hello Guys,
I have 2 IPS to install in a network those 2 IPS i should install them in
promiscuous mode for testing then change their work to inline mode
according to inline mode i tried it in a lab environment and it did work fine,
but in promiscuous mode i couldn't get any events on the
Hi folks... if there is a better place to ask than here please let me
know...;)
I have a Cisco 871 at a client site with a 2 meg connection. We built a
site to site VPN (config below) which works perfectly... now the client
would like 4-5 remote access VPN sessions to be possible. I'm asking
Hi,
I'm not sure how well Easy VPN and VTIs play together but in very
general terms - with an old fashioned crypto map on your outside
interface - you want to do something like the following; associate the
dynamic map with your RA VPNs (vpn-users in this case) to the crypto
map applied
Dracul wrote:
a. Should my configuration involve route reflectors?
Nope.
b. Do I need interconnectivity between the 2 routers? ethernet or serial?
Which ever is the most cost effective way to get the capacity necessary
from one router to the other. IOS doesn't care. As long as your pipe
Did you setup a port mirror on the switch the IPS was connected to to mirror
traffic to the device?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ibrahim Alsharif
Sent: Tuesday, April 22, 2008 4:47 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] IPS
resync is one thingdrop is another.
In newer code we don't drop but we do resync. ;)
R1_#sh run | section router eigrp
router eigrp 1
network 0.0.0.0
auto-summary
R1_#config t
Enter configuration commands, one per line. End with CNTL/Z.
R1_(config)#router ei 1
Dear Rodney
yes that is EIGRP graceful restart feature which is supported since IOS
12.2(15)T . and i believe it is supported in all platforms
Jeff , can u provide us with show ip protocols and show version from your
router .
best regards
--Abo Zaid
On 4/22/08, Rodney Dunn [EMAIL
So what did you decide, Andy?
What are your greater concerns? Router failure? Link failure? How are all 4
connected without respect to BGP? In general, I'd just follow the physical
topology unless there's a reason not to.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Dracul wrote:
Hi All,
I'm building a design that involves having a 2nd BGP router to act as a
backup if something goes wrong with the main router (heaven forbid). I have
two peers to different ISP's. There are some questions I have in mind:
a. Should my configuration involve route
Hi folks...
We upgraded a PIX515E to a new OS a few weeks ago and now our static PAT
statements no longer work... scratching my head to figure how to resolve.
Old statement: static (inside,outside) tcp xxx.xxx.100.8 3389 10.1.1.200
3389 netmask 255.255.255.255
When I try to put this onto the
Paul,
Did you try static (inside,outside) tcp interface 3389
10.1.1.200 3389 netmask 255.255.255.255?
Eric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul Stewart
Sent: Tuesday, April 22, 2008 1:12 PM
To: 'cisco-nsp'
Subject: [c-nsp] PIX
Awesome! That's it... funny I thought I had tried that..
Thank you - everything working now...
Paul
-Original Message-
From: Eric Girard [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 22, 2008 1:22 PM
To: Paul Stewart; cisco-nsp
Subject: RE: [c-nsp] PIX Upgrade Problem
Paul,
Hey guys,
I've ran into a ridiculous problem that has me completely stumped.
Network is a standard edge/core/access/distribution network comprised of
7206,6509-sup7203bxls, 3550s3750s, and 3550s/2950s, respectively.
Distribution is pure OSPF, with 226 routes currently in area 0, while the
cores
Hi Randal
it is really a wired problem but i can suggest 2 causes
1- it might due to VSI interfaces or ARP table limitation problem
2- if you are running PVST , it might be due to PVST instances limitation at
this IOS release
but to make it clear lets gather some logs and statistcis
1- u
I have this vague recollection that there is a
documented 16(?) SVI limit for the 3550-12Gs
(8(?) for the non-Gs?). I presume after 16,
you get to do software routing of some sort
(and strange things can and probably do happen).
I've ran into a ridiculous problem that has me completely
Just for reference, Cisco just started enforcing that.
You used to be able to put in the numeric static, and traffic would not pass
if the global was your outside interface IP.
tv
- Original Message -
From: Paul Stewart [EMAIL PROTECTED]
To: 'Eric Girard' [EMAIL PROTECTED]; 'cisco-nsp'
Hi,
I decided to deploy having both edge routers in AS1 eBGP peer with both edge
routers in AS2 and iBGP between them locally as it gave greater redundancy
and faster convergence.
Physically I have two edge routers in AS1 and two edge routers in AS2, I had
the opportunity to connect them any way
Hi Randal,
We had a problem that might be similar to this with our 3550 CPEs some
time ago. All our affected SVIs were configured with VRF Lite. We could
reach the SVI address from both sides, but the box didn't do any L3
forwarding for these interfaces. It was doing eBGP to both sides, but
these
We just deployed a 6513E with a Sup720.
It is running IOS, but when it reboots it goes straight into rommon
and you need to type boot to get it to load... once you do that it
boots fine...
My worry is that this site has power issues...
Here is some output:
6513#sh boot
BOOT variable =
Are you using route authentication? We had issues with SVI VRF
interfaces with some recent specific IOS releases (worked in older
releases). If you are doing authentication and this might be relevant,
let me know and I'll fish up the details.
In our case, EIGRP with route authentication
Jonathan Charles wrote:
Configuration register is 0x2102
What is the output to the console before it drops you to the rommon prompt?
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at
Greetings,
For anyone that cares. It seems that the bad NPE-G1 was running 12.2.x
bootstrap code. Once they sent me one that was running 12.3.x and
12.4.19 IOS everything worked like a charm.
Thanks,
Jason
e ninja wrote:
On Mon, Apr 21, 2008 at 3:05 AM, Marko Milivojevic [EMAIL PROTECTED]
Hi,
We had faced the same problem. The image files were different on the two
SUPS. Both the SUPs should have the same image
s3223-ipbase_wan-mz.122-18.SXF8.bin.
Rgds,
Salil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Charles
Sent:
Nothing
Just rommon, immediately...
Jonathan
On Tue, Apr 22, 2008 at 10:03 PM, David Coulson [EMAIL PROTECTED] wrote:
Jonathan Charles wrote:
Configuration register is 0x2102
What is the output to the console before it drops you to the rommon prompt?
AMLIATLCORE#remote command switch sh boot
BOOT variable = bootdisk:s3223-ipbase_wan-mz.122-18.SXF8.bin,12;
CONFIG_FILE variable does not exist
BOOTLDR variable does not exist
Configuration register is 0x2100
AMLIATLCORE#
That may be it, how do we change it???
Jonathan
On Tue, Apr 22, 2008
Jonathan,
This should sort that out:
conf t
config-register 0x2102
end
copy run start ! or wr mem
sh boot
remote command switch sh boot
In my experience, if the RP shows the correct confreg value, and the
SP doesn't, a wr mem on the RP usually writes the correct value to
the SP.
cheers,
26 matches
Mail list logo
