Network Security

I hate to post this but I am missing something simple. After restructuring our network I want to change the VPN 3000 concetrator to stop using DHCP and start using an internally configured address pool. I created the pool. I changed the check box ...

Hello, We have placed a 515E on our network and we want to be able to log who was what external IP address(or PAT port) when. It seems like a feature that everyone would use but for the life of me I can not figure it out. Have setup syslog but it d...

Hi,is it possible to make aggresive mode on a hostname identity isakmp tunnel?Regards, Sebastian

I could'nt get the output from the PIX firewall to my syslog server,below is the part of my show run config.My PC with syslog software running is 192.168.2.2.Pls advise.PIX Version 6.2(2)nameif ethernet0 outside security0nameif ethernet1 inside secur...

I'm trying to test with my PIX before its introduction soon. I've tried mirroring the traffic destined for our current FW, to the Ethernet0 of the PIX, and ensured that traffic was present. However, there's no syslog output at all. I'm doing this ...

installing a redundant PIX 515's, on the outside want to keep the same address range and also keep the address range on the inside the same. for example 192.168.1.0/24 192.168.3.0/24 on the outside. the inside addressing 192.168.1.0/24 and 192.168.3....

What's the difference between xlate and conn timeout? If xlate timeout is 3 hours and conn timeout is 1 hour. An idle tcp connection will always be timed out by conn timeout? Am I wrong?Best Regards.

FIREWALL PIX AND CISCO 827H POSIBLE?THANK YOU

Hi ppl,I am trying to ftp from a LAN behind a firewall to our HQ which is running a PIX 5.1. We have created an acl to allow my source ip (1.1.1.1)to the ftp server (2.2.2.2). But i got connection timed out. My syslog only shown the following <87>Feb...

I'm a little confused with most of the documentation I found on the Cisco website. In some documentation, they should if you are going from inside to dmz, then use Static (inside, dmz) 172.18.1.0 172.18.1.0 netmask 255.255.255.0In other docs, use NA...

I have a router 827, connected to my dsl, the ethernet0 address is a real world ip address, This is connected no problems and i have no nat or access-lists on this, there is a crossover cable from ethernet0 to the outside ethernet of the pix i have, ...

Here is our current layout. MSR 8540 - CAT5000 - PIX 525 - CAT2950 - HOSTSI have replaced the PIX 525 from the picture with a PIX 515 with exactly the same config. After I have repalced the firewall, everything went fine except some internal hosts ca...

I use pix 506. When I config the tandberg endpoint at inside to network and opened the standard tcp/udp port which provided by the vendor. It can call out or in. However, when I enable the encryption option at tandberg endpoint to encrypt the meeting...

Does anyone know of any third-party private sites that compile information on performance-tuning of the PIX? I'm looking for something along the lines of http://www.phoneboy.com -which deals with CheckPoint FW-1.I need to know the bare-bones of what...