Recent content by raceman3

We recently had a security scan performed on our Internet routers and it came back showing ports 5060 and 1720 being open. I beleieve these are SIP and h323hostcall which I'm assuming is for VOIP. In any case is there a way to turn these services off or do I have to block them via an ACL...

Thanks for the clarification

The DHCP clients are on the Ethernet segments but the DHCP servers are on the other side of the WAN and not on the same subnet as the WAN router. I didn't think the WAN would forward the broadcast without using IP Helper command to process it the whole way through?

I have two ethernet interfaces and a HSSI configured as follows: int gig0/0 ip address 10.28.3.1 ip helper-address 10.30.1.2 int gig0/1 ip address 10.28.4.1 ip helper-address 10.30.1.2 int hssi1/0 ip address 10.30.1.2 ip helper-address 10.30.1.1 (other side of the wan) Am I missing anything...

I think I may have found a much simpler solution right in the cisco IOS called GLBP. Functions similiar to HSRP but different in the fact that it load balances the traffic between all the participating routers while still maintaining a single default gateway. Basically doing redirects from...

I'm thinking I'll need a load balancing switch sitting in front of the two routers. What routing protocol do you recommend between the switch and the router interfaces?

What do you mean by multiple groups of HSRP. Every device behind the router points to the HSRP address assigned to the Ethernet interface so which ever router is the primary will get all the oubound traffic.

Does anybody have a recommendation on a tool for physically locating wireless devices, 802.11a/b/g, add-hoc networking, and or bluetooth. I've already looked at YellowJacket and they only do 802.11b

We currently have two cisco router running hsrp. The primary router has a T3 into the internet and the backup router has a T1. We just purchased a T3 for the backup router and I would like to load balance traffic between them. Does that mean I delete the HSRP since the second router is no...

When you are using the same address range as the company on the other end of the tunnel you don't have much choice but to NAT

Thanks for the info, we are NATing the whole way through and my guess is that the Checkpoint has the registed address of the Nortel Contivity as its peer but does not have a rule allowing the NATed address of our internal host in its rule set to permit traffic. Unfortunately the Checkpoint end...

So you're saying it is a configuration issue with the remote firewall object on the Checkpoint which should include the NATed address of the souce as well as the peer?

I have a Nortel Contivity VPN Concentrator that establishes a branch office tunnel to a Checkpoint VPN. The tunnel comes up and works fine. The problem is when I try to ftp a file from my host to a host on the remote end the Checkpoint sees my Natted address and drops it with the following...

Actually they do. I didn't even think to look because it is a layer 2 device but when I went into config mode there is an option for access lists. I created one and applied it and seems to work ok

I have a csico 3512 out on the public side of my Internet connection which is what my 3640 router is attached to. I have an ACL in place on the router that only permits Telnet from inside addresses. Is there a way I can do that with the switch as well. I know it is a layer 2 device but I need...