Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We have been running about 20 L2L VPN tunnels on our PIX for over a year. They have never had any problems establishing tunnels when a ping (or any interesting traffic) is sent from either end. Recently, without any changes to our config, we are not ...
I am having an issue with a VPN connection that I have.. I have a VPN set up to allow all hosts in a /24 subnet to work across from a single host on my side. From the host on my side, I am able to ping to and access some of the hosts on the other sid...
I need to set up my PIX to route from my DMZ (10.10.50.0/24) to a network (192.168.10.0/24) that is connected to a switch on the inside network (10.10.100.0/24) via a router. The switch (10.10.100.2)on the inside network has a static route to the 192...
I am currently running a PIX 515e software version 7.1(1). I am currently using a 255.255.255.192 subnet for my public addresses for static NAT. I am running out of addresses and would like to add another block of IPs from my ISP. If they are unable...
This would be outside coming in. I know that there is a ton of IP space to block, I could do it with a bunch of access lists using class A or B subnets assigned to RIPE, APNIC,LACNIC, and AfriNIC but I was wondering if there was some easier way?Thank...
It is possible to do but I can't remember all the commands... this link may point you in the right direction... http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807ea936.shtmlThanks,Brandon
I think your best bet would be to relay your outgoing smtp traffic back out through your email filter device. I believe that you will get an error if you try to use the same IP in a static and global.
We actually figured this out... the problem was that a server behind the firewall had a PAT entry in the Xlate for port 500 so anything trying to connect to the PIX on that port was being forwarded to this machine instead of being handled by the pix....
