We are about to install a router in 3rd part office. How do I secure the Console and Aux ports? I have the ports password protected, and have restricted traffic to specific host pairs using access list etc, but I would like to take it just that sta...
MisterI have PIX with version 6.2 . Without alias command , i get access by only ip address , noy by name , from Inside . But , when I put the "alias" command , loose all access at DMZ , except ping .But telnet , and web not function , event with the...
i am working on an IP/FW ios on a 2651...am having problem configuring the firewall part..my temporary solution just to keep them online is to disable the firewall feature on the ios.....could anyone tell me how to do this?thx.
Dear All,According to Bug ID CSCdw86558 , number of filter that is allowed to be created on a VPN3000`s internal is limited to "100" for all of VPN3000 series. Does anyone have any informations when this bug will be fixed ? Any consideration to up th...
I know that IDSM occupied a slot on Catalyst 6000 and it permits to monitor traffic on a monitoring port directly on the backplane.So my questions are:-have i some limits in SPAN session, as i only have one destination port?-Can i monitor different t...
My company has obtained additional public ip's but they are not contiguous to our original ip's. Is there are way to configure ethernet0 to use more than a single public ip? If so how? I am using a pix 515 with version 5.2(6). Thanks.
hi,trying to make my outside interface full duplex 100MB instead of auto negotiating. Every document in the world uses auto.what do i need to put in here?interface ethernet0 [<hw-speed>]thanks in advance,
I need to setup static NAT in order for a host on our network to communicate with a host on another network. Below is my setup;Our Host----------Our Router------------------Their Router-----------Their Host10.5.1.5 FA0:10.5.1.2 ...
Hello, Have anyone tried to implement the filter function of the IDS MC on an IDSM? I just tried to set up couple of filters and applied it to the IDSM but I am still seeing the excluded signatures showing up on my eventfile. Any ideas?Thank...
This signature keeps alarming on incoming Cerfnet addresses. I'm going to iplog and analyse the data but in the mean time, is anyone else experiencing the same? Here's some samples:1/21/2003 | 10:39:03 | OUT | IN | 4613 | 63.241.203.113 | x.x.97.1...
I have configured a vpn 3000 concentrator to pix 501. Initially I have configured both ends to allow allow an octet of my IP address pool in both locations to pass through the tunnel. Unfortunately, recently I need to allow the entire subnet access t...
If you configure "ip inspect name <inspection-name> http" command globally on a router with firewall ios software but do not configure a standard access-list, websites accessed with embedded java applets, that are blocked, become extremely slow to ac...
HiI read this in a book, not sure how correct it is, just wondering if someone could advise.~~~~~~~~~~~~~~~~~~~~~~~~The DH is used to protect the IPSec tunnel setup process. The DH tunnel is used to encrypt the IPSec negotiations that are required be...
Hi,Did someone can explain what is the usage of this "no-alias" keyword in the nat command.I have checked the Command Reference, but, the explanation is brief....(see hereunder).--------------------------------------------------------------------(Opt...
