Jump to content
Sadikhov IT Certification forums

Mohamed M. Badr

Members
  • Content Count

    27
  • Joined

  • Last visited

Community Reputation

-1 Poor

About Mohamed M. Badr

  • Rank
    Newbie
  • Birthday 02/14/1986

Profile Information

  • Gender
    Male
  1. Mohamed M. Badr

    CentOS problem with outside connection to server

    Hi all, I have a CentOS server with 2 interface network cards. I configured them and they can access the network and other machines can ping them, but they can't connect to them from the eth0 IP address, neither ssh nor http, although i stopped the IPtables and Selinux, I can connect only by eth1 IP address. What is the problem??? Regards, Mohammed M. Badr
  2. Hi all, I hope to find someone help me. I am a CCNP R&S, and I start with Vyatta Router in a new project. It have fantastic feature really. But I can't found a support for installing 3G USB Modem, especially that I don't know about Unix/Linux Systems. All I found for help is the following page: http://www.vyatta.org/node/979 I need these steps in details, to help me to install it successfully. Regards, Mohammed M. Badr
  3. Mohamed M. Badr

    DHCP Problem,urgent

    The same problem is still found also when I change the DHCP Server to the router and use "ip helper address" on the vlan20.
  4. Mohamed M. Badr

    DHCP Problem,urgent

    Any Updates???
  5. Mohamed M. Badr

    DHCP Problem,urgent

    I think that "ip helper address" command is used when I used a far DHCP Server, and my Multilayer Switch is the DHCP server and it's the first hop of the networks. Ok, which IP address I will use in this command? Thank you for your reply.
  6. Mohamed M. Badr

    DHCP Problem,urgent

    Hi all, I need your help fast, very fast. I have a strange problem with our network. The Multilayer Switch doesn't offer any IP Address, only the debug dispaly that it receive the DHCPDISCOVER messages only. I think that the configurations is normal, but where the mistake is found? The problem is found in Vlan 20. The configuration is: =============================================== DIST-SW1#sh run Building configuration... Current configuration : 3180 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname DIST-SW1 ! ! username admin privilege 15 secret 5 $1$JMxa$7k7ZaOikANw7QZpcQxxih0 no aaa new-model switch 1 provision ws-c3750g-12s system mtu routing 1500 ip subnet-zero ip routing ip dhcp excluded-address 10.10.10.252 ip dhcp excluded-address 10.10.10.253 ip dhcp excluded-address 10.10.10.254 ip dhcp excluded-address 192.168.25.30 ip dhcp excluded-address 192.168.25.46 ip dhcp excluded-address 192.168.25.105 ip dhcp excluded-address 192.168.25.116 ip dhcp excluded-address 192.168.25.109 ip dhcp excluded-address 192.168.25.34 ip dhcp excluded-address 192.168.25.223 ip dhcp excluded-address 10.10.20.200 ip dhcp excluded-address 10.10.20.202 ip dhcp excluded-address 10.10.20.203 ip dhcp excluded-address 10.10.20.204 ip dhcp excluded-address 10.10.20.205 ip dhcp excluded-address 10.10.20.206 ip dhcp excluded-address 10.10.20.207 ip dhcp excluded-address 10.10.20.208 ! ip dhcp pool IPPhones network 10.10.10.0 255.255.255.0 default-router 10.10.10.251 255.255.255.0 dns-server 4.2.2.2 8.8.8.8 option 150 ip 10.10.10.252 lease 5 ! ip dhcp pool vlan20 network 192.168.25.0 255.255.255.0 default-router 192.168.25.254 255.255.255.0 dns-server 4.2.2.2 8.8.8.8 lease 5 ! ip multicast-routing distributed ! ! ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! ! interface GigabitEthernet1/0/1 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/2 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/3 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/4 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/5 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/6 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/7 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/8 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/9 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/10 switchport access vlan 10 switchport mode access ! interface GigabitEthernet1/0/11 switchport access vlan 10 switchport mode access ! interface GigabitEthernet1/0/12 switchport trunk encapsulation dot1q switchport mode trunk ! interface Vlan1 ip address 192.168.1.1 255.255.255.0 ! interface Vlan10 ip address 10.10.10.251 255.255.255.0 ip pim dense-mode ip igmp join-group 239.10.16.2 ! interface Vlan20 ip address 192.168.25.254 255.255.255.0 ! ip classless ip route 0.0.0.0 0.0.0.0 192.168.25.252 ip http server ! ! access-list 1 permit 10.10.10.0 0.0.0.255 ! control-plane ! ! line con 0 privilege level 15 password 7 045802150C2E logging synchronous login local line vty 0 4 privilege level 15 password 7 045802150C2E logging synchronous login local line vty 5 15 login ! end DIST-SW1# ================================ DIST-SW1# debug ip dhcp server packet DIST-SW1#d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.964c.eb. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.9eda.00. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.9eeb.b9 on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.9eeb.b9. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.9f25.8b on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.9f25.8b. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.9645.3f on DIST-SW1# interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.9645.3f. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.965c.b1 on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.965c.b1. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.a01d.7c on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.a01d.7c. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.a01f.db on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST DIST-SW1#undebug all All possible debugging has been turned off DIST-SW1#received from client 01d4.bed9.a01f.db. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.9ee3.83 on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.9ee3.83. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.a01d.56 on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.a01d.56. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.95ef.9f on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.95ef.9f. 3d09h DIST-SW1#undebug all All possible debugging has been turned off DIST-SW1#: DHCPD: DHCPDISCOVER received from client 01d4.bed9.9ee4.84 on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.9ee4.84. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.9d77.50 on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.9d77.50. 3d09h: DHCPD: DHCPDISCOVER received from client 01d4.bed9.95f1.06 on interface Vlan20. 3d09h: DHCPD: DHCPREQUEST received from client 01d4.bed9.95f1.06. 3d09h: DHCPD: DHCPDISCOVER received from client 01d DIST-SW1#undebug all All possible debugging has been turned off =========================================== I hope that you help me.
  7. Mohamed M. Badr

    ASA 5510 Problem

    Do you think that if I configure the FW MAC address statically on the Servers, and the servers MAC addresses on the FW, it may solve this Problem? Thinks.
  8. Mohamed M. Badr

    ASA 5510 Problem

    Yes, the FW can't ping the Local IP of the Server (Global 96.x.x.18 Local 192.168.1.233), but the FW can ping the another one (Global 96.x.x.116 Local 192.168.1.231). Also, the Server has the problem (Global 96.x.x.18 Local 192.168.1.233) can ping any Private IP address in the LAN, except the FW Inside Interface IP address. Thanks.
  9. Mohamed M. Badr

    ASA 5510 Problem

    The Problem occurs in Server 96.x.x.18, and the another good Server is 96.x.x.116 . =============================================== #sh run access-group access-group ACL-in in interface outside #sh run access-list ACL-in access-list ACL-in extended permit icmp host 196.x.x.110 host 96.x.x.18 access-list ACL-in extended permit icmp host 196.x.x.109 host 96.x.x.18 access-list ACL-in extended permit icmp host 196.x.x.111 host 96.x.x.18 access-list ACL-in extended permit ip host 196.x.x.111 host 96.x.x.18 access-list ACL-in extended permit ip host 196.x.x.110 host 96.x.x.18 access-list ACL-in extended permit ip host 196.x.x.109 host 96.x.x.18 access-list ACL-in extended permit ip host 196.x.x.113 host 96.x.x.18 access-list ACL-in extended permit icmp host 196.x.x.113 host 96.x.x.18 access-list ACL-in extended permit icmp host 196.x.x.109 host 96.x.x.116 access-list ACL-in extended permit icmp host 196.x.x.110 host 96.x.x.116 access-list ACL-in extended permit icmp host 196.x.x.111 host 96.x.x.116 access-list ACL-in extended permit icmp host 196.x.x.113 host 96.x.x.116 access-list ACL-in extended permit ip host 196.x.x.109 host 96.x.x.116 access-list ACL-in extended permit ip host 196.x.x.110 host 96.x.x.116 access-list ACL-in extended permit ip host 196.x.x.111 host 96.x.x.116 access-list ACL-in extended permit ip host 196.x.x.113 host 96.x.x.116 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 1111 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 3306 access-list ACL-in extended permit udp any host 96.x.x.116 eq 3306 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 2525 access-list ACL-in extended permit tcp any host 96.x.x.116 eq imap4 access-list ACL-in extended permit tcp any host 96.x.x.116 eq https access-list ACL-in extended permit tcp any host 96.x.x.116 eq pop3 access-list ACL-in extended permit udp any host 96.x.x.116 eq 1434 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 1433 access-list ACL-in extended permit tcp any host 96.x.x.116 eq smtp access-list ACL-in extended permit udp any host 96.x.x.116 eq domain access-list ACL-in extended permit tcp any host 96.x.x.116 eq domain access-list ACL-in extended permit icmp any host 96.x.x.116 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 9003 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 9002 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 9001 access-list ACL-in extended permit udp any host 96.x.x.116 eq 143 access-list ACL-in extended permit tcp any host 96.x.x.116 eq ftp access-list ACL-in extended permit tcp any host 96.x.x.116 eq ftp-data access-list ACL-in extended permit udp any host 96.x.x.116 eq 3389 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 3389 access-list ACL-in extended permit tcp any host 96.x.x.116 eq www access-list ACL-in extended permit tcp any host 96.x.x.18 eq 3306 access-list ACL-in extended permit udp any host 96.x.x.18 eq 3306 access-list ACL-in extended permit tcp any host 96.x.x.18 eq 2525 access-list ACL-in extended permit tcp any host 96.x.x.18 eq imap4 access-list ACL-in extended permit tcp any host 96.x.x.18 eq https access-list ACL-in extended permit tcp any host 96.x.x.18 eq pop3 access-list ACL-in extended permit udp any host 96.x.x.18 eq 1434 access-list ACL-in extended permit tcp any host 96.x.x.18 eq 1433 access-list ACL-in extended permit tcp any host 96.x.x.18 eq smtp access-list ACL-in extended permit udp any host 96.x.x.18 eq domain access-list ACL-in extended permit tcp any host 96.x.x.18 eq domain access-list ACL-in extended permit icmp any host 96.x.x.18 access-list ACL-in extended permit tcp any host 96.x.x.18 eq 9003 access-list ACL-in extended permit tcp any host 96.x.x.18 eq 9002 access-list ACL-in extended permit tcp any host 96.x.x.18 eq 9001 access-list ACL-in extended permit udp any host 96.x.x.18 eq 143 access-list ACL-in extended permit tcp any host 96.x.x.18 eq ftp access-list ACL-in extended permit tcp any host 96.x.x.18 eq ftp-data access-list ACL-in extended permit udp any host 96.x.x.18 eq 3389 access-list ACL-in extended permit tcp any host 96.x.x.18 eq 3389 access-list ACL-in extended permit tcp any host 96.x.x.18 eq www access-list ACL-in extended permit ip any host 96.x.x.73 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 9004 access-list ACL-in extended permit ip any host 96.x.x.2 access-list ACL-in extended permit ip any host 96.x.x.118 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 8881 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 8882 access-list ACL-in extended permit tcp any host 96.x.x.116 eq 8883 access-list ACL-in extended permit tcp any host 96.x.x.18 eq 8044 access-list ACL-in extended permit tcp any host 96.x.x.18 eq 9004 access-list ACL-in extended permit esp host 196.x.x.10 host 96.44.152.74 access-list ACL-in extended permit ip host 196.x.x.10 host 96.44.152.74 #sh x Global 96.x.x.18 Local 192.168.1.233 Global 96.x.x.73 Local 192.168.1.232 Global 96.x.x.116 Local 192.168.1.231 Global 96.x.x.2 Local 192.168.1.238 Global 96.x.x.118 Local 192.168.1.236 =============================================== Thanks.
  10. Mohamed M. Badr

    ASA 5510 Problem

    Hello all, My FW protects 2 servers. Sometimes, we can't access one of them using the Outside, and the another one works normally. After Troubleshooting, we notice that the FW can ping all servers except this Server, and this Server can ping all servers except the FW. This Problem solves by restarting the FW not the Server. Anyone can help me... Thanks.
  11. Hi all... I want to make a Streaming Server that can broadcast Live Videos with different Codecs, to support various quality, to support various ADSL speeds and Dial up Users. My Question is, the Live Streaming Video, can I change its Quality to High, Average, and Low at Real Time? What is the Codecs Converter Tool? Thank you all...
  12. Mohamed M. Badr

    Olive JunOS & VMware as a Real Router?

    Ok, thank you for replying. I'm already found a method to bond between the Olive JunOS Interfaces and the Real Machine Interfaces. But my image interfaces are called em0 and em1, and doesn't support the Service Interface, sp, to make NATTing, I'm afraid that image is too old to support me. Plus that I can't find the Static NATTing, one-by-one address, Command. My Asks are: - Can I make NATTing without the sp Interface, and making it on the Real Router Interfaces directly? How? - I need the Static NAT Command, one-by-one address. - If my Image is old, anyone can lead me to a new Image can support me in NATTing Process? I can find some Images 2.1 Gb, is this good or not? Thank you all...
  13. Mohamed M. Badr

    Olive JunOS & VMware as a Real Router?

    Hi all, In my work, I've a NATTing problem, and I think that the Olive JunOS and VMware could be a Real Router, routes the Traffic using Static Routes. Is this correct? How can I do That? Thank you for help...
  14. Mohamed M. Badr

    Backup Problem

    Hi all, I am facing a strange problem. We are a hosting company, and of course we take backups for our servers in a server found in the same LAN. I noticed that when the backup starts, its traffic appear on Our Internet Uplink Traffic and this increase our 95 percentile. This problem found in 2 (Windows) servers although all servers are in the same private and public subnet. And the Network Map Drive is on a Private IP address. What could the problem be? Thank you all...
  15. Mohamed M. Badr

    Snort IPS

    Hi all, my company is interested make an IPS using a Linux Server with Snort. So I have some Questions about that: 1) Does the nsmnow tool have all the snort tools needed to setup? 2) Does the Snort run in the Routed mode or in the Transparent mode? 3) If the Snort runs in the Routed mode, can I configure a Static route on the Linux Server? How? 4) Do the Snort support a spacific number of users, or unlimited number, as the Server capability? 5) If we setup the Snort on 2 Servers, can we make failover between them? Thank you all.
×