I’m not going to go into great detail here about what an Access Server is, just how to configure one. I recently purchased a Cisco 2509-RJ and for the life of me could not get a connection through it to another device. I google’d for almost an hour before I finally came upon the answer.
With respect to the command “ip host SW1 2001 10.1.1.1”, it’s important to note that the last digit for the port parameter (2001 in this case) refers to the line number the device is connected to. In the case above, the telnet connection will be made from port 2001, to line number 1.
One would figure that would be documented better than it actually is.
Example configuration:
AS1#show run
Building configuration…
00:22:01: %SYS-5-CONFIG_I: Configured from console by console
Current configuration : 635 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname AS1
!
enable secret 5 <OMITTED>!
ip subnet-zero
no ip domain-lookup
ip host SW1 2001 10.1.1.1
!
!
!
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
no ip address
shutdown
!
no ip http server
ip classless
!
line con 0
logging synchronous
line 1 8
modem InOut
no exec
transport input all
line aux 0
line vty 0 4
password password
login
!
end
While browsing for the usual stuff last night, I came upon the following web page:
http://www.example.com/
A quick Whois look up reveals:
[Querying whois.iana.org]
[whois.iana.org]
IANA Whois Service
Domain: example.com
Name: IANA_RESERVED
Registrant:
Unavailable
Administrative Contact:
Unavailable
Technical Contact:
Unavailable
Nameserver Information:
Nameserver: a.iana-servers.net.
IP Address: 192.0.34.43
Nameserver: b.iana-servers.net.
IP Address: 193.0.0.236
Nameserver: c.iana-servers.net.
IP Address: 139.91.1.10
The Internet’s version of “This space intentionally left blank”
I was installing Microsoft .NET 3.5 last night. It’s one of those online installers. Meaning the setup.exe file downloads the installation files from Microsoft, then installs it.
Once the download portion was complete, I saw the following screen:
I don’t think anyone disconnects and reconnects to the Internet anymore. This screen might have been OK in 1994, but today?
Funny stuff…
All too often I run into corporate anti virus solutions without any exclusions configured. Exclusions are critical to ensuring that the real time scanners do not interfere with crucial Windows or application functions.
When the real time scanner of any anti virus application scans a file prior to reading or writing it, it locks the file to ensure it has exclusive access. If Windows attempts to access this file while it is locked by AV, seriously bad things can happen. I’ve had to restore more than one Active Directory and Exchange database because of this. Sadly, each case could have been avoided.
What follows are the virus exclusions recommended by Microsoft. Below each list is a reference KB article discussing the topic in greater detail.
Feel free to add your comments or links to other recommended exclusions. I’ll keep this post updated to maintain a comprehensive listing.
All Servers and Workstations
- %windir%\SoftwareDistribution\Datastore
Reference: KB822158
Domain Controllers
- %windir%\ntds
- %windir%\ntfrs
- %systemroot%\sysvol
Reference: KB822158
Exchange Server
- Drive M (Only Exchange 2000)
- Exchsrvr folder
- %SystemRoot%\System32\Inetsrv
Reference: KB328841
IIS
- %systemroot%\IIS Temporary Compressed Files(IIS 6)
- %SystemDrive%\inetpub\temp\IIS Temporary Compressed Files (IIS 7)
Reference: KB817442
ISA Server
- Program Files\Microsoft ISA Server
Reference: KB887311
Sharepoint
- \Program Files\SharePoint Portal Server
- \Program Files\Common Files\Microsoft Shared\Web Storage System
- \Windows\Temp\Frontpagetempdir
Reference: KB320111
SQL Server
- SQL Server data files: *.mdf, *.ldf, *.ndf
- SQL Server backup files: *.bak, *.trn
- Full text catalog files
- Analysis Services: \Program Files\Microsoft SQL Server\MSSQL.X\OLAP\Data
- Analysis Services Backup: \Program Files\Microsoft SQL Server\MSSQL.X\OLAP\Backup
- Analysis Services Logs: \Program Files\Microsoft SQL Server\MSSQL.X\OLAP\Log.
- SQL Server Cluster
- Q:\ (Quorum drive)
- C:\windows\cluster
Reference: KB309422
Virtual Server
- Vssrvc.exe process (Virtual Server 2005
- Virtual PC.exe process (Virtual Server 2004)
- File type exclusions: *.vhd, *.vmc, *.vsv, *.vud, *.vfd, *.iso
Reference: KB840193
MSMQ
References:
I recently discovered something about Windows Server 2003 I had never seen before. It’s called Terminal Services Web Connection.
As a network consultant, I routinely connect remotely to servers inside my clients’ networks. The most frustrating part however, is when a client has more than one server.
If there is just one server you can simply NAT port 3389 through the firewall to that server, and RDP as you please. If the client has more than one, then I have to remote to the first server, then remote again to the other server.
This can be alleviated with Terminal Services Web Connection. It can be installed from the Add/Remove Windows Components control panel applet. You’ll find it under:
Application Server –> Internet Information Services (IIS) –> World Wide Web Service –> Remote Desktop Web Connection.
Once installed, maneuver to http://<servername>/tsweb
This page has but one field. Enter the server name you wish to connect to. Voila! Instant RDP connection to any server on the network!
Hope that helps
–cheers
The dates the PIX will stop being sold/supported have been released by Cisco.
See announcement below.
PIX EOS/EOL
Servers from HP, Dell, IBM and many other big name manufacturers, come with at least two or more Network Interface Cards built-in. Lately though, I have come to realize most network administrators do not know how to benefit from duel NIC’s. Frequently, one of the NIC’s are simply disabled or not cabled up. Occasionally, I will see a good effort made to make the most of it, but that’s pretty rare.
Read more…
Access Server Configuration
