On Mon, 21 Dec 2009, Chris Wopat wrote:
I'm changing MTU on some 7200s with PA-FE's to 1530 with the mtu
1530 command on the interface. To get OSPF to neighbor with a 2800
(no user settable MTU), I've put ip mtu 1500 on the 7200. In my
testing this works fine. Does this in any way prevent the
And don't forget - just in case this applies to you:
ip mtu 1500
does NOT apply to IPv6, you'll need to -explicitly- set ipv6 mtu 1500 as
well :-)
Reuben
(who recently found this out the hard way with IPv6 OSPF)
On 22/12/2009 7:08 PM, Mikael Abrahamsson wrote:
On Mon, 21 Dec 2009, Chris
Hi All,
i have configure in my Cisco ACE 4710 2 types of tracking for the FT group
and the results are:
1. when i use ft track interface it works great.
2. when i use ft track host it is not working at all.
this is the config of the FT:
*ft interface vlan 10*
* ip address 10.10.10.1
Hello list,
I am trying to build a provisioning solution that uses Cisco CNS' initial
configuration facility. Initial configuration is a facility by which a
device, when booted with a minimal bootstrap obtains it's configuration via
HTTP(S). However, it seems there is scant documentation
Hi,
I tried to do something similar a while ago and hit a brick wall on API
documentation. It would be nice to see some if available.
Regards,
Eddie
On 22 Dec 2009, at 12:04, Brett Wooldridge wrote:
Hello list,
I am trying to build a provisioning solution that uses Cisco CNS' initial
eddie.lind...@synetrix.co.uk wrote:
Hi,
I tried to do something similar a while ago and hit a brick wall on
API documentation. It would be nice to see some if available.
I've had a lot of trouble trying to speak netconf to our 6500s running
SXI; the XML PI docs seem to be just flat-out
What I'm currently sending the device is this:
?xml version=\1.0\ encoding=\UTF-8\?
rpc message-id=123 xmlns=urn:ietf:params:xml:ns:netconf:base:1.0
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
edit-config
targetstartup//target
From: Mikael Abrahamsson swm...@swm.pp.se
If you set ip mtu 1500 then indeed it will not send any IP packets
larger than 1500, and since OSPF runs over IP, this is also affected.
But yes, you're doing the right thing (if the mtu 1530 command is
because you're running MPLS or something else
Hi,
The attack wasn't enough to crush a 100Mbps circuit but it was enough to crush
the web servers/database servers.
That is why I was looking for something smaller scale than say Arbor or
CiscoGuard.
thanks,
-Drew
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
I received my first 7600 (7609-S) with Sup720-3BXL for familiarization
today. The line cards are non-DFC. Previous IOS is on software platforms
such as the 7200 and 7500.
What are the additional buttons and knobs I should be looking for on the
Sup720? The only one I've seen jump out on the list
Radware DefensePro might be of your interest
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Drew Weaver
Sent: Tuesday, December 22, 2009 4:33 PM
To: 'Tony Varriale'; Cisco-nsp
Subject: Re: [c-nsp] Any good Cisco (or
What about some of the smaller Juniper SRX stuff? Just getting ready to
start using them and I understand they have some features in them for DOS
related attacks - no first hand experience specific to DOS stuff yet,
perhaps others on here can chime in or the IDP series possibly too..?
Paul
Hello all,
I am new to cisco (cisco 2800 series) so please excuse my ignorance. I have
the following acl applied to all inbound traffic on the WAN interface:
ip access-list extended WANInBoundACL
permit udp any range bootps bootpc any range bootps bootpc
permit tcp any any established
permit
abs wrote:
ip access-list extended WANInBoundACL
permit udp any range bootps bootpc any range bootps bootpc
permit tcp any any established
permit udp any eq domain any
permit tcp any any eq 22
deny ip any any log
When I run a port scan I see port 1720 as well as port 1863 open.
You can close h.323 (1720) with a config like:
!
voice service voip
h323
call service stop
!
- Jared
On Dec 22, 2009, at 6:34 PM, Steve Bertrand wrote:
abs wrote:
ip access-list extended WANInBoundACL
permit udp any range bootps bootpc any range bootps bootpc
permit tcp any any
the acl is being applied to my wan interface (hand off from isp).
i've applied it using ip access-group name in
i am performing the scan from an off site location on the external ip address
(wan interface). The scan was done on TCP. let me know if you need additional
info.
cheers,
abs
---
i tried what you mentioned that did not seem to close the port. i also tried
the following in the config but that didn't seem to work either:
voice service voip
shutdown
any other thoughts?
--- On Tue, 12/22/09, Jared Mauch ja...@puck.nether.net wrote:
From: Jared Mauch ja...@puck.nether.net
abs wrote:
i tried what you mentioned that did not seem to close the port. i also
tried the following in the config but that didn't seem to work either:
voice service voip
shutdown
any other thoughts?
Show the relevant config bits, and the command you are using to scan
(along with the
Dear Friends!
I have the following scenario.
(Customer Cisco Router)--Ethernet-[Routed CPE]---RF
Media-(ISP Cisco Router)--Ethernet---(ISP Cisco BRAS)
My Requirement is to Dial PPPoE Connection from Customer Cisco Router. But
because of Routed
19 matches
Mail list logo
