January 2006

PIX Syslog

Sun, 2006-01-08 20:15

It seems to be PIX week here. I've had more requests for PIX configurations than anything! Anyhow, just a quick configuration to make a PIX correctly log to a SYSLOG server:
logging on
logging standby
logging timestamp
logging trap notifications (or warnings - notifications will send a ton of info)
logging facility 18
logging host inside/outside ip address
I also like to use the command logging device-id string name. This tags all messages in my syslog with an identifier so I know what device sent the message (by name rather than IP address).

Three handy alias commands

Mon, 2006-01-09 13:26

From global config:
alias exec s show ip interface brief (the ol' standby)
alias exec traffic sh ip nbar protocol-discovery stats bit-rate top-n 10 (shows top 10 protocols using your interfaces)
alias exec proc show proc cpu | excl 0.00%__0.00%__0.00% (shows only processes using CPU)

Cisco SAFE Documentation

Thu, 2006-01-12 14:35

I'm telling you, there's no better fireside reading than the Cisco SAFE documentation...I'm SERIOUS! I've never seen whitepapers that are written casually enough to keep your attention but technically enough to be useful. So here's my favorites:

Cisco SAFE: Wireless Network Security in Depth, Second Edition

Cisco SAFE: Guarding Against Layer 2 Attacks (I REALLY like this one - one of my favorites)

Cisco SAFE: VPN Best Practices

Not only a brief overview of the concepts, but lots of great configs in there too...

January 2006

PIX Syslog

Three handy alias commands

Cisco SAFE Documentation

New forum topics

Recent comments

Popular Tags

Monthly Archive

Popular content

Today's:

Last viewed:

Recent blog posts

Active forum topics