I am on a tight budget for a Cisco firewall. I am browsing and seeing some affordable options in the x600 series.
Please tell me, which series is best?:
1600
2600
3600
The higher the better?..
Also what about submodels, like is 1650 better than 1600?
And how can I tell how much DRAM each one can take up to?
We have the requirement to guarantee bandwith to one of our clients.
We have a large collection of vlans and we either need to guarantee bandwith to a set and from a set of IP's or a vlan.
We currently throttle using rate-limit but wan't to dedicate 2mb of our 10mb leased line to 1 client.
We are using a cisco 3600 running IOS 12.0.
Has anyone got any ideas as to how we can go about this?
Has anyone here successfully implemented two or more OpenBSD routers for the purpose of BGP'ing between two or more providers?
My intention is to have the following setup, each line is per provider:
--> BSD Router --> Switch --> Bridge Firewall --> Switch --> ...
'''''''''|'''''''''''|''''''''''''''|'''''''''''''''|
--> BSD Router --> Switch --> Bridge Firewall --> Switch --> ...
'''''''''|'''''''''''|''''''''''''''|'''''''''''''''|
--> BSD Router --> Switch --> Bridge Firewall --> Switch --> ...
The idea would be that I could lose any 15A circuit, switch, firewall or service provider and still remain up. Full routes for the routers. Spanning tree on all the switches.
We have the OpenBSD routers up and running in our lab, I'd say they are 90% ready, but we're having internal routing issues when it comes time to fail-over. I know we'd have an easier time if we used just one router with a NIC per provider, but I was hoping for more redundancy.
I do not know if this is the right forum to post on, or if this is even the right site since this is not technically "Web Hosting" related, however it is the largest technical community I know of.
I have been setting up small networks in various branches of a medical company. I am using a linksys wired router connected to a static IP through a SDSL modem. The DHCP is disabled, and the two computers and the print server have also been assigned static IPs.
The problem I am having is that the linksys router will work fine, and then go offline.
The linksys router will no longer be pingable internally. Unplugging the router from the power briefly then plugging it back in resolves the problem temporarily. Sometimes it will become unresponsive again within 30 seconds to a minute, however other times it will go days without this problem occuring.
I thought it might be a defective router, however I took it back and got a replacement, however this is continuing to occur, so it must be something else. The two computers are Windows XP with static IPs set to 10.88.102.xxx as well as the print server. and the subnet mask is 255.255.255.0. The gateway has the IP 10.88.102.1. The mask is set as the same on the router side. The DNS server IPs are the ones given by the ISP and are defined in both the client TCP properties and on the router.
I figured since the network was so small, it would make sense to just buy a cheap linksys router, however the response I got from someone at experts-exchange says that this is just the MO of the crappy residential end of linksys. This surprises me since linksys is a division of cisco.
However..it's time to learn.
There is no doubt in my mind I'm going to Houston. The prices they have..it's unreal. Take a look:
[url]
And that's just one. The real fun starts when they start beating each other's quotes.
Ok..on to what need here:
If I have a cage at Level 3..is there a way to estimate routing/switching needs on a per-rack basis? In other words..can you estimate: Ok 1 full rack...say...30 servers..and you're bringing in one of those 100mbps eth drops...to start.
and you want capacity for..say..three more racks from the getgo.
Is there software for this? Or can you guesstimate on ip use-how many ips you think you'll need routing for?
I have a lot of dedicated IP accounts that I want Exim to send mail from (in other words, not to use the shared/primary IP of the server).
Has anyone successfully configured cPanel/Exim to do such a thing, such as this:
[url]
I have a server with several sites hosted on it. Randomly, a site user will find that they can no longer connect to any of the sites on the server - but they can connect to the rest of the Internet. When this happens, the sites themselves are fine and everyone else can connect without any problems.
The only way the affected user can view sites on the server again is to reboot their router - at which point everything is fine.
why this would happen? I have a CentOS (Red Hat Enterprise) Linux server with DirectAdmin, Apache, PHP/MySQL - the usual. I'm thinking that there must be some kind of network setting which is allowing this to happen, but I can't for the life of me work out what it is.
My roommate ran into this problem a few weeks ago. He could not connect to a webserver. Turns out it is the way that some of the ports are being handled when passive FTP is used.
I was wondering if a lot of web hosting companies are seeing some complaints of (passive) FTP not working properly? And who are you blaming?
He had to install some firmware updates to the Linksys router as well but then that started to crash the Internet connection (something we cannot have). So the router update was uninstalled.
He had to do quite a bit and finally started to use the control panel to upload. He has not tried FileZilla yet but I tried it on my system to connect to his server and it failed.
My host has helped me to install a switch. However, I don't know how to configure using the command line. Could anyone help me?
I need to be able to connect to my Cisco switch using Cisco Network Assistant. If you know the command sequence,
Anyone know anything about cisco pix 501s? i need help setting one up if anyone can give me a hand.
View 14 Replies View RelatedI just got a Cisco PIX 501 from my IT Guy for home use and he didn't reset the firewall to default settings so there are ton of old commands in here.
Is there a command I can use to reset the firewall back to the factory default settings?
Or is there anyway I can flash it back to factory default settings?
I am interested to buy a Cisco ASA firewall. So far I have never played with this gears and I wonder if it is easy to setup.
Is there any software provided by Cisco to setup rules and ACL thru some graphic interface software ?
We are looking to replace our existing WatchGuard Firebox's with a hopefully more reliable firewall from Cisco's range although I'm a bit lost when it comes to the different ranges.
Could somebody suggest a firewall that is capable of:
1: Both NAT & Drop-in (bridge) mode
2: Pretty low bandwidth requirements, no more than 10mbit/s traffic
3: SNMP Monitoring
4: High availability pairing
I see a lot of DDos related articles here at WHT. We've got hit multiple times by DDos and had to handle those attacks everytime with a different approach.
The largest one and the most well know one (we were in Times Mag, AP news, CNN, slashdot, you name it - just do a search about us on WHT) was Russian botnet cyberattack - we had to anaylyze netflow and then block everything on our edge routers, then on the firewall and then locally on the servers.
Since then we had number of other attacks, some of them we were not able to defend on the server level, while, as you can understand we can't do netwflow and manual intervention evey time somebody gets an attach.
We have very good scripts which allow to mitigate huge number of DDos attack, whet our scripts are finding attacking IPs and blocking them automatically - still some attacks could be blocked only on the router level.
I've read that Cisco Guard (I am interesed in 65xx version of it) suppose to mitigate DDos attacks in automatic mode.
after months of disruption moving servers into a new data centre, our once reliable colocation company has now had nearly 6 hours downtime in the last 16 hours. So much for network redundancy.
View 5 Replies View RelatedI am looking at picking up a switch to mess around with at home. I found the following within driving distance but have no idea of which one will give me more up to date, hands on experience. Any feedback is greatly appreciated.
Used Cisco WS-C5509 Chassis with power supply ( POWER SUPPLY 34-0870-01), and fan (WSC5509FAN)
Cisco WS-X5530-E2 Supervisor Engine III Modules
Cisco Systems WS-U5537-FETX CISCO 4 PORT 100BASETX UPLINK MODULE
Cisco WS-X5234-RJ45 Switch Modules X 8
$160 each.
Cisco WS-C5500 Chassis
POWER SUPPLY 34-0773-03
Cisco Ws-x5550 Supervisor Engine Iii G-series
WS-X5234-RJ45 X 11
For $200
Cisco WS-C5505 Chassis
Cisco WS-X5530-E2 Supervisor Engine III Modules
Cisco WS-U5533-FEFX-MMF Supervisor Engine III Uplink Modules
Cisco WS-X5225R Switch Modules X 2
For $140
I'm trying to learn about network. I bought Cisco 2950 for testing. I set it up and finding out the way to cap its ports at 20Mbps or 50Mbps. Do you know what command or how to do this?
Also what command to check the port speed or to uncap the port?
Other than eBay does anyone know of a supplier of Cisco gear that has good prices and knows their Cisco equipment?
View 14 Replies View RelatedI am setting up a small ccna lab and i have RIP working and i can ping my lan from both routers, but only certain hosts on the lan from the one router the setup is
LAN (192.168.1.0/255.255.255.0)
|
/
router 1 E0 192.168.1.45
Serial0 10.10.10.1
|
/
Serial0 10.10.10.2 (of router2)
|
/
E0 192.168.3.250
E1 192.168.2.250
Lo 192.168.5.4
I can ping 192.168.1.102 from router 2 and 192.168.1.45 but no not 192.168.1.201 ... or 192.168.1.1
also i can ping 192.168.5.4 from 192.168.1.102 which is a linux box and an ip route to tell it that 192.168.5.0 can be gotten from 192.168.1.45
What is the difference between the Cisco PIX and Cisco ASA Firewall Systems?
Also which firewall do you guys recommend for a rack of servers
I am currently looking at these Cisco switches:
- Cisco 2924 WS-C2924-XL-EN Enterprise Switch
- Cisco 2950 WS-C2950-24 Catalyst Switch
- Cisco 3512 WS-C3512-XL-EN Enterprise Switch
- Cisco 3524 WS-C3524-XL-EN Enterprise Switch
- Cisco 3548 WS-C3548-XL-EN Enterprise Switch
1) I was recommended to chose the XL-EN model switches because it seems they have more Memory, but the second one in the list (Catalyst) is not a XL-EN, is that going to have any affect performance wise? or it doesn't really matter?
2) I was also recommended to choose managed switches because that way I can use the SNMP features to measure bandwidth, are any of the switches above unmanaged?
3) I also want to be able to manage the switch remotely, web managed, are any of the switches above web-manageable?
4) Most importantly, when my datacenter give me a 100mbit drop, I dont know which port to plug it in in the 29** series. In the 35** I see it clearly but I am not able to see it in the 29**, any ideas?
5) On some of these switches I see a special port called "Console", what is it? where does that connect to?
6) Do any of the switches above not have a console port?
My network currently looks like this :
ISP ->> L3 Switch ->> Firewall (Transparent Mode) ->> Switch ->> Servers
I have a single /24 and my firewall is on x.2 and routes traffic for each of the servers.
Now i have a new Cisco ASA 5510 that i want to replace the aging firewall currently in place, however i dont want to put the firewall into transparent mode because i dont want to lose all the functionality.
Now with most firewalls your outside subnet cannot be the same as your inside subnet, which is fine if you are using NAT but i dont want to NAT. I need all of my servers to remain with their public ip addresses.
So what is the ideal way to setup something like this? Request my ISP give me a /30 for the ASA outside interface or something? And then ask them to route my /24 through the /30 new subnet?
whether I can grant a specific vlan priority over all other traffic..and if so does anyone know an appropriate site where I can find documentation on how to do so?
View 0 Replies View RelatedIs there such a switch?
Do cisco do a 24 port 1000Mbs switch that you can control each port speed through a web based software?
Does anyone know of a place or have for sale a Cisco PIX firewall? I have looked into ebay but was wondering what else is out there?
View 3 Replies View RelatedFrom the posts in this forum it would appear that a number of forumites are colocation service providers and web hosters that use Cisco gear.
I was reviewing the Cisco End User License Agreement that was included in the router box. Under the General Limitations section, "Customer shall have no right, and Customer specifically agrees not to:", item (iv) states, "use or permit the Software to be used to perform services for third parties, whether on a service bureau basis or time sharing basis or otherwise, without the express written authorization of Cisco".
Does this mean that a service provider is required to acquire
a separate license similar to the Microsoft Service provider license?
I have a cisco 2960G switch that I used for colocation, the colocation provider does all the routing all I need is this switch. It's just a plug and play operation, however I now need to do some more difficult stuff.
So, I plugged their bandwidth uplink into port 20.
I have really no idea on how to setup anything other than the basic of the switch.
Is it possible to setup Private Vlans in this situation? I am in need of a setup like this:
All port 1-19 in private vlans, but still able to communicate with port 20 to get internet access. Port 1-19 cannot communicate with each other except by going through port 20, through the internet.
I also want to know if it's possible to statically assign each port with a specific IP? Just say I want all traffic to a static ip to only go to port 1? Is that possible? I want to be able to limit the control of IPs through the switch not through the server.
Right now all my IPs are assign on the server level, meaning the server can take each other IPs and mess with each other connections.
at 11x 2851's. When we got the quote they had added on Cisco Advanced IP SERVICES.
We arent sure if that is just the security bundle, or something they are trying to toss on for more money.
2851 w/ AC PWR,2GE,4HWIC,3PVDM,1NME-XD,2AIM,IP BASE,64F/256D
Cisco 2800 ADVANCED IP SERVICES
Maximum Compact and USB Flash
Four port 10/100 Ethernet switch interface card
Updated 1-Port T1/Fractional T1 DSU/CSU WAN Interface Card
64 to 256 MB CF Factory Upgrade for Cisco 2800 Series
256MB USB Flash Token for Cisco 1800/2800/3800 series
Cisco 2821/51 AC power supply
Power Cord,110V
Device manager for routers
256MB DDR DRAM Memory factory default for the Cisco 2800
8X5XNBD Hardware Replacement 2851 w/ AC PWR,2GE,4HWIC,3 (1 Year)
My understanding is that the IOS software running in most of their products is non-transferable. So clearly this prevents a user from receiving updates if they purchase used hardware (i.e. ebay). However, isn't it possible to purchase an IOS software license from Cisco for any of their supported product?
Their web site is a mess! I've spent, literally, hours on their site trying to figure out how to purchase such a license, or how to purchase a service plan that might entitle me to IOS updates.
And how does "SMARTnet" fit into this puzzle? Do I need a SMARTnet contract to download maintenance updates, even for *new* hardware that I've purchased?
i want a Cisco firewall suitable for one dedicated server protection, that server would host up to 30 vps
and i may buy another server in future, so what do you recommend?
from where can i get the price of cisco firewall?
View 4 Replies View Related
