Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. rbradely

    Need NAT/Reules help with VPN and RPC email access

    no it will not route external name resolution requests to the external DNS. The forwarders configured on your DNS server is how external resolution will take place. What ACLs are configured? >I actually had it working, but zapped my config again since an ACL was halting 80 and 443 requests...
  2. rbradely

    Setup Home Networking

    No that is not how CBAC works, although it may look that way. Packets entering the router are inspected by CBAC only if they first pass the inbound ACL. You are not expecting any traffic inbound. For outbound packets CBAC creates a temporary opening in the ACL. The openings allow returning...
  3. rbradely

    ASA 5510 Access Rules and NAT\PAT ing

    Yes. the CLI works like this: User Exec Mode -> 'enable' cmd -> Privileged Exec Mode -> 'config t' cmd -> Configuration Mode. in Configuration Mode you can make the changes needed. 'copy r s' will save your changes. From Configuration Mode you can enter Interface Configuration Mode with...
  4. rbradely

    ASA 5510 Access Rules and NAT\PAT ing

    cisco#config t cisco(config)#static (inside,outside) tcp public.ip smtp private.ip smtp netmask 255.255.255.255
  5. rbradely

    Spanning-Tree Questions

    You can speed up convergence on these ports by using: switchport mode trunk switchport nonegotiate and if you are using RSTP add: spanning-tree link-type point-to-point
  6. rbradely

    Spanning-Tree Questions

    to force a port into becoming the root port you need to change it's port-priority for the vlan. Switch(config-if)# spanning-tree [vlan vlan-list] port-priority port-priority The value of port-priority can range from 0 to 255 and defaults to 128. A lower port priority value indicates a more...
  7. rbradely

    Need Help adding a 2950G

    default-gateway. This is why it doesn’t work. As described above the only way to gain telnet access is by plugging into a local switchport.
  8. rbradely

    Need Help adding a 2950G

    >i dont think default gateway is only used for management access in L2 yes in L3 no >cdp is layer 2 indeed. this is why when you connect two switches back-to-back they know each others information. if you are unable to obtain this information from a neighboring switch you may want to verify...
  9. rbradely

    Need Help adding a 2950G

    >but am unable to see the new one from any of the other switches Verify CDP is running. The only issue I’ve had with my 2950G and VLANs after clearing and rebuilding the flash is that VTP is running version 1. ip default-gateway command on a L2 device is only used for management access
  10. rbradely

    Setup Home Networking

    Basic NAT setup on Cisco router. (fa0/0=outside fa0/1=inside interfaces) access-list 1 permit 192.168.1.0 0.0.0.255 int fa0/0 ip nat outside int fa0/1 ip nat inside ip nat inside source list 1 interface FastEthernet0/0 overload this will translate internal hosts (192.168.1.0 255.255.255.0)...
  11. rbradely

    Need NAT/Reules help with VPN and RPC email access

    Problem 1. DNS resolution. Are these public DNS servers setup as forwarders? if so the route would be: route outside 0.0.0.0 0.0.0.0 19x.xxx.xxx.1 1 otherwise were are they located? do you have nat setup: access-list inside_local_nat_1 permit ip 192.168.69.0 255.255.255.0 any nat (inside) 1...
  12. rbradely

    Need NAT/Reules help with VPN and RPC email access

    yes you should only need https for rpc. the static cmd should read: static (inside,outside) tcp outside.ip.addr https inside.ip.addr https netmask 255.255.255.255 using 'interface' as the outside address will overload the outside interface. you are also overloading the interface with 'global...
  13. rbradely

    Need NAT/Reules help with VPN and RPC email access

    you will need a crypto map and isakmp configured and enabled to terminate your vpn connection to the ASA. on the email: static (inside,outside) tcp interface https 19x.xxx.xxx.xxx https netmask 255.255.255.255 is 19x.xxx.xxx.xxx the private ip address? outside_access_in would indicate it is...
  14. rbradely

    8021.x authentication problem

    'dot1x system-auth-control' you need this to enable dot1x on the switch. you will need to update your IOS.
  15. rbradely

    mac security question

    DHCP Snooping would be helpful.
  16. rbradely

    Setting up Cisco Pix 506 on Dynamic WAN?

    change ACL 105: access-list 105 permit ip 192.168.1.0 255.255.255.0 any add this cmd: dhcpd enable inside
  17. rbradely

    Which VPN/Firevall Cisco appliance should I buy?

    Yes, this is the reason I thought it would be a good option while keeping the price down. -Ryan
  18. rbradely

    Which VPN/Firevall Cisco appliance should I buy?

    ASA 5505 w/base license (under $450 USD each) -Ryan
  19. rbradely

    ASA 5505 Cant ping from ASA to inside host(s)

    by default XP will block inbound ICMP. Control Pannel -> Windows Firewall -> Advanced (TAB) ICMP Settings..(Button) first choice is to allow incoming echo request. -Ryan
  20. rbradely

    Accessing ASDM through VPN (IPsec site 2 site)

    Try: http <remote_subnet> <mask> inside management-access inside Even though you are coming from the outside I believe it appears as an inside address. You could try both, I’m sure one will work I’ve used it before. I currently use CLI over the VPN. These two commands allow it to work: ssh...

Part and Inventory Search

Back
Top