GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
NAT posted 09/18/2004
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Hi Joe, have you done the NAT section ??

I am still trying to understand how the hell this does work. My problem is I
always thought we needed an inside and an outside for NAT to work :(

--Richard

-----Message d'origine-----
De : Joe Rothstein [mailto:ziutek@xxxxxxx]
Envoyi : Saturday, September 18, 2004 8:08 PM
@ : ccielab@xxxxxxxxxxxxxx
Objet : Re: MQC to filter MIME-types

Just a couple of things.

It is pretty unclear as to whether the nbar protocol discovery command
is actually needed.  I do not think that it is needed. But since you
have it configured, can you do a sh ip nbar discovery (or something
like that, exact syntax escapes me), and see if it actually seeing any
nbar traffic at all? If not, then there is nothing to match.:)

Seems to me that either the mime type or the url will work. But then
again, this is not clear in the documentation.

I also have my doubts about nbar on a subinterface. Any chance of
reconfiguring and trying the config on the physical one?

the more I delve into NBAR, the more questions I have unfortunately.

Joe




On Saturday, Sep 18, 2004, at 19:13 Europe/Berlin, Joseph D. Phillips
wrote:

> If you were asked that on the exam, the config would suffice. I think
> that's what they look for.
>
> Why it wouldn't work is anybody's guess.
>
>
> ----- Original Message ----- From: "Julian Skelley"
> <julian.skelley@xxxxxxx>
> To: "Joseph D. Phillips" <josephdphillips@xxxxxxxxxxx>
> Cc: "group study" <ccielab@xxxxxxxxxxxxxx>
> Sent: Saturday, September 18, 2004 10:09 AM
> Subject: RE: MQC to filter MIME-types
>
>
> Hi Joseph
>
> I tried that as well but it did not seem to work.
>
> Has anyone else see this config in operation?
>
> Thanks
>
> J
>
> This was the actual full interface config:
>
> r6#sh run int f0/0.26
> Building configuration...
>
> Current configuration : 272 bytes
> !
> interface FastEthernet0/0.26
> encapsulation dot1Q 26
> ip address 174.1.26.6 255.255.255.0
> ip accounting precedence input
> ip nbar protocol-discovery
> ip pim sparse-dense-mode
> service-policy input HTTP_OUT
> ip ospf authentication
> ip ospf authentication-key CISCO
> end
>
> -----Original Message-----
> From: Joseph D. Phillips [mailto:josephdphillips@xxxxxxxxxxx]
> Sent: 18 September 2004 14:44
> To: Julian Skelley
> Cc: group study
> Subject: Re: MQC to filter MIME-types
>
> I didn't see a reference to nbar in your configs.
>
> I think you have to enable nbar protocol discovery under your
> interface(s).
>
> Julian Skelley wrote:
>
>> Hi Joseph
>>
>> I tried this last night with no success, I have set it up as the doc
> suggest but can not seem to "catch" anything with the map.
>>
>> I must have missed something but I am not sure what?!
>>
>> Can anyone help?
>>
>> Thanks
>> J
>>
>> The set up was:
>>
>> WWW_SERVER---174.1.167.x---[r6]---174.1.26.x---BROWSER
>>
>> r6
>> ip cef
>> !
>> class-map match-any PICS
>>  match protocol http mime "*jpg"
>>  match protocol http mime "*gif"
>>  match protocol http mime "*jpeg"
>> !
>> policy-map HTTP_OUT
>>  class PICS
>>   drop
>> !
>> interface FastEthernet0/0.26
>> encapsulation dot1Q 26
>> ip address 174.1.26.6 255.255.255.0
>> service-policy output HTTP_OUT
>>
>> r6#sh policy-map int f0/0.26
>> FastEthernet0/0.26
>>
>>  Service-policy input: HTTP_OUT
>>
>>    Class-map: PICS (match-any)
>>      0 packets, 0 bytes
>>      5 minute offered rate 0 bps, drop rate 0 bps
>>      Match: protocol http mime "*jpg"
>>        0 packets, 0 bytes
>>        5 minute rate 0 bps
>>      Match: protocol http mime "*gif"
>>        0 packets, 0 bytes
>>        5 minute rate 0 bps
>>      Match: protocol http mime "*jpeg"
>>        0 packets, 0 bytes
>>        5 minute rate 0 bps
>>      drop
>>
>>    Class-map: class-default (match-any)
>>      5972 packets, 434656 bytes
>>      5 minute offered rate 0 bps, drop rate 0 bps
>>      Match: any
>>
>> -----Original Message-----
>> From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx]On Behalf Of
>> Joseph D. Phillips
>> Sent: 17 September 2004 17:52
>> To: group study
>> Subject: MQC to filter MIME-types
>>
>>
>> If you wanted to filter out all picture files from entering an
>> interface, would you have to specify every extension, using MQC? Or is
>> there a way to filter them all at once?
>>
>> E.g. match protocol http mime "*jpeg"
>> E.g. match protocol http mime "*tiff"
>> E.g. match protocol http mime "*jpg"
>> E.g. match protocol http mime "*gif"
>> E.g. match protocol http mime "*bmp"
>>
>> ______________________________________________________________________ >>
_
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>> *********************************************************
>> CONFIDENTIALITY NOTICE
>> The information contained in this e-mail and any
>> attachments to it are for the exclusive use of the
>> intended recipient(s).
>> It may be confidential and contain privileged information and will be
> protected by copyright.
>> If you are not the intended recipient(s) you must not review, copy,
> distribute or in any other way use or rely on the information contained
> in the message.
>>
>> If you have received this e-mail in error, please notify us by e-mail
> Administrator@xxxxxxx, Tel: +44 1534 633633 or Fax: +44 1534 633644 and
> then delete all copies from your system.
>>
>> http://www.Itex.je
>> http://www.Itex.gg
>> http://www.ThisisJersey.com
>> http://www.ThisisGuernsey.com
>>
>> *********************************************************
>>
>> This message has been checked for all known viruses by e:)scan. For
> further information visit: http://www.activis.com/
>>
>>
>
>
>
> *********************************************************
> CONFIDENTIALITY NOTICE
> The information contained in this e-mail and any
> attachments to it are for the exclusive use of the
> intended recipient(s).
> It may be confidential and contain privileged information and will be
> protected by copyright.
> If you are not the intended recipient(s) you must not review, copy,
> distribute or in any other way use or rely on the information
> contained in the message.
>
> If you have received this e-mail in error, please notify us by e-mail
> Administrator@xxxxxxx, Tel: +44 1534 633633 or Fax: +44 1534 633644
> and then delete all copies from your system.
>
> http://www.Itex.je
> http://www.Itex.gg
> http://www.ThisisJersey.com
> http://www.ThisisGuernsey.com
>
> *********************************************************
>
> This message has been checked for all known viruses by e:)scan. For
> further information visit: http://www.activis.com/
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
--
There is more to life than increasing its speed. - Mahatma Ghandi


Joseph Rothstein
Ridlerstr. 32
80339 Munich
Germany

ziutek@xxxxxxx
http://www.geocities.com/jozek444
http://www.rothstein.no-ip.org/
http://waywardgenuses.blogspot.com/
http://ziutek.journalspace.com/

_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html


**********************************************************************
Any opinions expressed in the email are those of the individual and not
necessarily the company. This email and any files transmitted with it are
confidential and solely for the use of the intended recipient.  If you are not
the intended recipient or the person responsible for delivering it to the
intended recipient, be advised that you have received this email in error and
that any dissemination, distribution, copying or use is strictly prohibited.

If you have received this email in error, or if you are concerned with the
content of this email please e-mail to: e-security.support@xxxxxxxxxx

The contents of an attachment to this e-mail may contain software viruses
which could damage your own computer system. While the sender has taken every
reasonable precaution to minimise this risk, we cannot accept liability for
any damage which you sustain as a result of software viruses. You should carry
out your own virus checks before opening any attachments to this e-mail.
**********************************************************************