[afnog] DHCP configuration on cisco router 2600 series

Mark Tinka mtinka at africaonline.co.sz
Mon Sep 12 11:06:27 EAT 2005 

On Saturday 10 September 2005 15:44, Paul wrote:
> mark,

Hi Paul.

For the future, please copy the AfNOG list into your 
replies so the information is beneficial to all; thanks!

> Pls help me with some access-list command to block
> udp,...

Several UDP ports are useful. What are you trying to 
block, exactly? One network's idea of evil ports might 
just be another's allowed_ports.

> spam,...

Although Cisco IOS has support for spam detection via the 
use of signature profiles, I'd recommend using 
UNIX/Linux based packages to detect and mitigate 
spam-related issues, e.g., SpamAssassin on FreeBSD or 
Linux.

Doing it on IOS may not provide extensive options as 
running it on a general purpose OS. But if you did 
decide to go that route, you'd need an IOS with the 
Firewall IDS featurset.

> spyware port...

Some anti-spam packages can also check for spyware, but 
most commercial anti-spam/anti-virus vendors will also 
provide anti-spyware capabilities.

> and some virus port on my   
> router.

Most viruses nowadays come in via e-mail, either legit or 
spam. Yes, other viruses will go after services/ports, 
but again, it depends on what you are trying to protect.

Why don't you let us know what services you are running 
on your network, and what services you need to let 
in/out. Then maybe we can work on an access list 
specific for your site, step by step.

Mark.

> thnaks 
> aj
> Mark Tinka <mtinka at africaonline.co.sz> wrote:
>
> On Friday 09 September 2005 18:47, Paul wrote:
> > % Invalid input detected at '^' marker.
> > RSUST-EDUPORTAL(config-if)#
>
> ^^^^^^^^^^^
> ^^^^^^^^^^^
> is where you problem is.
>
> The DHCP server is configured under global
> configuration mode (not interface configuration mode
> as shown above), denoted by the prompt:
>
> RSUST-EDUPORTAL(config)
>
> This is the prompt you get into right after you type
> 'conf t' in privileged user mode (I hope I'm not
> losing you). Then you can enter the commands sent to
> the list earlier (if your IOS support DHCP server).
>
> Just as an FYI, the most common instance you will
> associate a DHCP configuration with an interface is if
> you are trying to forward DHCP client requests from
> one subnet to a DHCP server on another. The command
> would look something like this:
>
> int fa0/0
> ip helper-address 192.168.254.254
>
>
> Hope this helps.
>
> Mark.
> _______________________________________________
> afnog mailing list
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ---------------------------------
>  Click here to donate to the Hurricane Katrina relief
> effort.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : http://listserv2.cfi.co.ug/mailman/private/afnog/attachments/20050912/d83798bc/attachment.bin

More information about the afnog mailing list