JavaScript Information Visualization Toolkit (JIT)
The JIT is an advanced JavaScript infovis toolkit based on 5 papers about different information visualization techniques.The JIT implements advanced features of information visualization like Treemaps (with the slice and dice and squarified methods), an adapted visualization of trees based on the Spacetree, a focus+context technique to plot Hyperbolic Trees, and a radial layout of trees with advanced animations (RGraph).
Sunday, May 18, 2008
Saturday, May 17, 2008
Eastwood Chart Servlet
Eastwood Chart Servlet
Eastwood is a free servlet that emulates the function of the Google Chart API, using JFreeChart to render the charts. Eastwood is aimed at web developers that want to incorporate charts into their web pages, and features:
support for generating pie charts, bar charts, line charts and scatter plots, using encodings that match the Google Chart API;
Eastwood is a free servlet that emulates the function of the Google Chart API, using JFreeChart to render the charts. Eastwood is aimed at web developers that want to incorporate charts into their web pages, and features:
support for generating pie charts, bar charts, line charts and scatter plots, using encodings that match the Google Chart API;
JFreeChart
JFreeChart A free Java chart library.
JFreeChart supports pie charts (2D and 3D), bar charts (horizontal and vertical, regular and stacked), line charts, scatter plots, time series charts, high-low-open-close charts, candlestick plots, Gantt charts, combined plots, thermometers, dials and more. JFreeChart can be used in applications, applets, servlets and JSP. This project is maintained by David Gilbert.
JFreeChart supports pie charts (2D and 3D), bar charts (horizontal and vertical, regular and stacked), line charts, scatter plots, time series charts, high-low-open-close charts, candlestick plots, Gantt charts, combined plots, thermometers, dials and more. JFreeChart can be used in applications, applets, servlets and JSP. This project is maintained by David Gilbert.
FusionCharts Free
FusionCharts Free - Animated Flash Charts and Graphs for ASP, PHP, ASP.NET and other web applications
FusionCharts Free is a flash charting component that can be used to render data-driven & animated charts for your web applications and presentations.
It is a cross-browser and cross-platform solution that can be used with PHP, Python, Ruby on Rails, ASP, ASP.NET, JSP, ColdFusion, simple HTML pages or even PowerPoint Presentations to deliver interactive and powerful flash charts. You do NOT need to know anything about Flash to use FusionCharts. All you need to know is the language you're programming in.
FusionCharts Free is a flash charting component that can be used to render data-driven & animated charts for your web applications and presentations.
It is a cross-browser and cross-platform solution that can be used with PHP, Python, Ruby on Rails, ASP, ASP.NET, JSP, ColdFusion, simple HTML pages or even PowerPoint Presentations to deliver interactive and powerful flash charts. You do NOT need to know anything about Flash to use FusionCharts. All you need to know is the language you're programming in.
Open Flash Chart .NET
Open Flash Chart .NET (OFC.NET) is based on the Open Flash Chart project located at http://teethgrinder.co.uk/open-flash-chart/ (or SourceForge). Source code for OFC.NET is located on a Subversion server provided by K2 Colocation at http://svn.k2colocation.com/svn/OpenFlashChart.
Open Flash Chart
Open Flash Chart
Open Flash Chart, is open source. It is free to use and you get the source code to fiddle with!
Open Flash Chart, is open source. It is free to use and you get the source code to fiddle with!
Friday, May 9, 2008
Dynamic Multipoint IPsec VPNs (Using Multipoint GRE/NHRP to Scale IPsec VPNs) - Cisco Systems
Dynamic Multipoint IPsec VPNs (Using Multipoint GRE/NHRP to Scale IPsec VPNs) - Cisco Systems
This document discusses Dynamic Multipoint IPsec VPNs (DMVPN) and why a company might want to design or migrate their network to make use of this new IPsec VPN solution in Cisco IOS Software.
This document discusses Dynamic Multipoint IPsec VPNs (DMVPN) and why a company might want to design or migrate their network to make use of this new IPsec VPN solution in Cisco IOS Software.
IP Tunneling Configuration Examples and TechNotes - Cisco Systems
IP Tunneling Configuration Examples and TechNotes - Cisco Systems
Generic Routing Encapsulation (GRE)
Configuring a GRE Tunnel over IPSec with OSPF 06/Feb/2007
Configuring CET Encryption with a GRE Tunnel 14/Jan/2008
Configuring Dynamic Multipoint VPN Using GRE Over IPSec With EIGRP, NAT, and CBAC 14/Jan/2008
Configuring Dynamic Multipoint VPN Using GRE Over IPsec With OSPF, NAT, and Cisco IOS Firewall 30/Nov/2006
Configuring GRE and IPSec with IPX Routing 28/Dec/2005
Configuring GRE Over IPSec Between a Cisco IOS Router and a VPN 5000 Concentrator Using Dynamic Routing 02/May/2008
Configuring GRE over IPSec Between a Cisco IOS Router and a VPN 5000 Concentrator Using Static Routing 04/Apr/2008
Configuring IPSec with EIGRP and IPX Using GRE Tunneling 21/Jun/2005
Configuring IPSec/GRE with NAT 03/May/2004
Configuring Router-to-Router IPsec (Pre-shared Keys) on GRE Tunnel with IOS Firewall and NAT 06/Feb/2007
Configuring the Cisco VPN 5000 and a Router to Open a GRE Tunnel 02/May/2008
Configuring Two Cisco VPN 5000 Series Concentrators to Establish a GRE Tunnel 02/May/2008
Configuring Two Cisco VPN 5000 Series Concentrators to Establish a GRE Tunnel Routing IPX 02/May/2008
Configuring Two Cisco VPN 5000 Series Concentrators to Establish an IPSec LAN-to-LAN Tunnel Routing IPX 02/May/2008
GRE over IPSec with EIGRP to Route Through a Hub and Multiple Remote Sites Configuration Example 14/Jan/2008
Multicast over a GRE Tunnel 21/Dec/2005
Point-to-Point Tunneling Protocol (PPTP)
Configuring CiscoSecure ACS for Windows Router PPTP Authentication 26/Mar/2007
Configuring PPTP Through PAT to a Microsoft PPTP Server 19/Oct/2006
Configuring the Cisco Router and VPN Clients Using PPTP and MPPE 01/Feb/2007
Configuring the PIX Firewall and VPN Clients Using PPTP, MPPE and IPSec 15/Nov/2005
Configuring the VPN 3000 Concentrator PPTP With Cisco Secure ACS for Windows RADIUS Authentication 15/Jan/2008
How to Configure the VPN 3000 Concentrator PPTP with Local Authentication 06/Dec/2006
Generic Routing Encapsulation (GRE)
Configuring a GRE Tunnel over IPSec with OSPF 06/Feb/2007
Configuring CET Encryption with a GRE Tunnel 14/Jan/2008
Configuring Dynamic Multipoint VPN Using GRE Over IPSec With EIGRP, NAT, and CBAC 14/Jan/2008
Configuring Dynamic Multipoint VPN Using GRE Over IPsec With OSPF, NAT, and Cisco IOS Firewall 30/Nov/2006
Configuring GRE and IPSec with IPX Routing 28/Dec/2005
Configuring GRE Over IPSec Between a Cisco IOS Router and a VPN 5000 Concentrator Using Dynamic Routing 02/May/2008
Configuring GRE over IPSec Between a Cisco IOS Router and a VPN 5000 Concentrator Using Static Routing 04/Apr/2008
Configuring IPSec with EIGRP and IPX Using GRE Tunneling 21/Jun/2005
Configuring IPSec/GRE with NAT 03/May/2004
Configuring Router-to-Router IPsec (Pre-shared Keys) on GRE Tunnel with IOS Firewall and NAT 06/Feb/2007
Configuring the Cisco VPN 5000 and a Router to Open a GRE Tunnel 02/May/2008
Configuring Two Cisco VPN 5000 Series Concentrators to Establish a GRE Tunnel 02/May/2008
Configuring Two Cisco VPN 5000 Series Concentrators to Establish a GRE Tunnel Routing IPX 02/May/2008
Configuring Two Cisco VPN 5000 Series Concentrators to Establish an IPSec LAN-to-LAN Tunnel Routing IPX 02/May/2008
GRE over IPSec with EIGRP to Route Through a Hub and Multiple Remote Sites Configuration Example 14/Jan/2008
Multicast over a GRE Tunnel 21/Dec/2005
Point-to-Point Tunneling Protocol (PPTP)
Configuring CiscoSecure ACS for Windows Router PPTP Authentication 26/Mar/2007
Configuring PPTP Through PAT to a Microsoft PPTP Server 19/Oct/2006
Configuring the Cisco Router and VPN Clients Using PPTP and MPPE 01/Feb/2007
Configuring the PIX Firewall and VPN Clients Using PPTP, MPPE and IPSec 15/Nov/2005
Configuring the VPN 3000 Concentrator PPTP With Cisco Secure ACS for Windows RADIUS Authentication 15/Jan/2008
How to Configure the VPN 3000 Concentrator PPTP with Local Authentication 06/Dec/2006
Router-to-Router IPSec (RSA Keys) on GRE Tunnel with RIP Configuration Example - Cisco Systems
Router-to-Router IPSec (RSA Keys) on GRE Tunnel with RIP Configuration Example - Cisco Systems
This document provides a sample configuration for routers with RSA keys. Both routers are configured for RSA keys and IPSec/Generic Routing Encapsulation (GRE) tunnel with Routing Information Protocol (RIP).
This document provides a sample configuration for routers with RSA keys. Both routers are configured for RSA keys and IPSec/Generic Routing Encapsulation (GRE) tunnel with Routing Information Protocol (RIP).
Configuring Router-to-Router IPsec (Pre-shared Keys) on GRE Tunnel with IOS Firewall and NAT - Cisco Systems
Configuring Router-to-Router IPsec (Pre-shared Keys) on GRE Tunnel with IOS Firewall and NAT - Cisco Systems
This document illustrates a basic Cisco IOS Firewall configuration with Network Address Translation (NAT). This configuration allows traffic to be initiated from inside the 10.1.1.x and 172.16.1.x networks to the Internet and NATed along the way. A generic routing encapsulation (GRE) tunnel is added to tunnel IP and IPX traffic between two private networks. When a packet arrives at the outbound interface of the router and if it is sent down the tunnel, it is first encapsulated using GRE and then encrypted with IPsec. In other words, any traffic permitted to enter the GRE tunnel is also encrypted by IPsec.
In order to configure the GRE Tunnel over IPsec with Open Shortest Path First (OSPF), refer to Configuring a GRE Tunnel over IPSec with OSPF.
In order to configure a hub and spoke IPsec design between three routers, refer to Configuring IPsec Router-to-Router Hub and Spoke with Communication Between the Spokes.
This document illustrates a basic Cisco IOS Firewall configuration with Network Address Translation (NAT). This configuration allows traffic to be initiated from inside the 10.1.1.x and 172.16.1.x networks to the Internet and NATed along the way. A generic routing encapsulation (GRE) tunnel is added to tunnel IP and IPX traffic between two private networks. When a packet arrives at the outbound interface of the router and if it is sent down the tunnel, it is first encapsulated using GRE and then encrypted with IPsec. In other words, any traffic permitted to enter the GRE tunnel is also encrypted by IPsec.
In order to configure the GRE Tunnel over IPsec with Open Shortest Path First (OSPF), refer to Configuring a GRE Tunnel over IPSec with OSPF.
In order to configure a hub and spoke IPsec design between three routers, refer to Configuring IPsec Router-to-Router Hub and Spoke with Communication Between the Spokes.
PIX/ASA - VPN/IPsec with OSPF Configuration Example - Cisco Systems
PIX/ASA: VPN/IPsec with OSPF Configuration Example - Cisco Systems
This document provides a sample configuration for a VPN/IPsec with Open Shortest Path First (OSPF) on Cisco PIX Security Appliance Software Version 7.x or Cisco Adaptive Security Appliance (ASA). PIX/ASA 7.x allows OSPF unicast to run over an existing VPN connection. You no longer need to configure a Generic Routing Encapsulation (GRE) tunnel.
This document provides a sample configuration for a VPN/IPsec with Open Shortest Path First (OSPF) on Cisco PIX Security Appliance Software Version 7.x or Cisco Adaptive Security Appliance (ASA). PIX/ASA 7.x allows OSPF unicast to run over an existing VPN connection. You no longer need to configure a Generic Routing Encapsulation (GRE) tunnel.
Configuring Dynamic Multipoint VPN Using GRE Over IPsec With OSPF, NAT, and Cisco IOS Firewall - Cisco Systems
Configuring Dynamic Multipoint VPN Using GRE Over IPsec With OSPF, NAT, and Cisco IOS Firewall - Cisco Systems
This document provides a sample configuration for Dynamic Multipoint VPN (DMVPN) using generic routing encapsulation (GRE) over IPsec with Open Shortest Path First (OSPF), Network Address Translation (NAT), and Cisco IOS Firewall.
This document provides a sample configuration for Dynamic Multipoint VPN (DMVPN) using generic routing encapsulation (GRE) over IPsec with Open Shortest Path First (OSPF), Network Address Translation (NAT), and Cisco IOS Firewall.
Configuring DMVPN Spoke Router in Full Mesh IPsec VPN Using SDM (Cisco Systems)
Configuring DMVPN Spoke Router in Full Mesh IPsec VPN Using SDM - Cisco Systems
This document provides a sample configuration for configuring Dynamic Multipoint spoke router into a full mesh Dynamic Multipoint VPN (DMVPN). DMVPN allows users to scale large and small IPsec VPNs more effectively by combining generic routing encapsulation (GRE) tunnels, IPsec encryption, and Next Hop Resolution Protocol (NHRP). Security Device Manager (SDM) is an embedded security configuration management tool used to configure Cisco IOS Software routers with variety of security features. This sample configuration relies on SDM version 1.2 that supports hub and spoke DMVPN configurations and shows how to configure dynamic Spoke to Spoke tunnels.
This document provides a sample configuration for configuring Dynamic Multipoint spoke router into a full mesh Dynamic Multipoint VPN (DMVPN). DMVPN allows users to scale large and small IPsec VPNs more effectively by combining generic routing encapsulation (GRE) tunnels, IPsec encryption, and Next Hop Resolution Protocol (NHRP). Security Device Manager (SDM) is an embedded security configuration management tool used to configure Cisco IOS Software routers with variety of security features. This sample configuration relies on SDM version 1.2 that supports hub and spoke DMVPN configurations and shows how to configure dynamic Spoke to Spoke tunnels.
Quality of Service for Virtual Private Networks - Cisco Systems
Quality of Service for Virtual Private Networks - Cisco Systems
Feature Overview
When packets are encapsulated by tunnel or encryption headers, Quality of Service (QoS) features are unable to examine the original packet headers and correctly classify the packets. Packets traveling across the same tunnel have the same tunnel headers, so the packets are treated identically if the physical interface is congested.
With the growing popularity of Virtual Private Networks (VPNs), the need to classify traffic within a traffic tunnel is gaining importance. QoS features have historically been unable to classify traffic within a tunnel. With the introduction of the Quality of Service for Virtual Private Networks (QoS for VPNs) feature, packets can now be classified before tunneling and encryption occur. The process of classifying features before tunneling and encryption allows routers to configure QoS features and tunneling and cypto maps on the same interface.
The QoS for VPNs feature is designed for tunnel interfaces. When the new feature is enabled, the QoS features on the output interface classify packets before encryption, allowing traffic flows to be adjusted in congested environments. The end result is more effective packet tunneling.
QoS for VPNs is supported for Generic Routing Encapsulation (GRE), IP in IP (IPIP) tunnels, Layer 2 Tunneling Protocol (L2TP), Layer 2 Forwarding (L2F), Point to Point Tunneling Protocol (PPTP), and IPSec.
Benefits
The QoS for VPNs feature provides a solution for making Cisco IOS Quality of Service services operate in conjunction with tunneling and encryption on an interface. Cisco IOS software can classify packets and apply the appropriate QoS service before the data is encrypted and tunneled. The QoS for VPN feature allows users to look inside the packet so that packet classification can be done based on original port numbers and based on source and destination IP addresses. This allows the service provider to treat mission critical or multi-service traffic with higher priority across their network.
Restrictions
- Interfaces running cascading QoS features, such as generic traffic shaping or custom queuing, are required to have QoS for VPNs enabled or disabled on all cascading features. If the QoS for VPNs feature is enabled on one cascading feature, the QoS for VPNs feature must be enabled on all cascading features. Similarly, if the QoS for VPNs feature is disabled on one cascading feature, the QoS for VPNs feature must be disabled on all cascading features.
- QoS for VPNs cannot be used in conjunction with generic traffic shaping and custom queuing in Cisco 2600 and Cisco 3600 series routers only.
Feature Overview
When packets are encapsulated by tunnel or encryption headers, Quality of Service (QoS) features are unable to examine the original packet headers and correctly classify the packets. Packets traveling across the same tunnel have the same tunnel headers, so the packets are treated identically if the physical interface is congested.
With the growing popularity of Virtual Private Networks (VPNs), the need to classify traffic within a traffic tunnel is gaining importance. QoS features have historically been unable to classify traffic within a tunnel. With the introduction of the Quality of Service for Virtual Private Networks (QoS for VPNs) feature, packets can now be classified before tunneling and encryption occur. The process of classifying features before tunneling and encryption allows routers to configure QoS features and tunneling and cypto maps on the same interface.
The QoS for VPNs feature is designed for tunnel interfaces. When the new feature is enabled, the QoS features on the output interface classify packets before encryption, allowing traffic flows to be adjusted in congested environments. The end result is more effective packet tunneling.
QoS for VPNs is supported for Generic Routing Encapsulation (GRE), IP in IP (IPIP) tunnels, Layer 2 Tunneling Protocol (L2TP), Layer 2 Forwarding (L2F), Point to Point Tunneling Protocol (PPTP), and IPSec.
Benefits
The QoS for VPNs feature provides a solution for making Cisco IOS Quality of Service services operate in conjunction with tunneling and encryption on an interface. Cisco IOS software can classify packets and apply the appropriate QoS service before the data is encrypted and tunneled. The QoS for VPN feature allows users to look inside the packet so that packet classification can be done based on original port numbers and based on source and destination IP addresses. This allows the service provider to treat mission critical or multi-service traffic with higher priority across their network.
Restrictions
- Interfaces running cascading QoS features, such as generic traffic shaping or custom queuing, are required to have QoS for VPNs enabled or disabled on all cascading features. If the QoS for VPNs feature is enabled on one cascading feature, the QoS for VPNs feature must be enabled on all cascading features. Similarly, if the QoS for VPNs feature is disabled on one cascading feature, the QoS for VPNs feature must be disabled on all cascading features.
- QoS for VPNs cannot be used in conjunction with generic traffic shaping and custom queuing in Cisco 2600 and Cisco 3600 series routers only.
Configuring a GRE Tunnel over IPSec with OSPF - Cisco Systems
Configuring a GRE Tunnel over IPSec with OSPF - Cisco Systems
Normal IP Security (IPSec) configurations cannot transfer routing protocols, such as Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF), or non-IP traffic, such as Internetwork Packet Exchange (IPX) and AppleTalk. This document illustrates how to route between different networks that use a routing protocol and non-IP traffic with IPSec. This example uses generic routing encapsulation (GRE) in order to accomplish routing between the different networks.
Refer to Configuring IPsec Router-to-Router Hub and Spoke with Communication Between the Spokes for information on how to configure a hub and spoke IPSec design between three routers.
Refer to Configuring Router-to-Router IPSec (Pre-shared Keys) on GRE Tunnel with IOS Firewall and NAT for information on how to configure the basic Cisco IOS® Firewall configuration on a GRE tunnel with Network Address Translation (NAT).
Refer to PIX/ASA 7.x and later : VPN/IPsec with OSPF Configuration Example for more information on how to configure for a VPN/IPsec with Open Shortest Path First (OSPF) on Cisco PIX Security Appliance Software Version 7.x or Cisco Adaptive Security Appliance (ASA).
Refer to Adjusting IP MTU, TCP MSS, and PMTUD on Windows and Sun Systems for information about possible Maximum Transmission Unit (MTU) issues.
Normal IP Security (IPSec) configurations cannot transfer routing protocols, such as Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF), or non-IP traffic, such as Internetwork Packet Exchange (IPX) and AppleTalk. This document illustrates how to route between different networks that use a routing protocol and non-IP traffic with IPSec. This example uses generic routing encapsulation (GRE) in order to accomplish routing between the different networks.
Refer to Configuring IPsec Router-to-Router Hub and Spoke with Communication Between the Spokes for information on how to configure a hub and spoke IPSec design between three routers.
Refer to Configuring Router-to-Router IPSec (Pre-shared Keys) on GRE Tunnel with IOS Firewall and NAT for information on how to configure the basic Cisco IOS® Firewall configuration on a GRE tunnel with Network Address Translation (NAT).
Refer to PIX/ASA 7.x and later : VPN/IPsec with OSPF Configuration Example for more information on how to configure for a VPN/IPsec with Open Shortest Path First (OSPF) on Cisco PIX Security Appliance Software Version 7.x or Cisco Adaptive Security Appliance (ASA).
Refer to Adjusting IP MTU, TCP MSS, and PMTUD on Windows and Sun Systems for information about possible Maximum Transmission Unit (MTU) issues.
Quality of Service Options on GRE Tunnel Interfaces - Cisco Systems
Quality of Service Options on GRE Tunnel Interfaces - Cisco Systems
This document reviews which Quality of Service (QoS) features can be configured on tunnel interfaces using generic routing encapsulation (GRE). Tunnels configured with IP Security (IPsec) are outside the scope of this document.
This document reviews which Quality of Service (QoS) features can be configured on tunnel interfaces using generic routing encapsulation (GRE). Tunnels configured with IP Security (IPsec) are outside the scope of this document.
BGP / Scalable Policy Routing (NIL IP Corner Article)
Scalable Policy Routing / Nil IP Corner
Network designers and implementers try to avoid policy routing, as its common implementation in Cisco IOS requires a complex mix of access-lists and route-maps that have to be deployed on a hop-by-hop basis. In most cases, distance vector routing protocols can be used to implement policy routing requirements in large networks. The article describes how you can use BGP to implement an architecture where a set of applications should prefer a different subset of links than other applications.
Summary
Most network designers and implementers try to avoid policy routing, as its common implementation in Cisco IOS requires a complex mix of access-lists and route-maps that have to be deployed on a hop-by-hop basis. In reality, distance vector routing protocols can be used to implement common policy routing requirements in enterprise networks where a set of applications should prefer a different subset of links than other applications.
Routing protocol-based policy routing should be implemented (if at all possible) with BGP, as it gives you the richest set of tools to use to influence the route selection policy. EIGRP is a viable alternative (you can manipulate the delay portion of the metric for each individual IP prefix), with RIP being the solution of last resort. You cannot implement the same mechanisms with any link-state protocol, as you cannot increase the link cost for individual IP prefixes (OSPF with type-of-service support would allow you to do that, but it’s never been implemented in a mainstream routing device).
Network designers and implementers try to avoid policy routing, as its common implementation in Cisco IOS requires a complex mix of access-lists and route-maps that have to be deployed on a hop-by-hop basis. In most cases, distance vector routing protocols can be used to implement policy routing requirements in large networks. The article describes how you can use BGP to implement an architecture where a set of applications should prefer a different subset of links than other applications.
Summary
Most network designers and implementers try to avoid policy routing, as its common implementation in Cisco IOS requires a complex mix of access-lists and route-maps that have to be deployed on a hop-by-hop basis. In reality, distance vector routing protocols can be used to implement common policy routing requirements in enterprise networks where a set of applications should prefer a different subset of links than other applications.
Routing protocol-based policy routing should be implemented (if at all possible) with BGP, as it gives you the richest set of tools to use to influence the route selection policy. EIGRP is a viable alternative (you can manipulate the delay portion of the metric for each individual IP prefix), with RIP being the solution of last resort. You cannot implement the same mechanisms with any link-state protocol, as you cannot increase the link cost for individual IP prefixes (OSPF with type-of-service support would allow you to do that, but it’s never been implemented in a mainstream routing device).
Wednesday, May 7, 2008
Public Key Infrastructure for Windows Server 2003 (Microsoft)
Public Key Infrastructure for Windows Server 2003 (Microsoft)
Microsoft Public Key Infrastructure (PKI) for Windows Server 2003 provides an integrated public key infrastructure that enables you to secure and exchange information with strong security and easy administration across the Internet, extranets, intranets, and applications. To understand the full value and functionality offered in PKI for Windows Server 2003, read PKI Enhancements in Windows XP Professional and Windows Server 2003.
Microsoft Public Key Infrastructure (PKI) for Windows Server 2003 provides an integrated public key infrastructure that enables you to secure and exchange information with strong security and easy administration across the Internet, extranets, intranets, and applications. To understand the full value and functionality offered in PKI for Windows Server 2003, read PKI Enhancements in Windows XP Professional and Windows Server 2003.
Common L2L and Remote Access IPSec VPN Troubleshooting Solutions / Cisco.com
Most Common L2L and Remote Access IPSec VPN Troubleshooting Solutions (Cisco Systems)
This document contains the most common solutions to IPsec VPN problems. These solutions come directly from service requests that the Cisco Technical Support have solved. Many of these solutions can be implemented prior to the in-depth troubleshooting of an IPsec VPN connection. As a result, this document is presented as a checklist of common procedures to try before you begin to troubleshoot a connection and call Cisco Technical Support.
This document contains the most common solutions to IPsec VPN problems. These solutions come directly from service requests that the Cisco Technical Support have solved. Many of these solutions can be implemented prior to the in-depth troubleshooting of an IPsec VPN connection. As a result, this document is presented as a checklist of common procedures to try before you begin to troubleshoot a connection and call Cisco Technical Support.
Obtain a Digital Certificate from a Microsoft Windows CA using ASDM on an ASA
How to obtain a Digital Certificate from a Microsoft Windows CA using ASDM on an ASA (Cisco Systems)
Digital certificates can be used to authenticate network devices and users on the network. They can be used to negotiate IPSec sessions between network nodes.
Cisco devices identify themselves securely on a network in three main ways:
Pre-Shared Keys. Two or more devices can have the same shared secret key. Peers authenticate each other by computing and sending a keyed hash of data that includes the preshared key. If the receiving peer is able to create the same hash independently using its preshared key, it knows that both peers must share the same secret, thus authenticating the other peer. This method is manual and not very scalable.
Self-Signed Certificates. A device generates its own certificate and signs it as being valid. This type of certificate should have limited usage. Using this certificate with SSH and HTTPS access for configuration purposes are good examples. A separate username/password pair is needed to complete the connection.
Note: Persistent Self-Signed Certificates survive router reloads because they are saved in the nonvolatile random-access memory (NVRAM) of the device. Refer to Persistent Self-Signed Certificates for more information. One good example of use is with SSL VPN (WebVPN) connections.
Certificate Authority Certificate. A third party validates and authenticates the two or more nodes that attempt to communicate. Each node has a public and private key. The public key encrypts data, and the private key decrypts data. Because they have obtained their certificates from the same source, they can be assured of their respective identities. The ASA device can obtain a digital certificate from a third-party with a manual enrollment method or an automatic enrollment method.
Note: The enrollment method and type of digital certificate you choose is dependent upon the features and functions of each third-party product. Contact the vendor of the certificate service for more information.
The Cisco Adaptive Security Appliance (ASA) can use pre-shared keys or digital certificates provided by a third-party Certificate Authority (CA) to authenticate IPSec connections. In addition, the ASA can produce its own self-signed digital certificate. This should be used for SSH, HTTPS, and Cisco Adaptive Security Device Manager (ASDM) connections to the device.
This document demonstrates the procedures necessary to automatically obtain a digital certificate from a Microsoft Certificate Authority (CA) for the ASA. It does not include the manual method of enrollment. This document uses ASDM for the configuration steps, as well as presents the final command-line interface (CLI ) configuration.
Digital certificates can be used to authenticate network devices and users on the network. They can be used to negotiate IPSec sessions between network nodes.
Cisco devices identify themselves securely on a network in three main ways:
Pre-Shared Keys. Two or more devices can have the same shared secret key. Peers authenticate each other by computing and sending a keyed hash of data that includes the preshared key. If the receiving peer is able to create the same hash independently using its preshared key, it knows that both peers must share the same secret, thus authenticating the other peer. This method is manual and not very scalable.
Self-Signed Certificates. A device generates its own certificate and signs it as being valid. This type of certificate should have limited usage. Using this certificate with SSH and HTTPS access for configuration purposes are good examples. A separate username/password pair is needed to complete the connection.
Note: Persistent Self-Signed Certificates survive router reloads because they are saved in the nonvolatile random-access memory (NVRAM) of the device. Refer to Persistent Self-Signed Certificates for more information. One good example of use is with SSL VPN (WebVPN) connections.
Certificate Authority Certificate. A third party validates and authenticates the two or more nodes that attempt to communicate. Each node has a public and private key. The public key encrypts data, and the private key decrypts data. Because they have obtained their certificates from the same source, they can be assured of their respective identities. The ASA device can obtain a digital certificate from a third-party with a manual enrollment method or an automatic enrollment method.
Note: The enrollment method and type of digital certificate you choose is dependent upon the features and functions of each third-party product. Contact the vendor of the certificate service for more information.
The Cisco Adaptive Security Appliance (ASA) can use pre-shared keys or digital certificates provided by a third-party Certificate Authority (CA) to authenticate IPSec connections. In addition, the ASA can produce its own self-signed digital certificate. This should be used for SSH, HTTPS, and Cisco Adaptive Security Device Manager (ASDM) connections to the device.
This document demonstrates the procedures necessary to automatically obtain a digital certificate from a Microsoft Certificate Authority (CA) for the ASA. It does not include the manual method of enrollment. This document uses ASDM for the configuration steps, as well as presents the final command-line interface (CLI ) configuration.
Dynamic IPsec Between a Statically Addressed IOS Router and the Dynamically Addressed PIX Firewall with NAT Configuration Example
Dynamic IPsec Between a Statically Addressed IOS Router and the Dynamically Addressed PIX Firewall with NAT Configuration Example
(Cisco Systems)
This document provides a sample configuration that shows you how to enable the IOS router to accept dynamic IPsec connections from an PIX Firewall. The remote router performs Network Address Translation (NAT) if private network 10.0.0.x accesses the Internet. Traffic from 10.0.0.x to private network 10.1.0.x behind the PIX is excluded from the NAT process. The PIX Firewall can initiate connections to the router, but the router cannot initiate connections to the PIX.
This configuration uses a Cisco IOS router in order to create dynamic IPsec LAN-to-LAN (L2L) tunnels with a PIX Firewall that receives dynamic IP addresses on their public interface (outside interface). Dynamic Host Configuration Protocol (DHCP) provides a mechanism in order to allocate IP addresses dynamically from the Internet service provider (ISP). This allows IP addresses to be reused when hosts no longer need them.
(Cisco Systems)
This document provides a sample configuration that shows you how to enable the IOS router to accept dynamic IPsec connections from an PIX Firewall. The remote router performs Network Address Translation (NAT) if private network 10.0.0.x accesses the Internet. Traffic from 10.0.0.x to private network 10.1.0.x behind the PIX is excluded from the NAT process. The PIX Firewall can initiate connections to the router, but the router cannot initiate connections to the PIX.
This configuration uses a Cisco IOS router in order to create dynamic IPsec LAN-to-LAN (L2L) tunnels with a PIX Firewall that receives dynamic IP addresses on their public interface (outside interface). Dynamic Host Configuration Protocol (DHCP) provides a mechanism in order to allocate IP addresses dynamically from the Internet service provider (ISP). This allows IP addresses to be reused when hosts no longer need them.
Cisco IOS IPsec Accounting with Cisco IOS NetFlow
Cisco IOS IPsec Accounting with Cisco IOS NetFlow [Netflow] - Cisco Systems
.... (cisco whitepaper)
Cisco IOS NetFlow:
http://www.cisco.com/go/netflow
Cisco IOS IPsec:
http://www.cisco.com/go/ipsec
.... (cisco whitepaper)
Cisco IOS NetFlow:
http://www.cisco.com/go/netflow
Cisco IOS IPsec:
http://www.cisco.com/go/ipsec
Tuesday, May 6, 2008
Zenoss - Open Source Network Monitoring and Systems Monitoring
Zenoss - Open Source Network Monitoring and Systems Monitoring
Open Source Application, Server, and Network Management
Open Source Application, Server, and Network Management
SNM: Systems and Network Monitor
SNM: Systems and Network Monitor
SNM is a tool to monitor, graph and alert the capacity of computing devices and applications. SNM runs on a Windows or Linux device on your network, 24 hours every day and constantly records the capacity parameters of any networked device using snmp (v1, v2c or v3), ping or custom modules. The recorded data is stored for later reference via a user friendly menu-driven web browser. E-mail alerts are raised if a user determined number of queries fail. Refer to the example for a sample screen.
SNM is a tool to monitor, graph and alert the capacity of computing devices and applications. SNM runs on a Windows or Linux device on your network, 24 hours every day and constantly records the capacity parameters of any networked device using snmp (v1, v2c or v3), ping or custom modules. The recorded data is stored for later reference via a user friendly menu-driven web browser. E-mail alerts are raised if a user determined number of queries fail. Refer to the example for a sample screen.
JFFNMS - Just for Fun Network Management System
JFFNMS - Just for Fun Network Management System
JFFNMS is a Network Management and Monitoring System designed to monitor a IP SNMP / Syslog / Tacacs+ Network. It can be used to monitor any standards compilant SNMP device, Server, Router, TCP port or anything you want, if you write a custom poller, we also provide some Cisco focused features.
Features:
Written in PHP (Works on Linux, FreeBSD and Win2K/XP)
Status Map, gives you a quick look of your network
Events Console, shows all kinds of events in the same time-ordered display
Performance Graphs for everything, Interface Traffic, Errors, CPU Usage, etc.
Database Backend (MySQL or PostgreSQL)
Integrated Syslog Logging and Tacacs+ Authentication and Accounting
Free, licensed under the GPL
More Features
JFFNMS is a Network Management and Monitoring System designed to monitor a IP SNMP / Syslog / Tacacs+ Network. It can be used to monitor any standards compilant SNMP device, Server, Router, TCP port or anything you want, if you write a custom poller, we also provide some Cisco focused features.
Features:
Written in PHP (Works on Linux, FreeBSD and Win2K/XP)
Status Map, gives you a quick look of your network
Events Console, shows all kinds of events in the same time-ordered display
Performance Graphs for everything, Interface Traffic, Errors, CPU Usage, etc.
Database Backend (MySQL or PostgreSQL)
Integrated Syslog Logging and Tacacs+ Authentication and Accounting
Free, licensed under the GPL
More Features
php-syslog-ng - A frontend for viewing syslog-ng messages logged to MySQL in realtime
php-syslog-ng (Google Code) Php-Syslog-ng is a frontend for viewing syslog-ng messages logged to MySQL in realtime. It features customized searches based on device, priority, date, time, and message
Friday, May 2, 2008
Cisco 870 Access Routers / Configuration Guide - Cisco Systems
Cisco 870 Series Access Routers Software Configuration Guide - Cisco Systems
Part 1: Getting Started
Chapter 1, "Basic Router Configuration"—Describes how to configure basic router features and interfaces.
Part 2: Configuring Your Router for Ethernet and DSL Access
Chapter 2, "Sample Network Deployments"—Provides a road map for Part 2.
Chapter 3, "Configuring PPP over Ethernet with NAT"—Provides instructions on how to configure PPPoE with Network Address Translation (NAT) on your Cisco router.
Chapter 4, "Configuring PPP over ATM with NAT"—Provides instructions on how to configure PPPoA with Network Address Translation (NAT) on your Cisco router.
Chapter 5, "Configuring a LAN with DHCP and VLANs"—Provides instructions on how to configure your Cisco router with multiple VLANs and to have it act as a DHCP server.
Chapter 6, "Configuring a VPN Using Easy VPN and an IPSec Tunnel"—Provides instructions on how to configure a virtual private network (VPN) with a secure IP tunnel using the Cisco Easy VPN.
Chapter 7, "Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation"—Provides instructions on how to configure a VPN with a secure IP tunnel and generic routing encapsulation (GRE).
Chapter 8, "Configuring a Simple Firewall"—Provides instructions on how to configure a basic firewall on your Cisco router.
Chapter 9, "Configuring a Wireless LAN Connection"—Provides instructions on how to configure a wireless LAN connection on your Cisco router.
Chapter 10, "Sample Configuration"—Presents a summary configuration example showing features configured in the preceding chapters of this part of the guide.
Part 3: Configuring Additional Features and Troubleshooting
Chapter 11, "Additional Configuration Options"—Provides a road map for Part 3.
Chapter 12, "Configuring Security Features"—Explains basic configuration of Cisco IOS security features, including firewall and VPN configuration.
Chapter 13, "Configuring Dial Backup and Remote Management"—Provides instructions on how to configure your Cisco router for dial backup and remote management.
Chapter 14, "Troubleshooting"—Provides information on identifying and solving problems with the ADSL line and the telephone interface. Also explains how to recover a lost software password.
Part 4: Reference Information
Appendix A, "Cisco IOS Software Basic Skills"—Explains what you need to know about Cisco IOS software before you begin to configure it.
Appendix B, "Concepts"—Provides general concept explanations of features.
Appendix C, "ROM Monitor"—Describes the use of the ROM Monitor (ROMMON) utility.
Appendix D, "Common Port Assignments"—Describes the currently assigned Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) port numbers.
pdf download
Part 1: Getting Started
Chapter 1, "Basic Router Configuration"—Describes how to configure basic router features and interfaces.
Part 2: Configuring Your Router for Ethernet and DSL Access
Chapter 2, "Sample Network Deployments"—Provides a road map for Part 2.
Chapter 3, "Configuring PPP over Ethernet with NAT"—Provides instructions on how to configure PPPoE with Network Address Translation (NAT) on your Cisco router.
Chapter 4, "Configuring PPP over ATM with NAT"—Provides instructions on how to configure PPPoA with Network Address Translation (NAT) on your Cisco router.
Chapter 5, "Configuring a LAN with DHCP and VLANs"—Provides instructions on how to configure your Cisco router with multiple VLANs and to have it act as a DHCP server.
Chapter 6, "Configuring a VPN Using Easy VPN and an IPSec Tunnel"—Provides instructions on how to configure a virtual private network (VPN) with a secure IP tunnel using the Cisco Easy VPN.
Chapter 7, "Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation"—Provides instructions on how to configure a VPN with a secure IP tunnel and generic routing encapsulation (GRE).
Chapter 8, "Configuring a Simple Firewall"—Provides instructions on how to configure a basic firewall on your Cisco router.
Chapter 9, "Configuring a Wireless LAN Connection"—Provides instructions on how to configure a wireless LAN connection on your Cisco router.
Chapter 10, "Sample Configuration"—Presents a summary configuration example showing features configured in the preceding chapters of this part of the guide.
Part 3: Configuring Additional Features and Troubleshooting
Chapter 11, "Additional Configuration Options"—Provides a road map for Part 3.
Chapter 12, "Configuring Security Features"—Explains basic configuration of Cisco IOS security features, including firewall and VPN configuration.
Chapter 13, "Configuring Dial Backup and Remote Management"—Provides instructions on how to configure your Cisco router for dial backup and remote management.
Chapter 14, "Troubleshooting"—Provides information on identifying and solving problems with the ADSL line and the telephone interface. Also explains how to recover a lost software password.
Part 4: Reference Information
Appendix A, "Cisco IOS Software Basic Skills"—Explains what you need to know about Cisco IOS software before you begin to configure it.
Appendix B, "Concepts"—Provides general concept explanations of features.
Appendix C, "ROM Monitor"—Describes the use of the ROM Monitor (ROMMON) utility.
Appendix D, "Common Port Assignments"—Describes the currently assigned Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) port numbers.
pdf download
PIX/ASA 7.x and IOS: VPN Fragmentation - Cisco Systems
PIX/ASA 7.x and IOS: VPN Fragmentation - Cisco Systems
This document walks you through the steps required to alleviate problems that can occur with the fragmentation of a packet. An example of a fragmentation problems is the ability to ping a networked resource but the inability to connect to that same resource with a specific application, such as E-mail or databases.
This document walks you through the steps required to alleviate problems that can occur with the fragmentation of a packet. An example of a fragmentation problems is the ability to ping a networked resource but the inability to connect to that same resource with a specific application, such as E-mail or databases.
VRF-lite Based Group Encrypted Transport VPN - Cisco Systems
VRF-lite Based Group Encrypted Transport VPN [Group Encrypted Transport VPN] - Cisco Systems
Virtual Private Networks (VPNs) provide a highly secure way for customers to share bandwidth over an ISP backbone network. A VPN is a collection of sites sharing a common routing table. A customer site is connected to the service provider network by one or more interfaces, and the service provider associates each interface with a VPN routing table. A VPN routing table is called a VPN routing/forwarding (VRF) table. VRFs are generally associated with MPLS based VPNs.
With the VRF-lite feature, multiple VPN routing/forwarding instances can be supported in customer edge devices. VRF-lite extends limited PE functionality to a CE device, giving it the ability to maintain separate VRF tables to extend the privacy and security of a VPN to the branch office. This also helps the customer to share the same CE for various internal departments while maintaining separate VRF table for each department.
Now, the intention of this document is to enable Cisco IOS GET VPN on the CE's VRF-lite interfaces. Cisco IOS GET VPN is well documented at http://www.cisco.com/go/getvpn.
Virtual Private Networks (VPNs) provide a highly secure way for customers to share bandwidth over an ISP backbone network. A VPN is a collection of sites sharing a common routing table. A customer site is connected to the service provider network by one or more interfaces, and the service provider associates each interface with a VPN routing table. A VPN routing table is called a VPN routing/forwarding (VRF) table. VRFs are generally associated with MPLS based VPNs.
With the VRF-lite feature, multiple VPN routing/forwarding instances can be supported in customer edge devices. VRF-lite extends limited PE functionality to a CE device, giving it the ability to maintain separate VRF tables to extend the privacy and security of a VPN to the branch office. This also helps the customer to share the same CE for various internal departments while maintaining separate VRF table for each department.
Now, the intention of this document is to enable Cisco IOS GET VPN on the CE's VRF-lite interfaces. Cisco IOS GET VPN is well documented at http://www.cisco.com/go/getvpn.
Cisco ECT-Based Group Encrypted Transport VPN - Cisco Systems
Cisco ECT-Based Group Encrypted Transport VPN - Cisco Systems [Group Encrypted Transport VPN]
The Cisco IOS Software-based Group Encrypted Transport Virtual Private Network (Cisco IOS GET VPN) is a tunnel-less technology that provides end-to-end security for voice, video, and data in a native mode for a fully meshed network. It uses the core network's ability to route and replicate the packets between various sites within the enterprise. Cisco IOS GET VPN preserves the original source and destination addresses in the encryption header for optimal routing; hence, it is largely suited for an enterprise running over a private Multiprotocol Label Switching (MPLS)/IP-based core network. Cisco IOS GET VPN uses Group Domain of Interpretation (GDOI) as the keying protocol for encrypting and decrypting the data packets.
The Cisco IOS Software-based Group Encrypted Transport Virtual Private Network (Cisco IOS GET VPN) is a tunnel-less technology that provides end-to-end security for voice, video, and data in a native mode for a fully meshed network. It uses the core network's ability to route and replicate the packets between various sites within the enterprise. Cisco IOS GET VPN preserves the original source and destination addresses in the encryption header for optimal routing; hence, it is largely suited for an enterprise running over a private Multiprotocol Label Switching (MPLS)/IP-based core network. Cisco IOS GET VPN uses Group Domain of Interpretation (GDOI) as the keying protocol for encrypting and decrypting the data packets.
Dynamic Multipoint VPN (DMVPN) White Papers - Cisco Systems
Dynamic Multipoint VPN (DMVPN) White Papers - Cisco Systems
Cisco Unified Communications Voice over Spoke-to-Spoke DMVPN Test Results and Recommendations
Deployment of Cisco Enterprise Class Teleworker Solution
Integrated Easy VPN and Dynamic Multipoint VPN
Large Scale DMVPN Deployment: 7200 Server Farm Behind 7600
Migrating from Dynamic Multipoint VPN Phase 2 to Phase 3
Using FVRF and IVRF in DMVPN
Cisco Unified Communications Voice over Spoke-to-Spoke DMVPN Test Results and Recommendations
Deployment of Cisco Enterprise Class Teleworker Solution
Integrated Easy VPN and Dynamic Multipoint VPN
Large Scale DMVPN Deployment: 7200 Server Farm Behind 7600
Migrating from Dynamic Multipoint VPN Phase 2 to Phase 3
Using FVRF and IVRF in DMVPN
Cisco Group Encrypted Transport VPN - Cisco Systems
Cisco Group Encrypted Transport VPN - Cisco Systems
Cisco Group Encrypted Transport VPN provides the following benefits:
- Provides data security and transport authentication, helping to meet security compliance and internal regulation by encrypting all WAN traffic
- Enables high-scale network meshes and eliminates complex peer-to-peer key management with group encryption keys
- For Multiprotocol Label Switching (MPLS) networks, maintains network intelligence (such as full-mesh connectivity, natural routing path, and QoS]
- Grants easy membership control with a centralized key server
- Helps ensure low latency and jitter by enabling full-time, direct communications between sites, without requiring transport through a central hub
-Reduces traffic loads on customer premises equipment (CPE) and provider-edge (PE) encryption devices by using the core network for replication of multicast traffic, avoiding packet replication at each individual peer site
Cisco Group Encrypted Transport VPN provides the following benefits:
- Provides data security and transport authentication, helping to meet security compliance and internal regulation by encrypting all WAN traffic
- Enables high-scale network meshes and eliminates complex peer-to-peer key management with group encryption keys
- For Multiprotocol Label Switching (MPLS) networks, maintains network intelligence (such as full-mesh connectivity, natural routing path, and QoS]
- Grants easy membership control with a centralized key server
- Helps ensure low latency and jitter by enabling full-time, direct communications between sites, without requiring transport through a central hub
-Reduces traffic loads on customer premises equipment (CPE) and provider-edge (PE) encryption devices by using the core network for replication of multicast traffic, avoiding packet replication at each individual peer site
Cisco IOS IPsec White Papers - Cisco Systems
Cisco IOS IPsec White Papers - Cisco Systems
Cisco IOS IPsec/SSL VPN White Papers
Cisco IOS IPsec Accounting with Cisco IOS NetFlow
Cisco IOS Secure Multicast
Configuring a Virtual Tunnel Interface with IP Security
Configuring CBWFQ for IPSec VPN
Configuring CBWFQ with IPsec VPN Using GRE Tunnel
Configuring NAC with IPSec Dynamic Virtual Tunnel Interface
Configuring Per Site QoS for IPSec VPN using GRE Tunnel
Configuring Per Site QoS with IPsec VPN
Configuring QoS for Encrypted Traffic with IPsec
IPSec Virtual Tunnel Interface Configuration Guide
Remote-Access VPNs: Business Productivity, Deployment, and Security Considerations
Easy VPN White Papers
AAA Password Expiry in Cisco IOS EasyVPN
Cisco IOS Server Load Balancer Config for Dynamic Virtual Tunnel Interfaces
Configuring Cisco Easy VPN with IPSec Dynamic Virtual Tunnel Interface (DVTI)
Configuring Dual Tunnel with Cisco IOS Easy VPN Using Auto Configuration Update
Configuring Enhanced Easy VPN with Dial Backup
Configuring Group Bandwidth Management with IPSec Easy VPN
Configuring IPSec VPN--IPAQ with Movian client, Easy VPN Server
Configuring Tunnel Default Gateway Implementations
Configuring Tunnel Default Gateway on Cisco IOS EasyVPN/DMVPN Server
EFT Deployment Guide for Cisco Tunnel Control Protocol on Cisco EasyVPN
ISAKMP Profile Overview
SYSLOG Enhancements for Cisco IOS EasyVPN Server
Cisco Easy VPN
Configuring Cisco IOS Easy VPN Remote with Client Mode (PDF - 110 KB)
Configuring Cisco IOS Easy VPN Remote with Client Mode and Split Tunneling (PDF - 110 KB)
Configuring Cisco IOS Easy VPN Remote with Client Mode and Xauth (PDF - 110 KB)
Configuring Cisco VPN Client and Cisco IOS Easy VPN Server (PDF - 280 KB)
Configuring Cisco VPN Client and Easy VPN Server with Xauth (PDF - 310 KB)
Configuring Cisco VPN Client and Easy VPN Server with Xauth and Split Tunneling (PDF - 310 KB)
Voice Integration with Cisco Enhanced EasyVPN
Cisco IOS IPsec/SSL VPN White Papers
Cisco IOS IPsec Accounting with Cisco IOS NetFlow
Cisco IOS Secure Multicast
Configuring a Virtual Tunnel Interface with IP Security
Configuring CBWFQ for IPSec VPN
Configuring CBWFQ with IPsec VPN Using GRE Tunnel
Configuring NAC with IPSec Dynamic Virtual Tunnel Interface
Configuring Per Site QoS for IPSec VPN using GRE Tunnel
Configuring Per Site QoS with IPsec VPN
Configuring QoS for Encrypted Traffic with IPsec
IPSec Virtual Tunnel Interface Configuration Guide
Remote-Access VPNs: Business Productivity, Deployment, and Security Considerations
Easy VPN White Papers
AAA Password Expiry in Cisco IOS EasyVPN
Cisco IOS Server Load Balancer Config for Dynamic Virtual Tunnel Interfaces
Configuring Cisco Easy VPN with IPSec Dynamic Virtual Tunnel Interface (DVTI)
Configuring Dual Tunnel with Cisco IOS Easy VPN Using Auto Configuration Update
Configuring Enhanced Easy VPN with Dial Backup
Configuring Group Bandwidth Management with IPSec Easy VPN
Configuring IPSec VPN--IPAQ with Movian client, Easy VPN Server
Configuring Tunnel Default Gateway Implementations
Configuring Tunnel Default Gateway on Cisco IOS EasyVPN/DMVPN Server
EFT Deployment Guide for Cisco Tunnel Control Protocol on Cisco EasyVPN
ISAKMP Profile Overview
SYSLOG Enhancements for Cisco IOS EasyVPN Server
Cisco Easy VPN
Configuring Cisco IOS Easy VPN Remote with Client Mode (PDF - 110 KB)
Configuring Cisco IOS Easy VPN Remote with Client Mode and Split Tunneling (PDF - 110 KB)
Configuring Cisco IOS Easy VPN Remote with Client Mode and Xauth (PDF - 110 KB)
Configuring Cisco VPN Client and Cisco IOS Easy VPN Server (PDF - 280 KB)
Configuring Cisco VPN Client and Easy VPN Server with Xauth (PDF - 310 KB)
Configuring Cisco VPN Client and Easy VPN Server with Xauth and Split Tunneling (PDF - 310 KB)
Voice Integration with Cisco Enhanced EasyVPN
Sparkling - Sparkline-like statistic visualization tool (kwondoo.de)
kwondoo.de - Releases - Sparkling - Sparkline-like statistic visualization tool
Server Requirements:
- PHP5+
- GD graphic library
Features:
- Bar chart function
- Line chart function
- Pie chart function
See Statistics class finished, Pie Charts and Bar Charts for details.
Download Sparkling v0.22 here
Server Requirements:
- PHP5+
- GD graphic library
Features:
- Bar chart function
- Line chart function
- Pie chart function
See Statistics class finished, Pie Charts and Bar Charts for details.
Download Sparkling v0.22 here
Password Recovery Procedures - Cisco Systems
Password Recovery Procedures - Cisco Systems This page is an index of password recovery procedures for Cisco products. For security reasons, the password recovery procedures listed here require physical access to the equipment.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
- Recovering a Lost Password
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
- Recovering a Lost Password
Thursday, May 1, 2008
Grouping Using the Muenchian Method (Jeni's XSLT Pages)
Grouping Using the Muenchian Method (Jeni's XSLT Pages)
Grouping is a common problem in XSLT stylesheets: how do you take a list of elements and arrange them into groups. One of the most common situations in which it occurs is when you are getting XML output from a database. The database usually gives you results that are structured according to the records in the database.
Grouping is a common problem in XSLT stylesheets: how do you take a list of elements and arrange them into groups. One of the most common situations in which it occurs is when you are getting XML output from a database. The database usually gives you results that are structured according to the records in the database.
Subscribe to:
Posts (Atom)