[afnog] DHCP configuration on cisco router 2600 series

Paul pademmy at yahoo.com
Mon Sep 12 12:18:38 EAT 2005


Good day mark,
Thanks for your advice. yes I have it in plan to use Red Hat Linux ver 9.2 which am about working on, but I need to get a good dell, HP or compaq server to use.
what we want to achieve is this, is a school environment that will be acess globally( eduportal)
but before I finish working on the linux I want to do some config of access list on the router to block some icmp ping that eat up bandwidth, some udp port use by popup program. and some virus port use by all these free web mail.
 
secondly, Pls am still having the same problem on the dhcp poolthe router keep sayimg translating pool and it give the below error
 
RSUST-EDUPORTAL# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
RSUST-EDUPORTAL(config)#ip dhcp pool nonCiscoClients
Translating "pool"
                                ^
% Invalid input detected at '^' marker.
RSUST-EDUPORTAL(config)#    network 192.168.200.0 255.255.255.0
                               ^
% Invalid input detected at '^' marker.
RSUST-EDUPORTAL(config)#    default-router 192.168.200.1
                                    ^
% Invalid input detected at '^' marker.
RSUST-EDUPORTAL(config)#    dns-server 81.199.0.36 81.199.3.7
                               ^
% Invalid input detected at '^' marker.
if is that my router IOS version does not support dhcp let me know and pls help me with what to do to make it compatible.
thanks.
Aj


Mark Tinka <mtinka at africaonline.co.sz> wrote:
On Saturday 10 September 2005 15:44, Paul wrote:
> mark,

Hi Paul.

For the future, please copy the AfNOG list into your 
replies so the information is beneficial to all; thanks!

> Pls help me with some access-list command to block
> udp,...

Several UDP ports are useful. What are you trying to 
block, exactly? One network's idea of evil ports might 
just be another's allowed_ports.

> spam,...

Although Cisco IOS has support for spam detection via the 
use of signature profiles, I'd recommend using 
UNIX/Linux based packages to detect and mitigate 
spam-related issues, e.g., SpamAssassin on FreeBSD or 
Linux.

Doing it on IOS may not provide extensive options as 
running it on a general purpose OS. But if you did 
decide to go that route, you'd need an IOS with the 
Firewall IDS featurset.

> spyware port...

Some anti-spam packages can also check for spyware, but 
most commercial anti-spam/anti-virus vendors will also 
provide anti-spyware capabilities.

> and some virus port on my 
> router.

Most viruses nowadays come in via e-mail, either legit or 
spam. Yes, other viruses will go after services/ports, 
but again, it depends on what you are trying to protect.

Why don't you let us know what services you are running 
on your network, and what services you need to let 
in/out. Then maybe we can work on an access list 
specific for your site, step by step.

Mark.

> thnaks 
> aj
> Mark Tinka wrote:
>
> On Friday 09 September 2005 18:47, Paul wrote:
> > % Invalid input detected at '^' marker.
> > RSUST-EDUPORTAL(config-if)#
>
> ^^^^^^^^^^^
> ^^^^^^^^^^^
> is where you problem is.
>
> The DHCP server is configured under global
> configuration mode (not interface configuration mode
> as shown above), denoted by the prompt:
>
> RSUST-EDUPORTAL(config)
>
> This is the prompt you get into right after you type
> 'conf t' in privileged user mode (I hope I'm not
> losing you). Then you can enter the commands sent to
> the list earlier (if your IOS support DHCP server).
>
> Just as an FYI, the most common instance you will
> associate a DHCP configuration with an interface is if
> you are trying to forward DHCP client requests from
> one subnet to a DHCP server on another. The command
> would look something like this:
>
> int fa0/0
> ip helper-address 192.168.254.254
>
>
> Hope this helps.
>
> Mark.
> _______________________________________________
> afnog mailing list
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ---------------------------------
> Click here to donate to the Hurricane Katrina relief
> effort.
_______________________________________________
afnog mailing list


 

 
























__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listserv2.cfi.co.ug/mailman/private/afnog/attachments/20050912/6878fb22/attachment.html


More information about the afnog mailing list