Cisco

22K

Solutions

14K

Contributors

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Share tech news, updates, or what's on your mind.

Sign up to Post

I had to reload Windows 7 using the recovery partition.  I've loaded Cisco AnyConnect which connects fine, but when I try to RDC to a machine using it's name it doesn't work; it does work using the IP address.  Everyone else that uses the VPN connection can RDC without issue.  Suggestions?
0
Windows Server 2016: All you need to know
LVL 1
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Hello -

I am trying to deploy Cisco's AMP client to a group of test users. I wasn't sure if I should use a new packaged setup or new Application. I want the client AV to be installed /s (silent) and put a shortcut on desktop GEI_IT_Protect_FireAMPSetup.exe /s /desktopicon 1.

What is the best way to deploy this out?

Thanks,

nimdatx
0
Hi,

I'm receiving the attached error and would like to know how do you actually verify connectivity between these two? I mean the servers can ping and communicate on all ports, but is there a way from GUI/CLI to try to reconnect them?

Thanks,
ELM-Server-Error.jpg
0
Hello,

I'm trying to understand the basic route concept on cisco router.

ip route 0.0.0.0  0.0.0.0  10.10.10.1

If I do the above command, would all the traffic will  forward it to 10.10.10.1 ?
0
I just configured   client vpn on an Cisco ASA device but when I connect to VPN  I  see the lan subnets but I am unable to browse the internet or  ping any IP address on the Internet.
The IP Pool is 10.69.1.0/24  
There is  Core switch and the Firewall I have uploaded the ASA configuration.
ASA-Version-7.docx
0
We recently moved our CUCM 10.5 publisher to another data center. Call have been mostly good.
But we ran into a period where callers were getting this recording
"Call not allowed due to restrictions on your account". Can the Cisco
Unified Communications Manager 10.5 possibly be responsible for
that recording? Or would that indicate a problem at the provider?
0
We have a asa5510.  Can you tag or vlan a port on this device. If so, please provide detail syntax.
0
Hello,

I would like to setup a VPN connection from home office to our office and I'm new to networking.

What are network  hardware/software  I needed?

From home-   Need VPN client

From  Office - Router to terminate
                         VPN server software ?
0
Is there any cisco switch which can take the full internet BGP table?
0
Hi I am trying to install ASDM in PC Windows8. After getting page(please see attached picture), I clicked on "Install ASDM Launcher" and then finish all steps. But ASDM shortcut not showup on PC desktop. It is normal? How to start the ASDM ? Thank you
Capture.PNG
0
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

This question is in relation to a previously posted question I posted a few months back regarding cross-stack EtherChannel between Cisco 3850-12s & Cisco 2960x switch stacks. The original question related to the theory that I was trying to achieve, whereas this relates to a few configuration issues I'm having. I thought it would be more relevant to post a new question.

Setup is a follows:-

- 5 x Cisco 2960x stacks (lowest stack count = 2 switches and highest stack count = 4 switches)
- 1 x Cisco 3850-12s stack consisting of 2 switches

Each 2960 stack has at least 1 x fibre link to each 3850 in the stack (4 x links per 2960 stack), my questions are as follows:-

- I have conflicting information as to whether or not PAgP is supported in a cross-stack EtherChannel model, can anybody confirm for 100% what the stance is on this? I have read conflicting Cisco documentation, one article has categorically confirmed that PAgP ISN'T supported whereas I have also read cisco config guides with the examples given using PAgP? What gives? I have no problem in using LACP, it's just that my environment is 100% Cisco, so I thought PAgP would be nice.

- What are the best practices for spanning-tree configuration when it comes to EtherChannel? I see each EtherChannel as 1 x logical link, therefore is spanning-tree actually required? If so, does anybody have any experience with this kind of configuration?

Any help and advice would be greatly appreciated.

Cheers,
0
Hello,

I am trying to setup my server and  datacenter nework admin told me configured the VLAN and network segement which I have requested, but after I connect my server, I can't ping anywhere or  from outside I can't ping. I was trying to do ARP  from neighbor server and couldn't get the ARP address.  What else data center networkin can check? I am not sure what to ask, he told me everything looks from his end. I can't even ping gateway.  Can we ping from switch ?
0
I am attempting to connect a Dell PowerConnect 2724 on port 24 to Cisco 3560G on port Gi0/3. I want to be able to pass through traffic from VLANs 30 and 34 which already exist on the Cisco switch. How do I need to configure the ports I mentioned above? Basically we are using this switch in our location to connect laptops to do imaging and other work. Thank you for any help you can provide!
0
In windows if you want to see what certificate came from the radius server to your PC in order to be able to connect to WiFi, how would you do that?
0
Hello,

Can we configure IP address on cisco router 2900?
0
Hello Experts

We are in discussion with our ISP to connect the remote branch office with the HQ. We have decided to go with MPLS IP VPN.
Hence, I need know what configuration I need to on the Customer Edge ( HQ and Branch). ISP will provide there router equipment on the branch side.
What information should be provided to ISP ? What IP Subnets and VLANs I need to setup on our layer 3 switches


Please advise me because this is the first time to take this service
0
We have a UC520 ver 12.4

Currently I have a ephone hunt group that goes through a list of numbers to dial.
its tied to a external phone number door buzzer .
I would like to change that to a parallel so all extension listed ring but the parallel option is only available on voice hunt group not ephone hunt.

 ephone-hunt 1 sequential
 pilot ******** secondary 110
 list 103, 100, 125, 116, 109, 101, 111, 114, 122, 102, 127, 128, 107, 106, 105, 119, 108
 final 103
 preference 1 secondary 7
 timeout 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20

here is an example of a internal hunt group (not tied to external number just extension 200)

voice hunt-group 1 parallel
 list 100,101,102,103,104,105,106,107,108,109,111,112,113,114,115,116,117,118,119,120,121,122,124,125,127,128
 timeout 6
 pilot 200

Basically I need to combined these 2 types of hunt groups into one that works for me.
Door buzzer dials phone number ******* which dials all listed extensions in parallel, and whoever answers first can buzz the person in.
0
Is there any way to debug certificate authentication on the Cisco ACS? I'm wanting to verify with certainty that one certificate is being used and not another when auth succeeds. But when I run the radius report I don't see any mention of the certificate itself altho it notes X.509 authentication was used. Thank you.

Also is there a way to debug certificate auth on a Windows 7/10 system? Or on Mac?
0
Hi Guys,

i have a Cisco IP Phone 7945 which is used for H&S reasons within a factory. the factory environment is very noisy and the staff can not hear it ring.

I want to use a bell or siren or flashing light or a speaker or something to indicate that the phone is ringing.

i have spoken to Cisco and have been advised that they do not sell any additional products which meet our needs.

so has anyone got an alternative solution? maybe some compatible hardware?
0
Free Tool: Path Explorer
LVL 9
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Hi All,

I have two HP Switches model HP 3800 and I want to login into them so I can see its configuration. I have a program called "Putty.exe" but the previous network engineer uses this program to connect to our switches (HP and Cisco switches).

I watch some videos but I am not really sure how to use. Any advice?
0
I have comcast and was downloading at 50 mbps and upload at 10 mbps.
I upgraded to the 75 mbps down and 15 mbps upload.
I have a Cisco 4321 IRS router, simple config


Here is my config

login as: admin
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password:

RONWGS#
RONWGS#
RONWGS#
RONWGS#sh run
Building configuration...

Current configuration : 2479 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no platform punt-keepalive disable-kernel-core
!
hostname RONWGS
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
enable secret 5 $1$iPVk$gTOHY8.VYdV8ovrQw/BdU/
!
no aaa new-model
!
!


ip domain name nwgs.biz

ip dhcp excluded-address 192.168.5.1 192.168.5.50
ip dhcp excluded-address 192.168.4.1 192.168.4.50
!
ip dhcp pool NWGS
 network 192.168.5.0 255.255.255.0
 default-router 192.168.5.1
 dns-server 192.168.5.9
!
ip dhcp pool Play Room
 network 192.168.4.0 255.255.255.0
 default-router 192.168.4.1
 dns-server 192.168.5.9 8.8.8.8
!

!
subscriber templating
multilink bundle-name authenticated
!
!
license udi pid ISR4321/K9 sn FDO18451BXL
!
username admin privilege 15 secret 5 $1$228R$4tFpppzTyK784mr6iAad2/
!
redundancy
 mode none
!
!
!
ip tftp …
0
I have a pix515e and no-one can access any websites on my servers so any help would be greatly appreciated. my config is below.

PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto shutdown
interface ethernet3 auto shutdown
interface ethernet4 auto shutdown
interface ethernet5 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 intf2 security10
nameif ethernet3 intf3 security10
nameif ethernet4 intf4 security10
nameif ethernet5 DMZ security10
enable password v3CR0jVS9GI1./as encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname ACCS-Pix
domain-name accs.com
fixup protocol dns maximum-length 512
no fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
no fixup protocol sqlnet 1521
fixup protocol tftp 69
names
name 192.168.5.x wigi.web.server
name 192.168.5.x ns2.tdwtech.com
name 192.168.5.x ns1.tdwtech.com
name 192.168.5.x wigi.email.server
name 192.168.5.x wigi.sharepoint.server
object-group network DNS_Servers
  network-object ns1.tdwtech.com 255.255.255.255
  network-object ns2.tdwtech.com 255.255.255.255
object-group network Web_Servers
  network-object wigi.web.server 255.255.255.255
  network-object wigi.email.server 255.255.255.255
object-group …
0
I have a cisco ASA 5512 wit the below config.

my problem is that I cannot access EXTERNAL URLs, INTERNALLY.

For example, I can OPEN OWA outside and use it normally, but I cannot open the URL internally.  I cannot configure outlook 2016 internally either due to (i would imagine) not even able to reach autodiscover.

I thought it was some sort of DNS issue outside the ASA but it's not.

I narrowed it down to an ASA config by pluggin in the old firewall.

any help would be greatly appreciated.  I'm new to ASA's/CLI, please be patient with me :)
ASA Version 9.2(2)4 
!
hostname global.com-ASAFW
domain-name global.com
enable password Ts8.2CaITYiEag9Y encrypted
names
!
interface GigabitEthernet0/0
 nameif Outside
 security-level 0
 ip address XXX.xx.xx.195 255.255.255.0 
!
interface GigabitEthernet0/1
 nameif Inside
 security-level 100
 ip address 10.0.0.2 255.255.255.0 
!
interface GigabitEthernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/4
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/5
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 management-only
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0 
!
ftp mode passive
dns server-group DefaultDNS
 domain-name global.com
object service 3389
 service tcp destination eq 3389 
object 

Open in new window

0
I have been trying to get this to work but no luck. below is my config

PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto shutdown
interface ethernet3 auto shutdown
interface ethernet4 auto shutdown
interface ethernet5 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 intf2 security4
nameif ethernet3 intf3 security6
nameif ethernet4 intf4 security8
nameif ethernet5 DMZ security10
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname pixfirewall
domain-name accs.com
fixup protocol dns
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
xup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list outside_access_in permit icmp any any echo-reply
access-list nonat-inside permit ip any any
pager lines 24
icmp permit any outside
icmp permit any inside
icmp permit any DMZ
mtu outside 1500
mtu inside 1500
mtu intf2 1500
mtu intf3 1500
mtu intf4 1500
mtu DMZ 1500
ip address outside 24.242.x.x 255.255.0.0
ip address inside 192.168.x.x 255.255.255.0
no ip address intf2
no ip address intf3
no ip address intf4
ip address DMZ 192.168.x.x 255.255.255.255
ip audit info action alarm
ip audit attack action alarm
no …
0
I have a web site on my IIS server, which was accessible on the LAN.  I have two initial goals:  
1)  put the IIS server in a DMZ
2) configure the router so that the web site is accessible from the outside world

I moved the IIS server from the LAN port on my router to the DMZ port.  The router initially had firewall rules allowing access to the DMZ for all traffic from Any to Any.  I created a rule that denies access to the DMZ for all traffic from Any to Any, and then created a rule that allows access to the DMZ for HTTP requests from Any to Any.

I then created a port forwarding rule to forward HTTP/ port 80 to the internal IP address of the server.

I still can't access the web site externally.  And I can't access or ping the server from the LAN.
Ideas on what I need to change here?
Cisco RV325 router

access rules
port forwarding
0

Cisco

22K

Solutions

14K

Contributors

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).