Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Backup 501 ezvpn from 3030 to 515?We have several dozen PIX 501's using ezvpn to connect to our Head Office 3030 vpn concentrator. We are about to create a backup / failover site, but it will have a PIX 515e, not a 2nd vpn concentrator.I have now fou...
We are now performing monthly security audits via a 3rd party.Attached is a fragment showing our PIX and an example of the result from a non-existent IP. This is repeated multiple times for addresses that don't exist (but pass through the PIX).What c...
What am I missing?I'm following the PIX 501 to 3030 Lan-To-Lan doc, working on the 3030 side.When I go to fill in the IKE Proposal, I don't see any proposal with MD5 in it to chose from. I see multiple SHA ones. The MD5s are activated. I can see othe...
I have something like 60 PIX 501's coming into a 3.6.1 vpn 3030 concentrator. The session list mostly shows the inside network address of the PIX, but some only show '0.0.0.0'. There is a public address, and bytes are being transmitted and received. ...
See thread 'IPSEC ESP Bad Pad Length #2'I see VPN 3000 version 4 has a .zip of all messages.Event ID: IPSEC/18 Severity: 3 Event Text: IPSEC ESP bad pad length (%d) >= buffer length (%d) Explanation: An internal software error has occurred. Reco...
Thanks for your note, that's reassuring.What is the 'vpnclient management clear command'?'Public IP of the PIX 501' ... I take it then that the VPN Concentrator understands to send this through the tunnel - otherwise, given the public IP address, wou...
> To be clear, a PIX operating as an EZVPN Thanks, that helps.> the debugs you are trying to run Sorry, I mistyped, I meant 'dhcpr' when I typed 'dhcp'.My setup is as you indicated, but I'm not seeing any debug messages. Should I?Given your message, ...
For that matter ... how do I debug this?term monlogg buff debuglogg mon debugdebug dhcp packetdebug dhcp errordebug dhcp eventshows nothing.Further ...What's the easiest way to see any packets / debugs / messages on my 3030. (There is SO much traffic...
Evidently I am not alone - this thread is exactly what I'm in the middle of.Remember - THIS IS EASYVPN, THERE ARE 'NO' CRYPTO MAPS. (User configuratble.)Give the prior post, evidently the DHCP request is being sent to the provider, not down the tunne...
Thanks - interesting thought, I'll check.The very strange thing is that these IPs are all NATted by the PIX. And aside from the PIX, these IPs don't exist. There isn't even an entry for them - so what the heck is the security audit picking up on.Or, ...
