Search results for query: *

Thanks for promptly reply. We will have around 400 - 500 Cisco Cat 3500 / 3700 Switchs. Another reason why I would like to partition of vtp domain is becuase some of network had nothing to do with core network, the only purpose is access Internet. I know pruning and remove vlan from trunk can...

Hi, everyone. Just wondering does anyone implemented multiple vtp domains? We are in process of upgrading our switchs to Cisco which will involve large number for switchs. As result, I would like to see if multiple VTP domain will help me on minimize the traffic of vlans database propagation...

Sorry the link does not work. This is updated link: Main: http://deccax.dreamhosters.com/logs/main.txt Remote: http://deccax.dreamhosters.com/logs/remote.txt

Thank you for promptly reply. The remote site is using dedicated leased line. I upload the show run to a website. I tried to keep it as original as possible but I have to delete sensitive command lines. The aaa is remote site, and xxx is main site. Main...

Hi all, thanks for reading this thread. I have question regards to site to site vpn using 2 pix. Currently I have a remote site with PIX 5153 version 7.0 (ASDM) installed, and is vpn to main site PIX 520 version 6.3.4. The remote site is able to initiate the vpn tunnel fine if the traffic is...

Thanks for the information. Jynxx, just wonder are you using HSRP for 2621, and 1710? Also should VPN tunnel will remain up even in the backup sitution? Thanks again, SL

Thanks for promptly reply. Yes, I was thinking about ISDN but I think VPN is cheaper and faster solution compare to ISDN (Bri). Any suggestion on configurations or reference I can find it? Is flooding static route or HSRP will work? Many thanks, SL

Hi I just want to know if anyone done a failover from Point-to-Point T1 to vpn before. I wonder if I have a Cisco router with VPN accelerate card or Cisco 2800 router install can I setup the router to failover to VPN link (site to site) when the router’s Point-to-Point link goes down. Any...

Hi, I have a question regards to NAT clients. I setup a Dynamic port translation for inside clients to access Internet. In the inside network, I have setup a system for sniffing the network and nothing else. However, from my IDS I seem someone is trying to connect to use ICMP hard error to...

Thanks for promptly reply. But my problem is user login name / password is authenticating against TACAS. Pix had no ideal of login information. Well PIX authenticate both the TACACS, and its own local database? Thanks for the reply… SL

Hey I have question about adding ACL to VPN clients. Currently I have Cisco PIX 515E (ASDM5.0) setup with VPN server. It authenticates users by accessing the TACACS server from inside network. However, I don’t know where to add the ACL for that user after it login. For example I would like...

Thanks, i figure it out. it was nat and route in 515e giving me the problem. regards, SL

In un-secure network: I able to ping 520’s inside interface from the workstation (192.168.254.40): 838: ICMP echo request (len 32 id 3 seq 37121) 10.100.10.40 > 10.1.1.1 839: ICMP echo reply (len 32 id 3 seq 37121) 10.1.1.1 > 10.100.10.40 Ping yahoo.com 216.109.112.135 Request timed out Show...

Thanks for promptly reply. The un-secure systems are NAT to secure address. These secure address are working fine if connect to secure network. * Un-secure 192.168.254.x <-- DHCP assign from 515e * 515e static NAT per workstation. example: 192.168.254.40 <--> 10.10.10.40 * 520 dynamic...

Hi everyone, I trying to setup test lab that is consist an edge firewall, and our main firewall. This is a setup: Un-secure network (192.168.254.x) <---> Cisco 515e (edge firewall) <---> Secure (main network - 10.x.x.x) <---> Cisco 520 (main) <---> Internet (Public IP) On Cisco 515e I also...

Thanks vipergg, It works, I pruning some extra vlan in cat3550 and the in-discard is decreased. However, I still reciving In-Discard in cat6500 like 70 / minutes Thanks again, SL Catalsyt 6500: Cisco6509>> (enable) sh port trunk * - indicates vtp domain mismatch # - indicates...

Hi, I have question about In-Discard in Catalyst 6509. I have a 802.1q turn setup between two switches (Catalyst 6509 and Catalyst 3550) the layout shows bellows: Cat6509 ------ Point to Point Laser ========= Point to Point Laser ----- Cat3550 Now I been receiving In-Discard in Catalyst 6509...

Hi, I just wonder what is the good number for thresdhold setting in Dashboard properties? Or how to define a health network and set it up as baseline to compare the current network. In my alarm log i getting a lot of Octts/s: alarm. and utilization over 85% thanks in advancce SL

Hi all, Currently I experienced problem with my snort. I am running it no Fedora 2.0, and snort 2.2. It was working find few weeks ago until I updated the new rules set, and configuration files. Now, when I open up my ACID, I getting Sensors: 0 in the ACID and no alert been received. I check...

Sorry post in the wrong section.