http://www.perkin.org.uk/posts/serving-multiple-dns-search-domains-in-ios-dhcp.html
DHCP option 119, though having to convert to hex and null-term is a PITA. If it does what’s needed, then probably worthwhile.
http://www.crypt.gen.nz/papers/cisco_squid_wccp.html
Great article on configuring Cisco routers to do WCCP with a Squid server.
Here’s the question: in the above example, is it possible (using classic NAT, not NAT Virtual Interface) to translate traffic coming in on Interface1 (though not necessarily with that network as its source address) to have a source IP on Interface2 (172.20.20.6, for example) and then send it out Interface3, where it will match a crypto map and be subject to IPSec encapsulation, all without ever having traversed Interface2?
https://learningnetwork.cisco.com/thread/4654
Memory string preceding per-session IPSec keys in an IOS core dump: 00 00 00 00 63 C0 60 0C 63 C0 60 1C 07 D0 00 19 00 00 00 00 63 C0 60 0C 63 C0 60 1C 07 D0 00 19
Exactly 16 bytes after B8 begins the inbound encryption key, which is 24 bytes long. Immediately after the encryption key is the 16 byte authentication key. Once these are sussed out, they can be used to decode a wireshark capture for troubleshooting purposes. These keys are not the pre-shared key; they are the derived session key that changes periodically based on time or bytes sent.
http://www.cisco.com/en/US/docs/ios-xml/ios/media_monitoring/configuration/15-2mt/mm-pasv-mon.html
There are a ton of new features in the 15.2 train. This is another one I’d like to look into further if I can find the time. Though I do have to say, I’d rather Cisco focus on fixing some bugs for a while over more “neat to have” features, so I can quit spending time on workarounds and have some free time to work on “neat” stuff.
You are currently browsing the archives for the Cisco category.
