Hi
NIC teaming is not something included with Windows Server 2008 or
Windows Server 2008 R2. However, even if it can not be configured using
server 2008 operating system, you can still take advantage of this
feature if the network adapter supports it. Network adapters built by
vendors such as Intel, Broadcom and HP can support it (please consult
your network adapter documentation)
The following link redirects to a youtube video of "Rob Waggoner", showing how to configure an INTEL network adapter that supports NIC TEAMING >> Video Right here
Note that NIC teaming is supported on Windows server 2012. To know How to configure it, check it out >> right here
------------------------------Please feel free to leave an honest comment. It will be appreciated. Thanks.
Sunday, July 9, 2017
Sunday, May 28, 2017
how to : Cisco ASA same security level + ACLs
By default, interfaces on the same security level can not communicate with each other. Allowing communication between same security interfaces let's traffic flow freely between all same security interface without access-lists.
To enable interfaces on the same-security level so that they can communicate with each other, enter the following command :
(config)#same-security-traffic permit inter-interface
But the question i have nerver asked myself is : what if we have 2 interfaces with the same security level and each having ACLs applied to each? Will the traffic still flow freely after typing the above command ? The answer is :
If you have "same-security-traffic permit inter-interface" configured and have 2 interfaces with same
"security-level" value and you have "access-list" configured on both interfaces then the ACLs will handle the decision of what traffic is allowed and what is not.
I found this answer right here, when i got this challenge of same-security level and ACLs.
Hope this will also help you.
Friday, May 26, 2017
How to identify what is blocking your traffic to pass through Cisco ASA
The packet-tracer comman can be used in privilege EXEC mode to generate packet against a firewall's current configurations.
It allows administrator to inject a virtual packet into the ASA and track the flow from ingress to egress, along the way, the packet is evaluated agains flow and route lookup, ACLs, protocol inspection, NAT, and IDS
If the traffic you are trying to get forwarded by an ASA from one of its interface to another of its interface is not working then "packet-tracer" tool can help you pinpoint exactly what in ASA is blocking your traffic to be forwarded. The power of this utility comes from the ability to simulate real-word traffic by specifying source and destination addresses with protocol and port information
The following link is an interesting YOUTUBE video that show how to use this tool using ASDM : Click Right Here To Access The Video
Thursday, May 18, 2017
Wednesday, May 17, 2017
How to configure Cisco ASA interface Redundancy
By
default, each physical ASA interface operates independently of any
other interface. When an interface is down, the ASA can not send or
receive any data through it. To keep an ASA interface up and active all
the time, you can configure a logical interface having a pair of
physical interfaces set aside for the same function and connected to the
same network and only one is active at any given time, the other stays
in a standby state. The pair physical interfaces must be the same type
Thursday, April 20, 2017
Static inside NAT On Cisco ASA
Static inside NAT creates permanent, fixed translations between a local address and a global address even after reboots and have no idle timer leading to expiration
Because static translation always stays active, hosts from less secure networks can initiate communications to the statically translated local hosts, as long as the access list rules on the ASA permit such traffic
Recall that the following pieces of information are required every time you want to configure NAT on Cisco ASA :
Because static translation always stays active, hosts from less secure networks can initiate communications to the statically translated local hosts, as long as the access list rules on the ASA permit such traffic
Recall that the following pieces of information are required every time you want to configure NAT on Cisco ASA :
- original source IP address (and port) in the packet
- interface where the original packet enters the ASA (ingress interface)
- interface where the packet will exit the ASA (egress interface)
- translated address (and, optionally, port) to insert into the packet
Tuesday, April 18, 2017
Cisco objects group Vs simple access-list
Let's use a configuration example to illustrate the difference betwwen "object group" and "simple ACL" configuration. In this example, "simple access-list" have been used first and later "object group". At the end of this post, we will clarify the difference.
Tasks :
The example is about restricting several hosts having the following respective ip addresses 10.1.1.4, 10.1.1.78 and 10.1.1.89, located on the inside network from accessing several web servers (209.165.201.29, 209.165.201.16 and 209.165.201.78) . All other traffic is allowed.
Tasks :
The example is about restricting several hosts having the following respective ip addresses 10.1.1.4, 10.1.1.78 and 10.1.1.89, located on the inside network from accessing several web servers (209.165.201.29, 209.165.201.16 and 209.165.201.78) . All other traffic is allowed.
Subscribe to:
Posts (Atom)