About patrickavery

patrickavery · 11-15-2006

What is the correct way to implement stateful firewall inspection using CBAC? I recently used the following configuration to permit outbound web and other traffic to work through my IOS firewall.ip inspect name SDM_LOW tcpip inspect name SDM_LOW udp...

patrickavery · 08-01-2006

Is it possible to copy a VPN group? I am attempting to implement SDI authentication and want to copy my 8 groups and simply change the authentication method. The old groups need to remain until my pilot is complete.

patrickavery · 11-27-2006

When I first began having this issue I was running c2800nm-adventerprisek9-mz.124-10. I have since then switched to c2800nm-advsecurityk9-mz.124-3g. Changing to the only GD code for 12.4 Security didn't help.

patrickavery · 11-20-2006

I tried that as well. Realize the only difference between suggestions and original config are the placement of the inspect statements. I'm pretty sure they are equivelant. Anyhow, no dice.Here is exactly what I have.ip inspect name SDM_LOW tcp tim...

patrickavery · 07-27-2006

No it doesn't need to be manual.On the Firebox I assume you associate each IPSEC peer with a particular access list like you would on a PIX firewall VPN. So on the router in Site A, you can setup 5 other peers that have associated ACLs(from Net A to...

patrickavery · 07-27-2006

Sounds to me like nothing special will be required to direct downed routes out the IPSEC tunnel.For instance if you have a route via OSPF to Net A for Site A, once the OSPF neighbor is lost the route to Net A is gone. So, the site router would need ...

Member Since	‎07-27-2006 07:44 AM
Date Last Visited	‎08-18-2017 03:53 AM
Posts	6

User Statistics

User Activity

stateful firewall problems (IOS)

VPN Concentrator - Copying VPN Group

Re: stateful firewall problems (IOS)

Re: stateful firewall problems (IOS)

Re: Network Redundancy Design Question

Re: Network Redundancy Design Question