Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a PIX-525 running version 6.3The PIX is configured for remote access vpn.Mobile users use cisco vpn client software to connect and access the corporate network resources.AAA Server is in place and is used in conjuction with xauth feature to au...
How to configure the FWSM so that it only supports SSL 3.0 and not SSL 2.0 which has many security vulnerabilities.I guess FWSM/PIX/ASA supports SSL/TLS.Thanks.
I have eight cisco 6509 switches interconected via EtherChannel's.VLAN 15 exists on each on of them and is in the allowed VLAN list on the etherchannel.My question is that if i start a local SPAN session ( to capture VLAN 15) on say switch 1,will thi...
My boot varaible on my 6509 is as under:BOOT variable = bootflash:cat6000-sup2k8.8-6-1.bin,1;bootflash:,1;CONFIG_FILE variable = slot0:switch.cfgConfiguration register is 0x10fignore-config: disabledauto-config: non-recurring, overwrite, sync disable...
I have a 3845 Integrated router.It is located at my corporate office and connects to the Internet ( e0).The branch office has a DS3 connectivity to it for internet acccess ( s0).I want to enable IPSec remote access on this router so that users can us...
Hey JG,Thanks for your response.The documentation that you have provided is using the Cisco ACS Server.I already have RSA ACE Server which provides TACACS Services.What i want is Authorization for my remote Access VPN Clients.My only question is - Ar...
Jon - I have a SecureID ACE Server which is providing the TACACS Services for authentication.But my point is that how would the PIX know which authenticated users have to be authorized.How do we enable it.Is there any command ( eg aaa authorization ...
Yeah,i also think that way but the Trunk-Ports ( Etherchannel) also carry VLAN 15.Any possibility that VLAN15 traffic from inter-conected switches also make way in the SPAN session.
Thanks.While doing some soul seraching on the subject,i came across a knowlegebase which adviced using the command : fixup protocol esp-ikeWhat are your thoughts on this?Which method would be better.Regards
