From: John Neiberger (neiby@xxxxxxxxxx)
Date: Sun Nov 25 2001 - 20:46:00 GMT-3
Two items that you weren't sure about are:
snmp-server host a.b.c.d
and
llc2 idle-time 60000
Regards,
John
On Mon, 26 Nov 2001 08:41:54 +1100, Albert Lu wrote:
| Hello Group,
|
| Just working through a practise lab at the moment, with solutions that
don't
| look correct. Could someone confirm these solutions? (Don't worry, no NDA
is
| being broken, as they are from a practise lab scenario)
|
| 1. Generate traps that are supported under the RFC for SNMP
| A. No idea. =) Suggestions please
|
| 2. Allow SNMP host 150.50.6.225 to access SNMP information from the
devices.
| A.
| access-list 10 permit 150.50.6.225
| snmp-server community test rw 10
|
| 3. Restrict web traffic on the interface E1/0 to only the hours of 8:00AM
to
| 6:00PM, Monday thru Friday. Allow all other IP traffic to pass.
| A.
|
| interface Ethernet1/0
| ip address 10.1.1.4 255.255.255.0
| ip access-group 100 in
|
| access-list 100 permit tcp any any eq www time-range allow_time
| access-list 100 deny tcp any any eq www
| access-list 100 permit ip any any
|
| time-range allow_time
| periodic weekdays 8:00 to 18:00
|
| 4. Restrict inbound telnet traffic on interface E0 on from 9:00AM to
1:00PM
| only on Monday, Wednesday, and Friday
| A.
| int Ethernet0
| ip access-group 100 in
|
| access-list 100 permit tcp any any eq telnet time-range allow_telnet
| access-list 100 deny tcp any any eq telnet
| access-list 100 permit ip any any
|
| time-range allow_telnet
| periodic Monday Wednesday Friday 9:00 to 13:00
|
| 5. Configure DLSW between Token Ring segments on R1 and R8. Use IP
address
| of the loopback interfaces for the DLSW peer-id with ring-group value of
| 4000
| Configure router R1 to block users from accessing SAP with a value of
| 012 <-----***** Not sure how to do this!!
| Adjust the following DLSW Netbios timers to 50,000 seconds on R1 and
R8:
| NetBIOS - cache-timeout
| NetBIOS - explorer-timeout
| NetBIOS - retry-interval
| Adjust the value of the LLC2 idle timer on TR segments on R1 and R8 to
| value of 60,000 <-----***** Not sure how to do this!!
|
| A.
|
| R1
| ----
| source-bridge ring-group 4000
| dlsw local-peer peer-id 200.0.0.1
| dlsw remote-peer 0 tcp 200.0.0.8
| dlsw timers netbios-cache-timeout 50000
| dlsw timers netbios-explorer-timeout 50000
| dlsw timers netbios-retry-interval 50000
| !
| interface Loopback0
| ip address 200.0.0.1 255.255.255.255
| !
|
| interface To0
| no ip address
| ring-speed 16
| source-bridge 10 1 4000
|
|
| R8
| ----
| source-bridge ring-group 4000
| dlsw local-peer peer-id 200.0.0.8
| dlsw remote-peer 0 tcp 200.0.0.1
| dlsw timers netbios-cache-timeout 50000
| dlsw timers netbios-explorer-timeout 50000
| dlsw timers netbios-retry-interval 50000
| !
| interface Loopback0
| ip address 200.0.0.8 255.255.255.255
| !
| interface To0
| no ip address
| ring-speed 16
| source-bridge 10 1 4000
|
| Any feedback is greatly appreciated.
|
| Thanks
|
| Albert
|
|
This archive was generated by hypermail 2.1.4 : Fri Jun 21 2002 - 06:45:22 GMT-3