IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1834.13 MB
Powered by
Channel Info
Network: freenodeChannel: #cisco |
Search in www.irclog.org
Log from #cisco at freenode 2006-05-17
[04:19]<fjzvxnz-wjzc>i really should learn the "right" way to do static mappings
[04:20]<snpphjdn>no, ancient install of freeswan
[04:21]<snpphjdn>static nat is actually pretty easy to handle once you get the hang of it
[04:21]<[mzvzyw]>Tell me what you're trying to map and I'll give you the correct method
[04:21]<[mzvzyw]>Or try. ;)
[04:22]<snpphjdn>I need a map for port 25 to kalamazoo
[04:22]<fjzvxnz-wjzc>host in dmz2, with public IP on outside
[04:22]<fjzvxnz-wjzc>right now i have:
[04:23]<djuxxx>call me stupid... satic mapping = port forwarding??
[04:23]<fjzvxnz-wjzc>static (dmz2,outside) 64.162.99.38 192.168.230.225 netmask 255.255.255.255 0 0
[04:23]<fjzvxnz-wjzc>pix1client(config)# conduit permit tcp host 64.162.99.38 eq https any
[04:23]<snpphjdn>DouXXX: yes
[04:23]<fjzvxnz-wjzc>it works.
[04:23]<djuxxx>static mapping is like making rules on port right?
[04:23]<djuxxx>port 3389... RDP..... deny
[04:23]<djuxxx>give me an example
[04:24]<[mzvzyw_]>buffers small permanent 35
[04:24]<[mzvzyw_]>buffers middle permanent 25
[04:24]<[mzvzyw_]>buffers big permanent 50
[04:24]<[mzvzyw_]>buffers big max-free 60
[04:24]<[mzvzyw_]>whoops
[04:24]<[mzvzyw_]>heh
[04:24]<snpphjdn>I send port 25 traffic to one server and port 80 traffic to a different server
[04:24]<djuxxx>WTF
[04:24]<djuxxx>lol
[04:24]<[mzvzyw_]>wrong window.
[04:24]<snpphjdn>even though I only have one external IP address
[04:24]<snpphjdn>thats static nat
[04:24]<djuxxx>i have a dynamic ip and im curious bout running dyndns on any cisco routers
[04:25]<snpphjdn>woot! top secret information
[04:25]<djuxxx>i have an account from dyndns
[04:25]<djuxxx>my IP change all the time
[04:26]<[mzvzyw_]>loather: static (dmz2,outside) 64.162.99.38 192.168.230.225 netmask 255.255.255.255
[04:26]<[mzvzyw_]>access-list WAN_Access_In extended permit tcp any host 64.162.99.38 eq https
[04:26]<fjzvxnz-wjzc>ok, i've got that already
[04:27]<fjzvxnz-wjzc>oh, acl. hm.
[04:27]<[mzvzyw_]>access-group WAN_Access_In in interface outside
[04:27]<djuxxx>how to run dynamic DNS on any cisco routers???
[04:28]<[mzvzyw_]>at least those are the commands for 7.0, think they'll work in 6.3
[04:28]<djuxxx>i dont think there's a dynamic DNS client installed on cisco
[04:28]<djuxxx>???
[04:28]<fjzvxnz-wjzc>ERROR:<extended> not a valid permission
[04:28]<snpphjdn>DouXXX: I don't know of a way, but my isp only charges $5 for a static IP
[04:28]<djuxxx>comcast?
[04:28]<snpphjdn>nah, local ghetto isp
[04:28]<djuxxx>ohh
[04:28]<[mzvzyw_]>loather: check ? and fix it for 6.3... can't remember the exact command
[04:29]<snpphjdn>last i saw comcast was like $40/month for static IP
[04:29]<djuxxx>95 a month for a static IP
[04:29]<[mzvzyw_]>:O
[04:29]<fjzvxnz-wjzc>pix 7 is so much better :(
[04:29]<snpphjdn>ouch
[04:29]<djuxxx>yah
[04:30]<djuxxx>lol
[04:30]<[mzvzyw_]>pix 7 is just nicer in a lot of ways
[04:30]<fjzvxnz-wjzc>it's more ios-friendly
[04:30]<fjzvxnz-wjzc>pix 6 and below is its own beast
[04:30]<[mzvzyw_]>yup
[04:30]<guffajmn>! rpm_tag_id May 17 2006 01:25:59
[04:30]<guffajmn>what's that line for ?
[04:30]<djuxxx>pix 7 is free to download?
[04:30]<fjzvxnz-wjzc>nullcode: it's a comment -- don't know.
[04:30]<fjzvxnz-wjzc>DouXXX: no, yo need a service contract
[04:30]<[mzvzyw_]>nothing is a free download. :)
[04:30]<djuxxx>smartnet?
[04:31]<fjzvxnz-wjzc>yes
[04:31]<djuxxx>bittorrent cough couh
[04:31]<djuxxx>lol
[04:31]<djuxxx>cough
[04:31]<[mzvzyw_]>and it only runs on 515E's, 525's, and 535E's.
[04:31]<snpphjdn>but 7 won't run on a 501 will it?
[04:31]<snpphjdn>k
[04:31]<[mzvzyw_]>nope, no 501's or 506's
[04:31]<fjzvxnz-wjzc>[Matrix]: not true -- before I had smartnet i was able to download IOS 12.3 for my 1220. I was surprised!
[04:31]<[mzvzyw_]>umm, dang
[04:32]<djuxxx>does anybody in the room have 2500 series router?
[04:32]<fjzvxnz-wjzc>guest-level access could download :D i was amazed.
[04:32]<[mzvzyw_]>when they stop supporting stuff do they make it free download?
[04:32]<fjzvxnz-wjzc>not as far as i know. Are 1220s EOL/EOS?
[04:33]<[mzvzyw_]>dunno
[04:33]<djuxxx>is there a such a thing called pix simulator??
[04:33]<djuxxx>boson simulator is kind of cool
[04:43]<djuxxx>?
[04:45]<[mzvzyw_]>this is kinda a noob question, but how do I display the routing table in FreeBSD?
[04:45]<[mzvzyw_]>can't believe I've never done that before...
[04:46]<[mzvzyw_]>it's like having driven a car for years and not knowing which side the gas tank is on
[04:49]<fjzvxnz-wjzc>try 'route' with no arguments
[04:49]<djuxxx>netstat -r
[04:49]<djuxxx>lol
[04:49]<fjzvxnz-wjzc>oh, that too
[04:49]<[mzvzyw_]>haha, found it just as you typed that. :)
[04:50]<[mzvzyw_]>route with no arguments just bitches at you to give it arguments
[04:50]<[mzvzyw_]>at least in 5.4
[04:50]<djuxxx>works on any operating system
[04:50]<djuxxx>that i know of
[04:50]<[mzvzyw_]>yup, netstat -r did the trick
[04:50]<[mzvzyw_]>thanks man
[04:54]<djuxxx>ive been hearing bout the fake 3550 switches off ebay
[04:54]<djuxxx>the counterfeit
[04:54]<fjzvxnz-wjzc>yeah, the ones from china
