Type: Posts; User: ammo; Keyword(s):
Search took 0.05 seconds.
April 23rd, 2010 03:58 AM
Haha, by some funny coincidence, I just happened to stumble across this old bookmark thought I'd peek in... I guess I'm not the only one that had forgot about AO..!
October 9th, 2007 06:10 AM
Indeed, you are bridging, hence there is no need for the ip helper.
Your dhcp server should handle your wifi clients in a normal fashion (broadcast dhcp without relay)...
October 9th, 2007 03:13 AM
Couple of things:
-What version of IOS are you using?
-Show us the config of your wireless interface
-Are you receiving anything
You could always do a debug ip packet (match on port 67 and...
January 30th, 2007 02:18 AM
The "router in front for security reasons" way doesn't really hold ground anymore IMHO:
It used to be that firewalls couldn't hold the load of being the edge device; that isn't so true anymore. ...
January 16th, 2007 04:00 AM
You might want to have a look at the Cisco ASA 5505, ASA being the PIX newer replacement line, and the 5505 being the equivalent of the 501...
November 30th, 2006 03:00 AM
You'll need to define a global pool and use it in your nat instead of the nat "0" which tells the pix NOT to nat on traffic matching that acl...
Should look something like this:
November 28th, 2006 01:20 AM
You need a normal nat entry to enable inside traffic to leave on the outside interface.
November 20th, 2006 03:10 AM
Careful with the self-signed certificate; make sure users validate the certificate hash when they first log on and that they then install the certificate if valid. And of course, never continu on a...
November 18th, 2006 04:22 PM
You'll find better help over at the openbsd mailing list: email@example.com
1- make sure to search the archives (http://marc.theaimsgroup.com/?l=openbsd-misc) before posting
November 18th, 2006 04:19 PM
Don't dismiss basic or digest authenticaiton too quickly..:
Both will do just fine IF you use then inside an SSL connection...
November 18th, 2006 04:11 PM
Funny, I just assisted to a demo of pointsec this thrusday..!
Pointsec has versions of BartPE boot disk that are preset with the appropriate stuff to boot/read off a pointsec encrypted drive; it...
November 9th, 2006 02:12 AM
If you can't run a sniffer, just do the next best thing and capture on the pix itself:
I don't have the exact syntax in front of me, but it should run something like this:
November 5th, 2006 07:30 PM
Use a real throughput testing tool like ttcp; This tool is often included on linux (or in packages) and also availible as a windows port (http://www.pcausa.com/Utilities/pcattcp.htm).
This way you...
November 1st, 2006 02:16 AM
I routinely use Visio at work, although I despise it...
My personal favorite is LanFlow (EdgeDiagramer) from PaceStar (www.pacestar.com).
October 22nd, 2006 03:12 PM
Did you say DSL? Do they use PPPoE?
I'll bet you 10 antipoints your problem is with the Path MTU.
My coworker had the same issue a couple weeks back: dsl line, cisco vpn, cheap router.
August 20th, 2006 03:43 AM
Well, it's totally debateable, but I disagree...
The 80/20 rule doesn't stand much nowadays. Routing is fast enough that you're much better off segmenting your servers inside server vlan(s) and...
August 19th, 2006 04:20 AM
Depending on how well the dns server is configured, you might be able to do a zone transfer from it.
I'll leave it up to you to google how one does a zone transfer...
August 15th, 2006 01:21 AM
(Depending on what you meant by or if the emphasis was on "from a single node")
There are other means also:
1- mac table flooding: spoof enough source mac addresses to overload the switch's...
Indeed, you usually try to drop traffic as close to the edge as possible.
However, one reason for filtering out on an interface could be if you have a router with multiple interfaces and wanted...
Backtrack is really nice...
Our intent with port-security is mostly to prevent users from uplinking hubs or switches of their own. We'll limit each switchport to a single mac address (dynamicaly learned).
Indeed, we also...
Couldn't agree more.
People are claiming 2-factor auth to be the wrong, while in fact it is the right answer... if you keep in mind the original question; now they're changing the question and,...
We're currently in the process of upgrading our access layer switches to Catalysts 3560s, which offer the folowing layer 2 security features:
Ok, here it goes:
1- Install OpenBSD from ftp (stable branch).