Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. eiregobragh

    upgrading IOS on a 3750 stack

    Hi guys, I'm just wondering as I've to do this in the coming days is there a particular procedure in upgrading the IOS on a 3750 Stack? Do I have to upgrade the IOS on all Switches in the Stack or just the Master? Thanks, Paul Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  2. eiregobragh

    DNS blocked!!

    I got it working, I was only inspecting ICMP traffic, so I just added DNS and HTTP. It's a steep learning curve. Thanks, Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  3. eiregobragh

    DNS blocked!!

    Hi again, I got ping working now from my laptop behind the ASA. There was an issue with NAT on the SSG. Again, my setup is as follows: laptop---ASA----SSG---InternetRouter-----INTERNET----FREE-DNS From my laptop I can ping the DNS server 208.67.220.220 But I cannot browse the Web. I moved...
  4. eiregobragh

    DNS blocked!!

    Any help/ideas guys? Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  5. eiregobragh

    DNS blocked!!

    Andy, thanks again, I did as you said and added the following: class-map global-class match any ! ! policy-map global-policy class global-class inspect dns class class-default inspect icmp ! service-policy global-policy global This no joy. Here's some of the log output...
  6. eiregobragh

    DNS blocked!!

    Hi, packet trace tool now works to IPs on the internet, don't know what changed :-) But when I do pings from the actual PC they fail :-( Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  7. eiregobragh

    DNS blocked!!

    Hi there, I did the packet trace again; The icmp packet passes the acl, Is nat'd, But the result shows the packet dropped with the reason: (sp-securit-failed) Slowpath security checks failed. Yes ADB100, you're right my networks is of the form: PC---ASA5550----SSG350----Internet...
  8. eiregobragh

    DNS blocked!!

    Andy, thanks for the input. I've made the changes you suggested. I've now only one acl on the inside; any any permit IP Still not able to ping the dns server :-( Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  9. eiregobragh

    DNS blocked!!

    Here's my config: asaprimary# sh run : Saved : ASA Version 7.2(4) ! hostname asaprimary domain-name vmware.com enable password vs58aXBRi4lxH.QI encrypted passwd 2KFQnbNIdI.2KYOU encrypted names name 194.196.148.0 ATT_Network description from AT&T Router name 10.20.30.2 DMZ_interface...
  10. eiregobragh

    DNS blocked!!

    Hi thanks for the reply. I can ping the DNS server from the internet. In my security policy table I have a rule allowing ping and DNS through. I run the Packet Trace tool and ping from a host on the LAN to the default gateway and it fails saying that the Implicit Deny rule has blocked the...
  11. eiregobragh

    DNS blocked!!

    Hi, I'm not sure what you mean by inspecting DNS traffic. I've all IP traffic allowed through my firewall as far as I can tell but I cannot ping the dns server (208.67.220.220)from behind the firewall. Any ideas why I cant even ping? Thanks, Paul Kilcoyne B. Eng. Innealtóir/ Engineer...
  12. eiregobragh

    DNS blocked!!

    Hi, I'm having a problem with my 5550 whereby DNS queries from a pc on the lan is being blocked eventhough I've all IP traffic allowed from the lan. Here's my alarm: 172.16.30.x 208.67.220.220 Deny inbound UDP from 172.16.30.x/57671 to 208.67.220.220/53 due to DNS Query Any ideas? Thanks...
  13. eiregobragh

    Static dhcp on cisco switch 3750

    Hi again, is it possible to do static dhcp on a cisco switch? I found a document here: http://www.cisco.com/en/US/docs/ios/12_3t/12_3t11/feature/guide/gtdhcpsm.html#wp1060281 But I don't have the "origin" option within my DHCP configuration. Is there any other way of doing this? Thanks...
  14. eiregobragh

    3750 stacking question

    OK so once the new switch is running a similar release IOS adding it to the stack should work fine? Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  15. eiregobragh

    3750 stacking question

    Hi there, I have a stack of four WS-C3750-48PS-S Switches on the user lan. I have one WS-C3750G-48TS-S that was assigned to training that now needs to join the user lan. Is it possible or even advisable to add a WS-C3750G-48TS-S to the current stack?? Thanks, Paul Kilcoyne B. Eng...
  16. eiregobragh

    ASA 5550

    Hey, I got it working, thanks for the tip. I went to: configuration>Properties>Device Access>HTTPS/ASDM> selected my DMZ interface with the source 0.0.0.0 0.0.0.0 Thanks a million, won't have to think about this over the weekend now :-) Paul Kilcoyne B. Eng. Innealtóir/ Engineer...
  17. eiregobragh

    ASA 5550

    Hi there, I've given up on https access for the time being. Is there any way to ssh to the outside interface of an 5550? Thanks, Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  18. eiregobragh

    ASA 5550

    Hi, I have a newly installed ASA behind our outer firewall, I want to be able to access it from the Internet via the ASDM java programme. What port would I have to forward to allow ASDM access? Thanks, Paul Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  19. eiregobragh

    Bond multiple ADSL lines

    Great, thanks again. So I can configure my cisco router/ switch to do GLBP on the two interfaces my ISPs are connected into. I'll let you know how I get on. Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie
  20. eiregobragh

    Bond multiple ADSL lines

    Lastly, will this implementation of VRRP load balance internet traffic or will it just chose one ISP always above the other similar to redundancy? Many thanks, Paul Kilcoyne B. Eng. Innealtóir/ Engineer http://www.pknetworks.ie

Part and Inventory Search

Back
Top