Category: Cisco

Cisco Tricks, Tweaks and what you need to work with

Cisco Firepower Time Zone settings

Before you start to run an IPS module time is a key factor to aggregate your ips and firewall logs. Therefore NTP is quite handy. unfortunatly it is not possible to see on the spot where you can change time…

Cisco – dot1x port configuration

Radius connection interface GigabitEthernet0/1 aaa new-model ! aaa group server radius ISE-RADIUS server name ISE-KEY ! aaa authentication dot1x default group ISE-RADIUS aaa authorization network default group ISE-RADIUS aaa accounting dot1x default start-stop group ISE-RADIUS ! ip device tracking !…

Protection ACL for WAN INTERFACE

An protection ACL for WAN interfaces ip access-list extended PERIMETER-IN remark ANTI-SPOOFING deny ip INTERNAL NETWORKS any remark BROADCAST deny ip 0.0.0.0 0.255.255.255 any remark RFC 1918 – private networks deny ip 10.0.0.0 0.255.255.255 any deny ip 172.16.0.0 0.15.255.255 any…

Layer 2 over Layer 3 with IPSEC

I am looking for a suitable solution to connect several VLAN’s between two sites that run over a Layer 2 link by Deutsche Telekom. Unfortunatlly my company has requested encryption on this link even though it’s privat. And now I…

php html dropdown menu handling

Currently I do write a very simple PHP based web tool to alter VLAN configuration on a Cisco switch with php-snmp. Now I would like to have a coll button to do that. And this is the way forward: Links:…

Cisco – Login Banner

The Cisco banners fullfill different needs. I use them to get a clear indication where I am going to connect to and perhaps add some legal sentenses that a full monitoring of all incoming traffic will take place and that…

Cisco IP SLA – check virtual host

On a portable Cisco 819 router I have installed an IP SLA to verify that http://www.onemanearmy.biz/ipsla_check.html is online and reachable. In the end I am not interested on the outcome, and there are no actions following this IP SLA statement.…