Traffic IDSM2 SPAN not appearing is not in IDSEV
I have my perimeter VLAN calibrated using 9/7
create set span 60 9/7 times
In the event viewer my ID I don't see any object appear in the default views.
If I choose the device and choose the status of the device and scroll down to statistical analytical engine, I see quite a few alarms triggered, but I see almost as excluded alarms - number of alarms excluded by filters. I have no configured filters.
What is going on???
You can paste the output of the following from the sensor CLI commands:
(1) show the interfaces
(2) configure terminal
configuration alarm-channel virtualAlarm service
Melody-alarm-channel
view the settings
My guess is you might have a filter in place that you are not aware of. It is easy to inadvertently create a filter that filters all alarms (I did it myself on accident).
Tags: Cisco Security
Similar Questions
-
Traffic meter is not available for JNR1010v2
I don't see the option under the advanced traffic meter. Can someone help with this...
Hello @mk_fox
Welcome to the community!
The Manual does not contain it, therefore, it does not support.
-
traffic Windows 7 not out on the interface of traffic as it is assumed
Hi experts
I got this company of Win7. I want to install two network interfaces on it. A network interface will be for the management of the machine itself. and another interface for application traffic. I had an application that I run and which consumes a lot of bandwidth to the point that if I put everything on an interface I could lose the RDP connection.
Also, I have set up my IP of mgmt interface. and it works. I can RDP into it. But when I configure the 2nd interface with its IP address, the auto road which becomes forces added traffic to pass by my mgmt interface/IP, which is not what I want.
These two survey periods are two different subnets and they go to different switches. I did a simple sketch of my installation below to show what I'm trying to accomplish.
Under linux, I would just like to add a static route and who takes care of this, but how do I do that on Windows?
I follow this guide but still have the same problem:
http://Windows.Microsoft.com/en-CA/Windows/configuring-multiple-network-gateways#1TC=Windows-7
Hello
I understand the inconvenience caused.
For assistance, I suggest you to post the question on the link below. The link below is the link of support for TechNet Support forums. They are experts in your field of investigation and would be in a better position to answer your concerns.
Hope this Information is useful.
-
Return VPN traffic flows do not on the tunnel
Hello.
I tried to find something on the internet for this problem, but am fails miserably. I guess I don't really understand how the cisco decides on the road.
In any case, I have a Cisco 837 which I use for internet access and to which I would like to be able to complete a VPN on. When I vpn (using vpnc in a Solaris box as it happens which is connected to the cisco ethernet interface), I can establish a VPN and when I ping a host on the inside, I see this package ping happen, however, the return package, the cisco 837 is trying to send via the public internet facing interface Dialer1 without encryption. I can't work for the life of me why.
(Also note: I can also establish a tunnel to the public internet, but again, I don't can not all traffic through the tunnel.) I guess I'm having the same problem, IE back of packages are not going where it should be, but I do know that for some, on the host being ping well, I can see the ping arriving packets and the host responds with a response to ICMP echo).
Here is the version of cisco:
version ADSL #show
Cisco IOS software, software C850 (C850-ADVSECURITYK9-M), Version 12.4 (15) T5, VERSION of the SOFTWARE (fc4)
Technical support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Updated Friday 1 May 08 02:07 by prod_rel_teamROM: System Bootstrap, Version 12.3 (8r) YI4, VERSION of the SOFTWARE
ADSL availability is 1 day, 19 hours, 27 minutes
System to regain the power ROM
System restarted at 17:20:56 CEST Sunday, October 10, 2010
System image file is "flash: c850-advsecurityk9 - mz.124 - 15.T5.bin".Cisco 857 (MPC8272) processor (revision 0 x 300) with 59392K / 6144K bytes of memory.
Card processor ID FCZ122391F5
MPC8272 CPU Rev: Part Number 0xC, mask number 0 x 10
4 interfaces FastEthernet
1 ATM interface
128 KB of non-volatile configuration memory.
20480 bytes K of on board flash system (Intel Strataflash) processorConfiguration register is 0 x 2102
And here is the cisco configuration (IP address, etc. changed of course):
Current configuration: 7782 bytes
!
! Last configuration change at 11:57:21 CEST Monday, October 11, 2010 by bautsche
! NVRAM config updated at 11:57:22 CEST Monday, October 11, 2010 by bautsche
!
version 12.4
no service button
tcp KeepAlive-component snap-in service
a tcp-KeepAlive-quick service
horodateurs service debug datetime localtime show-timezone msec
Log service timestamps datetime localtime show-timezone msec
encryption password service
sequence numbers service
!
hostname adsl
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
enable secret 5
!
AAA new-model
!
!
AAA authentication login local_authen local
AAA authentication login sdm_vpn_xauth_ml_1 local
AAA authorization exec local local_author
AAA authorization sdm_vpn_group_ml_1 LAN
!
!
AAA - the id of the joint session
clock timezone gmt 0
clock daylight saving time UTC recurring last Sun Mar 01:00 last Sun Oct 01:00
!
!
dot11 syslog
no ip source route
dhcp IP database dhcpinternal
No dhcp use connected vrf ip
DHCP excluded-address IP 10.10.7.1 10.10.7.99
DHCP excluded-address IP 10.10.7.151 10.10.7.255
!
IP dhcp pool dhcpinternal
import all
Network 10.10.7.0 255.255.255.0
router by default - 10.10.7.1
Server DNS 212.159.6.9 212.159.6.10 212.159.13.49 212.159.13.50
!
!
IP cef
property intellectual auth-proxy max-nodata-& 3
property intellectual admission max-nodata-& 3
no ip bootp Server
nfs1 host IP 10.10.140.207
name of the IP-server 212.159.11.150
name of the IP-server 212.159.13.150
!
!
!
username password cable 7
username password bautsche 7
vpnuser password username 7
!
!
crypto ISAKMP policy 1
BA 3des
md5 hash
preshared authentication
Group 2
!
crypto ISAKMP policy 2
BA aes 256
preshared authentication
Group 2
!
crypto ISAKMP policy 3
BA 3des
Prior authentication group part 2
the local address SDM_POOL_1 pool-crypto isakmp client configuration
!
ISAKMP crypto client configuration group groupname2
key
DNS 10.10.140.201 10.10.140.202
swangage.co.uk field
pool SDM_POOL_1
users of max - 3
netmask 255.255.255.0
!
ISAKMP crypto client configuration group groupname1
key
DNS 10.10.140.201 10.10.140.202
swangage.co.uk field
pool SDM_POOL_1
users of max - 3
netmask 255.255.255.0
ISAKMP crypto sdm-ike-profile-1 profile
groupname2 group identity match
client authentication list sdm_vpn_xauth_ml_1
ISAKMP authorization list sdm_vpn_group_ml_1
client configuration address respond
ISAKMP crypto profile sdm-ike-profile-2
groupname1 group identity match
ISAKMP authorization list sdm_vpn_group_ml_1
client configuration address respond
!
!
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set esp-3des esp-md5-hmac ESP_MD5_3DES
Crypto ipsec transform-set ESP-AES-256-SHA aes - esp esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
Set the security association idle time 3600
game of transformation-ESP-AES-256-SHA
market arriere-route
crypto dynamic-map SDM_DYNMAP_1 2
Set the security association idle time 3600
game of transformation-ESP-AES-256-SHA
market arriere-route
!
!
card crypto SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1
map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1 crypto
map SDM_CMAP_1 65535-isakmp dynamic SDM_DYNMAP_1 ipsec crypto
!
Crypto ctcp port 10000
Archives
The config log
hidekeys
!
!
synwait-time of tcp IP 10
!
!
!
Null0 interface
no ip unreachable
!
ATM0 interface
no ip address
no ip redirection
no ip unreachable
no ip proxy-arp
route IP cache flow
No atm ilmi-keepalive
PVC 0/38
aal5mux encapsulation ppp Dialer
Dialer pool-member 1
!
DSL-automatic operation mode
waiting-224 in
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
Description $FW_INSIDE$
10.10.7.1 IP address 255.255.255.0
IP access-group 121 to
no ip redirection
no ip unreachable
no ip proxy-arp
IP nat inside
IP virtual-reassembly
route IP cache flow
map SDM_CMAP_1 crypto
Hold-queue 100 on
!
interface Dialer1
Description $FW_OUTSIDE$
the negotiated IP address
IP access-group 121 to
no ip redirection
no ip unreachable
no ip proxy-arp
NAT outside IP
IP virtual-reassembly
encapsulation ppp
route IP cache flow
No cutting of the ip horizon
Dialer pool 1
Dialer idle-timeout 0
persistent Dialer
Dialer-Group 1
No cdp enable
Authentication callin PPP chap Protocol
PPP chap hostname
PPP chap password 7
map SDM_CMAP_1 crypto
!
local IP SDM_POOL_1 10.10.148.11 pool 10.10.148.20
IP local pool public_184 123.12.12.184
IP local pool public_186 123.12.12.186
IP local pool public_187 123.12.12.187
IP local pool internal_9 10.10.7.9
IP local pool internal_8 10.10.7.8
IP local pool internal_223 10.10.7.223
IP local pool internal_47 10.10.7.47
IP forward-Protocol ND
IP route 0.0.0.0 0.0.0.0 Dialer1
IP route 10.10.140.0 255.255.255.0 10.10.7.2
!
no ip address of the http server
no ip http secure server
IP nat inside source overload map route SDM_RMAP_1 interface Dialer1
IP nat inside source static 10.10.7.9 123.12.12.184
IP nat inside source static tcp 10.10.7.8 22 123.12.12.185 22 Expandable
IP nat inside source static tcp 10.10.7.8 25 123.12.12.185 25 expandable
IP nat inside source static tcp 10.10.7.8 80 123.12.12.185 80 extensible
IP nat inside source static tcp 10.10.7.8 443 123.12.12.185 443 extensible
IP nat inside source static tcp 10.10.7.8 993 123.12.12.185 993 extensible
IP nat inside source static tcp 10.10.7.8 123.12.12.185 1587 1587 extensible
IP nat inside source static tcp 10.10.7.8 8443 123.12.12.185 8443 extensible
IP nat inside source static 10.10.7.223 123.12.12.186
IP nat inside source static 10.10.7.47 123.12.12.187
!
record 10.10.140.213
access-list 18 allow one
access-list 23 permit 10.10.140.0 0.0.0.255
access-list 23 permit 10.10.7.0 0.0.0.255
Access-list 100 category SDM_ACL = 2 Note
access-list 100 deny ip any 10.10.148.0 0.0.0.255
access ip-list 100 permit a whole
Note access-list 121 SDM_ACL category = 17
access-list 121 deny udp any eq netbios-dgm all
access-list 121 deny udp any eq netbios-ns everything
access-list 121 deny udp any eq netbios-ss all
access-list 121 tcp refuse any eq 137 everything
access-list 121 tcp refuse any eq 138 everything
access-list 121 tcp refuse any eq 139 all
access ip-list 121 allow a whole
access-list 125 permit tcp any any eq www
access-list 125 permit udp any eq isakmp everything
access-list 125 permit udp any any eq isakmp
access-list 194 deny udp any eq isakmp everything
access-list 194 deny udp any any eq isakmp
access-list 194 allow the host ip 123.12.12.184 all
IP access-list 194 allow any host 123.12.12.184
access-list 194 allow the host ip 10.10.7.9 all
IP access-list 194 allow any host 10.10.7.9
access-list 195 deny udp any eq isakmp everything
access-list 195 deny udp any any eq isakmp
access-list 195 allow the host ip 123.12.12.185 all
IP access-list 195 allow any host 123.12.12.185
access-list 195 allow the host ip 10.10.7.8 all
IP access-list 195 allow any host 10.10.7.8
not run cdp
public_185 allowed 10 route map
corresponds to the IP 195
!
public_184 allowed 10 route map
corresponds to the IP 194
!
allowed SDM_RMAP_1 1 route map
corresponds to the IP 100
!
!
control plan
!
!
Line con 0
connection of authentication local_authen
no activation of the modem
preferred no transport
telnet output transport
StopBits 1
line to 0
connection of authentication local_authen
telnet output transport
StopBits 1
line vty 0 4
access-class 23 in
privilege level 15
authorization exec local_author
connection of authentication local_authen
length 0
preferred no transport
transport input telnet ssh
!
max-task-time 5000 Planner
Scheduler allocate 4000 1000
Scheduler interval 500
130.88.202.49 SNTP server
130.88.200.98 SNTP server
130.88.200.6 SNTP server
130.88.203.64 SNTP server
endAny help would be appreciated.
Thank you very much.
Ciao,.
Eric
Hi Eric,.
(Sorry for the late reply - needed some holidays)
So I see that you have a few steps away now. I think that there are 2 things we can try:
1)
I guess you have provided that:
IP nat inside source overload map route SDM_RMAP_1 interface Dialer1
Since the routemap refers to ACL 100 to define the traffic to be translated, we can exclude traffic that initiates the router:
Access-list 100 category SDM_ACL = 2 Note
access-list 100 deny ip 123.12.12.185 host everything
access-list 100 deny ip any 10.10.148.0 0.0.0.255
access ip-list 100 permit a wholeWhich should prevent the source udp 4500 to 1029 changing port
OR
2)
If you prefer to use a different ip address for VPN,
Then, you can use a loop like this:
loopback interface 0
123.12.12.187 the IP 255.255.255.255
No tap
map SDM_CMAP_1 crypto local-address loopback 0
I don't think you should apply card encryption to the loopback interface, but it's been a while since I have configured something like that, so if you have problems first try and if still does not get the crypto debugs new (isakmp + ipsec on the vpn, nat router on the router of the client package).
HTH
Herbert
-
ESXi 3.5 patch3 network traffic shaping does not work
Hello
Help, please
the smoothness of the traffic network in esxi 3.5 patch 3 doesn't work
Mather Board dg35ec
Thank you
Welcome to the forums - how is your network set up? What formatting settings you put? Don't forget the traffic shaping is outgoing and applied to each virtual NIC connected to the virtual switch.
If you find this or any other answer useful please consider awarding points marking the answer correct or useful
-
1 single MPLS tunnel between routers directly connected. Traffic routes and others not?
Hello
I have a unusual problem, I can not explain.
I have a simple scenario
LAN1 = 4500 = OSPF = R1_6500 = OSPF = R2_6500 = tunnel mpls TE with Highway = R3_2900 = 1900 = LAN2
1 enable MPLS TE tunnel between the Router R2 6500 and 2900 router
2. everything is ok until I have activate the router R3 2900 highway. LAN1 can reach the printers in Lan2 via the web. ŒUVRES of ICMP in all CASES!, however, (172 bytes) ICMP packets generated by the Solarwinds network browser find only 30% of the Lan2 network...
Once you turn off highway on 2900, it works normally...
3. I have the implicit null label on 2900 and R2 6500 (if I activate highway on two tunnels), CEF seems to be ok, OSPF routes are present, however, some of the traffic simply does not pass through
4. I have it fixed construction of a second tunnel of 2900 to 6500 R1 and it works well, but I don't understand what in fact behave this way?
Hello Vadym,
Perfect :)
Why should I activate targeted Hello
[Akash]
Connected nondirectly MPLS LDP sessions
The DSL is more than one bond of his neighbor, if non-connected directly to his neighbor. For these nondirectly neighbors connected, DSL text Hello targeted as a UDP packet, but as a message specifically addressed to this DSL unicast. DSL connected nondirectly meets the Hello message and the two routers are starting to establish an LDP session. This is the so-called scope of discovery.
The default behavior of an LSR is to ignore the other DSL applications that send targeted messages to Hello. You can configure a DSL to meet the demands of targeted Hello messages by publishing the discovery ldp targeted Hello mpls accept small order.
Why do you think that the LSP is broken, if we do not use the LDP
[Akash] If LDP is not enabled on the tunnel, R2 will not any label R3 on the tunnel interface broadcast and R3 sends the traffic untagged to R2 [only rsvp label which is implicit null], and ip lookup will happen on R2, so this is not end-to-end LSP. If ip loopup happening on the router of the base, I would say that LSP is broken here. But if LDP is enabled on the tunnel, R2 will announce a local label R3 more targeted LDP session. L3 will send labeled package [implicit null for RSVP, label IGP announced by R2] R2 and R2 will make label swapping and send traffic to R1. All the way labels switching and LSP is intact.
If it would have been scenario L3vpn, traffic would have been blackholed on router core cases get end of tunnel. In your case all core routers have routes with destination so accessibility is there but LSP divided again.
Kind regards
Assani
-
ASA 8.3 VPN site-to-site does not UDP traffic to other peer
Hello!!!
Someone turned off the lights :-) I say this because that's 6.2 6.3 I can't get the basic things...
On a SAA, I created a "site-site" VPN profile to connect to a remote site, on the other side (ASA 8.2) sees no problem, I can pass all IP traffic via VPN without NAT; but on a new ASA5505 with 8.3 (1) version fw and ASDM 6.3 (1) can't do that in any way :-(
What I get is trivial...
... It works perfectly with TCP and ICMP traffic, but does not have UDP traffic: in practice, if I followed the traffic to a remote private IP, TCP and ICMP traffic I see only packets in vlan "inside" with the private IP, but with the UDP traffic on top of that, I see traffic on vlan 'out' with the IP public ASA and source port changed :
Inside: UDP to 172.16.2.128:6000 to 172.16.0.200:6000
Outside: UDP to 5.5.5.5:23400 to 172.16.0.200:6000Why?
Of course, the traffic is not encrypted and does not reach the other side of the tunnel!
Here are the important parts of the configuration:
interface Vlan1
nameif inside
security-level 100
172.16.2.1 IP address 255.255.255.0network obj_any object
subnet 0.0.0.0 0.0.0.0remote network object
172.16.0.0 subnet 255.255.254.0outside_cryptomap to access extended list ip 172.16.2.0 allow 255.255.255.0 network remote control object
NAT (inside, outside) static source any any destination static remote-remote network
network obj_any object
NAT dynamic interface (indoor, outdoor)
card crypto outside_map0 1 match address outside_cryptomap
outside_map0 card crypto 1jeu pfs
card crypto outside_map0 1 set ip.ip.ip.ip counterpart
outside_map0 card crypto 1jeu nat-t-disable
outside_map0 interface card crypto outside
Given that the new business object, I have not yet quite clear (ok, I don't find time to do a deep reading of the documentation), someone is able to direct me to fix this trivial?
Note: If I remove my drive manual nat and I flag "network translating" on the remote network object thus indicate that they want NAT with ip network remote control then don't work any IP vs. remote site traffic. Why, why have not more than the simple rules of 'nat exception' the old version and why the crypto-plan applies only to TCP traffic? Possible that there is an object any which takes all IP traffic?
A big thank you to all.
73,
Arturo
Hi Arturo,.
I know that there is a certain NAT related bugs in 8.3 (1) and although I don't remember a specific which corresponds to your symptoms, I would say you try 8.3 (2) instead, or maybe even the last available version of a temp (currently to 8.3 (2.4):)
If you still see the problem, then, check
entry Packet-trace within the udp 172.16.2.2 1025 172.16.0.1 detail 123
entry Packet-trace inside tcp 172.16.2.2 1025 172.16.0.1 detail 123
and check what's different.
HTH
Herbert
-
Changes of InCopy does not save
Hi guys,.
We have a problem here in our organization where we cannot save the changes to the InCopy files correctly.
Here's what happens:
If I make changes to an InCopy file and "save content", everything seems to work properly. But if I close the file, then open it again, the program prompts: "want replace you this file [the latest] with the [old one]?
If I choose 'no', then the file opens fine with the changes that I made earlier.
However, if someone on another computer tries to open the file, they get no prompt and the changes do not appear. You can see how this is a problem, because the whole point of InCopy is to have multiple users working on the same file.
Other information:
- The file is kept on a server that we can all acess.
- Our designers work off site. They do not have access to our servers, so that they export an InCopy of InDesign file and we send it by e-mail, which save us then on our server.
- Convert our InCopy files an InDesign file works fine with all the saved changes. The only problem makes changes to the InCopy file.
Thanks for any help you can provide.
Yes, it is possible to record an ICMA file on the server, if that's where the designer has to. In other words, if the designer is on the local network.
When you use ICAPS, ICMA file is related to his stories. You will break the workflow if you move the ICMA and his stories on your local hard drive to the server, I believe... The ICMA file will not be able to find stories, or even if you do, it will not be able to repackage everything to return to the designer.
Maybe you could do some Voodoo with alias and others? The problem is that there are other xml files in the unpacked PICA that make mysterious traffic jobs. Not sure how those who would take to voodoo alias.
The designer should send individual ICAPS of different "spreads" of each Publisher. If the Publisher B must review / whatever the editor A work, then A Editor, when they are done with the assignment (from ICAP on their local drive), chooses before InCopy on their menu of the assignments Panel. Who reconditions everything properly for the next editor online. The last editor who then examines chooses return to InDesign to package back to the designer.
If you need access to the same provision at the same time (as you if the designer was local), consider Dropbox. No server is involved, no e-mail, no package. Everyone works locally on the same subfolder Dropbox (one per project) that is synchronized with the others and the "cloud". It's a thing of beauty. They use it in this post for example: http://forums.adobe.com/message/3701537#3701537
AM
-
Dear all,
I have to configure a 10/40 GbE switch MXL. In my scenario, each port 0/1-12 has access to 3 different networks.
1. Management (VLAN: 10)
2 storage (VLAN: 11)
3. Admin (not identified)
I can assign ports to access many VLANs. (labeled tengigabitethernet 0/1 - 12). But what happens if I have to pass the traffic which is not marked as well?
Kind regards
A trunk connection has a vlan native who is used for untagged traffic. Take a look at this document, he detailed step by step for a network connection.
See you soon
-
K9-NME-IPS does not all packages
Hello members,
I have a K9-NME-IPS module in my router installed but it seems that it does not all packets from the router. This is the configuration for the IDS Sensor Interface and the Interface where I want to send traffic to the sensor.
interface GigabitEthernet0/0
Description CONNECTION to THE MPLS BACKBONE
no ip address
full duplex
Speed 100
No cdp enable
!
!
interface GigabitEthernet0/0.100
CONNECTION to VRF100 VRF description
encapsulation dot1Q 100
IP vrf forwarding VRF100
IP 172.16.2.14 255.255.255.248
ID-service-module monitoring inline access list 100
No cdp enable
!
interface GigabitEthernet0/0,103
Description CONNECTION to VRF200
encapsulation dot1Q 103
IP vrf forwarding VRF200
IP 172.16.11.6 255.255.255.248
penetration of the IP stream
stream IP output
ID-service-module monitoring inline access list 100access ip-list 100 permit a whole
and here are the statistics of the module.
# display the virtual sensor statistics
Virtual sensor statistics
Statistics for vs0 virtual sensor
Name of the current instance of Signature-definition sig0 =
Name of the current instance of event-action rules = rules0
List of interfaces controlled by this virtual sensor = sous-interface GigabitEthernet0/1 0
General statistics for this virtual sensor
Number of seconds since statistics reset = 10137
MemoryAlloPercent = 51
MemoryUsedPercent = 49
MemoryMaxCapacity = 614400
MemoryMaxHighUsed = 432128
MemoryCurrentAllo = 317667
MemoryCurrentUsed = 302192
Percentage of the processing load = 1
Total packets processed since reset = 0
Total of processed since the reset = 0 IP packets
Total of IPv4 packets processed since reset = 0
Total of IPv6 packets processed since reset = 0
Total IPv6 AH packets processed since reset = 0
Total of ESP IPv6 packets processed since reset = 0
Total of the IPv6 Fragment packets processed since reset = 0
Total IPv6 routing header packets processed since reset = 0
Total of the IPv6 ICMP packets processed since reset = 0
Total of packages that were not processed since the reset = 0 IP
Total of the TCP packets processed since reset = 0
Total of the UDP packets processed since reset = 0
Total of ICMP packets processed since reset = 0
Total packets that were not TCP, UDP or ICMP processing since reset = 0
Total of ARP packets processed since reset = 0
Total ISL-encapsulated packets processed since reset = 0
802-1 total q encapsulated packets processed since reset = 0
Total packets with bad checksum IP processed since reset = 0
Total packets with wrong layer 4 are treated for reset = 0
Total number of bytes processed since reset = 0
Packets per second since the reset rate = 0
Bytes per second since the reset rate = 0
The way of bytes per packet since the reset = 0Thanks for your comments
Alex
Hi Alex,
Matthew has been mentioned previously, for the NME module, the access list defines which traffic will be NOT be inspected.
If you want the NME to inspect all traffic, you need to change the list of access to DENY all traffic.
So, change it to "access-list 100 deny ip any one" to inspect all traffic.
Thank you
Stijn
-
BlackBerry Smartphones BBM is not available in APP world.
Hello
My BBM has disappeared from the BB app world, even if I type Blackberry Messenger in the search engine of the app world it shows a few apps from third party bt not the BBM real application itself...
I currently have 6.2.0.56 BBM version and therefore cannot be updated to BBM 7...
A few weeks ago, BBM is available for download on App world bt, it was still 6.2.0.56 version not BBM 7. .and BBM 7 released by RIM in December. Now its gone compleletly.
I will stay in India... If BBM 7 not made available to the Indian BB users by RIM? and when it will be available?
Or there are some issues with App world?
And also done BB travel works in India coz I know for cards is BB n traffic BB does not.
Thank you.
The reason is that carriers in India have not agreed to support the voice feature of BBM again.
You should complain to your mobile service providers.
-
Port changed to remote desktop - could not get through the firewall of Windows 7
In order to get my two work computers from home (via my router) I changed the port number for the remote desktop on one of the machines. Now, I can not him (even to my network of local work) unless I have turn off the Windows Firewall. With the firewall disabled I can access it fine (with the new port number). I tried establishing a new rule of inbound traffic but have not been able to get this to work. What is the process step by step to creating the rule for inbound traffic for that to happen?
Hello
The Microsoft Answers community focuses on the context of use. Please reach out to the business community of COMPUTING in the TechNet forum below:
http://social.technet.Microsoft.com/forums/en/category/w7itpro
-
VLAN on a standard switch does not
Hello
I have cisco switch having vlan10 running ip address 192.168.10.0/24 upstream.
I created server ESXI and given the IP address 192.168.10.40.
VM created and everything seems perfect.
Under my switch I see the Vlan defined is 0 if I change this value to 10 all traffic stops and not even able to access the client by vsphere host.
Manually, I have esxi host and remove the tag in this case.
I was wondering how would be this traffic will be marked.
My switch cisco upstream port connect to the esxi host is switchport access mode.
Kind regards
Sushil
Skumar704 wrote:
My switch cisco upstream port connect to the esxi host is switchport access mode.
When you select Cisco switchport mode access , this means that only unmarked traffic is used and allowed on this port. You should change that to the switchport mode trunk instead, which will allow tagged VLANs. (A vlan untagged tolerated by the trunk, called "vlan native" as mentioned above peetz).
After setting the port mode "trunk", you can select 10 VLANS on the portgroup on the virtual switch.
-
Hello
I have a question about JOINT-2 on the 6500 cat.
Is there than some performance issues for use VACL rather than the LENGTH?
Thank you
Graz.
Actually, the material on the official course of Cisco Secure Intrusion Detection System (CSIDS) , specifically Chapter 8 - setting up JOINT, says that the JOINT-2 "provides a solution IDS in switch providing access to data via VACL capture, SPAN or RSPAN streams".
It clearly indicates (as well as the documentation of IDSM2 - http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_installation_and_configuration_guide_chapter09186a00801a0c95.html#wp589548) that the port 7 and 8 on the IDSM2 are the monitoring of ports.
They are able to control up to 2 sessions of RX SPAN, 4 TX SPAN sessions or 2 sessions SPAN RX + TX. The only factors are that the total amount of traffic split may not exceed 600 Mbps and limitation on sessions SPAN limit the number of ports in the chassis Catalyst 6500 which can have their monitored traffic. (NOTE: new Info based on the information contained in the manual of course)
WRT VACL, Cisco says that the VACL, whereas it is more difficult to configure than SPAN, is the preferred method to send traffic to the IDSM2 "because it allows a subset of traffic must be copied and forwarded to the IDSM2, limiting the amount of traffic, it must treat and more also potentially allowing traffic to additional ports in the chassis to analyze.
Given this information, it would seem that VACL (when properly set up and used) is more powerful and less stressful for the IDSM2 as SPAN.
Alex Arndt
-
WRT160Nv3 problem with blocking traffic through Access Restrictions
Hello.
I want something very simple. Block Youtube. I go in "Access Restrictions", choose a name for the policy 1, turn it on, choose the pc in the list of pc, but then...
If a click Deny, all other options will be disabled (grayed out, do not click or write on them).
Therefore, I can't put the URL I want (youtube).
I tried to write the url with "allow" and then change to 'decline', but it crashes ALL the traffic.
Not good.
So, how can I make a new policy just to block this URL?
Is it normal that when I click and choose "Refuse" all is disabled afterwards?
Thanks in advance.
Kind regards
Leo
for the internet access policy DENY wants to restrict internet access for hours and days specified. This may block ALL internet traffic to the said Annex. Web site blocking of URLS, blocking by keyword and the applications would then NOT AVAILABLE as long as the computers would have access to internet at first if you have such a policy is disabled.
for your case, you can try to turn on the restriction of access to the internet to ALLOW then specify youtube.com under website by URL blocking. This would have internet access all the time (if you have the DAILY deadline), computers or during certain days and hours but do NOT have access to youtube.
Maybe you are looking for
-
HP Support Assistant 8.1 Windows
My HP Support Assistant does not work with my recent upgrade Windows 8.1. Is there any avalaiabe of bugs still?
-
Need a new screen for Satellite A665-s6070
So my father decided to walk 1000 dollat on my laptop and broke the screen.Fortunately, I can plug it into my tv. How and where to get a new screen for an A665-s6070? Thank you.
-
How can I include multiple pages for the default homepage on statup
When I launch Firefox, I want to show several tabs with a few of my favorite sites. Is it possible that it could be in IE?
-
Games / Freecell - Spider solitaire
I just bought a new Dell PC. It has Windows 7 Professional 64 bit English. How can I get the games that normally comes with Microsoft 7? Bruce
-
Problem with external scripts to run
Hello I was wondering if someone can help me, got a problem where the external script is running without problems, the file gets generated and released into the log folder then file disappears as expected. When the file disappears, file does not appe