About jboyer

jboyer · 03-21-2005

Designing a 30 site fully meshed MPLS network with a ds3 at the central site and remote sites ranging from 384k to 1.544m, using a tier1 provider. We are converting the existing frame-relay network which is point-point pvcs. My question is do I nee...

jboyer · 01-05-2005

Has anyone found a good way to migrate users/groups from ACS on Unix(2.3.6) to ACS on Windows (3.3)?

jboyer · 12-29-2004

Has anyone implemented ACS with ITIM? It was press released almost a year ago and I cannot find any technical documentation to find out how it integrates. What I need to find out is: Does the ACS server use ITIM as a external database for user aut...

jboyer · 03-21-2005

There are some fundamental problems with your design.1. The pix are both on the same lan segment as your router. Every client will get an ICMP redirect to Pix1 and add that route to their local routing table. If you failover to Pix2 the clients wil...

jboyer · 03-21-2005

If it is a point-point DS3 it is easy. Enable IRB then create BVI interfaces on each side for bridging across the DS3. There are a couple of different ways to configure and I think the best in this scenario is to "ip unnumbered BVIx" on the serial ...

jboyer · 02-25-2005

I suspect somewhere between you and your ping destination there is a MTU at 1427 and if you send a ping larger than that it is being fragmented. Most well designed networks will drop ICMP fragements. There is no legitimate reason for an ICMP (parti...

jboyer · 02-10-2005

The problem you will have in this scenario is NAT. The Pix will use its outside address as it's ISAKMP identity, then the ip header will be translated and will not match. The pix doesn't support any encapsulation method like the VPN devices do to g...

jboyer · 02-10-2005

By default all outbound traffic is permitted out and the response traffic is allowed back in. If the Oracle server is responding from a source port of 8006 it should work.Turn on logging:logging buffered debuglogging onand try the connection again, ...

Member Since	‎07-28-2003 04:39 AM
Date Last Visited	‎08-18-2017 03:50 AM
Posts	48
Total Helpful Votes Received	15

User Statistics

User Activity

MPLS design question

ACS database migration

ACS with Tivoli Identity Manager

Re: Two Pix with internal Rip

Re: How can I extend my broadcast domains across a WAN?

Re: IMCP traffic thru FWSM

Re: PIX501 as a VPN-only device

Re: PIX and port 8006