Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All,I have many routers (> 30) that currently uses EIGRP for routing. I am using 10.10.0.0 segment (example only) , and subnets exists everywhere. Topology is hub-spoke.So, in my router, the eigrp config look like below:router eigrp 100 network 10...
Hi,I have 2 x core switches with HA/redundancy (hsrp for vlans). The switches are linked via DOT1 trunk. 10 Vlans exists (vlan 1 to vlan 10). Core 2 hosts 3 active Vlans (with higher hsrp standby priority, lower in core2).Example:Core 1 ? Vlans with ...
Hi,I have created dummy rules to drop any events that is rated as normal activities such as when switch interface status changed to up/down everytime users on/off their PCs, or when firewall translation is expired once the connectivity/sessions is te...
Hi,Anybody experienced this scenario before? The devide that I added into MARS (Snort 2.0) does not appear in the device list. I need to modify/delete it as there was a mistake in the device properties/info. However, this device did appear in the net...
Hi,We recently migrated Server VLAN behind FWSM running in transparent mode.Before migration, access to mail server was working fine. All users accessing the email server are required to login.However, after this VLAN migrated behind FWSM, users are ...
What OS you're using right now?For WinXP, check the services, and verify that the cisco vpn service is set to automatically started. Else, change the settings to auto start everytime your power on your pc.Or you can also restart the service manually.
The access-list permitting icmp is to allow ICMP/ping packet to pass through firewall to the other segment/end.The "icmp {permit | deny} ip_address net_mask [icmp_type] if_name " is the command used to allow PIX/ASA to response to ping when it's dire...
Hi Lim,You're right on the symmetric routing as you need to ensure outbound/returned-traffic follow the same incoming path.In this case, both reflexive ACL & CBAC can actually marked the connection/session and allow returned traffic to use the same l...
Hi Lim,CBAC is good as well, considering the following features:1. Traffic Filtering: - filters TCP and UDP packets based on application-layer protocol session information. - permit specified TCP and UDP traffic through a firewall when the connec...
