Part isnt participating terminating at the router

Info icon This preview shows pages 130–141. Sign up to view the full content.

View Full Document Right Arrow Icon
part isn’t participating ,terminating at the router means close the session and walks away. Teardown inactive TCP to or from router Service tcp-keepalives-in Service tcp-keepalives-out
Image of page 130

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Cont’ Send SNMP traps for high CPU Snmp-server enable traps cpu threshold Process cpu thresholdn type total rising 80 interval 5 falling 20 interval 5 Do show history Include timestamps in log and debug Service timestamps log datetime Service timestamps debug datetime Auto archive configurations:If we have a server ftp and other we can send the snap shoot of our configurations periodically
Image of page 131
Cont’ Archive Path tftp://192.168.1.23/$h($h:variable for the host name means when the snap shoot is write into tftp it will include the host name of our router) Time-period 60(send every 60 minute ) Write-memory(if some body do copy runn start send snap shoot) Show archive
Image of page 132

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Cont’ To remove No archive To protect the start up config and ios image Secure boot-image(for ios image) Secure boot-config(for start up config) Do show secure bootset No secure boot-image(no allowed remotliy) No Secure boot-config
Image of page 133
Cont’ Routing protocol authentication Neighbor 192.168.1.50 remote-as 55 Neighbor 192.168.1.50 ttl-security hope 2(the router will we access ttl value 253,254…..255- 2=253 ….it will accept 253 and above) Neighbor 192.168.1.50 password cisco123
Image of page 134

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Cont’ Router ospf 1 Area 0 authentication message-digest Exit Int gig1/0 Ip ospf message-digest-key 1 md5 cisco123 Exit HSRP/GLBP authentication Int gig1/0 Standby 1 authen md5 key-string cisco123(HSRP) Glbp 1 authen md5 key-string cisco123(GLBP) eixt
Image of page 135
Cont’ No source routing information No ip source-route Ip options drop End Auto secure
Image of page 136

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
19-6 Tool to Protect The Management-Plane Cisco CCNP Security 300-206 SENSS 14-6 Tool to Protect The Management-Plane
Image of page 137
20 - ASA CLI L3-4 The latest generate cisco firewall is 5500 series family and 5500- x(CX) 5500 series family and 5500-x (CX) firewall functionality Layer 3 and layer 4 state full inspection of traffic Application layer inspection:http ,ftp…inspection It supported ISP (to used this we must buy IPS module and the associated license )… 5500-x is IPS built-in Botnet filtering (SIO(security intelligent operation) connect our firewall with SIO and our firewall using the information which get from SIO it can filer botnet) In 5500-x we can used AVC(application visibility control):we can control specifically one traffic,in this level we can the function of CX and NGFW In 5500-x we can used WSE(web security essential )
Image of page 138

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Cont’ Firepower cisco propriety IPS device Int m0/0 No shutdown Nameif management Ip address 192.168.1.100 255.255.255.0 Exit http server enable http 192.168.1.0 255.255.255.0 management Show int ip brief Route outside 0.0.0.0 0.0.0.0 10.123.0.1 1 Show route
Image of page 139
Cont’ Snmp-server location CBT Nuggets Lab Snmp-server contact Keith Barker Snmp-server group G1 v3 priv
Image of page 140

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 141
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern