Search results

to allow ICMP "through" the ASA you need to add ICMP to the global inspection policy, try this: policy-map global_policy class inspection_default inspect icmp 2. to allow ICMP traffic TO an interface on the ASA you need to add icmp allow statements: icmp permit <network> <mask> echo...

1. Todd Lammle Sybex 6th Edition 2. Cisco Press Official Exam Guides - ICND1 & 2 - Wendell Odom 3. Exam Cram CCNA Questions Only - Jeremy Cioara. All you should need.

It's a common issue. There's a post about it here; http://communities.vmware.com/thread/280348?start=0&tstart=0 :)

Maybe its your 5 octet ip address :P (192.168.0.1.6)

Hi, You should just be able to set the encapsulation type to "Bridge Mode Only"

If its being "blocked" you should receive an ICMP type 3 destination unreachable diagnostic message from the device that's blocked the connection attempt. tcpdump / wireshark would verify this. If its being "dropped" you won't receive any notification. Cheers, Scott.

if nat-control is enabled you must have a nat statement in order for the traffic to be forwarded, NAT / NAT0 or otherwise. If you disable nat-control and remove the nat statements it should still work. Do you have a route back to the source network on the router that your sending icmp echo...

there doesn't look a great deal wrong with that tbh. you dont need the deny statement in the 104 access list though. are you able to post the config from the remote device... or even better both configs with the private stuff removed? $8ct@

no problem! glad it works.

can the NCL router ping 192.168.100.1 interface on the LON router across the p2p link? if so i'd work backwards from there... have you set the correct default-gateway on the PC1 (i assume it should be, 170.10.1.0) can you ping the default gateway? does the LON have a valid route back to...

has the neighbour relationship formed ?? theres a mismatched subnet on the point-to-point serial link, that would be my first stop. you've used a /30 on one side and a /24 on the other (according to the diagram) run show ip ospf neighbors (and if there aren't any neighbours listed) run...

are you able to post the configs? it looks like there is still a nat issue there. have you got a deny statement to specify that traffic crossing the VPN should not be translated? i may be mistaken but it also looks like your missing a transform set and optional security-association for the phase...

you should just be able to add a deny statement to the beginning of the list that specifies which traffic you wish to translate.. ip nat inside source list 101 interface atm0 overload access-list 101 deny ip 192.168.0.0 0.0.0.255 10.0.0.0 0.0.0.255 (Don't nat the Interesting VPN Traffic)...

interface ATM0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip flow ingress no atm ilmi-keepalive dsl operating-mode adsl2+ interface ATM0.1 point-to-point description ***OUTSIDE_INTERFACE*** ip address A.B.C.D 255.255.248.0 ip verify unicast...

PRTG Network Monitor by Paessler?

Just change the "Interface Metric" value on the NIC you wish to use as the primary card for internet access etc. It will be set to auto, you could change it to "1" and the other as "2". All remote traffic will then be sent from this interface. You will find this under TCP/IP v4 -> General Tab ->...

Forgive me if i'm wrong but i would agree with TUI with regards to the RDP Traffic You've specified 3389 as the destination port both ways which it isnt, you need to select it as the source port for returning traffic, destination port would be "any" (>1024) i.e access-list XXX permit...

Hi, I'm hoping some of the cisco guru's out there might be able to help. I'm having a small issue with my 877w ISR. All i am wanting to do is allow my XBOX 360 traffic for Xbox live. I'm using the "Zone Based Firewall" not CBAC. For whatever reason my version of SDM (2.5) / Windows 7 / Java...

You just change the Drop-Down menu at the top to RFC 1483 Bridge Mode. Username / Password fields disappear. Job Done :)

It depends on your budget but i would definately recommend a 2509 / 2511 Router to use as an access server. If you've got more than 4 or 5 devices, swapping the console cable over each time soon gets annoying. I'd definately recommend the CBT Nugget video's by Jeremy Cioara and also the...