Recent content by nohair

Hi, The smallest machine you should look at should be the Cisco 3725. Sling a couple of NM-4T's in it for 8 serial interfaces. It comes with a couple of 10/100 ethernet LAn ports. You will have 3 WIC ports to expand upon. Alternatively, if you look long term growth get the 3745. BR, -Stephen

Hi, Yes, how odd. The only thing i could think of was a loopback address. Perhaps if you were to post a partial dump of the config of 10.11.4.5 .... BR, -Stephen

Hi, Can you please provide a little more information? What interface are you wanting to NAT the traffic to for instance? BR, -Stephen

Hi The proper way to deny telnet to the router would be to issue: transport input none On your vty ports. This will disable all character mode access to the VTY ports. If you wish to use ssh or something like that type: transport input ssh That would enable ssh (if your IOS has it) while...

Hi, When using access-lists, the mask is reversed, it's called a wildcard mask. Your entry should read access-list 180 permit ip 192.168.26.16 0.0.0.15 any log The reason for this is when matching wilcard masks, 1's are deemed don't care bits, 0's must match exactly, and probably it is back...

Hi, First thing you should do is remove both public and private. Come up with your own strings using: snmp-server community <string> <option> <acl> Use it all for best security. The option refers to the type of access for someone using this string. You can have RO for read only and RW for...

Hi, It would work, but would it work effectively? That can only be answered by analysis of your network. In a nutshell, I'd say don't risk it unless you know you will not flood the router. It's kind of hard to go back when the router is bought and in place before you realise it can't cope. For...

Hi, It would work, but would it work effectively? That can only be answered by analysis of your network. In a nutshell, I'd say don't risk it unless you know you will not flood the network. For this port density level you might want to look at the 3620 which has a far superior forwarding rate...

Hi, Your config will work fine (to ping across link- you will need to conf other interfaces and routes as well for 2 proper communications) if this is leased line. If it is something other then some extra config (or even a new interface) will be needed. Here I buy my own routers and config them...

Hi, The answer would be C. Thenetwork portion is defined by the subnet mask. There is only 2 parts to an IP address, network/subnet part and host part. There is no such thing as network / subnet / host except in an IP schema diagram :) BR, -Stephen

Hi, You can purchase a network card capable of understanding ISL tags, therefore a server can be part of different VLAN's. I have never seen one, though I know Intel sells the &quot;Intel Pro/100 Intelligent Server Adaptor&quot;. When using you must configure your port on the switch to be a...

Hi, Really, you should have your addresses in RFC1918 format (eg 192.168.0.0) as these are the reserved private use. In reality, however, you can use whatever you want. You will be in a world of pain should you try to inject these routes into BGP as your private range, 192.1.1.x is allocated to...

Hi, No need to use an NTP server, configuring the clock locally will do the job. Here is a sample config for time-range if you need to know how to use it: ! time-range <name> periodic weekdays 7:00 to 19:00 periodic Sunday 18:00 to 20:00 access-list 110 permit ip any any time-range <name> ...

Hi, Could be very hard using MRTG. This can be achieved by using NetFlow. You will need to configure your router to do this as well as setting up a monitoring/reporting station. Read here for more information: http://www.linuxgeek.org/netflow-howto.php -Stephen

Hi, The answers above basically answer you, but watch the syntax, you cannot use an extended ACL with the &quot;ip&quot; keyworks and specify ports, you will need to use the tcp or udp keywords for that. BR, -Stephen