Just for the record. They are old, they are good, but they are end of life and we don't use them any more. How to do Packet captures on Cisco PIX. 1) clear the captures 2) clear and create the acl 3) create the captures SHOW
Cisco ASA and lot of email recipients
Those days we faced the problem that we recived a mail with approx 150 recipients. Somewhere in the communication it seams that a mail address is broken by the asa. On the Outside of the ASA you see following in the trace: Inside E-Mail Server (Blue) mail.example.com Outside E-Mail Server (Red) mail.asdf.com 220-mail.example.com ESMTP Server …
Cisco ASA and SMTP
We recently bought so new Firewalls to replace to aged Cisco PIX515e with some new Gear. We decided to use Ciscos new Firewall flagship the Cisco ASA Devices. Everything was fine after the replacement, we transfered the configuration from the old boxes to the new with the help of the Cisco Security Manager. Later that …
Access-based Enumeration (ABE) and Cisco WAAS
Access-based Enumeration (ABE) is a smart feature to let users see only the folders they have access to. But if you have Cisco WAAS deployed in your network please be aware you have to add a Dynamic share to the waas configuration so the waas knows about this. ----- EDIT BEGIN ----- 2010-09-17 We found …
Continue reading "Access-based Enumeration (ABE) and Cisco WAAS"
Cisco MDS 9222i with ACS
If you want to configure tacacs+ on the Cisoc MDS9222i Series you have to enable first the feature. After this the commands to configure the Tacacs+ are available. On the ACS side you have to configure the shell profile with the following role: If you feel this helps a bit or may be not ? …
Cisco WAAS and Tacacs+
How To use Tacacs+ with Cisco WAAS for Authentication. Configuration with the Central Manager Tacacs+ is configured in the Device Context at Configure > Security > AAA > TACACS+ Go to Configure > Security > AAA > Authentication Methods Go to Configure > Security > AAA > Command Authorization On the Accelerator CLI tacacs key …
WAVE-276 and the second Virtuale Blade
So finally with WAAS-4.1.3.55 cames out and you can conifigure a second virtual Blade. Nice;-)
DMVPN with Linux
I know since i discovered the DMVPN in 2004/5 this is a very intelligent combination of IPsec, GRE and NHRP. Many Thanks to the Guys at Cisco, Christoph, Frederick and all other. This week i discovered "opennhrp" on sourceforge. It took me a minute or two to have a VM with debian up and the …
NAT Order of Operation
Ein sehr praktisches Dokument: NAT Order of Operation Hier noch ein ergänzung von IOS Hints: NAT translation logging IOS Order of Operation
Belgien
War getstern für meinen Arbeitgeber in Belgien Router austauschen! Hat keiner gemerkt;-) Router Belgien
BGP – MultiHomeing
BGP Prevent becoming an Transit ASNo-Export CommunityCisco cisco01config show ip bgp summaryshow ip routeshow ip bgpcisco02config show ip bgp summaryshow ip routeEdgeRouter-Xedge01configshow ip routeedge02configshow ip routeFortiGateconfigget router info routing-table detailsTestsLinks BGP Prevent becoming an Transit AS The soution at hand is a Filter-list with AS-PATH access-list on the provider bgp session to let only local …
Patrick Marc's Networks 