Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm having problems capturing traffic leaving an interface on a FWSM. It only shows the traffic inbound to the interface. Has anyone found a way to get this working?
Does anyone know of a way to automate archiving a FWSM and context config? We typically use CiscoWorks to backup our standalone pix configurations, however I'm told FWSMs aren't supported by CiscoWorks.Thanks!
This is the first time I've encountered this problem. Thanks in advance!CSS 11501 running code 7.30.1.06.Below is the error I receive:ARLTRKBAXPS1001(config-if[Ethernet-Mgmt])# phy 100Mbits-FD ^%% Comma...
We have a CSS that terminates SSL, sets an Arrowpoint cookie, re-encrypts traffic and sends to the destination server.....What happens if the destination server also sets a cookie (encrypted cookie) for the client to use? Will it remain preserved and...
We have an ftp server running on port 10021. Is there a way to have the CSS translate the IP in the payload when not using port 21? On an IOS router one can use the ip nat service command. I have not seen anything like this on the CSS.We currently...
Sure. thanks! I know I could use the same ACL, but I'm using two for testing..disregard the reset. I just telnet'd to port 3389. It's the initial ack from 10.50.1.66 etc that's not showing on the JTC-BB interface. The initial SYN is not showing on...
I appreciate all the responses! In this case the CSS is also translating the high order port the server informs clients to connect to.I'm likely going to configure a port 21 VIP in addition to the port 10021 VIP in order to get around some other fir...
That seemed to resolve the fact that the address in the ftp payload was not being translated. However....Our ftp server is configured to tell clients to connect on ports 8550-8650. It seems that the content switch is passing a port outside this ran...
Thanks Steve!So even if it is not an HTTP GET that they are performing it should work? I'm using header-fields to block nimda and code red etc, but all of those use an HTTP GET instead of HTTP TRACE.I'll give it a shot.Thanks!
