Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Is there a way to upgrade ACS 2.4 to ACS 3.3 preserving the user and group databases ?Maybe I have to follow a path like 2.4 to 2.5 to 2.6 to 3.0 to 3.3, but I don't know.A hard upgrade from 2.4 to 3.3 doesn't give the wanted results. The installing...
I'd like to know wether it's possible to have a vpn tunnel ending on a DMZ interface rather then the inside interface of a 3-way pix. All configuration examples I found route the traffic from the VPN client somewhere on the internet to the inside int...
No, you don't need route commands.You could try the commands :debug crypto isakmpdebug crypto ipsecWhen you start the tunnel with traffic from one of the Lan's there should be a lot of logging output from both pixes. In that output, if any, you can s...
What you show us are private ip addresses. Does that mean you have routers in front of your pixes that use public ip addresses ? Or did you anonymize your config ?If 1, your routers should be correctly configured to let pass the ipsec/isakmp traffic...
Hi,It's a combination. The pix finds all locations a pdm session could start from. The http x.x.x.x x.x.x.x command decides who can actually use pdm.The PDM location lines are for bookkeeping. Documentation : Cisco Pix Firewall Command Reference ver...
Hi,I've seen this problem before. The device starts to boot and then hangs. My solution : take of the lid of the 506 and find the jumper. Remove it, place it back and boot your pix again. I should boot right now. Then start a Tac Case with Cisco to r...