i run a web server out of my home hosting a website that can get several hundred people visiting simultaneously. im currently attempting to upgrade my DD-WRT flashed WRT54G V2 router with a cisco rv120w in order to sustain more simultaneous connections (existing router locks up after a few hundred). due to the amount of spam i get on my forum, particularly from IPs originating from asia pacific networks, i block all access from those IPs utilizing the IP address and CIDR. the rv120w has starting IP and ending IP to apply a rule to, but id like to block using my existing addresses from asia pacific networks with their applicable CIDR.
I managed to block as much of the streaming video (using URL Blocks of .flv, .wmv, etc...) how do I block YouTube.com for 23 hours of the day (or allow access for 1 hour a day)...but maintaining all the other blocks intact 24 hours a day?
Also is there a way to block p2p file sharing (BitTorrent)?
I want to configure 5585x Active/Standby with 2 nexus switches utilizing VPC technology. New ASA 8.4 supports etherchannel so I want to plugin 2 cables from ASA1 to sw1 and sw2 and 2 cables from ASA2 to sw1 and sw2? Is this a valid design? how would I configure that? Any design document on that?
if I can do the following deployment using a Cisco ASA5510 security plus.
At this moment I have two interfaces in use one (outside) with the IP: 172.16.21.254/24 and the other (inside) with the IP: 192.168.4.1/24. Now the customer needs to connect another network that works with the IP segment: 192.168.0.0/22.
The IP segment 192.168.0.0/22 goes from 192.168.0.1 to 192.168.3.254 that means that there is no a overlap with the network segment 192.168.4.0/24. My question is: If I configure another interface in the ASA that works in the segment 192.168.0.0/22 the routing table will auto-summary the network and merge it with the network 192.168.4.0 or will it leave the networks apart??
I don't user dynamic routing protocols but I cannot do the changes if I have doubts because the network 192.168.0.0/22 is a the Network for the Factory Automation Systems.
I'm having some issues calculating CIDR notation, I'm just not able to get a solid grasp on it. [URL] but I'm not seeing how to calculate it. how to calculate it?
I'm configuring my new ISP-provided Ubee DVW3201B Home Gateway. In doing this, I'd like to set up my own home network configuration which uses classless subnets. (i.e.: A subnet mask of 255.255.255.0 in 172.16.x.x IP space.) However, I don't see any options in the LAN configuration which allow me to set a custom subnet mask. Is this a feature not available on this device? Does it default to classful subnet masks, or only use a /24 mask?
Every time I see one of these words in a text book I start thinking 'isn't this the same thing as CIDR?' or 'isn't this the same thing as Route Summarization.'
We typically use the 2602 series AP in lightweight mode, however I have a scenario where we are going to be installing one with the stand-alone software. I understand that we will not be able to utilze certain features that you get with the WLC such as RRM, rogue detection, and clean air.
We do want to utilze both the 2.4GHZ and 5GHZ bands. In order to do this with the 2602 stand-alone AP, will we have to configure 2 separate SSID's? I really do not want to do this to if I do not have to to minimize confusion for clients.
I need to be able to reach the LAN 192.168.1.0 from 192.168.3.0 for TS but cannot get this to work. I can ping from within the switch all around and i can ping from within the woodlawn router all around but cannot ping host to host.
We have just installed a Cisco RV120W behind a third party firewall. All works correctly now, but we are struggling to get the Quick VPN clients connected. I have enabled port forwarding for PPTP & L2TP over IPSEC on the third party router, but still cannot connect (the RV120W was previously used as a primary router & worked perfectly). What ports do I need to open on the third party router to get this to work correctly?
I just recently replaced an older linksys pre-N router with a RV 120W. I thought this would be a good choice as a more professional router. I installed this router last week and things seemed to be working normally for web browsing, though I was receiving more incomplete pages and broken graphics. Yesterday, I tried to watch a youtube video a friend had sent me and it would not play. I tried several other videos from youtube and other sources with the same result: stalled videos, partial played videos followed by a spinning wheel. It was late, so I figured something was going on with Comcast and went to sleep. This morning, I was trying to download Anti-virus updates. The updates failed multiple times. I then tried some videos again with the same results. I tried downloading .ZIP files from several sources, and while the file completely downloaded, each and every file was corrupted and unusable. Before I called Comcast to complain about my Internet being flaky, I unplugged the Comcast Arris TM502G device from the Cisco router and plugged it directly into my computer fully expecting the problem to persist, but the problem immediately dissapeared. The immediate evidence is that the problem lays with the Cisco Router. It appears that I can't make any changes on the Comcast device as it has a comcast public IP address and does not seem to have any web or telnet interface to change the settings.
- On the Cisco router, I disabled every non-essential service: VLAN, QOS (bandwidth profiles), IPV6, etc
- I updated the FW to the newest version the day I installed the router
- I power cycled the router
- I power cycled the comcast device
I need to resolve this issue as soon as possible, but I'm not sure what to try next, and I'm confused about my support options after trying to navigate Cicso's support pages. It offers live chat, e-mail support, etc, but everything I go into requires a contract number.
I had an interesting issue utilizing a monitoring software for our routers and switches. The monitoring tool indicated a few switches were down, however was unable to ping or telnet into them from the computer I had the software installed on.
We have the Linksys E4200v2 router. We have two servers on our network that we want to access remotely (from outside). We have two Static IPs from our ISP. We currently utilize one of those IPs to access one of the servers-no problem. How can we utilize the second IP to access the second server?
My company has a peer to peer network of 10 personal computers without a server. Operating systems from Windows XP to Vista. I've recently installed a Cisco RV120W Wireless-N VPN Firewall. It's configured in DHCP Server Mode with printers/copiers that have static IPs below the DHCP range.
I'm having a problem with certain stations being used for personal networking, shopping, etc. during business hours. Consequently I would like to limit internet access on these stations. However, some internet access is required because of online database software that's an integral part of our business. I've been reading in the Administration Guide about URL Blocking. Would it be possible to give static IPs to certain stations and then limit their internet access to 1 or 2 specific websites?
FYI, I've read about the Trusted Domains and Blocked Keywords but cannot quite understand how to parley this into the solution I need.
How can I prevent the user to share files with p2 programs (torrent, eMule, etc) and to chat via Instant Messaging, Facebook, Twitter, etc. ? I find a lot of suggestion, but allways related to 8.3 or older
We have a client that is running a PC on a internet over satellite. To avoid any unessecery traffic over the satellite link (data traffic is quite expensive), we've suggested to use a 5505, as we had one handy already.
So basically what we wanted was to block everything outgoing and everything ingoing, except for example port 22 (ssh).
But I'm struggling a bit, since this is my first cisco router to be configured.
My interfaces are as follows. Outside - DHCP Inside (port 1) - 192.168.1.1
I'm only running ipv4.
in ASDM I made a static NAT rule for port 22, being forwarded to 192.168.1.5 (the computer)
in Access rules I made under outside (incomming rules) source=any destination=outside service=ssh action=permit
But when I try to add further rules to block everything else, it takes the SSH on port 22 with it. How should I do this the easiest way?
I am runninng a ASA5520 and ASDM 6.2, I have recenly noticed some MSN traffic on our network. Is there a ASDM policy that I can apply to kill all MSN and Yahoo traffic ? I am looking to block this chat traffic on our network.
block skype 5.1 in my network. This version of skype doesn't need Administrator rights to be installed. In my network there are 2 ways to Internet, one filtered by a PIX 525 ver 6.3(3) and the other by a ASA 5510 ver 8.3(2). No IPS system present on my network.
I have the below policy-Map in my firewall,according to this policy map how can i block teamvirewer via asa 5520, i don't want the outside users to connect using teamviewer to their servers which is already ready up for teamviewer actions
i want to allow only 1 ip address to use team viewer (172.30.30.100)
class-map inspection_default match default-inspection-traffic ! !
I have an ASA 5540 , how can i block softwares like TeamViewer , VPN Adapters like Hamachi and all. Also , I have tried URL Blocking but i suppose ASA supports only HTTP url block and not HTTPS.
I'm using ASA 5515X my concern is I was not able to block the traffic of P2P such as BitTorrent etc. I was also view some technotes on how to use webfilter without using Websense or Smartfilter tools and lucky I'm able to block certain websites. how to block the traffic of P2P?
