Other Security Subjects

HiI have a webserver www.aaa.bb insinde (IP p.p.p.11) and a DNS server also inside (IP p.p.p.10)DNS A record for www.aaa.bb is p.p.p.11.I use the DNS rewrite option for the static translation from p.p.p.11 to o.o.o.11If I do nslookup outside, www.aaa...

Hi guys.I have a configuration like thisnat (ins) 1 int Nat (ins) 0 acl nonatand also acl nonat permit ip from lan 1 to lan 2 The question is that this scenario does not work. I mean the pix will translate the inside host that goes to lan 2 to the in...

I am trying to get this to work. Although I see Cisco doesn't recommend deny statement in the ACL for NAT exemptions.nat (inside) 0 access-list no-nataccess-list no-nat line 1 deny ip host 172.25.0.180 any access-list no-nat line 2 deny ip host 172....

I am having troubles getting a client(v.4.0.5) to connect to our pix501. The client times out at the "Securing Communications channell" portin. The log shows "Sev=Warning/3 IKE/0xA300004B Received a NOTIFY message with an invalid protocol id (0)". ...

Current design isDevice to be encrypted-3030-Internet-3002-router-router-device to be encryptedIs this possible? Does the 3002 have to be on the same network as the traffic to be encrypted?Traffice seems to be getting to the 3030, but I am unable to ...

Hi, Can someone please tell me what ports need to be opened (inbound & outbound) in a Pix firewall in order to allow public Netmeeting clients to make VOIP calls via a gatekeeper (the gatekeeper is behind the PIX which has the fixup H323 protocol ena...

We want to let clients from a more secure interface to start sessions to servers in a less secure interface. We want the clients to reach the server with no nat, that is, to maintain the same source address. We are using the PDM to configure the pix,...

I would like a example using object-group service using name managementfor services : ssh,dns,ntp,ldap,syslog,snmp,smtpthen apply it from lower security30 (dmz1) on 10.30.44.0 to a higher (inside) security100 10.30.31.0

Where can i find the software image for firewall service module. The version must be 1.1.2. I cannot find it on the cisco download website. I will appreciate your help. Thanks

Hi,I am using a Pix 501 ver 6.2.2I am running a Web server, Mail server and allow internal clients internet access.I can't access our website www.superfoodsuk.com form inside our network using this URL. When I try this from outside the network this ...

i am still learning acl's and im trying to understand how to write out an ACL containing the following rule:-i have been given a network address 201.0.0.0/24 for a server pool outside of my LAN. the server pool addresses are divided in half. the serv...

hi all,I search MIBs for monitoring my VPN IPSec... because in datasheet about IOS 7 talks about new MIB.Thanks

how to allow range of tcp/udp ports in static natting.??my requirement is ,to allow only ports between 5000 to 7000.on local machine. how to configure the router for static natting so that we can access above mentioned ports from out side world.

Hello team,I have Pix 501 configure as dhcp.outside interface is: ip address outside dhcp setroute (Which translate off of 10.1.1.3)Inside interface is : ip address inside 192.168.1.0 255.255.255.0 0 0.I'm able to pdm locally 192.168.1.1 but can't p...