JohanPersson.nu

My Digital Brain

  • Use PIX as DHCP Server

    :——————————————————Create DHCP Scope

    dhcpd address [start address]-[edn address] inside

    :——————————————————Create DNS Option

    dhcpd dns [primary dns] [secondary dns]

    :——————————————————Create domain Option

    dhcpd domain domain.com

    :——————————————————Create DNS Option Scope

    dhcpd wins [primary wins] [secondary wins]

    :——————————————————Set Lease time

    dhcpd lease 3600

    :——————————————————Set ping timeout for server when testing for free address

    dhcpd ping_timeout 750

    :——————————————————Enable DHCP on inside interface

    dhcpd enable inside

  • Misc Commands

    write erase Factory Resets the pix
    reload Reboots the Pix
    isakmp nat-traversal 20 Enable NAT Traversal
    username [username] password [password] privilege 5 Adds a user for authentication to the Pix

  • Basic Config med DHCP WAN

    :    Basic Cisco Config with DHCP WAN
    :
    :    By: Johan Persson
    :    Date: 2005-01-04

    :——————————————————change Duplexmode
    interface ethernet0 100full
    interface ethernet1 100full

    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    pdm history enable
    arp timeout 14400

    :——————————————————change enable password
    enable password password                

    :——————————————————change telnet password
    passwd password                        

    :——————————————————change hostname
    hostname host                        

    :——————————————————change domain
    domain-name domain.com                

    :——————————————————change ip address
    ip address outside dhcp setroute
    ip address inside 192.168.200.1 255.255.255.0

    :——————————————————setup PAT for outgoing trafic

    global (outside) 10 interface
    nat (inside) 10 0.0.0.0 0.0.0.0 0 0

  • Basic Config

    :    Basic Cisco Config
    :
    :    By: Johan Persson
    :    Date: 2005-01-04

    :——————————————————change Duplexmode
    interface ethernet0 100full
    interface ethernet1 100full

    nameif ethernet0 outside security0
    nameif ethernet1 inside security100

    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    pdm history enable
    arp timeout 14400

    :——————————————————change enable password
    enable password password                

    :——————————————————change telnet password
    passwd password                        

    :——————————————————change hostname
    hostname host                        

    :——————————————————change domain
    domain-name domain.com                

    :——————————————————change ip address
    ip address outside 10.0.105.200 255.255.0.0        
    ip address inside 192.168.200.1 255.255.255.0

    :——————————————————change global outside pool
    global (outside) 1 10.0.105.10 interface            
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0

    :——————————————————change default gateway
    route outside 0.0.0.0 0.0.0.0 10.0.1.10 1