Browsing articles tagged with "ios - Admins Goodies"
Dec 6, 2012
tom

How to whitelist external access to an internal webserver via Cisco ACLs?

This is our company’s internet gateway router. This is what I want to accomplish on our Cisco 2691 router: All employees need to be able to have unrestricted access to the internet (I’ve blocked facebook with an ACL, but other than that, full access) There is an internal webserver that should be accessible from any internal IP address, but only a select few external IP addresses. Basically, I want to whitelist access from outside the […]

Continue Reading »
Jun 12, 2012
tom

iPad revocable vpn access

I’m a programmer at my organization, but somehow got drafted into looking into some server stuff so forgive me of my ignorance: They want to give our sales people secure access to our internal sites using their iPads. This must be secure (obviously) but also revocable from the company’s side (if someone quits they can no longer access our network). I see from http://support.apple.com/kb/HT1288 that the iPad supports “RSA SecurID”, “CRYPTOCard”, and “Kerberos” authentication methods. […]

Continue Reading »
May 18, 2012
tom

Why is my router CPU at 40% when no processes use more than 2%?

I have a problem, I have a Cisco 1841 running Cisco IOS 15, and I get strange behavior. The CPU usage is shown as 40%, but there is no processes that is using this much CPU power. Here is an example: lev1841#show processes cpu sorted CPU utilization for five seconds: 41%/39%; one minute: 42%; five minutes: 32% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 96 88 147299 0 1.11% 1.04% 0.92% 0 Ethernet […]

Continue Reading »
Apr 29, 2012
tom

What “reachability” means in a routing table?

Check this routing table track 1 ip route 10.46.52.5 255.255.255.255 reachability ip route 10.1.0.0 255.255.128.0 10.243.222.1 track 1 ip route 10.1.128.0 255.255.128.0 10.243.222.1 track 1 ip route 0.0.0.0 0.0.0.0 10.11.70.2 name FW_INTERNET ip route 10.1.3.211 255.255.255.255 GigabitEthernet0/0.10 tag 20 ip route 10.1.5.1 255.255.255.255 GigabitEthernet0/0.10 tag 20 In the first route what does reachability mean? Asked by Ricardo Polo it just checking connectivity… Answered by sunils Check more discussion of this question. Bookmark on Delicious Digg […]

Continue Reading »
Apr 26, 2012
tom

Cisco AP Recovery mode – TFTP issue

I am booting without IOS and I get this prompt: ap: then I issue these commands: ap: set IP_ADDR 192.168.0.111 ap: set NETMASK 255.255.0.0 ap: set DEFAULT_ROUTER 192.168.0.1 ap: tftp_init ap: ether_init Then I want to copy an IOS image to flash: copy tftp://192.168.1.14/c1250-k9w7-tar.124-21a.JY.tar flash: But I get error: tftp://192.168.1.14/c1250-k9w7-tar.124-21a.JY.tar: no such file or directory But I have double checked everything, the tftp server is running, the IOS is in the tftp, the IOS image […]

Continue Reading »
Apr 23, 2012
tom

Debian 6 and OpenSwan does not work with iPhone as client

I have just installed OpenSwan on Debian 6.0, and configured it according to this tutorial: http://confoundedtech.blogspot.co.uk/2011/08/android-nexus-one-ipsec-psk-vpn-with.html There are many similar documents, and even though I change some of the parameters, I always end with the following error from xl2tpd, when I try to connect with an Iphone as the VPN client, using L2TP: Apr 22 16:31:25 debian xl2tpd[19713]: network_thread: recv packet from 212.183.140.62, size = 476, tunnel = 32857, call = 10067 ref=0 refhim=0 Apr […]

Continue Reading »
Jan 27, 2012
tom

Cisco IOS subnet mask using bit notation

I was wondering if it was possible to use bit notatiton when configuring interfaces, or just in general, within the CISCO IOS. I have friends and others swear that they’ve been able to before, but not able to remember how. I get errors when attempting so I was thinking maybe there’s a command to enable it if it’s possible. Example: Router(config-router)# ip address 172.16.0.1 /30 Asked by Tr0y CIDR notation can be used in IOS […]

Continue Reading »
Jan 4, 2012
tom

What does the Cisco ASA command “management-access” do?

I’m working with a Cisco ASA 5510. I changed the management interface to a different interface. I used the command “management-access” to get the new interface working, but the old interface continues to work. So I’m not sure what this command does. I thought it would make it so only the selected interface could be used for the web interface and SSH, but that is not the case. So what does it do? management-access grants […]

Continue Reading »
Jan 4, 2012
tom

What does the Cisco IOS command “management-access” do?

I’m working with a Cisco ASA 5510. I changed the management interface to a different interface. I used the command “management-access” to get the new interface working, but the old interface continues to work. So I’m not sure what this command does. I thought it would make it so only the selected interface could be used for the web interface and SSH, but that is not the case. So what does it do? management-access grants […]

Continue Reading »
Dec 22, 2011
tom

IP SLA on Cisco 1921 IOS 15.2T

Can someone explain to me why I cannot create IP SLA probes on a Cisco 1921 with the latest IOS (15.2T). It is clearly available for that IOS on that router model on the Cisco Feature Navigator … Router(config)#do sh ver Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.2(2)T, REL) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2011 by Cisco Systems, Inc. Compiled Tue 15-Nov-11 20:59 by prod_rel_team ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1) Router […]

Continue Reading »
Pages:12345678»