Search results for query: *

no it will not route external name resolution requests to the external DNS. The forwarders configured on your DNS server is how external resolution will take place. What ACLs are configured? >I actually had it working, but zapped my config again since an ACL was halting 80 and 443 requests...

No that is not how CBAC works, although it may look that way. Packets entering the router are inspected by CBAC only if they first pass the inbound ACL. You are not expecting any traffic inbound. For outbound packets CBAC creates a temporary opening in the ACL. The openings allow returning...

Yes. the CLI works like this: User Exec Mode -> 'enable' cmd -> Privileged Exec Mode -> 'config t' cmd -> Configuration Mode. in Configuration Mode you can make the changes needed. 'copy r s' will save your changes. From Configuration Mode you can enter Interface Configuration Mode with...

cisco#config t cisco(config)#static (inside,outside) tcp public.ip smtp private.ip smtp netmask 255.255.255.255

You can speed up convergence on these ports by using: switchport mode trunk switchport nonegotiate and if you are using RSTP add: spanning-tree link-type point-to-point

to force a port into becoming the root port you need to change it's port-priority for the vlan. Switch(config-if)# spanning-tree [vlan vlan-list] port-priority port-priority The value of port-priority can range from 0 to 255 and defaults to 128. A lower port priority value indicates a more...

default-gateway. This is why it doesn’t work. As described above the only way to gain telnet access is by plugging into a local switchport.

>i dont think default gateway is only used for management access in L2 yes in L3 no >cdp is layer 2 indeed. this is why when you connect two switches back-to-back they know each others information. if you are unable to obtain this information from a neighboring switch you may want to verify...

>but am unable to see the new one from any of the other switches Verify CDP is running. The only issue I’ve had with my 2950G and VLANs after clearing and rebuilding the flash is that VTP is running version 1. ip default-gateway command on a L2 device is only used for management access

Basic NAT setup on Cisco router. (fa0/0=outside fa0/1=inside interfaces) access-list 1 permit 192.168.1.0 0.0.0.255 int fa0/0 ip nat outside int fa0/1 ip nat inside ip nat inside source list 1 interface FastEthernet0/0 overload this will translate internal hosts (192.168.1.0 255.255.255.0)...

Problem 1. DNS resolution. Are these public DNS servers setup as forwarders? if so the route would be: route outside 0.0.0.0 0.0.0.0 19x.xxx.xxx.1 1 otherwise were are they located? do you have nat setup: access-list inside_local_nat_1 permit ip 192.168.69.0 255.255.255.0 any nat (inside) 1...

yes you should only need https for rpc. the static cmd should read: static (inside,outside) tcp outside.ip.addr https inside.ip.addr https netmask 255.255.255.255 using 'interface' as the outside address will overload the outside interface. you are also overloading the interface with 'global...

you will need a crypto map and isakmp configured and enabled to terminate your vpn connection to the ASA. on the email: static (inside,outside) tcp interface https 19x.xxx.xxx.xxx https netmask 255.255.255.255 is 19x.xxx.xxx.xxx the private ip address? outside_access_in would indicate it is...

'dot1x system-auth-control' you need this to enable dot1x on the switch. you will need to update your IOS.

DHCP Snooping would be helpful.

change ACL 105: access-list 105 permit ip 192.168.1.0 255.255.255.0 any add this cmd: dhcpd enable inside

Yes, this is the reason I thought it would be a good option while keeping the price down. -Ryan

ASA 5505 w/base license (under $450 USD each) -Ryan

by default XP will block inbound ICMP. Control Pannel -> Windows Firewall -> Advanced (TAB) ICMP Settings..(Button) first choice is to allow incoming echo request. -Ryan

Try: http <remote_subnet> <mask> inside management-access inside Even though you are coming from the outside I believe it appears as an inside address. You could try both, I’m sure one will work I’ve used it before. I currently use CLI over the VPN. These two commands allow it to work: ssh...