i have been asked to list a switch under radius control , some switches are already added under it but im supposed to add any switches that arent , can i simply add the same command to other switches? also the key is made of numbers do i just paste t...
Forum Posts
Resolved! Using SNS-3415-K9 as an ESXi Host?!
Hey guys!I have a SNS-3415-K9 appliance that we don't use it and were shutdown for god knows how long, Since ACS is not supported anymore and this appliance is totally useless, so I decided to use this appliance as a ESXi host! I installed ESXi 6.7 U...
Resolved! DNS/Split Tunnel
Hello, Let's say we split the internet traffic from the rest in ANY Connect, and let's say we don't want to use our ASA's network DNS Server to resolve internet domains but we wanna use it to resolve internal domain names, so how should we achieve th...
Resolved! Choosing ASA for my Home LAB
Hi,I have found ASA 5510 quiet affordable, but at the same time here that I checked it says it doesn't support version 9.x, but 5505 does, I think there should be a mistake?!https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/plann...
I want to block this mac address from my router : 00:50:8b:5d:29:7a Is there an ACL that I can use to do this
hello,i want to use 'no service tftp' and 'line console 0 -> login local' .but there is no command. model name is c3650 and 16.3.9 version please answer about my question.
Hi all, Does somebody has experience deploying WAN MACsec encryption with an ASR 1001-X on a 10Gbps DCI links based on MetroEthernet service? Main questions are:Is it stable or how many link interruptions do you have per year?Does it perform? (10Gbps...
I'm studying for the CCNA-Security exam 210-260 and I'm finding some inconsistencies in the material, especially on sample tests questionsThe one that I keep getting hung up on is which auth methods OSPF supports. One place says DES and MD5 while oth...
Anyone know what this syslog message from the ASA means?
Resolved! sl_def_acl ?
Hi to all,Does anyone knows what is this access list (sl_def_acl) ?I've found it making a "sh accces-list" command on a 837 Cisco router (IOS Version 12.3(4)).It seems to be taken in consideration if applied with the inspection command.There is a way...
The configuration I am applying to my Cisco 2911 is not performing twice NAT correctly. I need to have the source and destination IP address on the inside interface NATTed before exiting the outside interface. The original destination address is no...
Resolved! CCNP Security - SISAS 300-208
p.137 of Aaron Woland's book, Fully Distributed Deployment"In the four-node deployment, the maximum number of PSNs that can be associated to the combined PAN+MNT is five PSNs, making it a seven-node deployment."If my understanding is correct, I woul...
Resolved! I need a fix for CVE-1999-0524
Vulnerability name: CVE-1999-0524Vulnerability scanner IDs: 10114Description: ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.Solution Name: ICMP Timestamp Request Remote Date DisclosureSolution Description: Fil...
My company is rebuilding the DMZ model, my subnet will be primarily due to the core level DHCP switch and the firewall asa I use primarily to give the internet subnet, nat and the route for the VPN network to see each other, but there is one thing A...
Hi, I am seeing some weird behavior on our proxy, which establish connection on port 444 . We have allowed this port only on transparent re-direction configuration but not in access policy. During my test i can see the connectivity is established to ...
