Search results for query: *

Hi, I am having trouble locking down inbound SMTP traffic to a group of IP address, the issue is.... previously I have successfully used the same code (see below) on about six routers, but for some reason the code does not work on the new router. The only difference I can think of is.... the...

Ok, I think there is a more fundamental problem with my config. I can not seem to get any port forwards to work at all regardless of the port number and protocol. Can not even the config below to work which I have had working in the past, so I'm guessing the problem lies somewehere else in the...

As for the way I am testing... I connect via EasyVPN to change the configuration. Then disconnect just be be sure before I test from our office, so two locations and I am testing remotely.

! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption no service dhcp ! hostname cisco877 ! boot-start-marker boot-end-marker ! logging message-counter syslog enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXX ! aaa...

Sorry I should of mentioned I have tried that too. I can not see any other part of the configuration that is relevant or could stop it from working. Even if I change the code to the following it does not work. ip nat inside source static tcp 192.168.180.2 29001 interface Dialer0 443...

Hi, I current have an email server that: 1) Receives email using the SMTP extended protocol on port 25 from only a certain group of IP addresses. 2) Hosts web mail using the HTTPS protocol on port 443. Device: cisco 877 (C870-ADVIPSERVICESK9-M), Version 12.4(24)T1 Current working code below...

Hi, pretty much the title says it all. Is it possible to run HSRP while using the zone based firewall or do you have to use CBAC? Two routers I will be using: 881 and 877. The only info I could find was a bit confusing. see below... "Note: High Availability Stateful Failover supports only...

Thanks for your input, in the CBT nugget and Train Signal videos they suggest you use one or the other (ZBF or access lists on the interface) but not both. On the other hand in the Cisco ZBF Technical Discussion PDF they say you can use both but the access list gets processed first... from...

Hi, based on the config below (correct me if its wrong) we currently port forward all SMTP extended traffic from any IP address only if it is addressed to our email server. hardware: cisco 877 ADSL router IOS: C870-ADVIPSERVICESK9-M, Version 12.4(15)T9 ip nat inside source static tcp...

Sorry, I should have been more clear, I want to restrict what VLAN's can access the GRE tunnel. Easy VPN server example below. Easy VPN clients do not have any access to my VLAN's until I do the following: zone security VLAN1 zone security EASYVPN policy-map type inspect PERMIT_IP class...

Right, thanks people. Got the GRE tunnel up and working! Not sure if I should tack this next bit onto this thread, but since some of my config is already above.... How on earth do I secure who can access the tunnel? site1 site2 =====...

Ok, no luck removing 'crypto map VPN-GRE' from the Dialer 0 interface. But once again as soon as I add 'crypto map VPN-GRE' back to the interface the VPN LED lights up with no access through the tunnel. Any other ideas?

I am trying to setup a GRE IPSec tunnel between two sites. Note. WAN IP are made up. hense the 259.... Site 1 ====== cisco 877 with Advanced IP Services VLAN1=172.16.0.0 / 16 Site 2 ====== cisco 877 with Advanced IP Services VLAN1=192.168.30.0 / 24 The VPN LED on the 877's light up after I...

Yea, the only difference on some of the interfaces seems to be the speed. So I thought maybe they might behave differently internally or something.

I want to set up a router on a stick between a 1801 router an 2950 switch. Looking at the router it has: - ADSL over POTS - 8 port switch - 10/100FE WAN port Does the 10/100FE WAN port have to used as a WAN port? Or can it be used for what ever I want it to... like a layer 3 LAN port for...

I'm not sure how to setup VLANs with a zone based firewall: Scenario -------- On the network there are: 1) Common devices that all VLANs need access to (printers, scanners ...) 2) Servers that only some VLANs need access to (sales, admin, production ...) 3) Guest VLANs that should only...

Thanks everyone, I did do alot research. Maybe that was part of the problem... the more I read the more people mixed terms (not in this forum) making it look conflicting and confusing.

Yea thanks everyone, I did alot of research. Maybe that was part of the problem, the more I read, the more people mixing terms etc (not in this forum) which looked conflicting and made it confusing.

ADB100, I know why PC's need a default gateway, to communicate with an 'IP' address. 'IP' meaning not layer 2. And My swicth is layer 2, so the switching side knows nothing about IP. If the default gateway was a MAC address that might make sense at layer 2, but not an IP address.

Thanks, ok so my 2950 is only layer 2, so why does it need a default gateway?