To enable SNMPv2 access on the Enterasys C2 Switches you have to issue following commands:
[sourcecode]
set snmp access gReadOnlyV1V2C security-model v1 exact read vUnsecured
set snmp access gReadOnlyV1V2C security-model v2c exact read vUnsecured
set snmp community mycomunity securityname sn_v1v2c_ro
set snmp group gReadOnlyV1V2C user sn_v1v2c_ro security-model v1
set snmp group gReadWriteV1V2C user sn_v1v2c_rw security-model v1
set snmp group gReadOnlyV1V2C user sn_v1v2c_ro security-model v2c
set snmp group gReadWriteV1V2C user sn_v1v2c_rw security-model v2c
set snmp view viewname vUnsecured subtree 1
set snmp view viewname vUnsecured subtree 0.0
[/sourcecode]
If you feel this helps a bit or may be not ? Please leave a comment.
To enable the SSH Service on a Enterasys SecureStack C2 and similar you have to issue “set ssh enabled” on the cli.
[sourcecode autolinks=”false” gutter=”false” highlight=”2″]
C2(su)->set ssh enabled
SSH hostkey generation initiated. Process should complete in 60 seconds.
C2(su)->
[/sourcecode]
If you feel this helps a bit or may be not ? Please leave a comment.
We recently bought so new Firewalls to replace to aged Cisco PIX515e with some new Gear. We decided to use Ciscos new Firewall flagship the Cisco ASA Devices. Everything was fine after the replacement, we transfered the configuration from the old boxes to the new with the help of the Cisco Security Manager.
Later that day there was complains about e-mails are not delivered properly.
On the Cisco PIX with Software 6.2 we had implemented following:
no fixup smtp
For the ASA5510 we had to implement following
policy-map type inspect esmtp esmtp_pmap
parameters
allow-tls action log
policy-map global_policy
class inspection_default
no inspect esmtp
inspect esmtp esmtp_pmap
exit
exit
If you feel this helps a bit or may be not ? Please leave a comment.
Access-based Enumeration (ABE) is a smart feature to let users see only the folders they have access to.
But if you have Cisco WAAS deployed in your network please be aware you have to add a Dynamic share to the waas configuration so the waas knows about this.
—– EDIT BEGIN —–
2010-09-17 We found out the Hardway you have to add the System to the AD. So i will show the Story in a new Post:-) Stay tuned, guys.
—– EDIT END ——-
Cisco Wide Area Application Services Configuration Guide (Software Version 4.1.7)
Step 1
For creating a dynamic share you have to add a Domain to the Cental Manager eg “Dynamic Shares”
Step 2
Create a entry under the dynamic shares in the global configuration.
On the WAE CLI
ToBe Done
If you feel this helps a bit or may be not ? Please leave a comment.
If you want to configure tacacs+ on the Cisoc MDS9222i Series you have to enable first the feature.
[sourcecode autolinks=”false” gutter=”false”]
feature tacacs+
[/sourcecode]
After this the commands to configure the Tacacs+ are available.
[sourcecode autolinks=”false” gutter=”false”]
feature tacacs+
!
tacacs+ distribute
tacacs-server timeout 10
tacacs-server host 10.0.243.247 key 0 secertkey
tacacs-server host 10.0.243.248 key 0 secretkey
tacacs+ commit
!
aaa group server tacacs+ AAA-Servers
server 10.0.243.247
server 10.0.243.248
deadtime 5
!
aaa authentication login default group AAA-Servers
aaa authentication login console local
aaa authentication login error-enable
!
ip route 10.0.243.247 255.255.255.255 10.0.160.1 interface mgmt0
ip route 10.0.243.248 255.255.255.255 10.0.160.1 interface mgmt0
!
interface mgmt0
ip address 10.0.160.99 255.255.255.0
switchport description Management
switchport speed 100
[/sourcecode]
On the ACS side you have to configure the shell profile with the following role:
[sourcecode autolinks=”false” gutter=”false”]
shell:roles="network-admin"
[/sourcecode]
If you feel this helps a bit or may be not ? Please leave a comment.
Configuring Traffic Shaping on the Enterasys C2 Switch.
Continue reading Enterasys C2 Switch Traffic Shaping →
The worst day diving is better than the best day working:-)
