Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
When an IP packet tranverses a PIX from the inside to the outside, with NAT or STATIC configured, the source IP address is changed and the sequence number is randomized. What other IP field's change...Do the Seq, SYN, SYN-ACK and ACK number change al...
Tracy,You have an interesting problem here and I would not be surprised if it come out in the CCIE lab.Now I can not help you much with the CP, but take a look at the following:1. I will use the static statement 2. Since for outbound traffic, NAT occ...
I will check the following:1. How long does it take to complete your FTP batch jobs and I will set my IKE and IPSEC life times to be higher than that time. 2. Setting the IPSEC lifetime associatation to 1 hour might be very, very aggressive. Try eva...
Setting up your firewall for an ISP or any firewall is a design call. But the challenges are the same as long as you understand the fundamentals of the PIX. IF you do not have an IP address shortage, your static statements could be mapped differently...
Doug,Check the following:1. Make sure the home users router is set for IPSEC passthru2. Make sure the home users router is enabled to allow WAN request. (If linksys - Check the filtering options)3. On the PIX, your crypto transform-set should be conf...
I do not believe so. The 3DES connection takes place on the server. As far as the firewall is concerned, it is another payload.Any success with my previous message?Regards
