I-BLOG

Productivity increase by blocking non-project related sites is one of the myth that I’ve seen a lot on various online forums and as well there are always counter research data as to this has nothing to do with ‘increase in productivity’. I guess, I kinda agree too (Well, I know ... Continue Reading

It is not quite unusual where you do a static port map using the IP address assigned on the outside interface in either PIX or ASA to map different services inside your network, something like this; 1: static ... Continue Reading

One of the most common things in every ASA/PIX firewalls is the nat configuration for outgoing connections; something like this; hostname(config)# nat(inside) 1 0.0.0.0 0.0.0.0 hostname(config)# global (outside) 1 interface This tells the firewall that all traffic ... Continue Reading

  If you don’t know especially if you’re a newbie with Cisco Routers, one of the annoying thing is the message; Translating..... domain server (255.255.255.255)   ... Continue Reading

There was an interesting post in EE recently about policy based routing. So the network goes this way; Lan connected to an Cisco router which has 2 ISP connections. The main one is terminated on serial0/0 and another aDSL link at serial0/1. The internal lan is connected to Fe0/1 There ... Continue Reading

At times when ISP drops an internet connection, it is needed to put the router in bridge mode so that the public ip address can be directly assigned on the inside firewall (any brand). So you can put a cisco router in bridge mode this way; bridge 1 protocol ... Continue Reading

It is nice to use the RDP to be on a different port for security purposes. If a firewall scanner finds out that port 3389 is allowed then it is pretty obvious that it is an RDP hole in the firewall punched in. So how about port 12345 ? 2 ... Continue Reading

Juniper has confirmed that its offer of free training to Cisco certified professionals to become Juniper-certified is available to Cisco network pros worldwide. The program was originally reported as only available to qualified folks in Asia Pacific, but inquiries by Cisco Subnet to Juniper corporate HQ in Sunnyvale, Calif., in ... Continue Reading

Now that I answered the same question twice @ EE, it would be better that I bookmark it for the sake of others here; So, the question is when it comes to a platform with Cisco to be a Firewall, do we use Cisco Router or Cisco PIX ... Continue Reading

Saw couple of questions on this one in EE; So when you say control ICMP on a pix firewall, it is 2 fold. Control icmp traffic through pix firewall Control icmp traffic that is *destined* for pix firewall, whether internal or extern For the first one, it is easy and control it using access-lists. For the second, you use the command 'icmp'; icmp permit/deny <source> <icmp-type> <interface> if I say 'icmp permit host 172.16.1.1 echo-reply inside' => What it tells the pix is that allow to send echo-reply msgs ... Continue Reading