Our vendor told me that Realsecure 6.5 could not capture the traffic if it connected to switch with IOS 12.1. He explained that since 12.1 adds the vlan tag to the packet, realscure 6.5 cannot catch the packet. Is it 12.1 adding the tag ??? Please advise.
Every IOS that supports VLANs adds a VLAN tag to the packet. That's how the switch knows if the source and destination are on the SAME VLAN.
If you need to capture traffic, Ethereal is free and will capture the packets. I'm not sure about Realsecure (never used it), but I think the vendor is blowing smoke. I don't see how it could not capture a packet just because there's a VLAN tag. It would have to capture the packet to know there is one in the first place. Hmmmmm.
For reasons that I don't understand, 2950 switches insert VLAN tags into packets sent out a SPAN port even if the entire switch is a single VLAN. I don't know if other current switches such as the 3550's do this as well, but TAC claims that a future IOS release for the 2950s with either disable this behavior or provide an option to do so.
NFR's IDS software also can't parse packets with VLAN tags. This isn't surprising, as prior to the release of 2950 switches there really wasn't any reason why an IDS would be seeing packets that have VLAN tags.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.