Go Premium for a chance to win a PS4. Enter to Win

x

Cisco

23K

Solutions

14K

Contributors

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Share tech news, updates, or what's on your mind.

Sign up to Post

does "switchport mode trunk" command allow all vlan by default or I do I need to issue "switchport trunk allowed vlan all" ?
0
Concerto's Cloud Advisory Services
LVL 5
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

The VPN type is policy based since it appears route based is not supported on the 5520. I have researched a lot of resources but I'm currently stumped.
Thank you
0
how can i find out if the band i am using is N band or AC band? checking my controller it only shows 802.11 a/n and 802.11 b/g/n
0
I have not been able to verify that logs are being received on the centos 7 server using rsyslog

firewall has udp 514 open and listening same set on the cisco asa

cannot see why it is not working, I do sh logging and it shows how many TX are being sent via the trigger but cannot find on rsyslog server.
0
How to clear bgp if peers had exceeded the maximum number of prefixes configure and how to show maximum prefixes in cisco
0
Hi expert  

how to open , 443/UDP, TCP and DNS from socket to internet in the management switch.

should it do it in switch or firewall?

kind regards
0
I have 2 routers  R1 directly connected to R2. R1 has a loopback interface with ip address 1.1.1.1/32
However in EIGRP when I advertised the loopback network  I used:
router eigrp 1
 network 1.1.1.0 0.0.0.255

Now if I go to R2 routing table I see that route showing as:
R2#sh ip route eigrp
Gateway of last resort is not set

      1.0.0.0/32 is subnetted, 1 subnets
D        1.1.1.1 [90/156160] via 192.168.12.1, 00:06:20, FastEthernet0/0

***I thought it would show as /24 instead 32

Any idea ?

Thank you
0
Any Experts to explain the meaning of Default Networks in the routing tables below:

I see "*"  next to C* and D*
what does that mean ?

Thank you

R2#sh ip route connected 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, FastEthernet1/0
L        192.168.12.2/32 is directly connected, FastEthernet1/0
 *    192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C*       192.168.23.0/24 is directly connected, FastEthernet0/0
L        192.168.23.2/32 is directly connected, FastEthernet0/0
R2#

Open in new window


R1#sh ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

D*    192.168.23.0/24 [90/30720] via 192.168.12.2, 00:01:47, FastEthernet0/0
R1#

Open in new window

0
Hello,

We are using FreePBX, and have Cisco 525G2 phones, and we added a SPA500s sidecar, how do i configure extensions on it?
0
I currently have and run Cisco RV130W. I have purchased A RV340W to replace it. My question is am I able to backup the configuration form the current router and then upload it to the new router? Are there any pitfalls, suggestions, etc? Thank you in advamce
0
Identify and Prevent Potential Cyber-threats
Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Dear Experts,

I am tasked to do a simulation of my client's vpn.

I literally went and copy everything from the current router into the simulation test which is not what my boss wants.

So can anyone point me to what articles are available for me to understand what is VPN and what is required to setup a VPN?

I am very confused by the cisco commands like ike, crypto, etc...
0
Please recommend a good software tool to asses the wireless coverage in a area of 4000 sq feet having cisco wlc with five APs.
0
Dear all, We have 5-6 HP 1950 switches with weird OS, which does not allow friendly and commonly used CLI commands as the HP 2920 or Cisco IOS for that matter. 

We have an overly complicated network with 5 VLANS, we are attemtping to clean the VLANS and eliminate some. In the process we are attempting to configure the switches in a way where VLANs are assigned auto based on the device connected to the port (or MAC address for that matter). For example, if its a Mitel phone than the phone will be assigned the VoiP VLAN/ network. If its a PC then the LAN VLAN. 

Our phones are all Mitel 5360s. DHCP is done on a Meraki MX84 firewall, with the exception of the LAN, which is done on the DC/AD. 

Any ideas how to achieve this on the 1950s? Can this be implemented on other VLANs/ devices such as A/V VLAN with cameras and other devices or just Voice/ VoIP VLANs?

Many thanks for your help. 
0
I have 2 buildings each with their own ISP.  They both have ASA 5506Xs.  The switches are L2 only and there is no router on site.  Both buildings are connected via Fiber and each building is on a separate VLAN.  

Currently there is a VPN tunnel between the 2 LANs.  I have been asked to attempt to use the ASA to route between the VLANS.  There is a great instruction for this in another post and I have the ASA routing traffic between the VLANS (same-security inter and intra interface and the NAT exempt statements)

The problem is that the ASA seems to be blocking replies where it was not aware of the request.  For instance an Echo request is allowed through ASA 1 (10.10.10.1) from 10.10.10.10 to 10.20.20.20.  10.20.20.20 sends the reply to its default gatewy (ASA 2 [10.20.20.1]) who is unaware of the echo request and therefore seems to be blocking the echo reply.

My question is first if my assumption is correct as to the cause for the traffic being blocked and second, how to exempt the traffic between VLANS from SPI or otherwise solve this problem.
0
Working on a project, need to restricted access to a network. end users that our domain joined, as well as mobile users, can access the network.  i.e "users that have the Cisco any connect app" using AD credentials.

What would be best practice for restricting access for the mobile users?

These are some methods I have come across.

MDM Server - This would not work in this case, due to the fact that most of the devices are not owned by the company.
CA Certs
GPO
Profiling in ISE - Not sure if this works how I am thinking it would.

Any input in the would be greatly appreciated.
0
We have a new issue on our phone system.  If we receive a call and try to transfer it to another internal number, but that person cannot take the call...if we go back to the original caller and try to transfer the call a 2nd time, transfer is not available.  This all of a sudden started happening.  We are on CM version 11.0.1.22900-14.  Thank you.
0
Hi;
How do we find out if a given ACL statemet in acl set (Cisco) did have had a match in past, that this on running traffic if certain IP Address and port had a match?

Thanks;
0
Greetings.

I am trying to setup static routing and need some assistance please. I have two routers that talk to each other but I need them to talk to an additional router on a different network. Here is what I have. Router 1 and router 2 are a cisco 1841 and the other is an asus

Router1
FE0 172.46.23.1       255.255.255.192

I typed in "ip route 0.0.0.0 0.0.0.0 10.0.3.0"
I checked the routing table using sh ip route and I do not see nothing about 10.0.3.0 network.

ROUTER 2
FE0 172.16.46.       255.255.255.192


I typed in "ip route 0.0.0.0 0.0.0.0 10.0.3.0"
I checked the routing table using sh ip route and I do not see nothing about 10.0.3.0 network.
HERE is a 3rd router which is a SOHO router
internal 10.0.3.1

so I have configured static routing on the first router with the following.

10.0.3.1 and have forwarding setup on the router

i setup static interface for the asus router also
0
Hi

I need to setup two ports on my Cisco switch with lacp trunk ports. can someone advise on the commands.

I'm familiar with HP but not so much with Cisco.
0
How to Use the Help Bell
LVL 11
How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

I have cisco 3650-48FQ-S that has 4 sfp+ ports. I have 3504 Cisco WLC with one 10G RJ-45 port. Do 10GBase-T sfp+ copper Transceiver works/compatible with 3650 sfp+ port to connect to 3504 10Gig RJ-45 copper port? What is the part# to buy?
0
Hello,

I have an issue with one site connecting to head office. There are three other sites already having site to site VPNs with head office and they work reliably. There is not much to get wrong in the wizard, it is simple enough but with this site the VPN gets set up but the remote site is receiving no packets from the head office. Looking at the head office ASA I see it is receiving packets but sending nothing.
However, sometimes by rebooting one or the other firewalls (or even both) the VPN will work correctly for anything from a few hours to a few weeks before reverting back to the situation above.

All the branch offices are running OS version 9.6(1)

Does anyone have any ideas please?

Thank you.

Alasdair Barclay
0
Hello - we have Microsoft troubleshooting a DHCP-related case for us, and they're seeing traffic coming from an IP address that is tied to our ASA gateway firewall.  There are 2 subnets going thru our network, so there are 2 IP gateway IP's associated with our firewall - 192.168.1.254 and 192.168.5.254.  They're asking for the MAC address of the 192.168.5.254 IP.  How do I find this?  I'm trying Experts Exchange to see if its faster than asking Cisco.  I've Googled it for 15 minutes and am not finding the answer so far.

thanks!
0
This problem started about a week ago with 1 of my 15 Wireless Lan Controllers.  There are no errors and the controller just reboots itself.  I have monitored it this morning and it has restarted no less than 5 times in an hour.  Does anyone have any ideas why this would randomly start happening.  It comes back with no problems or errors.  Stays up for about 15 minutes and goes back down.  I have checked all the connections, but site is 2.5 hours away so I want to make sure I have a decent idea of a fix before we drive there.  We have had these in for about 4 years without any issues.  Never had an issue with this.  The software version is 7.0.220.0.
0
Dear Experts, we have 1000 users located at multiple sites.
- The Headquarter office includes 400 users, has Cisco Router 3925, not yet Firewall.
- Site A includes 200 users, has Sophos Firewall.
- Each of Site B, C, D, E has 100 users, only has Modem Internet, not yet Firewall

In Headquarter, the AD server (Win Server 2012R2) is ready but we are not sure about the method to join domain for ALL users. We have several questions as below:

1. MPLS-VPN leasdline and VPN connection, which one is better in terms of performance and cost?

2. In case we choose VPN connection, should we choose Site-to-Site VPN or Remote-Access VPN, and why? Which devices should we buy?

3. As my understanding, in VPN connection, the users who connected will use the Internet connection from VPN server, is it right? If so, will the VPN connection is suitable for 1000 users?

4. For the Domain diagram, which model should we use for high performance and availability? We intend to install Addition DC in Headquarter and RODC in each site? Is it okay?

5. In Headquarter, all servers are VM and we have Veeam 9.5 to backup, but in sites servers are physical. Which backup software is the best for physical AD machines?  
0
I have an older Cisco 7301 router from 2005; that I want to use in the new office as a temp solution.

It has 3 SPF GBIC ports.  Can I use any SPF transceivers or only Cisco specific.  I have few from Juniper 10GBASE 70C.  
Would that work?
0

Cisco

23K

Solutions

14K

Contributors

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).