Cutting of NTP on specific interfaces

Similar Questions

• COM/ActiveX by default or non-specific interface

  Let's say I have a non-Visual activex control that implements 2 interfaces: IStuffInterface and IStuffInterface2.

  IStuffInterface2 derives from IStuffInterface and adds a little more functions.

  IStuffInterface2
  + - Property2a
  + - Property2b
  + - Method2a
  + - IStuffInterface
  +- + Property1a
  +- + Property1b
  +- + Property1c

  In applications VC ++ I can usually try an IStuffInterface2 query and use it. If this is NOT available, I can do plan-B and try to mark for older, IStuffInterface and IStuffInterface2 to disable the related application functions. Even simpler, if the VC application ++ doesn't require something IStuffInterface2 I know that there will be held will be of all versions of the control.

  How do you do this in LabVIEW? So far, of what I learned about LV if you put a control or an activex on a panel refnum is somehow BINDED to a specific type library and the interface. He seems to want to say that if I create a LV application with the version of the most up-to-date activex control, the LV application does not work on a system with an earlier version (even if technically the old control can fill in the application control contract). Even if I don't do the application of LV uses only the methods and properties of the original IStuffInterface it seems unable to use the old interface if a more recent version, there is one on the system.

  How to make sure that an existing LabVIEW application will run with what version of the control is present on the system?

  What LabVIEW unconditionally with default COM interface?

  You can choose a particular interface programmatically? Then how configure you the pre-wired VI as the type information are unknown?

  Thank you
  R.

  Rastikan,

  Tell me if I'm wrong, but I believe that what you're looking for is cast... you can find a lot of information about it searching around the forums and knowledge bases, but these will probably help:

• Ping using a specific interface

  I have a Windows 2003 server that has multiple network cards. Is there a way to ping and specify the map interface to use?

  Hello

  I suggest you post the question in the forums and check them off below if it helps:
  http://social.technet.Microsoft.com/forums/en-us/category/WindowsServer

  It will be useful.

• ESA how to pin a specific traffic on a specific interface for mail flow?

  We have an ESA Ironport virtualized and normally he was running an interface on our DMZ, 192.168.1.200.

  On this DMZ, the firewall allows only the 10.1.1.10 to 192.168.1.200 internal mail server mail flow to and from, more obviously other traffic as DNS and web for filter updates.

  However, I would like to integrate with AD, so for this reason I had to connect to another interface on our LAN in vmware, and in config to Ironport ESA I implemented this interface on the local network of 10.1.1.200.  I have all services off the power on this interface, in order to access the web INTERFACE for spam or configuration still goes to the original interface of 192.168.1.200.

  Now, I've been able to communicate to the announcement and make an LDAP query, which is excellent, but now the incoming emails are hitting our exchange of the new 10.1.1.200 instead of the original 192.168.1.200 interface.

  When exchange sends an e-mail to, it still sends to 192.168.1.200, and Ironport addresses correctly.  But what Ironport receives by email is now send to Exchange on the new internal IP address.

  Question is can pin it so that Ironport works the 192.168.1.200 (management), the interface for all SNMP traffic?  The ONLY reason I added an internal data interface 1 is to query AD.

  Is it safe or not?

  Thank you!

  Hey Keith,.

  The details provided, I pray that ESA uses the right interface to send emails to your exchanges (192.168.1.200) instead of 10.1.1.200.

  (Assuming that the 2 interfaces, one for generally more traffic, another for only AD queries.)

  I advise you to change the following.

  GUI > System Admin > LDAP > change the LDAP interface for usage (for queries) to your new 10.1.1.200 (if you haven't already done so).

  Then, CLI > deliveryconfig

  Change the interface used for deliveries of mail to the 192.168.1.200 interface (chosen by name).

  I think that should correct the behavior.

  Kind regards

  Matthew

• How to configure VPN remote access to use a specific Interface and the road

  I add a second external connection to an existing system on a 5510 ASA ASA V8.2 with 6.4 AMPS

  I added the new WAN using another interface (newwan).

  The intention is to bring more internet traffic on the new road/interface (newwan), but keep our existing VPN using the old interface (outside).

  I used the ASDM GUI to make changes and most of it works.

  That is to say. The default route goes via (newwan)

  Coming out of a VPN using a site to character the way previous (out) as they now have static routes to achieve this.

  The only problem is that remote incomming VPN access Anyconnect do not work.

  I put the default static route to use the new interface (newwan) and the default tunnel road be (outside), but that's the point is will not...

  I can either ping external IP address from an external location.

  It seems that the external interface doesn't send traffic to the - external interface (or at least that's where I think the problem lies). How can I force responses to remote VPN entering IPS unknown traffic to go back on the external interface?

  The only change I have to do to make it work again on the external interface is to make the default static route to use external interface. Calling all internet traffic to the (external connection) original

  Pointers appreciated.

  William

  William,

  As it is right now that you will not use the same interface you have road to terminate remote access unless you know their IP addresses by default.

  In one of the designs that I saw that we did something like that.

  (ISP cloud) - edge router - ASA.

  The edge router, you can make PAT within the interface for incoming traffic on port udp/500 and UDP/4500 (you may need to add exceptions to your L2L static) of the router. It's dirty, I would not say, it is recommended, but apparently it worked.

  On routers, this kind of situation is easily solved using VRF-lite with crypto.

  M.

• HP Officejet 8610: Cut 2 sided copy printer interface

  I need help turning off two-sided copy using the inetrface on the printer. I have no problesm but cpying printer problems. If I print two pages in two original copies, the printer wants to enter the page firstcopied and pull of iut in the printer to copy the second page.  I want to turn this feature off and I turn it on when necessary. Thank you.

  Hello
  
  Thank you for using the HP Forums.

  From your printer Panel > copy > copy the settings (gear icon)

  Under copy settings, make sure that your 2-sided copy has the value "1:1".

  Hope that helps!

• EZVPN leak netflow and ntp to ISP

  I have a G 881 with a cellular modem from verizon with EZVPN in network Extension mode. This config is running Netflow packets directly on the cell interface. I want them to go to my IPSEC tunnel to my internal Netflow collector. Same thing is happening to NTP. Because these packages have (10.x.x.x) private IP addresses to the source field that Verizon maintains close the cell interface. I tried natting and ACL, but because these packages are generated by the router, it allows to circumvent these mechanisms.

  Does anyone have a work around for this problem.

  Have you tried your traffic NTP and Netflow how to associate a specific interface on your router? These interfaces include your field of encryption.

  Examples:

  IP flow-export Loopback0 source

  source NTP Loopback0

• Battery GS728TS with interfaces and the LAG problems

  Hello

  We have 2 x GS728TS (running firmware 5.3.0.26) switches connected together in a pile with double stacking cables.

  There are 4 servers connected to the battery through the LAG. Each LAG is composed of 4 members and 2 VLANS, 2 on each switch in the stack. Each server running multiple virtual machines.

  Until recently, everything worked fine. However the last week we have suddenly taken in an issue where some (not all) computer virtual on a host could not communicate with VM on other hosts and vice versa.

  After investigation, we discovered that the entries in the ARP on the troublesome VM table did not contain correct entries. Restart the virtual machine has not resolved this. so I restarted the battery and after a long period of time (15 min) the battery came and most of the questions have disappeared, but not entirely.

  So, I checked the table of addresses on the stack of the switch and found that it contains 'bad' entries as well. It shows that some have learned mac addresses are on specific interfaces instead of a lag, and also sometimes these interfaces are not even part of the specified LAG.

  If I turn off one switch and keep it turned off (or the other) then everything starts working correctly again.

  Anyone have any ideas?

  Thank you

  Shaun

  Hello

  During an extended last night maintenance window, I turned off and removed all the power to the two switches in the battery for about 5 minutes.

  I re-applied then power on both switches and after allowing then to start, check and they now seem to be working properly again.

  I just re-checked the switches (about 8 hours later) and they don't always work very well - no notice or detected problems.

  Concerning

  Shaun

• Smtp only on 2nd Interface WAN traffic

  We have a Sonicwall TZ600 and recently installed a 2nd RE ADSL on the X 2 interface. I want to route SMTP only (back and forth) traffic on the WAN and also including traffic HTTPS interface to specific sites.

  Any ideas on how to implement this scenario?

  You need a custom road policy. Links below will help you to set up the same.

  How to route SMTP traffic through a specific interface (e.g. secondary WAN) (SW5733) only:

  https://support.software.Dell.com/SonicWALL-TZ-series/KB/sw5733

  How to route all traffic through the secondary WAN (SW11461) HTTP:

  https://support.software.Dell.com/SonicWALL-TZ-series/KB/sw11461

  NOTE: Above KB is for HTTP, you must select HTTPS during the creation of the traffic police.

• Configuration of several interfaces vlan on a layer 3 switch

  I am trying to incorporate a layer 3 switch in a network. (see figure 1 below). My problem is that in the configuration below, the layer 3 switch seems to offer no additional benefit on a layer 2 switch, because it does not pass packets from Layer 3, instead, it will take an additional router configuration.

  If I set up 2 interfaces like no switchports (diagram2) and create virtual interfaces on the switch of level 3, that is to say 0.1/g0, g0/0.2, 0.3/g0, g0/1.1,g0/1.2, g0/1.3, configure dot1q encapsulation and add ip addresses and subnets on each interface, so I understand that I can use the switch of level 3 as a router.

  However this introduces a new problem now, VLAN 1 is on both interfaces, so devices in VLAN 1 on each interface will have point to the default gateway on this specific interface and features of VLAN 1 on G0/0.1 interface must be configured with a different subnet than those on G0/1.1 interface.

  It does not seem logical, am I missing something?

  Assignment.jpg

  

  Figure 1

  assignment2.jpg

  

  Paul

  On a L3 switch you do not configure subinterfaces (usually).

  You create what's called Lass (Switched Virtual Interfaces) instead of this, and what are your L3 interfaces.

  If your L3 switch ports are ports of L2 or other trunks or assigned to a VLAN specific.

  For each VLAN you want to route you create then a SVI IE. -

  int vlan
  IP x.x.x.x
  No tap

  and the default gateway for clients in this vlan is the IP assigned to the SVI.

  Any other configuration of L3 interface, you add to the SVI.

  The only time wherever you actually use the ports of L3 is when you connect to a router for example.

  Jon

• Confgiure router IP interface special add.for GANYMEDE + Authenticate

  How confgiure router to use the IP address of the specific interface for all communications with ACS server for authentication GANYMEDE +.

  Thank you very much...

  Use the command:

  source-interface IP Ganymede

• Number of ACL by interface

  ACL how can I request an interface? I have a few long ACLs that I want to break up to make it easier to manage. I have 5 incoming ACL applied to my DMZ interface on a 525 running version 6.3 (4)?

  Roland,

  I think your question is if you can have more than one ACL per interface...

  Let's check out some definitions first:

  ACL: Access Control List, it is a union of ACEs that specify if traffic will be allowed/denied on the basis of source and destination

  ACE: What are the specific lines that you add to an ACL

  (i.e..)

  access list 1 TEST line allow tcp a whole

  allowed for TEST access list row 2 udp a whole

  -L'ACL is TEST

  -ACEs are "line 1" and «line 2"»

  1_ so if your question is in what concerns the number of ACEs per ACL by Interface, I will say that you can have as many as you want, but make sure that you use the TURBO ACL function with the 'updated access-list command"

  2_ if your question is how ACLs, you can have by interface, I say it's just a... You bind the ACL to an interface with the access-group command and the rule is "what an acl by interface.

  Please click the link below:

  http://Cisco.com/en/us/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a00800eb721.html#wp1001972

  "You use the access-list and access-group commands to allow access based on source or destination IP address, or the port number of the Protocol. Use the access-list command to create a single access list entry and use the access-group command to bind one or more entries from the access list to a specific interface. Specify only a single command access-group for each interface. »

  I would like to know if this can help, if I was wrong about my assumption give me details and I would be more than happy to help

  Frank

• serial interface T1 routers back-to-back 1841

  Hello everyone, I'm trying to set up my CCNA lab environment and I everything works fine, including crossover between my three 1841 routers connections (all interfaces are on the rise, and line protocols are all)

  With regard to connections, through cards to Interface WAN WIC-1DSU-T1-V2 series, I'm not able to ping any of these specific interfaces of the router IP addresses, they are on, I am able to ping from one node on the network 1 (ROUTER1) across Network2 (ROUTER2).

  Did I miss something like OSPF or another protocol to get this last step to work?

  Any help would be appreciated!

  Kind regards

  Jon

  Jon

  Good luck in your studies for CCNA. You should not have a protocol such as OSPF for a router to ping a neighbor connected. If you want to ping something that is not directly connected, you may need a routing protocol (or static routes). If all interfaces show that upward and with the Protocol appear as that would seem like things should work and ping should work. But if it does not, then, he need a little more information from you to determine what the problem is. First post you the output of show ip interface brief each of the routers. It would also help if you would be after the release of the cdp neighbor see command and see the cdp interface.

  HTH

  Rick

• How a GRE tunnel is applied to a physical interface?

  Within the tunnel configuration, we use the controls, the source and destination for the tunnel, but the physical interface does he know how to use the tunnel? The source code of the tunnel parameters replace the physical interface? If we don't configure a tunnel with the right source this interface would then send all information encapsulated in the GRE?

  If we also configure IPSec on the interface, and specify a card encryption to encrypt only the corresponding traffic this corresponding traffic would not use the GREtunnel or information without worrying if it was encrypted IPSec is also be encapsulated in the GRE?

  Also, I read here: https://supportforums.cisco.com/docs/DOC-3067

  'Bind the card crypto to Physics (outside) interface if you are using the version of Cisco IOS 12.2.15 software or later. If not, then the card encryption should be applied to the tunnel as well as the physical interface interface. »

  Why was it necessary to apply the crypto map to both physical and tunnel interfaces, and why is it not necessary with versions of IOS?

  Thanks for any help!  -Mark

  Hi Mark,

  When you set the source of the tunnel in the tunnel interface, the router adds the IP address of the specific interface (loopback or physical) to the GRE packet generated by the tunnel interface.

  This is useful when you need to deliver a tunnel through the Internet WILL, but the tunnel interface has an IP of priivate, if you use the interface external (with a public IP address) as the source of the tunnel.

  When remote endpoint WILL receive the packet, search interface tunnel there as destination of the tunnel and decaps the packets, and then he gets the GRE packet and forwards it to the specific tunnel interface.

  Since 12.4 you simply apply the crypto map to the interface defined as the' tunnel', usually the one connected to the Internet, where all VPN tunnels are landed. The reason for this is the endpoint VPN termination being the physical and not the tunnel interface interface.

  The reason why you need to add the encryption card for both is not clear for me, since I did not support older versions of code.

  Do not forget that when configuring a GRE/IPsec tunnel in ACL Cryptography you set the source and tunnel destination IPs.

  Hoping to help.

  Portu.

  Please note all useful posts

  Post edited by: Javier Portuguez

• How to restrict the use of the connection profile Anyconnect to traffic from an interface?

  Hello

  A few questions about the profiles connection Anyconnect and dynamic access policies:

  • I set up multiple profiles connecting Anyconnect with different characteristics. I want one of the profiles to be visible and usable only when the Anyconnect client connect through a specific interface (and not the outside interface). How can this be configured? As it is now all profiles are visible via all interfaces compatible VPN.
  • DAP: When dynamic access policies are configured, these will be global or is it possible to link a policy to a specific connection profile? I would like to configure the DAP Protocol to be effective only when you use a specific connection profile. What is a good way of thinking? What I want is: when a user Anyconnect choose a specific connection profile, it needs to connect using a DAP which requires membership in an ad group and existence of a local file.

  Best regards

  Thor-Egil

  • Unfortunately, you cannot restrict the interfaces of the AnyConnect fitting profile is assigned to AnyConnect connection profiles are global settings, no interface specific setttings, therefore, it will be available no matter what interface the AnyConnect is connected to.
  • DAP political work as an access list. It in the lowest priority to highest priority and he stops at the first match. For example, you can create a number of policies on what you want to match on. You cannot however force the user to authenticate to AD when they choose a specific group of tunnel. DAP is used to apply that only users that meets policy is allowed access. For example: If the user belongs to a specific ad group and also have a file exist, the user will be allowed access to use the AnyConnect. So it's the application that the user connects from a company laptop where you specified the policy, that is to say: exist in AD and have a specific file in his laptop. This is to ensure that those who try to connect to the site of the company non-portable, or internet kiosk have accessed to the VPN, because they may not be protected and can infect your corporate network, if they are allowed to access.

  Hope that makes sense.