Cisco 350 WB security

Similar Messages

• CISCO 350 Wireless LAN Module on Solaris

  I am running Solaris 8 (6/00) for Intel platform with xFree86 version 4.0.3 on my laptop. My CISCO 350 PCMCIA Wireless LAN module work cannot be used nor detected in Solaris. Can anyone help me with that?

  Are you running any other Vm's on the host server?
  Are they working? Did you enable your BIOS to support VM?
  Then with regards to the install make sure you follow the guide as it can get tricky.
  I forgot to add Promiscuous personally. Make double check you Network Backing. I am not running a VM anymore - just recalling where I had issues.
  http://www.cisco.com/c/en/us/support/docs/wireless/virtual-wireless-controller/113677-virtual-wlan-dg-00.html

• 802.1x, enterasys roamabout R2, cisco 350 aironet without win2k active dir.

  Can I set up a win2k 802.1x client authentication (win2k OS) using a cisco 350 aironet adapter via a roamabout r2 AP and get authenticated with a cisco ACS 3.0 radius server without having a win2k active directory domains ( i guess without using certificates)? I'm currently still using NT domains and having a WinNT PDC which I believe it will be a hassle to migrate win2k. If so, are there any documentation out there that can help me?

• Cisco ASA ( Adaptiv Security Algorithm )?

  Hello,
  Im french so sorry for my english , i will do my best to explain my question.
  Im actually working on Cisco PIX 501 ( for school ).
  I have to do some test on it , search what is able to do and how to proove it...
  My question is about Cisco ASA ( Adaptiv Security Algorithm ) , what is it doing? i mean it just simply stop every information coming from outside to inside(security 0 to 100) or is it doing more? is it searching wrong/good packets or just stop everything?and if it's doing that , how it's done?
  My question could be : what cisco ASA doing more than ACL?
  I hope im clear enough in my questions,i search a lot on internet but didnt find an answer.
  Thank you!
  Amaury

  if i understand good what you mean , ASA/algorithm is a part of different processes which are part of stateful inspection
  not really,  I would say that stateful inspection is part of the adaptive security algorithm.  The algroithm goes through processes such as ACL check, NAT..etc. and based on these check makes entries in the state table.
  ( by the way stateful inspection = stateful firewalling , right?)
  Kind of.  Stateful inspection is what the stateful firewall does and not what it is if you can understand that.  A stateful firewall performs stateful inspection.  So stateful inspection is not a firewall.
  when you said "showing tcp  connections and NAT xlate table entries at  the firewall CLI before and  after" , iam ok with that but what are the  command to check table entries? i cant find it.
  show conn protocol tcp will show you the TCP connections through the firewall and show xlate will show you the NAT translation that are currently active.
  Aswell i will need the commands to configure ( if possible ) stateful  inspection and traffic inspection , but i will try search by myself  because i didnt start yet
  Again, stateful inspection is not something you configure but is what the ASA does based on configured rules.  so all you need to do is configure ACLs and NAT rules and routing and the ASA does all the stateful inspection stuff on its own.
  Please remember to rate and select a correct answer

• HELP: symbol netvision phone w/cisco 350

  Hello
  I am having trouble setting up a symbol netvision phone with my cisco ap 350 that is running 12.01T. Basically, when the phone powers up it finds the SSID for my network (if i enable the broadcast SSID). It does not seem to get an IP Address/mask. It constantly displays "No Network". I have read the caveats for this release...there is mention that the symbol phone may display this message and there is no workaround present. If anyone has a working config on the AP, please email me at [email protected] Also it would be good to know if anyone has gotten this to work with release 12.01T. I have symbol extensions enable and the preamble is set to long....Thanks!

  I think the only thing you can do is to use Cisco Aironet 1100/1200 AP,instead of Cisco 350 series AP.
  This isssue is not present in 1200 and 1100AP.

• Filtering on CISCO 350 (a)

  Hi,
  I'm trying to set up filters on a CISCO 350 and am a bit confused with the configuration.
  1) Is it so that the "Default disposition" defines how all protocols will be handled while for each protocols defined in the "special cases" in a filter set definition, another action "per protocol" can be defined (kind of :DISCARD ALL but FORWARD only ones in Special cases)
  Thanks and best regards,
  Guy

  Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
  If anyone else in the forum has some advice, please reply to this thread.
  Thank you for posting.

• Cisco Ironport Email Security inline with Microsoft Forefont

  Hi,
  We are going to deploy Cisco C370 Email security appliance as new email relay in our DMZ. Currently Microsoft Forefont is already doing the same functionality and new Ironport email security appliance will be added as 1st layer of email security. 
  I would like to know what are the changes that we should consider in this deployment in order to forward mail to Forefont, is there any specific configuration on both products and what is the best method of deployment etc.
  Also I would appreciate if there is any Cisco/Microsoft documentation available for such deployment senario.
  thanks in advance.

  Hello pemasirid,
  as far as I can see from your description is that you add the ESA C370 as an additional gateway, so I would say there is little you need to change in your current network design. As this is all about SMTP getting forwarded, you basically just need to take care of the following things:
  On Forefront: Allow injections from the ESA(s) and forward all outbound messages to the ESA
  On the ESA(s): Insert the Forefront IPs into the RELAYLIST of the private listener to allow outbound messages. Also set up an SMTP route to forward inbound messages to the Forefront server.
  Also change public DNS to point to the public IPs of the ESAs, in case they are different from what you have used before
  A good starting point for deploying would be the Quickstart Guide for C370, that you can find in the support section for email security on Cisco.com. Also, the user guide, which is also available on the GUI of every email appliance (GUI: Help and Support -> Online Help).
  Hope that helps,
  Andreas

• Cisco IronPort Web Security 7.5 (Async OS).

  Hi All,
  Can anybody provide me the W3C sample logs of Cisco IronPort Web Security 7.5 (Async OS).
  Thanks,
  Sachin.

  "05/Oct/2012:10:17:00 +0200" 2152 NONE - 10.0.0.1 NONE 504 0 GET http://www.cisco.com/index.html - ALLOW_CUSTOMCAT_11-Intranet_Access-Intranet_Access_RD-NONE-NONE-NONE-Intranet  "Intranet"

• CS Mars, Cisco Works and Security Manager

  If we wanted to get all three applications, do cisco bundle it into one package? Or does it have to be purchased separately?

  do we need a NetFlow card or is the service implemented by default in Cat4500. Is MARS & CSM suitable solution for main configuring, incident monitoring and evaluation of ASA5520 & Cat4500?
  Yes, you need WS-F4531= card (Netflow is not available in Cat IOS as a service/command), which works with Cat 4500 Sup IV/V.
  MARS is a monitoring device, and CSM is a management device. You can get critical NBA (Network Behaviour Analysis) alerts from MARS, and from CSM you can get configuration backups/audit/bulk administration (of security devices only).
  Hope that helps.

• Cisco Aironet 1400 - security

  Dear all,
  I'm currently configuring 2 Cisco 1400 Bridges. One is the root bridge the other the non-root bridge (ok logic :-) ).
  I wanted to know what is possible for using certificates for the non-root bridge or to use the local radius on the root bridge to increase the security level of the wlan network.
  I tried to reach the local radius on the root bridge, but I'm always getting a 404 error. After reading some Cisco docs, it said that we need to use AAA new model from the CLI, I did it without success.
  What would you recommend to ensure a good security level for the wireless link?
  I'm open to use certificates or a Radius (local or IAS) or any suggestions you may have.
  Any help or or suggestions are very welcomed...
  Thanks per advance,
  Regards

  The only EAP types supported by BR1410 is LEAP. You should able to configure LEAP client on the non-root bridge:
  http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15rep.html#wp1036921
  The above URL is for repeater; however, it is the same for non-root bridge.
  You may already know. If you want to set up local radius server, the following URL should be useful:
  http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15local.html

• Mac OS 10.5 - Cisco VPN - Screensaver Security Password Crash

  Hi
  I have a client who has a MacBook Pro running Mac OS 10.5.6 and uses the Cisco VPN client version 4.9.01 (0100) so that he can work remotely from home. The problem he is experiencing is when he VPN'd into his office network and leaves his computer unattended for enough time for his screen saver to cut and then returns to the computer and it prompts him for his account password to exit the screen saver it crashes. This is not the case if he does not have VPN connection.
  I have checked with him which screen saver as some, like the Apple RSS Visualizer, require a valid internet connection to download RSS feeds and I know that the Cisco VPN Client when actively connected to a Cisco router can cannibalise ones network connection thus not allowing the download of RSS feed. Anyway this is not the case as he uses Apple Flurry screensaver.
  Anyone have any ideas what might be causing this problem?
  Thanks in advance.
  Anton

  The problem with that is that my client does Cinema 4D work and leaves his system unattended when his drawing are rendering and has password to stop his pesky children causing problems. Sleep would cause the system to hibernate and spin the hard disk down which would pause any rendering from processing in the background.

• Filtering on CISCO 350 (b)

  Hi,
  Still dealing with the filter configuration on AP350.
  Filters can be designed based on the ETHERTYPE, IP protocol and IP port. Focusing on ETHERTYPE filters, how can I filter out 802.3, 802.2 frames ?
  Thanks and best regards,
  Guy

  Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
  If anyone else in the forum has some advice, please reply to this thread.
  Thank you for posting.

• Cisco cme paging security 3845 router password for paging access voip

  Hi,
  We have a Cisco 3845 router running CME, ephones and ephone-dn are configured, there is ephone-dn is configured for paging. The system and paging work fine. We want to give password for those who make announcement. There are currently more than 30 extensions but we only want to give paging access to three users. How can we do this?
  Thank you

  Sure. Using the same (or similar) example:
  Extensions: 2XXX
  Primary Phone: 2025552000
  We can address the need with the following:
  voice translation-rule 10
  rule 1 /^2...$/ /2025552000/
  voice translation-profile cme-to-itsp
  translate calling 10
  dial-p v 100 voip
  description Example Egress Dial Peer to ITSP
  destination-patt
  translation-profile out cme-to-itsp
  HTH.
  -Bill (http://ucguerrila.com)

• Cisco router and security SDM download

  I know it is end of life. But can any of you tell whether we can download it? any version would be fine. I searched cisco website without any results.
  thanks,
  Han

  2800ISR
  http://www.cisco.com/en/US/products/ps5854/index.html
  3560G-24PS (there isn't a 10/100 switch with the required forwarding rate and PoE support).
  http://www.cisco.com/en/US/products/hw/switches/ps5528/prod_models_comparison.html
  HTH,
  Edison.

• Cisco 1100 *basic* security

  Just a quick question from a wireless newbie- how likely is it that someone from outside could get into a wireless network with only the following configured?
  MAC address filtering with 3 specific MAC addresses of wireless devices in use.
  Changed the default admin logon (of course) and the SSID. Set the AP to not broadcast the SSID.
  No WEP or any other security. In this particular configuration, the potential for sniffing the Web-site traffic being broadcast isn't a big deal.
  How easy is it to spoof one of the three specific MAC addresses (not knowing what they are) or to bypass MAC filtering altogether? Can the MAC be sniffed off the air?
  Thank you!
  Ken

  With that configuration any basic 802.11 sniffer will get you the MAC addresses in a few seconds and then a savy user could changer their MAC address
  While it is still pretty easy to find out the MAC address if you also add 128 bit WEP and MIC and TKIP then it will be very hard for the unauthorized user to pass any traffic on your network even with some of the more advance WEP crack tools