My Netwok Dictionary

Introduction

With Authentication Proxy, users can log into the network or access the Internet via HTTP.
User profiles are automatically obtained from a server TACACS +, which we assume is already configured. (Cisco Secure Access Control Server)
It is assumed that the server TACACS + is the same LAN client and that a user is configured CSACS Default Group, with username and password.

Configure AAA

To configure AAA, the steps are:

a. On the router in global configuration mode:
Router # configure terminal Read the rest of this entry »

Static configuration:

It was performed manually by an administrator assigned to the respective ports VLANs. By default all ports belong to VLAN1 until the administrator change these settings.

Dynamic configuration:

The IOS Catalyst switches support dynamic configuration through a server belonging to VLAN (VMPS). The VMPS server can be a high end switch that is running an operating system based on set (CatOS). Read the rest of this entry »

Let’s see how to protect our home LAN by configuring a Cisco firewall, or PIX 501 (see image below).

First we set the name and the security level associated to the external and the internal interface we are using (after entering the configuration mode by typing commands and then ena conf t):

pixfirewall (config) # nameif ethernet0 outside security0
pixfirewall (config) # nameif inside Ethernet1 security100

As you can see, we call interface ethernet0 “outside” and to it we associate the level of security “security0. A similar concerns interface Ethernet1. Read the rest of this entry »

The materials used in this lab:-

• 2 Cisco Routers with serial interface
• 2 Cables V35-DTE
• Teleco DCE Modem 2 TD-3 604T
• 2 Cables V35-DTE
• 1 Cable RJ11 (modified for the connection of two modems DCE-3)

Read the rest of this entry »

PIX Security Appliance RSSI. Cisco PIX security applications can enforce policies on users and applications. Cisco PIX can protect against many different networks and Internet-based attacks. Cisco PIX provides secure connectivity, using methods such as SSHv2 Secure Shell and two virtual private networks VPNs.

It’s pretty easy to install.

Cisco PIX can provide VoIP Voice over Internet protocol secure.
Internet Protocol Security IPSec can be installed for VPN. Read the rest of this entry »

In this lab Modular QoS CLI is used to ensure minimum bandwidth to the PC according to the criterion IP lowest bigger bandwidth.

Note using the default CBWFQ the sum of bandwidth allocated must not exceed 75% of the total bandwidth of the interface. To change this value using max-reserved-bandwidth [1-100]

access-list 101 permit udp host 192.168.0.101 Any access-list 102 permit udp host 192.168.0.102 Any access-list 103 permit udp host 192.168.0.103 Any class-map match-all pc101 match access-group 101 class-map match- pc_103 to match access-group 103 Class-map match-all pc_102 match access-group 102 policy-map class rules pc101 bandwidth percent 30 percent 20 class class pc_102 bandwidth pc_103 bandwidth percent 10 interface Serial0 ip address 10.0.0.2 255.0.0.0 max- reserved-bandwidth 100 service-policy output rules. Read the rest of this entry »

One of the applications most used is DDR ISDN (telephone call routing on demand) to be able to send traffic when the router deems interesting. DDR allows two or more routers to connect installations, conventional analog dial as needed. DDR normally used for casual connections, such as telecommuters, small offices, customers, etc.

Configuring DDR

The DDR configuration process defined in the following steps:

1. Define static routes

2. Specify interesting traffic

3. Configure the dialing information
Define a static route to the destination:

Router (config) # ip route [destination network address + mask] [next hop address / output interface] [admin distance.] [Permanent] Read the rest of this entry »

The article is aimed to learn the existence of a command by which to verify the MD5 hash IOS added to our system.

MD5 hash

MD5 is an algorithm used to create a 128-bit hash function, the usefulness of this test is to perform an integrity check on the file, so that we can be sure that the file has been corrupted by errors during the transfer, or that has been specially modified with malicious code.

Hands-on
When we download IOS, we go for the MD5 hash calculation on the local, let’s say that the IOS is “soho97-k9oy1-mz.123-7.T3.bin” The resulting hash is “e1588a2bda3583feb9188933d265ba11. Read the rest of this entry »

It is possible to configure and test the connectivity between two or more Cisco Routers in the absence of actual ISDN line via ISDN simulator (easily affordable to the network) as the word itself allows us to simulate two or more ISDN lines directly to our house, enabling us to be sure that our connectivity between nodes is in perfect working (without spending a cent for tests).

Warning: ISDN simulator is not configurable: Use care allocation of ports.

The Tasks are as follows:-

After connecting the console cable RJ45 BRI interface to the simulator, making sure to connect the RJ45 cable into the port caller simulator and vice versa. Now turn on the router and configure, logically, giving it a name and entering user and password for authentication: Read the rest of this entry »

The ethernet interface of the router is on the same network as the TFTP server and the procedure is performed via the console and not via telnet, as the routing functions are disabled during the process. Having said that we can proceed to configure the ethernet interface of the router with an IP address:

Router # configure terminal
Router (config) # interface ethernet0
Router (config-if) # ip address 192.168.0.2 255.255.255.0
Router (config-if) # no shutdown
Router (config-if) # exit
Router (config) # exit
Router # Read the rest of this entry »