I have a PIX 501 at a remote location and I seem to allow echo-repllies from the inside interface. I have tried ACL's and ICMP commands without success. I have attached a copy of the config.
I have a remote location that connects through Sprint to my central site (NYC)via a Sprint directed VPN called a half-tunnel. I recently had a new circuit installed at the remote location for redundancy which points to the Internet and I have set an ...
My organization is moving to MPLS and I wanted to find out more about stretching a subnet from one location to another for disaster recovery. I was told that this can be done with MPLS, basically I need to connect the subnet to pass replication as we...
I have a remote site that is connected to my NY office via Sprint MPLS using what they call a halt-tunnel. I have a redundant circuit installed with a PIX at the remote location and set a default route on the router of the primary circuit using 3 as ...
I wanted to know if I can take an video source from a public IP address through my PIX, using the static command, to a multi-cast address like 224.2.0.1. Is this possible or not? If not what would be another way to do it?
Here is a simple drawing of the setup. Be aware that the path through the Sprint cloud is the primary path and the IPSec tunnel is the redundant path. I have set an alternate default gateway on the primary router in the remote site to point to the IP...
Yes, that is what I want to happen. I forgot to mention that I am using sysopt permit-ipsec, could this be the root of the problem?Would I add a permit 50 and 51 as well as a permit udp eq 500 to the in on the ouside interface?
First, I am applying it to the inside interface inbound. Second, both of the access-lists were applied in the same manner and neither of them worked. The vpngroup only has one IP in the pool (192.168.9.150). What do I need to do to make this work?
I have the VPN client connecting to a PIX. I created the following which is applied with the access-group command on the inside interface:access-list maxim_restrict; 7 elementsaccess-list maxim_restrict line 1 remark Restrict MAXIM access to 3300 ICP...