I plan buy a virtual dedicated server, well as for anti-virus for it I am lost where to look for and what exist [what search]? any open source? url..is enough or needed additionally and other tools? Needed and software firewall to install?
Recently moved into the hardware firewall space and have a ASA 5510. Having some issues trying to get traffic through the box to my 4 dedicated servers. all the servers have static IP's and are connected to a private switch into one of the ethernet ports on the firewall(0/2). Public internet connection into another(0/0). 1 of my servers has a connection to the management port, and the public switch, and this is the one im trying to do the configuration on.
Im unsure what to set the IP address of my "outside" interface as. need to have RDP,FTP, HTTP traffic going to each of the 4 servers independently, pretty sure i can get the rules in place to allow this, but cant seem to get any traffic to go through the firewall to any of the other 3 servers.
I have a server that is running on 2003 and we are having a few problems and in the event log I am getting id101 with the message whats virtual is not enable and i am not sure what this refers to or how to sort it out.
I have one dedicated IP issued to my home, along with another dynamic one if I need it(but I don't use it). I have a webserver, mail server, and name server up and running on a single machine exposed to the internet with my static IP. I have a domain name registered to my IP address. My webserver and name server work great, but I am having difficulty with the mail server. In order to have mail work correctly, I have been told that I need to get reverse DNS setup for my domain (something I had neglected to do). My nameserver responds to reverse lookups correctly when issued locally, but it looks like queries from the internet never reach it (I think my ISP catches requests upstream). I contacted them and they put a PTR record in for my IP pointing to ns1.mydomain.com. This all works fine, but the thought occurred to me that if in my hosts file I put my MX record in as mail.mydomain.com., any mail clients that do a reverse lookup of my IP won't get mail.
I am taking a college course using Microsoft Windows Server 2008 Administrator Lab Manual. The labs assume that you are in a MS lab with the ability to connect to thier domain and servers. I want to create my own virtual lab to simulate MS environment so I can follow the assignments. I have VirtualBox installed. I am a completely new to servers and networking
I just bought this to replace a working Linksys but wanted gigabit so after reading a lot of reviews this is the one I picked up. So tell me what is the magic toggle to get port forwarding to work or virtual servers? I've configured them on Linksys, netgear, Cisco, etc 100 times with no problems. Nothing I configure on this confounded thing works. I've setup 6 port forwards, RDP, FTP, VNC and none of them work. Nothing. "Connection timed out" when trying to connect. This works on my other router just fine so its not my software, or my PC configuration as they have no changed. Ports are correct.
the difference between Virtual Servers and Port Forwarding on the DIR-825? I'm transitioning my router setup for a Tomato/MLPPP router to the DIR-825 and I'm a little confused on when you would use "Virtual Servers" and when you would use Port Forwarding? In the past, I've always relied on port forwarding to allow access to specific services on my LAN (ie. VPN, Apple Remote Desktop, etc.), so again, unsure what the Virtual Servers is used for?From what I can tell, Virtual Servers is for services that require a single port for communication (ie. a basic SSH setup on port 22) while Port Forwarding allows for the setup of services that require multiple ports (ie. VPN on ports 500 [UDP], 1701 [UDP], 1723 [TCP] and 4500 [UDP]). Is that the differences between the two configuration pages? It just seems odd to me to have two separate windows for just this difference? If that's the case, is there any reason I couldn't just use port forwarding, even for services that only require a single port (just to keep everything on the same configuration page, under Port Forwarding)?
I have seemingly tried everything! I am still getting vpn error 720 using windows client trying to connect to vpn server using PPTP. I am about to go out an buy another WNR200 because vpn works flawlessly on that router. I have 2 virtual servers set up, one for port 1723, the other for port 47(GRE). All the ALG check boxes are checked(I have tried them both ways, when they are un checked and I use port forwarding i get vpn error 800). I have tried with SPI enabled and disabled. No port forwarding set up for vpn just the virtual servers. Firmware is 1.34NA, 2010/04/16.
Region : Argentina Model : TL-WR1043ND Hardware Version : v1
I have read how to configure the Virtual Servers - Forwarding url...and added two entries, one for port 44612 and one for 32680 , my pc ip is 192.168.0. 100.Before I installed the router (my pc was connected directly to the lan connection) all was working just fine.And I double checked that the ports are not being blocked by firewall.
When can we have an upgrade to include 'Lookback' function for Virtual Server ? I understand both Build-120802 and Build-120926 does not support this Loopback feature. Without the loopback feature, we won't be able to test out Dynamic DNS URL is working or otherwise on local PC.
Region : Mexico Model : TD-W8968 Hardware Version : V1 Firmware Version : the last version of this web page, i forgot number ISP : TELMEX (infinitum)
i have some problems to configure the port forwarding in my router, don't it work ! but the port number 80 it works with my sub-domain in the internet. after i change this port to 8080 still dont work the port forwarding. the FTP server its ok.
Is there any way to configure 3825 to ensure that all packets have a source IP address that matches the correct source interface (similar to ASA's 'ip verify reverse-path interface')? Currently, we manage anti spoofing with a bunch of ACLs, however I'm looking for a more manageable solution.
I have many VPN sites using ASA5505 with broadband connection and terminating on a single ASA5550.I have a problem with one site. they are having poor performance. One of the issues I can see is an error on the remote ASA 5505.ive tried the reccomended fix using this command: crypto ipsec security-association replay window-size 1024.
We are runing PIX 535 with software version 8.02. In ASDM, I see anti-spoofing is diable in all interfaces. If I enable it, is there any negative effect? Can I enable it in DMZ, inside, and outside interfaces?
I have multiple questions about the PIX 525 software version 8.0(2) ASDM 6.0 (2)I am a windows network admin that is new to Cisco and routing in general. I have read through the forums and the Cisco documentation, but have not been able to fully understand the topics discussed within.
This option is currently DISSABLED for all interfaces.I know what ip address spoofing is, but what is the functionality of these options specifically? How does it work and should I enable it and for which interfaces? Second Question: Scanning Threat Detection - Auto Shun
I found this option in ASDM under: Configuration --> Firewall --> Threat Detection.Enable Basic Threat Detection and Enable Scanning Threat Detection are both currently ENABLED, but Shun Hosts detected by scanning threat is currently DISABLED. Also, the Networks Excluded from Shun field is empty. I know what the shun command does. I have used it many times when I have been fortunate enough to catch some piece of **** trying to spam my mail server or gain access to it.
What I am asking specifically is how does the Auto Shun work? Should I enable it and what are the potential consequences? Also, what exactly is a scanning attack?
I am not familiar enough with the PIX and with the topics discussed in the document to successfully apply the info within. Plus, I'm not sure it covers the kind of basic, all-inclusive bandwith cap I would like to put in place.
The goal is to cap the maximum internet (outside) bandwidth that inside5 can use to a reasonable percentage while allowing the other interfaces to have the remainder.
How would I go about this implementation? 2. Is there a way to allow inside1 - inside4 to use max bandwidth when there is no traffic on inside5?
I am probably, at least, the third owner of this device and I do not have an account with Cisco nor can my tiny (perhaps non-exsistant given the current economic state) IT budget afford any form of support or software licensing with them.My goal is to backup the IOS and ASDM data in the event that I have to replace the device due to a hardware failure.
I found a file transfer function within ASDM which allowed my to copy the files pix802.bin, asdm-602.bin and tfp from flash to my desktop computer. I also have a copy of the activation key info and my current configuration.
1. Have I backed up all the data/info I would need to restore this software and ASDM to another unit. 2. The activation key screen also has a serial number field. Is this the hardware serial number or is it for the software? and is it tied to this device specifically or can I use it to restore another unit if necessary? 3. Is there anything else I should do or be aware of regarding backup and restore for the PIX? 4. What is the tfp file?
We need Solution for disabling Anti-Replay on the Firewall for a specific tunnel. ASA 8.4(2) ) does not support disabling Anti-Replay on specific Ipsec tunnel , is it true , then if we want to disable Anti-replay , what we have to do in ASA5540 .
I have been doing network and computer work for a small public library which will soon be needing to change internet providers. Our planned route will be to have a fiber connection directly from our local ISP, but we need to figure out the best network hardware to accommodate this network connection.We currently have two HP 1810-24G switches connected to a Sonicwall TZ100 firewall as the primary router. The firewall/router connects to the internet with Cat6 connected to a fiber optic media converter. The media converter is on lease from the current internet provider so it will be gone.Our new ISP has said that they can provide a fiber connection in our building to an SFP port termination, which is their recommendation. Ideally, this would be an SFP port in a router or firewall. However, there seems to be very few options for routers with SFP and they're all incredibly expensive compared to a network switch with SFP. While I imagine we could just terminate the fiber optic connection into a cheaper switch with SFP and connect to that with the firewall, our network is further complicated in that we have a CISCO LifeSize video conferencing system which ideally runs best without running directly through the firewall, which can cause some lag and glitches in the signal it seems. I don't believe it's possible to have the router WAN interface connect through to the ISP with a static IP and PPPoE sign on as well as another network devices using the PPPoE and a separate static IP address, am I correct?Have I just over-complicated this network issue, and everything should just be run behind the existing firewall, or should I be able to find a different firewall/router or switch that can connect with SFP to the ISP?
I currently have CenturyLink (Qwest) DSL (12Mbps/896Kbps) and Comcast Cable (12Mbps/2Mbps) going into a Cisco RV08. I redirected all DNS traffic to the DSL line as an experiment with no decrease in web browsing speed. e are rural and speeds fluctuate considerably during the day. It seems like it's more of a response issue than a bandwidth issue. I would like to order a 2Mbps dedicated line from Comcast to use for DNS and VOIP traffic only, the DNS resolution times should be faster on that connection. There would be several tenants in this building using it for that purpose. The secondary purpose of this line would be for backup internet connectivity
How do I open all the ports for ALL of the ips on my dedicated server. I opened all the ports for the main ip that I RDP (Terminal Connection) into, but I can't seem to open the ports for the other ips that I got from my dedicated server provider.
I have an old computer that is currently running XP at 2.1GHz Athlon AMD with 1.5 DDR RAM, would I be able to turn it into a dedicated server? More importantly, should I? all I have is a small home network running a couple desktops and a printer off one and connected by a wireless router to the internet, would it make a difference at all in processing speed or connectivity on any of them?
In my restaurant, we currently have a password protected wifi network for customers and staff. The load is typically light, so it's worked fine. Now, we're putting in a new cloud-based point of sales system, which effectively means that I need a totally uninterrupted, high quality wireless signal running to the POS terminal (in this case, an iPad). If the terminal is sharing that connection with 15 customers Facebooking on their iPhones, I imagine we'll have some signal issues. I'd rather not install a second network dedicated to the POS terminal. Are there any other possible solutions, i.e. a way to give priority to the terminal over other connections? A way to "split" the existing network so only a portion of it is available to customers?
FYI, current network speed is 20/mbs 2/mbs, and the POS terminal requires a minimum of 7/2 mbs.
this company uses Vyatta firewalls, which are dedicated boxes. So I was sent home with a Dell PowerConnect 5448 (a 48 port switch) with the project of getting a similar setup going with the computers i have at home. I have the switch set up, everything's on VLAN1, management IP is 192.168.2. 255.255.255.0, Default Gateway is 220.127.116.11, and the switch is properly sharing the my internet connection between three computers. That part was easy. So now, one of them is going to be either reformatted and set up with Vyatta, or I'm going to virtualize it. Either way, I need to route all the traffic through that firewall box before it goes to anything else on the switch so I can have a functional firewall.
I'm trying to setup a server with two nics, one of which is connected to the network, and the other connected to a NAS via crossover. I've never done anything with subnetting, but I was thinking I could just set the main nic to 192.168.10.20 with a subnet of 255.255.255.0 and the other to 192.168.10.250 with a subnet of 255.255.255.240 and the nas nic set to 192.168.10.251
Am I thinking through this right, or is there a better way to do this?
I installed a new SA540 and configured some NAT rules for my Exchange server. Everything worked fine untill I did a firmware upgrade.Now the NAT rules won't work on my dedicated WAN.On the Optional WAN (load balancing) the NAT rules work fine.