Index

Numerics
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X

Numerics

: 100basetx 5 - 50
: 10baset 5 - 50
: 3Com 10/100 Ethernet network interface card 2 - 39

A

aaa authentication enable console, syslog messages 5 - 61

aaa command 5 - 2

aaa-server command 5 - 9

abbreviating commands 1 - 13

access

: control list 5 - 76
: limiting 2 - 34
: lists 1 - 5
: modes 1 - 13

AccessPro router 5 - 89

ACT indicator light, PIX 515 3 - 1

ActiveX blocking 3 - 7, 5 - 11, 5 - 40

Adaptive Security Algorithm (ASA) 1 - 2, 1 - 5

address translations 5 - 72

administer PIX Firewall from remote location 4 - 24

age command 5 - 55

alias command 5 - 11

alias option to arp command 5 - 14

apply command 5 - 75

ARP 5 - 38

arp command 5 - 14

authentication and authorization, user 2 - 36

authentication, authorization, and accounting 5 - 2

auth-prompt command 5 - 15

B

: blocking ActiveX objects 3 - 7
: buffer allocation, interface 5 - 50

C

CCO upgrades 2 - 3

CiscoSecure 5 - 115

CiscoWorks for Windows 3 - 10

clear blocks command 5 - 90

clear uauth command 5 - 115

clock command 5 - 16, 5 - 63

command

: aaa 5 - 2
: aaa-server 5 - 9
: age 5 - 55
: alias 5 - 11
: apply 5 - 75
: arp 5 - 14
: auth-prompt 5 - 15
: clear blocks 5 - 90
: clear uauth 5 - 115
: clear xlate command 5 - 126
: clock 5 - 16
: conduit 5 - 17
: configure 5 - 22
: debug 5 - 25
: disable 5 - 28
: enable 5 - 29
: enable password 5 - 30
: established 5 - 32
: exit 5 - 35
: failover 3 - 1, 5 - 36
: fixup protocol 5 - 43
: floodguard 5 - 45
: global 5 - 46
: help 5 - 48
: hostname 5 - 49
: interface 5 - 50
: ip address 2 - 12, 5 - 53
: kill 5 - 54
: link 5 - 55
: linkpath 5 - 55
: logging 5 - 59
: monitor 6 - 2
: mtu 5 - 68
: name 5 - 69
: nameif 2 - 10, 5 - 71
: names 5 - 69
: nat 5 - 72
: outbound 5 - 75
: pager 5 - 80
: passwd 5 - 81
: perfmon 5 - 82
: ping 5 - 83
: quit 5 - 84
: radius-server, replaced by aaa-server 5 - 9
: reload 2 - 6, 5 - 85
: rip 5 - 86
: route 5 - 87
: service 5 - 88
: session 5 - 89
: show 5 - 90
: show blocks 5 - 90
: show checksum 5 - 91
: show conn 5 - 91
: show history 5 - 93
: show interface 5 - 50
: show ip 5 - 53
: show memory 5 - 93
: show processes 5 - 93
: show tech-support 5 - 94
: show traffic 5 - 94
: show uauth 5 - 115
: show version 5 - 95
: show who 5 - 122
: show xlate 5 - 126
: snmp-server 5 - 96
: static 5 - 98
: syslog 5 - 103
: sysopt 5 - 104
: tacacs-server, replaced by aaa-server 5 - 9
: tcpchecksum 5 - 107
: terminal 5 - 111
: tftp-server 5 - 112
: timeout 5 - 113
: url-cache 5 - 116, 5 - 119
: virtual 5 - 119
: who 5 - 122
: write 5 - 123

command line

: editing 1 - 14
: prompt 5 - 49

command output paging 1 - 14

communications, encrypted 3 - 11

compiling Cisco SMI MIB and syslog MIB 3 - 10

conduit command 5 - 17

conduits 1 - 5, A - 7

configuration

: mode 5 - 23
: PIX Firewall units for failover 3 - 4
: rechecking 2 - 37
: size 1 - 14

configuration example

: multiple servers 4 - 6
: Private Link 3 - 12
: six interfaces with NAT 4 - 20
: three interfaces with NAT 4 - 12
: three interfaces without NAT 4 - 10
: two interfaces with NAT 4 - 4
: two interfaces without NAT 4 - 2

configure command 5 - 22

connection

: slot flags 5 - 92
: state information 1 - 3

conns 5 - 92

console

: authentication 5 - 4
: session 5 - 26

contact, SNMP 5 - 96

control list 5 - 76

cut-through proxies 1 - 5

D

daisy-chain PIX Firewall units 5 - 5

debug command 5 - 25

default password 5 - 30

default route

: broadcast 5 - 86
: router and hosts 2 - 6

disable command 5 - 28

diskette 5 - 23

disk-full condition, recovering from 2 - 32

download upgrades 2 - 3

downloading image, TFTP 6 - 2

E

editing command lines 1 - 14

EIGRP B - 1

embryonic connection 5 - 72

enable command 5 - 29

enable password command 5 - 30

encryption

: card and software, Private Link 3 - 11, 5 - 55
: key 5 - 9

enforcesubnet 5 - 104

ESMTP commands rejected by Mail Guard 5 - 44

established command 5 - 32

Ethernet 5 - 50, 5 - 71, 5 - 105, 6 - 1

examples

: multiple servers 4 - 6
: six interfaces with NAT 4 - 20
: three interfaces with NAT 4 - 12
: three interfaces without NAT 4 - 10
: two interfaces with NAT 4 - 4

exit command 5 - 35

F

failover

: command 5 - 36
: configuring on Active unit 3 - 4
: frequently asked questions 3 - 5
: interface tests 3 - 6
: saving configuration of Active unit on standby unit 3 - 2
: stateful 5 - 36
: syslog messages 3 - 6
: syslog messages, SNMP 3 - 10
: timeout feature 5 - 36
: upgrading 3 - 3

failover command 3 - 1

fault detection within failover PIX Firewall units 3 - 5

FDDI network interfaces 1 - 6

filtering

: ActiveX 3 - 7
: URL 3 - 8

FIN 5 - 92

fixup protocol command 5 - 43

flags, conn and xlates 5 - 92

Flash memory

: determining size with the show version command 5 - 95
: write configuration to 5 - 124

Flood Defender 5 - 45

floodguard command 5 - 45

four interfaces, nameif command 2 - 11

Frag Guard 5 - 104

fragmentation 5 - 104

FTP 3 - 8, 5 - 43

full duplex 5 - 50

G

: global command 5 - 46
: global IP addresses, associating network with 5 - 72
: GRE 2 - 25, 5 - 20

H

H.323 5 - 43, 5 - 102, 5 - 113

hardware

: address 5 - 14
: ID 5 - 50
: speed 5 - 50

help command 5 - 48

help, command line 1 - 16

host, SNMP 5 - 96

hostname command 5 - 49

HTML <object> tag blocking 3 - 7

HTTP 5 - 43

HyperTerminal, configuring 2 - 2

I

IANA URL 1 - 19

ICMP trace 5 - 25, 5 - 26

IDENT 5 - 88

interface

: buffer allocation 5 - 50
: command 5 - 50
: identifying 2 - 10
: name 5 - 71

Interrupt vector, interface cards 5 - 51

ip address command 2 - 12, 5 - 53

IP Frag Guard 5 - 106

IPSec encryption cards 3 - 11

J

: Java applets 3 - 7, 5 - 75, 5 - 78, 5 - 92

K

: key, authentication 5 - 9
: kill command 5 - 54

L

: LEDs, PIX 515 6 - 1
: line protocol up and down 5 - 51
: link command 5 - 55
: link up and link down 5 - 51
: link up and link down, SNMP 3 - 10
: linkpath command 5 - 55
: LINUX default route 2 - 8
: list ID 2 - 35
: literal names 1 - 17
: LOCAL0 - LOCAL7 2 - 33, 5 - 60
: location, SNMP 5 - 96
: logging 2 - 32
: logging command 5 - 59

M

MAC address 5 - 14, 5 - 51

MacOS default route 2 - 8

Mail Guard

: disabling 5 - 44
: feature description 1 - 6

MD5 authentication 5 - 55

MD5 authentication, Private Link 3 - 13

memory, OS and free 5 - 93

MIB file, updating 3 - 10

MIB-II groups, SNMP 3 - 9

Microsoft

: Exchange C - 1
: MS-Exchange advisory for Mail Guard 5 - 44
: Windows 95 and 98 default route 2 - 8
: Windows 95 or NT 2 - 2
: Windows NT default route 2 - 8

monitor command 6 - 2

MSRPC C - 4

MSS 5 - 104

MTU 2 - 39, 5 - 51

mtu command 5 - 68

MTU, linkpath 5 - 55

multimedia applications, supported 1 - 20

N

name command 5 - 69

nameif command 2 - 10, 5 - 71

names command 5 - 69

nat command 5 - 72

net alias 5 - 11

net static 4 - 8

NETBIOS over IP 1 - 7

netstat, setting a default route 2 - 8

Network Address Translation (NAT), See nat command

newsreaders 5 - 7

NFS

: access 4 - 8
: testing with showmount 4 - 8

norandomseq 5 - 72, 5 - 98

O

: object <object> tag blocking 3 - 7
: Oracle SQL*Net 5 - 25
: outbound command 5 - 75

P

packet trace 5 - 25

packets, received and sent 5 - 51

pager command 5 - 80

paging screen displays 1 - 14

passwd command 5 - 81

password, default 5 - 30

PCNFSD, tracking activity 4 - 8

perfmon command 5 - 82

PFSS 5 - 65

physical address 5 - 14

ping and ICMP trace 5 - 25

ping command 5 - 83

pings and AAA 5 - 8

PIX 515

: feature description 1 - 7
: LEDs 6 - 1
: upgrading activation key 6 - 5

PIX Firewall

: boot diskette, use for system recovery 2 - 5
: failures on failover units 3 - 5
: forcing to be active or go to standby 3 - 3
: image 2 - 3
: monitoring performance 5 - 82
: reboot and reload 5 - 85

PIX Firewall Manager (PFM) 2 - 3

PIX Firewall Manager, set password 5 - 81

PIX Firewall Syslog Server (PFSS) 2 - 3, 5 - 65

port literal names 1 - 17

port, outbound 5 - 75

portmapper 5 - 20

PPTP 2 - 25, 5 - 20

primary unit for failover 3 - 2

Private Link 5 - 55

AH/ESP frame 3 - 11

configuring 3 - 12

enabling 3 - 11, 5 - 55

encryption keys 3 - 12

feature description 1 - 7

md5 option 3 - 13

paths 3 - 11

Telnet

: configuration 5 - 109

privileged mode, start 5 - 29

prompt host name label 5 - 49

protocols 1 - 19, 5 - 43

Q

: quit command 5 - 84

R

RADIUS 5 - 2, 5 - 7

radius-server, replaced by aaa-server command 5 - 9

rawrite.exe, conversion utility 2 - 5

recovering from disk-full condition 2 - 32

redirect 5 - 19

reload command 2 - 6, 5 - 85

rip command 5 - 86

route command 5 - 87

router, in PIX Firewall 5 - 89

router-advertisement 5 - 19

RPC

: conduit 5 - 20
: MSRPC C - 4
: slot 5 - 113
: Sun 4 - 8
: testing with rpcinfo 4 - 8

RSH 5 - 43

S

saving configuration before upgrading 2 - 1

screen paging, enabling or disabling 5 - 80

security level

: assigning 5 - 71
: defaults 5 - 71

security level, values 2 - 12

service command 5 - 88

session command 5 - 89

show blocks command 5 - 90

show checksum command 5 - 91

show command 5 - 90

show conn command 5 - 91

show history command 5 - 93

show interface command 5 - 50

show ip command 5 - 53

show memory command 5 - 93

show processes command 5 - 93

show tech-support command 5 - 94

show traffic command 5 - 94

show uauth command 5 - 115

show version command 5 - 95

show who command 5 - 122

show xlate command 5 - 126

showmount 4 - 8

SMTP 5 - 43

SNMP

: configuring 3 - 9
: contact, location, and host 5 - 96
: object ID (OID) 3 - 9, 5 - 97
: read-only (RO) values 3 - 9
: SNMPc (Cisco Works for Windows) 3 - 10
: syslog Enterprise MIB 3 - 10
: traps 3 - 9

snmp-server command 5 - 96

Solaris default route 2 - 7

source-quench message type 5 - 19

SQL*Net 5 - 25, 5 - 43

state information 1 - 3

stateful 1 - 2

stateful failover 5 - 36

static command 5 - 98

static translation 1 - 3

subnet masks D - 1

Sun RPC 4 - 8

SunOS default route 2 - 7

syslog 3 - 6

: command 5 - 103
: Enterprise MIB 3 - 10
: log file, UNIX 2 - 34
: message levels 2 - 33
: messages 2 - 32, 5 - 64
: MIB files 3 - 10
: server 5 - 65
: SNMP 3 - 10
: syslog.conf file (UNIX host) 2 - 34
: UNIX system, configuring 2 - 33
: viewing messages from console 5 - 62

sysopt command 5 - 104

system recovery, PIX Firewall boot diskette 2 - 5

T

TACACS+ 5 - 2, 5 - 7

tacacs-server, replaced by aaa-server command 5 - 9

TCP

: maximum segment size 5 - 104
: port literals 1 - 17
: randomizing packet sequence number 5 - 72

tcpchecksum command 5 - 107

tcpclose 5 - 104

tcpmss 5 - 104

Telnet

: configure console access 2 - 21
: console access 5 - 4
: console, debug 5 - 26
: console, syslog 5 - 62
: icmp trace 5 - 26
: interface 1 - 8
: set password 5 - 81
: terminating 5 - 54
: timeout feature 5 - 108
: Trace Channel 5 - 26

terminal command 5 - 111

terminology 1 - 21

TFTP

: configuration 5 - 23, 5 - 112, 5 - 123
: error codes 6 - 2

tftp-server command 5 - 112

time stamps 5 - 61

TIME_WAIT state 5 - 104

time-exceeded 5 - 19

timeout command 5 - 113

timewait 5 - 104

Token Ring 5 - 50, 5 - 71, 5 - 105

Trace Channel 2 - 23, 5 - 26

trace ICMP, SQL*Net, and packets 5 - 25

translation slots

: flags 5 - 126
: UDP, RPC, H.323 5 - 113

translations of addresses 5 - 72

traps, SNMP 3 - 9

Trivial File Transfer Protocol (TFTP) 6 - 2

troubleshoot PIX Firewall from remote location 4 - 24

U

uauth 5 - 115

UDP

: connection state information 1 - 3
: idle time until slot is freed 5 - 113
: port literals 1 - 17
: portmapper 5 - 20

UNIX

: creating a bootable disk from 2 - 6
: syslog configuration 2 - 33

UNIX, getting console terminal 2 - 2

upgrades, downloading 2 - 3

upgrading failover 3 - 3

upgrading, before 2 - 1

URL

: filtering 3 - 8
: logging 3 - 8

url-cache command 5 - 116, 5 - 119

user authentication and authorization, providing 2 - 36

user authentication, authorization, and accounting, providing 5 - 2

V

: video conferencing applications, supported 1 - 20
: virtual command 5 - 119

W

: WebSENSE server 5 - 116
: who command 5 - 122
: Windows HyperTerminal 6 - 2
: winipcfg, view default route 2 - 8
: write command 5 - 123

X

: xlate (translation slot) 5 - 113, 5 - 126

Table of Contents