Jump to content

Site Offline

The community is currently offline and only accessible to those with permission.

Sadikhov IT Certification forums


  • Content Count

  • Joined

  • Last visited

Community Reputation

-1 Poor

About jamessimo

  • Rank
    Advanced Member
  • Birthday 04/09/1980

Contact Methods

  • MSN

Profile Information

  • Gender
  • Location
  1. jamessimo

    Cisco ASA packet-tracer Palo Alto

    Hi All Does anybody know if Palo Alto boxes have an equivalent to the Cisco ASA packet-tracer for trouble shooting. ? Many thanks
  2. jamessimo

    switching the IP of the tacacs server

    The method explained in the linked document is the newer one. One IOS 15.x the earlier method (which still works) will generate a message in the cli parser that it is being deprecated and Cisco recommends moving to the new method. That said, either method should work. The newer method should be good any any switches or routers with IOS 12.0+. When there are two servers configured, IOS will try them in order and, if a reply isn't received in three tries (each in the case of multiple servers), it will fall over to the next configured aaa method (or fail aaa if no second method is defined)
  3. Hi All I looking to reloacte a tacacs+ server from the inside to the DMZ and therefore the server will be on a new ip range. I will be looking to role out these command using cat tools as I have a lot of switches the config on switches is below existing tacacs : tacacs-server host key 9090897979800090908 Now im moving the server to a new ip of If I put the command tacacs-server host key 9090897979800090908 the config looks like this: tacacs-server host key 9090897979800090908 tacacs-server host key 9090897979800090908 I need to confirm that when I switch the server over to it new IP that the switches will look for the new ip of, and then all I would have to do after is remove the old line : no tacacs-server host key 9090897979800090908 Or will this now work and will I have to configure a group which is at the bottom of the page of the link below http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scftplus.html Many thanks
  4. jamessimo

    Best placed Tacacs server

    pretty much every Network device in the whole network
  5. jamessimo

    Best placed Tacacs server

    Hi All I am currently looking to install a Tacacs server in our network. I am debating on whether to have it sit behind the inside interface of the ASA firewall or the DMZ any thoughts please ? Thanks J
  6. When setting up a trenad micro filter services What should be done when first setting these up should you catergorise the traffic or sync the clock with NTP to make sure you get the correct updates Many thanks
  7. Hi All I am going through logs on an ASA, and I am getting a lot of unnecessary information that I dont need. I just want to log intreface up Down and the IPSLA. what would be the best way of filtering this. Thanks in advance
  8. jamessimo

    Zone based firewall vs Cbac firewall

    Hi All What are the main differences between a Zone based firewall and a CBAC firewall ? Many thanks James
  9. Hi All Looking to take a VM ware exam but iI know a certifcate is not granted without doing a VM ware course. These courses are about £3k upwards. Any thoughts ? Thanks
  10. Hi All I wanting to add an additional line card to a 4500. Is it as straight forward as plug n play or do I need to be aware of anything or enter any commands Many thanks
  11. jamessimo

    CCIP retired does it switch over to sp

    it didnt have that come yesterday but thanks for that
  12. Hi All I am CCIP I have used the CCIP migration tool http://www.cisco.com/web/learning/tools/ccip_migration_tool.html When the exam officially retires does my cert get switched over on CCNP SP or do I have to sit the whole of the exams again BSCI QOS BGP + MPLS Many thanks
  13. Hi All I just need to get something straight in my head. Does nat (inside) 0 statement on a firewall mean do not Nat this range and nat (inside) 1 mean do nat this range. also does this statement access-group ouside_access_in in interface outside tie the name ouside_access_in to the outside interface Also does that refer to traffic coming from outside is coming in on the interface hence in interface statement (e.g a 3rd party wanting to get access on to your network) Please help clear this up. Many thanks