Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I just learned that I can use a Fully Qualified Domain Name instead of just a IP address or address/netmask in a ACL in the FWSM and ASA product, but I would like to know how the details of this feature.Does the lookup happen once and then all the IP...
Is it possible to convert a Cat2948G from running CatOS cast4000.5-5-19.bin to IOS? If so, where are the docs on TAC? I would expect it would be like converting a Cat6500.
Has anyone sucessfully implement command authorization on a PIX or FWSM?My goal is to have three users (admin,backup,readonly) where admin user has all rights, the backup user can only issue the write net command, and the readonly can only do show co...
Has anyone sucessfully implement command authorization on the PIX or FWSM? I seem to be stumbling on the enable authentication part. I can sucessfully authenticate a tacacs+ user, but when I try to authenticate the enable command, my tacacs server ...
I am actually interested in the following:access-list 101 permit ip any host host.domain.comIs this possible, and if so when does the DNS lookup happen? Runtime, compile time? Every packet through the firewall?A bit of a thread I found: https://supp...
Does CSM 3.3 support the ACL optimization feature found in FWSM 4.0 so that only the delta change is pushed to the FWSM. I ask because when CSM currently checks with the running config and it would be different from what CSM pushed to the FWSM. Thi...
With the help from http://www.networkforums.netHere is a working configuration that allows command authentication for the PIX using tacacs+ version 4.4So that others may not suffer with the PIX like I did:accounting file = /var/log/tacacs/tac_log.txt...
