What is the correct access-list for this 2 networks on site-site VPN 172.16.1.0 255.255.255.254 172.26.4.0 255.255.255.0my access-list is as follows from 172.26.4.0 routeraccess-list 101 permit ip 172.26.4.0 0.0.0.255 172.16.0.0 0.0.1.255access...
I am getting ready to apply the service pack to my IDSM and I have the Cisco Press "Cisco Secure Intrusion Detection System. My IDSM is currently at version 3.0(3)S13 and I want to upgrade to the new ver. 3.0(4)s20. I changed the boot device and did ...
I just applied S24 today to my hpux director and everything seems to work ok -- but the sapd log serialization (ftp push) doesnt seem to be working. The config files look the same, there are no sapd errors -- it moved the logfile to /usr/nr/var/tmp ...
I have strange problem with vpn client 3.5.2 when connecting to PIX 6.0when I use pre-share auth I can use DES encription. When I configure client to use MS certificate DES policy is not sent via IKE but only 3DES and PIX does not find a match. MS g...
HI,I' VE CONFIGURED A VPN LAN TO LAN FROM A PIX 506 [ VER 6.1(1) ] TO A PIX 515 [ VER 6.2(1) ]. ON THE 515 I' VE CONFIGURED THE "SYSOPT CONNECTION PERMIT-IPSEC", ON THE 506 NO! AND, CLEARLY, THE IPSEC DOESN'T WORK! IF I PUT A "CONDUIT PERMIT IPS...
I have created PPTP and VPNclient3.5.2 to cisco 2600, can i use the same Local LAN address on the address pool for the outside client?any suggestion would be appreciate.
We are apparently getting hit by someone data mining our web site with an automated script. Because it appears to be "legitimate" traffic, nothing is blocking it. A sniffer trace shows a GET request every .005 seconds from a single IP address. Is...
Does anyone have a link to a recommended ACL to use for blocking the IMs with IOS versions prior to 12.x.x ? Blocking the 5190, 505, etc... doesn't seem to stop the IM client.
I had abandoned use of PDM v1 because it was unable to deal with aliases. Most PIX installations we deal with require aliases.I recently got around to upgrading to PDM v2 after IOS upgrade to 6.2. It appears PDM v2 is also unable to deal with alias...
I have static mappings from my inside private addresses to their corresponding outside public addresses on a PIX 6.1 and am using access-lists to allow http access to certain servers on the inside. I can access the web pages fine from outside the pix...
I have a situation where a client with a PIX-515-UR is considering adding a failover unit.Question: Will a 515E function in conjunction with a 515(non-E), or will the older unit have to be replaced?
I'm configuring a PIX in a test bed. Its Currently set yo with a Win2K Server Behind the PIX, The Server behind the PIX and get out and Surf the Web.From a client on the outside I can connect to the PIX via Win2K DUN PPTP and have it register the com...
If you have source configuration information for using RSA SecurID tokens and a 3005 concentrator, I would be very glad if you could post it as a reply to this thread. We have a working RSA ACE/Server, and now need to move to full implementation with...
In our net we have approx. 30 C2924-XL and 10 C3524-XL switches, and one layer 3 (C4908G), all in one extended star topology. (No hub's)If I have a Sniffer on a workstation in one end of the net, I can se traffic from the other end of the net, eg. we...
