Search results for query: *

An easy setup would just be to manipulate the security levels of the VLANs/interfaces. For example, highest security to lowest: Set VLAN1 as 100 Set VLAN2 as 75 Set VLAN3 as 50 Set VLAN4 as 25 Default rules on the ASA should allow traffic from a higher security interface to any lower security...

So your LAN-connected clients using public DNS are trying to hit your public IP address instead of the DMZ IP address like your private-DNS-using clients do? Build a NAT rule to fix this: nat (inside,dmz) source dynamic any interface destination static [PUBLIC_IP_OR_OBJECT] [DMZ_IP_OR_OBJECT]

I'd like to restrict access to the SSL Web VPN by IP. TAC has told me to apply an ACL to the control-plane, but reading up on that, it looks like that would restrict access to any "to-the-box" traffic, including management, site-to-site VPN, etc. I only want to restrict to the SSL Web VPN. Is...

We're getting overloaded on our guest wireless network - too many connections are swamping the SMC modem/router that Comcast provided. While it's not a permanent fix, I'm thinking that some kind of splash screen (like the Cisco WLC WebAuth screen) might help - specifically, acting as a sort of...

We're running 8.3(2). I think we've found it - there's a way to number the NAT rule: nat (interface,interface) ### source etc. That ### is where the rule will be placed. Solved my issue! Thanks!

How do I alter the order of static NAT rules via the CLI? I'm adding several static NATs to my ASA, and they automatically appear at the end of the NAT entries. In order to move them to where I need/want them, I currently am forced to use the GUI and either cut/paste or use the "Move Up/Move...

Awesome, thanks! I'll give that a look too!

Nevermind, I refreshed, and this appears to have worked.

OK, so, poking around, I did find the "Server Options", and made changes there, but it did not propagate to all created scopes. When we created these, we did not manually configure the DNS servers, we utilized what was in "Server Options". Is there a way to push this change to all scopes?

I've not mentioned ISP DNS at all. We're running our own DNS servers, and are migrating to new ones, so I need to update the scopes accordingly. Unfortunately, I'm not finding an easy place to do this - the scopes options are automatically set when the scope is created, not manually...

Will changing options on the server propagate to all scopes underneath it? Or is there a way to scriptomatically do this?

We're looking at changing DNS IPs in our organization, and need to bulk-update a bunch of scopes for the new changes. Any easy way to do this on a Windows 2003 DHCP Server, without touching each individual scope?

We purchased a pair of these bridges to uplink a nearby building. After consulting with our Cisco rep, this model was decided on due to it's ability to trunk multiple VLANs across the connection, a desire/requirement that we had. I've configured the bridges, have them up and connected, but...

Would the interfaces in question be the VLAN interface for both subnets? In this particular case, 10.21.0.0/16 is int vlan21 and 10.90.47.0/24 is int vlan947. The specific hosts aren't directly connected to the 6509, they're a couple switches away.

We recently re-IP'd several servers. Falling back to the old IP is not an option at this point. A lot of clients did not respond to the automated push/update to change them over from IP to DNS, and as such, are still trying to access the old IP directly. While another team is attempting to...

>> Some older/obscure ones: Cse, Cxi (or just x, i). I believe that these would traditionally be DeskJet models. C represents "Color", and the se, xi, x or i represents either the software bundle or the reseller. For example, Staples used to sell the DeskJet 722Cse, whereas OfficeMax or...

They're not domain machines.

That seems to be a MAC filter - the RAS addresses don't have a MAC, their "unique ID" is "RAS". Further, I can't install anything on the DHCP server at this time. I was hoping for some internal functionality that allows this - it's completely ridiculous that one entity could setup RAS services...

If your file server in office B is promoted to a DC/GC, isn't that going to wonk things up severely due to disabling write-caching?

We've got a few vendor-supplied machines that we can't eliminate, and we can't get them to disable RAS on these boxes. As such, we're dealing with these systems grabbing addresses in our DHCP scopes. Is there a way to block this at the DHCP server, or perhaps another level, that doesn't...