Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About aydinnmu1
Stats
Member since
03-03-2015
32
Posts
10
Helpful
3
Solutions
Hi,
i couldn't see any other problems except vlan 9.
But i think you should summarize these lines.
access-list 141 permit ip any 192.168.103.0 0.0.0.255
access-list 141 permit ip any 192.168.104.0 0.0.0.255
access-list 141 permit ip any 192.200.200.0 0.0.0.255
access-list 141 permit ip any 192.200.201.0 0.0.0.255
access-list 141 permit ip any 192.200.203.0 0.0.0.255
access-list 141 permit ip any 192.200.204.0 0.0.0.255
access-list 141 permit ip any 192.200.205.0 0.0.0.255
access-list 141 permit ip any 192.168.110.0 0.0.0.255
access-list 141 permit ip any 192.168.111.0 0.0.0.255
access-list 141 permit ip any 192.168.112.0 0.0.0.255 wildcard mask more flexible than subnet mask. You can set more custom values. İt seems more complivated and read to hard. Best regards.
... View more
04-07-2016
12:41 AM
Hi,
eem doesn't support authentication parameters. You should select no authentication on server side.
or
you can write TLC script like this answer.
https://supportforums.cisco.com/discussion/11070866/eem-cisco-877-trouble-mail-server-action-and-smtp-auth
... View more
hi,
when you apply an acl in SVI to in direction, this affects source network its vlan id.
Host at VLAN 1 ------- SVI 1
Host at VLAN 9 ------- SVI 9
inbound acl affects when vlan 9 communication to other vlans.
access-list 119 deny ip 10.104.99.0 0.0.0.255 any log
this line block your communication.
Best regards.
... View more
Created by
aydinnmu1
in Intrusion Prevention and Detection Systems (IPS - IDS)
in Intrusion Prevention and Detection Systems (IPS - IDS)
04-06-2016
11:06 PM
04-06-2016
11:06 PM
Hi lotfi,
I think it has only way see ios version of your device by using snmp or http access. And this method must be closed for outside connection. I think all outside connection must be controlled by you. Default configuration ASA denied by all low security-level connection.
Can you check access methods to your device ?
... View more
04-06-2016
11:00 PM
Hi paterson,
Can you try "reverse-route" command in remote access vpn configuration
That command adds a route enty ,that defined ACL in configuration, in remote clinet routing table.
Best regards.
... View more
Created by
aydinnmu1
in Intrusion Prevention and Detection Systems (IPS - IDS)
in Intrusion Prevention and Detection Systems (IPS - IDS)
04-06-2016
04:58 AM
04-06-2016
04:58 AM
Hi,
How did they learn ios version ? snmp?
Thanks.
... View more
04-06-2016
04:54 AM
hi,
you should open that router in rommon mode ( use "break" button in keyboard). and change confreg number.
Default value is 0x2102 . new value is 0x2142 .
And reboot.
Then router will open with no configuration. (Because 0x2142 ignore nvram and startup-config is stored in nvram).
After you should copy config files in flash to running config and set new username and password.
That link include other confreg values.
http://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.html
... View more
Hi mukesh,
to create dmvpn hub and spoke routers , it must be exist l3 connectivity.
this topology has many redundant connection. and you can easily set up dmvpn.
-> you must set up l3 connectivity use l3 routng protocols,
-> create gre tunnel interface
-> create static or dynamic route entries for tunnel traffic
-> create nhrp map for hub and spoke routers,
-> create ipsec policy for dmvpn tunnels for encryted traffic.
-> apply ipsec policy in tunnel interface.
it is very good and well explained documentation for dmvpn.
http://blog.ine.com/2008/08/02/dmvpn-explained/
... View more
04-06-2016
02:43 AM
I think it is only way clear mac address previous port and connect again antoher port.
or you can use port security without sticky parameter.
Sorry, i think there is no dynamic solution.
Sincerely.
... View more
04-05-2016
06:58 AM
Hi,
i think you are under an attack. Find the attackers and victims and kill them all.
Just joke.
Seriusly, you resist some attackers. You can shun all of them with that command shun A.B.C.D.
You can write ACL deny all traffics from attackers.
Best regards.
... View more
04-05-2016
06:52 AM
Hi,
aaa works order of method types.
if no response at one method pass to another method and vice versa.
if fail at one method dont pass another method and reject.
you defined for authentication one method as group tacacs. and if tacacs authentication is failed you take a message authentication fail.
You should add to configuration
aaa authentication login default group tacacs local
or you should define an user in tacacs user that name is admin .
Best regards.
... View more
04-05-2016
06:42 AM
Hi,
Unfourtanetly, you cannot define one mac-address on multiple switchports.
Switches create mac address table to use source mac address and forward traffic to use destination mac address.
it is unproperly method and probably cause mac flap or another security-violation.
Best regards
... View more
09-02-2015
07:14 AM
Hi my friend, you must specify asdm file path your configuration. asdm image disk://asdm_version.bin I guess you set up your authentication use following command. aaa authentication http console Best regards.
... View more
09-02-2015
05:05 AM
Hi body, Please send your configuration: show runn all http show runn all asdm Sincerely.
... View more
04-07-2016
Hi, eem doesn't support authentication parameters. You should select no
authentication on server sid...
04-06-2016
Hi lotfi, I think it has only way see ios version of your device by
using snmp or http access. And t...
04-06-2016
Hi paterson, Can you try "reverse-route" command in remote access vpn
configuration That command add...
04-06-2016
hi, you should open that router in rommon mode ( use "break" button in
keyboard). and change confreg...
04-06-2016
Hi mukesh, to create dmvpn hub and spoke routers , it must be exist l3
connectivity. this topology h...
04-06-2016
I think it is only way clear mac address previous port and connect again
antoher port. or you can us...
04-05-2016
Hi, i think you are under an attack. Find the attackers and victims and
kill them all. Just joke. Se...
04-05-2016
Hi, aaa works order of method types. if no response at one method pass
to another method and vice ve...
04-05-2016
Hi, Unfourtanetly, you cannot define one mac-address on multiple
switchports. Switches create mac ad...
09-02-2015
Hi my friend,you must specify asdm file path your configuration.asdm
image disk://asdm_version.binI ...
Public Statistics
| Date Registered | 03-03-2015 11:25 AM |
| Date Last Visited | 08-18-2017 03:51 AM |
| Total Messages Posted | 32 |
| Total Helpful Votes Received | 10 |
