Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,since a few days ago I'm receiving strange failover messages on my syslog server.The topology is :2 pixes 525 running version 8.0.4, routed mode, single contextThey're are connected using the typical serial failover cable and an ethernet inter...
Hello I would like to configure traffic shaping on wan to wan of 2 PIXes ( vpn site 2 site ) running 8.0.4 versionRemote Topology :100 Mbps Inside ( dot1q interfaaces : some vlans + voice vlan )100 Mbps Interface Outside : single interface using vpn ...
Hello,Is it possible to configure an SSL based VPN conection for PIX 8.0.4 ( latest release for PIX hardware ).I saw that the webvpn command is not available.I have standar vpn clients connected but I would like to know if this hardware is compatible...
Hello,Is it possible to configure a dynamic dns-based incoming access-list ?I want to allow a dynamic dns host to access to one hostExample : access-list outside permit tcp host test.dyndns.org host 10.0.0.1 eq sshThank you very much.
Hi !you must bypass nat overload on router to remote network.You have a rule that translates all your 192.168.0.0/24 to the wan interfaceip nat inside source list NAT-ADDRESSES interface GigabitEthernet0/2 overloadip access-list standard NAT-ADDRESSE...
Hi !CRYPTO-6-IKMP_MODE_FAILURE means a isakmp policy mismatch ( that's we're trying ) and/or pre-shared key.Ok, try to reconfigure the isakmp policy :conf t!crypto isakmp policy 2 encr des authentication pre-share group 1!Clear phase 1 tunnels and tr...
Hi ! on the router side there is no encryption defined in the isakmp policy :crypto isakmp policy 2 authentication pre-sharecrypto isakmp key xxxx address 63.240.91.172On the ASA's side you have :crypto isakmp policy 10 authentication pre-share encry...
Hello Prapanch,Thanks for your answer.There's no duplex mismatch, both sides ( PIX and switch ) are configured in 100 Full, then a bursty traffic is the most probable explanation.I think that my hello packet polling is very aggressive, 5 seconds.I se...
