Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello there;We have a Pix 525 @ corp headquarters which serves as a firewall & VPN endpoint for several branch offices. We've had this config for 1+ years. Lately, we seem to be missing some email traffic destined to our email server, and telneting...
Hello there;For Pix management, curious whether the Pix can do authentication using ssh keys. Most sshd's allow you to authenticate without entering passwords using the ssh public/private key exchange. I'm hoping that the Pix ssh implementation shoul...
hello there;this is probably a simple one - after upgrading a few pix'es to v 6.3, vpn gets stuck. w/ v6.2, the vpn config works just fine. any ideas, i've read about a cisco bug, as well as changes to nat, but don't see how it applies?thanks.-jona...
Hello there;This should be an easy one - could someone please point me in the right direction? I've seen this config before, but don't remember where.Thank you,Jonathan
Hello-Have a client that does not want to spring for a 515, so I'm trying to figure a way to connect the two 506's they already have to provide DMZ functionality. Does anyone know if a nested Pix config would work w/ two layers of NAT? Would static...
Sure, I've actually done this w/ 2 Pix 506E's and it does work just fine. Bottom line, an inexpensive workaround to not having to dump 4k+ on a 515E. The config does create a mock screened subnet or DMZ. Not really any tricks to it, just use stati...
Appreciate the info, thank you. I agree, and we are not planning on statically mapping servers behind Pix#2, I was simply curious if it could work.Re IPSec, couldn't one avoid your concern by using NAT 0 w/ appropriate ACL's on Pix#1?Thanks,Jonathan
Appreciate everyone's assistance, thank you.Re the upgrade, spending 9 bills on a card seems excessive for a firewall that is 3+ years old (already had to replace the power supply), and would total more than half the cost of brand spanking new 506e w...
