Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi!Good day to all.I'm having a hard time figuring out the descripancy on a PIX firewall config I have here.My difficult is that I have two interfaces. One is a VLAN interface named as CORE with a SecLevel of 87 and a physical interface named DMZ4 wi...
Good day to each and everyone.I just would like to inquire about adding a couple of cards on a PIX 535 with UR license with a 6.3(5) OS.Currently, the firewall has the following: one (1) 4 FE + four (4) 1 FE + 1 VPN Accelerator Card Plus (VAC+)The...
I would to like clarify if what would the effect if I am to create a logical VLAN interface on a existing and working physical interface?What would be the effects of this configuration? Would the physical interface be shutdown?Thanks
Good day to all.I would just like to ask if anybody here could recommend configuration analyzer or access control list manager for a Cisco PIX/ASA firewall?It seems that managing lots of lines of access list becomes difficult.Thanks.
Good day guys!!I have some dilema with regards to limiting ICMP from inside users traversing to other networks such as other DMZs. I know that in order to let ICMP to pass thru the interfaces you have to create an ACL such as the one below:access-lis...
Guys!My problem has been resolved. There was no route on the router that is connected to the DMZ4 segment that we have here. We have just added a route on it pointing to the layer 3 switch on DMZ4 going to the CORE segment.Thank you very much!!!Happy...
M,Hi! Good day to you.Actually, slots 0 to 1 and slot 3 which are 64-bit/66 MHZ are still free. I'm thinking of using those 64-bit/66MHZ slots for the for either option. My worry is not the throughput of the interfaces but the burden to the CPU usage...
Andrew,Yes, the act of creating a logical interface is what I am asking about if it would affect the physical interface, just like below:interface ethernet3 100fullinterface ethernet3 vlan4 physicalinterface ethernet3 vlan4020 logicalIf ethernet 100f...
If that would work... I guess there would be times if there will be no interesting traffic to that specified between VPN peers there would be a tear down of the VPN connection. And would there would be a tunnel buildup again.If so how is there a way...
