About jason.drury

jason.drury · 03-24-2006

All,Is there a capture tool, similar to the Pix has, for routers? I am trying to access a router via ssh, but I can't. I want to run a "capture" on the external interface to see if the packets are reaching the router or not and/or being NATed along t...

jason.drury · 03-16-2006

Hello,We have a DMVPN environment for our remote offices, that use 2800 ISR's. We use gre tunnels along with HSRP to two different core VPN gateways. Some of our remote locations would like to have High Availability (load balancing isn't necessary) s...

jason.drury · 08-26-2004

On a Pix, is there a way to limit the number of connections (not just SYN) one host can make to mitigate a DoS attack? For example, don't allow an ip more then 100 connections in 1 second.Or can this only be accomplished with a Top Layer type device?...

jason.drury · 05-20-2004

Does anyone know what the 2560 blocks represent? In the PIX performance monitor doc, they describe the 4, 80, 256, 1550, and 16384 blocks, but not 2560. On one of our firewalls, the current count is at 1. SIZE MAX LOW CNT 4 1600 159...

jason.drury · 02-03-2004

Does anyone know of a document explaining how the Pix handles, in regards to state, uncommon IP protocol packets such as ESP, AH, OSPF, GRE, etc.? I'm concred with the traffic passing through it, not destined for the pix.I understand how TCP, UDP, an...

jason.drury · 03-17-2006

One of my ISP's said they only support BGP. I'm still waiting to hear back from my other ISP. Does anyone know if I can accomplish what I'm trying to do above using BGP?

jason.drury · 11-22-2005

Do you mean "does it have to be from the inside?"Regardless, you can tftp a file from either the inside or outside, it doesn't matter. Just type "copy tftp flash" and it will prompt you for the ip and file name.

jason.drury · 11-22-2005

This is probably not a firewall issue rather a dns issue. Can you ping "fserver" from your internal network and it resolves to the correct ip? If so, are your servers in the DMZ using the same DNS servers? If no to either question, you can add hosts ...

jason.drury · 11-22-2005

Actually, "pix" is the default username of the ssh user. The default password of this account is "cisco", and can be changed with the "passwd" command (same password if you have telnet enabled). Hopefully the person who has their password set to pix ...

jason.drury · 11-22-2005

If the PIX fails to communicate with the tacacs server after 3 attempts, it will allow you to login as the user "pix". This is the default local user when you enable SSH.

Member Since	‎02-03-2004 10:07 AM
Date Last Visited	‎08-18-2017 03:51 AM
Posts	15

User Statistics

User Activity

Capture/Sniffer Tool for Router?

DMVPN + High Availability Across 2 ISP's

Limiting the Number of Connections on a Pix

2560 Blocks

How Pix Handles UnCommon IP Protocol Packets

Re: DMVPN + High Availability Across 2 ISP's

Re: Pix tftp upgrade

Re: access the server by name not ip address

Re: Login Problem to PIX if TACACS fails

Re: Login Problem to PIX if TACACS fails