Thursday 19 July 2012

Cisco Router - How to configure SSH

Below shows you how to enable SSH on your router using a username of "cisco" and a password of "network", allowing access from the fa0/0 interface.
Router(config)#ip ssh source-interface fastEthernet 0/0
Router(config)#ip ssh authentication-retries 3
Router(config)#ip ssh version 2

Router(config)#ip domain-name local.net
Router(config)#crypto key generate rsa modulus 768
Router(config)#username cisco password 7 network

Router(config)#line vty 0 15
Router(config-line)# transport input ssh
Router(config-line)# local login

Posted by at No comments:
Labels: ,

Tuesday 17 July 2012

Some Websites not open in SQUID Proxy

Websites not accessible via Squid

Problem


Some websites not accessible through Squid.

Following message is noticed in the browser

The following error was encountered: 
  • Read Error
The system returned: 
    (104) Connection reset by peer

Environment

Squid 2.6.STABLE21-6 
Squid 3.1.10-1 

Resolution

Add the following to squid.conf  and restart squid service

via off
forwarded_for delete

Root Cause/Diagnostics

Site was accessible directly. Via squid, connection would reset abruptly

Only difference when accessed via squid and directly was the addition of

X-Forwarded-For and via headers in the HTTP request

X-Forwarded-for usually contains the IP address of the host that requested the website

Example:  
X-Forwarded-For: 192.168.0.1
VIA usually has information about the proxy server
 
Example:
via: example.com

Documentation:  forwarded_for and via

By disabling via off and setting forwarded_for delete, we disabling these headers in the HTTP request.
Disabling this header should not have any negative impact.

-----------------------------------------------------------------------------------------------





Posted by at No comments:
Labels: , , , ,

Saturday 14 July 2012

Configuring the Cisco IDS Router / Switch Modules for Cisco 6500 Switch / 7200 Router

IDSM-2
The IDSM-2 Module is a Cisco IDS blade for the Cisco 6500 switch.
Once you install the module into the switch the module uses following logical ports :
Port 1Used for TCP Resets (In Promiscuous Mode)
Port 2Command and Control
Port 7Sensing Port
Port 8Sensing Port
Below details the steps required for configuring your switch / module for an inline setup. This includes obtaining the module number for the cisco ids running the setup wizard and then assigning the required ports for on the switch for ids sensing within an inline configuration. The clear trunk commands are required as by default the switch assigns the ports as trunk ports to every vlan.
Read more »
Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)