I use a router RV082 with load balancing. My problem is when I try to access a specific site, I get the error message that my IP address changes and I can not use 2 ip address. I want to specify an ip range to always use the same WAN port.
Is it possible to enable an absolute value rate limit using QOS on a HP ProCurve 5406 switch for a particular IP range on a specific port? Is there a way to configure our HP 5406 with an absolute rate limit on "WAN" port for that server's IP range? I would like to limit it to only being capable of sending 1Mbps worth of traffic over the head end at once.Everything in the documentation points towards priority queues, which as far as I can tell, isn't really what I want.Baring accomplishing this goal using rate limiting is there a better way to prevent our services from accidentally saturating this connection?i thimkong about somthing like that:
class ipv4 rate-limit-port-A1 match ip 10.136.0.0/16 any exit policy qos port-a1-ratelimit class servers-to-be-slowed action rate-limit kbps 1000 exit interface A1 service-policy port-a1-ratelimit inI'm not sure about this.
is it possible to shutdown a specific port on my 3750x and monitor this port at the same time .for example , im dealing with a mac authenticated network using port security , i want to shut down all the ports that are not used at the moment , however , if some one gets connected to the one of the shutdown ports i want to know the mac address of the user or atleast to know that i have someone who is just plugged in to the one of the shutdowned ports .
I want to know if is possible to publish a port of an internal server to be accesible from internet but only from a specific IP.I know that in Setup menu exists Forwarding but it allows to publish ports to all internet no matter the source IP.
I have RV042 router which is connected to the internet by both the wan ports and I want to use it as a load balancer so that both of my internet connections can be utilized evenly. But now I have an issue in this scenario as my remote application gets logout whenever the communicating IP address changes. Is there any way out so that I can specify the wan port used for a particular public IP address/domain name?
Each of the 2 WAN ports on my RV042G has its own dedicated public IP address. I would like to set up the router so that all incoming traffic on WAN1 is always routed to a specific server (=LAN IP), and vice versa, that particular server's outgoing. Internet traffic is always sent through WAN1.
It has to be controlled by IP address as the system in question is not directly connected to the router, there is a switch in between.
just getting started with ASA's. I've got my 5505 almost 100% configured but my port 25 forward to my Exchange server. Currently I've got an access list forwarding all traffic that hits the outside interface on port 25 to my Exchange server (access-list outside-in extended permit tcp any object mail-port-25 eq smtp). What I'd like to do now is say that only port 25 traffic from specific IP subnets gets forwarded. I thought I read that there's a couple of way to do this (from the inside interface, from the outside interface).
Also, what happens to port 25 hits that don't fall within the range I specify? Do they get a disconnect reply or do they just get ignored (no reply whatsoever)?
Edit: ...just to clarify, the allowed IP's I will be entering are the WAN IP's of my AS/AV service.
I'm using an ASA5505 (8.4(1)) and would like to block port 80 on a specific host in the LAN so machines in other remote LANs connected via VPN can't access this port on the host. Devices in the local LAN should have access to this port on the host. Here are the commands I'm using:
-access-list block_port extended deny tcp any host 10.20.10.20 eq 80 -access-list block_port extended permit ip any any -access-group block_port out interface inside
These commands are not working as I would expect them to. When I browse to http://10.20.10.20 from a remote machine over the VPN tunnel I am able to access the host web server.
I want to redirect internal web traffic (browsing) to an external web server for Web, Virus and Spyware filtering. Those externals proxies are running in 8080 port. I have one ASA firewall and a Cisco 2600 router. I was thinking in doing PBR in the router but in the next hop I can only set one IP, not an IP and a port. So how can I redirect web traffic to an external proxy listening in 8080 port?
I created a wlan just for our wireless IP phones.I assigned an interface I created which in turn was set to a specific port on company 2504 WLC. Connecting switchport is set to trunk. Right now I can't ping the voice wlan interface.
We are using catalyst 2960S Lan Base IOS on Radio towers. We just bought 50 Accest points, thas are GPS synchronized. Problem is the APs need to be connected on L2-mac betwen each other. But at this time we are using port isolation on each switch (tower) by protected port function to isolate clients from each other.
My question is, is possible to specifi a Mac addresses in specific vlan thats can comunicate betwen protected ports? On tower is one Master unit and others are slave. I thing there is only 1 dirrection comunication - from master to slave.
I am facing problem with ACE configuration. I want to redirect 443 traffic to my Proxy Server. But I am not able to do this. I want to redirect only subnet 192.168.80.0/24..Then only it is working but I dont have to have this policy to be applied on all the users only one subnet I want to have under HTTPS policy.
how can I apply the policy only on specific subnet so that port 443 traffic can be redirect and rest of all subnets can go direclty to Internet.
(Setup routing and iptables for new VPN connection to redirect **only** ports 80 and 443) Only my goal is a bit different. I am running a headless gui-less install of Ubuntu Server 12.04 that is being used for a variety of different purposes... I would like all traffic to travel un-prohibited through my ISP except for my transmission traffic. I have a VPN i subscribe to that allows me access for which I only want to direct a single port's traffic to. I am currently using a modified version of the code from the above link. My current code is below:
Need assistance understanding how in ASDM/Configuration/Site-to-Site VPN/Connection Profiles/ "Any Entry" I can specify that I only want to offer an IKE Proposal of pre-share-aes-256-sha?
The IKE Proposal field has a number of possible options including: pre-share-aes-256-md5, pre-share-3des-md5, pre-share-aes-256-sha, pre-share-aes-192-sha, pre-share-3des-md5, pre-share-aes-sha and pre-share-3des-sha.
I am able to pick a specific IPSec Proposal w/o issue but when I attempt to do the same for the IKE Proposal, and click OK the choice does not "stick" but rather returns to the entire list as defined above.
I've gone through a variety of diagnostics and I honestly don't know what to think. It's not my computer, as I can access the site on this computer on a different network. It's likely not the whole of my LAN network either, because my kindle can access the site through it. I can always access it on this computer with a proxy as well. I can ping it fine, and tracert it equally as well.I've tried everything from socket fixes, DNS flushes, getting new WAN IP addresses. When I got a new WAN IP address the first time the site was accessible once, and then it stopped again after that. I can't clone the MAC address from the router, because it doesn't allow it.
For some reason, there is a specific website that I cannot access. I am a member of the website and they have a community forum for contacting them and requesting support, but obviously I cannot contact them if I cannot access their site!
The website is [URL]. I read in another post that I should do the TRACERT command and post the results so I am doing that here.
Ever since last night ive not been able to get onto a site that i use every single day. I can get on the site through my 3g on my phone and ive tried it round my friends house and it works perfectly.Tried releasing and renewing my IP Address, no effect and have just ran a Tracert:
Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:UsersMatty>tracert olbg.com Tracing route to olbg.com [22.214.171.124]
Ever since last night ive not been able to get onto a site that i use every single day. I can get on the site through my 3g on my phone and ive tried it round my friends house and it works perfectly.Tri[CODE]