About suman.daniel

suman.daniel · 11-25-2005

I have numerous working IPSec VPNs on a PIX 515E. Once of those works a bit slow. The engineer at the remote end changed his MTU size to handle the outbound fragmentation and the performance increased a little. He wants me to change my side as well. ...

suman.daniel · 11-27-2005

You can have different IP schemes. The only requirement is that the routing should be in place. Just to make sure you dont have any issue with DNS and ADS, go to Active Directory/Sites and Services...Add a new Site (remote site) and also drill downt ...

suman.daniel · 11-26-2005

Since you said, all three HQ sites are connected using high bandwidth lines, I assumed the acl has the IPs of all three sites in it as destinations.... As of the peers, its goes in order of config....It goes to the next one if the previous peer is n...

suman.daniel · 11-25-2005

please add the following command.crypto map outside_map 40 ipsec-isakmp

suman.daniel · 11-25-2005

You mentioned that you cant route 10.x.x.x into a VPN cos there is no VPN interface created....I think I understand what you need. Altough, there is no seperate VPN interface, you can just route the traffic towards the interface where the ipsec tunne...

suman.daniel · 11-25-2005

By default, "address" is set as the identity. Hence it would not showup in any configs, Unless you manually add the statement again. But if you want to verify, you can launch the webbased PDM (Pix device Manager) and go to Configuration/VPN/IKE polic...

Member Since	‎11-25-2005 01:06 AM
Date Last Visited	‎08-18-2017 03:54 AM
Posts	9

User Statistics

User Activity

Fragment Handling (IPsec VPN)

Re: Site to Site VPN and a Windows Domain

Re: Pix 2 pix vpn: multiple peers in 1 crypto-map sequence...

Re: [ERR] crypto map on 501

Re: VPN access to DMZ host

Re: Displaying Identity Settings