HP TC1100 and the iPad

I’ve had a TC1100 for a while now. I just decided to get a new battery since the old one wouldn’t hold any charge. So as I sit here using it with Win7 it occurs to we that this is pretty much the exact same size as the iPad. Sure its a little thicker but the screen is the same. Even down to the bezel. So whats different? For one thing this requires a pen. This is a good thing and bad. The handwriting recognition isn’t too bad but I do have to fix things sometimes. Plus everything requires the pen. Sometimes it would be nice to just flick something with my finger. So, despite being a really cool form factor I can see how the iPad would be alot easier to use.The lack of camera really annoys me but maybe I can live without that after all. maybe…

Fixing a weird Cisco syntax error

Ran across this tonight. Someone had entered a prefix-list with the name “at&amp ;t” instead of “at&t” (wordpress didn’t like it either so I added the space between the p and the ; but they should really be together.

Oddly enough, IOS wouldn’t allow the bad line to simply be deleted. The “;” had to be removed so that the no command included “at&ampt”

Probably some sort of a regex problem or an ascii escape character but it’s still kind of strange.

Cisco IPS doesn’t like ICMP redirects

I’ve been trying to figure out why a pair of Cisco IPS (AIP-SSM in this case) wouldn’t auto-update signature files or connect to the new Global Correlation feature. The management interfaces were located on a subnet that was between the firewall and the internal L3 switch. The internal LAN’s are on the other side of the switch.

I’ve known for a long time that Cisco ASA’s don’t support sending ICMP redirects. Because of this the IPS’s default gateway couldn’t be set to the FW interface. If I did that they would never be redirected to reach the internal networks. I’ve never had a problem with IOS doing ICMP redirects though, so the IPS’s have been using the switch VLAN interface as the default gateway. The switch sends ICMP redirects when the IPS needs to get out to the internet and the traffic goes direct to the firewall.

Except it doesn’t. I could swear it did at one time in the past. Either my memory is faulty or an image update on the IPS broke it. Now, it seems the IPS tosses ICMP redirects. My guess is it worries about man in the middle attacks and and ICMP redirect is a possible sign of that. So even though the switch is doing the correct thing the IPS disregards it.

Moved the IPS management interface to one of the internal LAN’s and all is happy now.