Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Dear All,I have some design questions that related to CE-7326 with ACNS 5.4 and its embedded Websense s/w ver 5.2 the questions are:1) is it possible for the embedded websense s/w to block any TCP user traffic? if yes, does it use the TCP RST flag te...
Dear All,In fine tunning the IDSM/IDS for false positive alarms, I have configured the IDS/IDSM for "Event Filter" the false alarms and at the same time I have conmfigured my IDS/IDSm fo shunning/Blocking various networking devices (PIX/Router...
Hi everyone,I have AP1200; also I am using a PEAP as an authentication protocol and ACS3.3 as AAA server. I have configured several VLANs on the AP (say for example VLAN 10, 20 and 30).My question is, can I use the ACS to assign a dynamic VLAN per au...
Dear all,I have two cat4006 with sup III in my network, the two switches are connected to gether, also interface Vlans are configured on both switches with HSRP configurations. below is a sample of the configurations for the two switches:C4K_Pri#!int...
Dea ALL,I have CW2K integrated with HP OpenView NNM ver 6.2 on the sam Solaris 7 M/C, the OpenView do the network discover and CW2K imports the discovered cisco devices from it, CW2K does not do any discovery process.With the HP is doing the discover...
Thank you Marcoa, for your response.Marcoa, you said "In 4.x if the alert is filtered, then the actions (like blocking and tcp reset) are also filtered", does this applies for all filtered signature regardless if the filtring action is configured for...
You can use only one standby group per VLAN, i.e you can span the same standby group on the whole switch if it has multiple VLANs configured, provided that the standby group used once per VLAN.
Thanks for the reply I applied what you said and it worked fine.but I wonder why it works? since the access list is in the inbound direction and it permits a subnet that is not sourced from the attached interface (i.e it permites 172.20.5.0/24 as the...
I have put the the "log-input" command at the "deny any any" at the end of the access list, and it shows that the access list drops any packet come from the 172.20.5.0
