[afnog] DHCP configuration on cisco router 2600 series
Mark Tinka
mtinka at africaonline.co.sz
Mon Sep 12 11:06:27 EAT 2005
On Saturday 10 September 2005 15:44, Paul wrote:
> mark,
Hi Paul.
For the future, please copy the AfNOG list into your
replies so the information is beneficial to all; thanks!
> Pls help me with some access-list command to block
> udp,...
Several UDP ports are useful. What are you trying to
block, exactly? One network's idea of evil ports might
just be another's allowed_ports.
> spam,...
Although Cisco IOS has support for spam detection via the
use of signature profiles, I'd recommend using
UNIX/Linux based packages to detect and mitigate
spam-related issues, e.g., SpamAssassin on FreeBSD or
Linux.
Doing it on IOS may not provide extensive options as
running it on a general purpose OS. But if you did
decide to go that route, you'd need an IOS with the
Firewall IDS featurset.
> spyware port...
Some anti-spam packages can also check for spyware, but
most commercial anti-spam/anti-virus vendors will also
provide anti-spyware capabilities.
> and some virus port on my
> router.
Most viruses nowadays come in via e-mail, either legit or
spam. Yes, other viruses will go after services/ports,
but again, it depends on what you are trying to protect.
Why don't you let us know what services you are running
on your network, and what services you need to let
in/out. Then maybe we can work on an access list
specific for your site, step by step.
Mark.
> thnaks
> aj
> Mark Tinka <mtinka at africaonline.co.sz> wrote:
>
> On Friday 09 September 2005 18:47, Paul wrote:
> > % Invalid input detected at '^' marker.
> > RSUST-EDUPORTAL(config-if)#
>
> ^^^^^^^^^^^
> ^^^^^^^^^^^
> is where you problem is.
>
> The DHCP server is configured under global
> configuration mode (not interface configuration mode
> as shown above), denoted by the prompt:
>
> RSUST-EDUPORTAL(config)
>
> This is the prompt you get into right after you type
> 'conf t' in privileged user mode (I hope I'm not
> losing you). Then you can enter the commands sent to
> the list earlier (if your IOS support DHCP server).
>
> Just as an FYI, the most common instance you will
> associate a DHCP configuration with an interface is if
> you are trying to forward DHCP client requests from
> one subnet to a DHCP server on another. The command
> would look something like this:
>
> int fa0/0
> ip helper-address 192.168.254.254
>
>
> Hope this helps.
>
> Mark.
> _______________________________________________
> afnog mailing list
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ---------------------------------
> Click here to donate to the Hurricane Katrina relief
> effort.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : http://listserv2.cfi.co.ug/mailman/private/afnog/attachments/20050912/d83798bc/attachment.bin
More information about the afnog
mailing list