Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
HiI have a PIX 515E 6.3(5) and I have a problem I simply cannot find an answer for!We use a certificate for a VPN we have with a 3rd party, and the certificate is due for renewal in the next couple of weeks. The guy that did this originally has left...
Incorrect.Interfaces have a security level. The higher the number, the more 'secure' it is. By default traffic on a higher security level interface is permitted to pass onto a lower security level interface. This is why traffic on your inside inter...
Which is something else I mentioned in my first reply!'Alternatively, you can apply this to an inside access list, if you have one.'In quite a few cases I have seen no inside access list, which is why I suggested the outside interface first.
Correct - the VPN device they are connecting to sends ESP traffic back through your firewall on port 500/udp. I have found by blocking this port the traffic does not come back to the client on my network, which is your desired result.
