt/handbook/40mr2/fortigate-ipsec-40-mr2.pdf
On (2012-12-11 11:17 -0500), Jason Lixfeld wrote:
The issue now is that I have vrf resi that I need to anchor to this
edge-facing PE router and vrf resi needs access to the world via vrf inet
too. The other devices inside vrf resi could be considered managed CEs for
all intents and
Hi Guys:
Please,
Could you help us with the diference between these devices?
Currently we are testing GetVPN, but we don´t have CA Server; and we need to
know if is necesary CA Server or the Key Server
could replace the functionality of this.
Thanks.
Henry
From: henrry huaman henry.hua...@yahoo.es
Hi Guys:
Please, Could you help us with the diference between these devices?
Currently we are testing GetVPN, but we don´t have CA Server; and we need to
know if is necesary
CA Server or the Key Server could replace
Hi,
I tried asking this question another way and don't think I made it
clear what or why it was needed.
I am an ISP and I have been seeing a customer IP address being targeted
for a DDoS which appears to be an dns amplification attack. I checked
the ip's of the servers sending packets and
Quick question...
I have a stacked pair of 3750X switches currently feeding 2 trunks
through some packet inspection devices and into ASA5540s.
We're upgrading to 5585s, and looking at doing etherchannel trunks out
of the 3750Xs and 5585s (now that ASAs support etherchannel).
If the ASAs are
We just purchased the Cisco 6509-E with 2 Supervisor Engine 2T modules and two
10 GB modules, plus a few 48 Gb ports modules.
My plan is to move all routing, plus QoS from the 7206 to this new 6509-E.
The 6509-E will also be configured for InterVLAN routing to handle at least 60
different
If you have specific questions, I'm sure many on here would be happy to
assist with issues, but this is venturing into the Hire a consultant
category.
-Blake
On Tue, Dec 11, 2012 at 1:01 PM, An Nguyen angu...@emprisebank.com wrote:
We just purchased the Cisco 6509-E with 2 Supervisor Engine
I've only ever used crypto ACLs to match traffic on the Cisco side, not Tunnel
interfaces. Don't use address groups as part of your Phase 2 proposals on the
FortiGate side... You will need to create individual Phase 2 proposals per
'address' pair.
Josh
Sent from my iPhone
On 12/12/2012, at
Maybe start using object-groups?
-Blake
On Tue, Dec 11, 2012 at 1:19 PM, Mike
mike-cisconspl...@tiedyenetworks.comwrote:
Hi,
I tried asking this question another way and don't think I made it
clear what or why it was needed.
I am an ISP and I have been seeing a customer IP
Hi,
On Tue, Dec 11, 2012 at 11:19:08AM -0800, Mike wrote:
53 except to/from my servers. I don't want to cut/paste and create a new
access list for this customer, I just want to be able to add some
additional rules on top of the default filter set. Surely there has to
be a way to do this?
I think the easiest way would be to actually create a new ACL on the router,
and then change the user's RADIUS profile to use that ACL...
Arie
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Gert Doering
Sent: Tuesday,
CA is a certificate authority, and is part of a PKI infrastructure. (signs
certificates of hosts to say they are authentic) use of certificates is one
option for getvpn authentication method. You could use pre shared key's in
place of certificates for authentication if you don't understand PKI.
Hello,
We are seeing an issue whereby a service to pass RDP directly to a machine
will just hang randomly while connected. Is there something wrong with the
config we have wrong?
service customer-A.rdp
port 3389
protocol tcp
ip address 10.1.1.3
keepalive type icmp
active
owner customer-A
Blake is spot on. If you want someone to write your config for you...well,
there's a lot of really skilled people who'd be happy to help you out in
exchange for pay.
Are you asking more along the lines of how do you deploy the switch in a
safe/sane manner?
What exactly do you need to know?
On
We're doing something similar using route-maps and/or isg policies, with the
first one
being non-scalable and the second one having awkward config.
--
Tassos
Mike wrote on 11/12/2012 21:19:
Hi,
I tried asking this question another way and don't think I made it clear
what or why
it was
22 matches
Mail list logo