Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
hello alli have a network (call it 172.16.0.0 /24) protected by a pix 515, and I have a laptop running vpn client.If i connect via broadband from the laptop i can access the private network by getting a NAT address across the ipsec tunnel (172.16.0.2...
Hello allI have a question on how to provide transit services based on the upstream provider. I have two routers. The first router is connected to upstream1, and the second router is connected to upstream2 and upstream3.Both routers are connected wit...
AlrightI have been trying to set up a vpn using digital certificates to authenticate the devices (PIX). I am using microsoft certificate services with the mscep.dll add on. When I try to enroll a certificate I get this :pix1(config)# ca generate rsa ...
AlrightI have been trying to set up a vpn using digital certificates to authenticate the devices (PIX). I am using microsoft certificate services with the mscep.dll add on. When I try to enroll a certificate I get this :pix1(config)# ca generate rsa ...
AlrightI have a 6509 switch running a supervisor 2 engine in Hybrid mode (CatOS/IOS). On board the supervisor I have an MSFC2 card. The supervisor has one pcmcia card slot (slot0). When I plug a flash card into slot0, the supervisor recognises it + I...
JayThe transform sets are the defaults. I have no control over the corp firewall connection, other than I have got ESP and IKE allowed through. But still, I am thinking this is a problem with the corp firewall anyway, which I don't want to have anyth...
Thanks for the reply JayI have two vpn's. One site to site an d the other is remote access. The remote access vpn uses a dynamic crypto map. Here is the relevant configaccess-list inside_outbound_nat0_acl permit ip 172.16.0.0 255.255.255.0 RemoteSite...
show command output (the relevant stuff)PIX# sh crypto ipsec sainterface: outside Crypto map tag: outside_map, local addr. yyy.yyy.yyy.yyy local ident (addr/mask/prot/port): (yyy.yyy.yyy.yyy/255.255.255.255/0/0) remote ident (addr/mask/prot/p...
sorry, maybe i didn't make it clearboth connections to the pix come from the outside, so both vpn tunnels terminate on the outside interface.one connection comes from the internet & the other comes from my corp LAN at another locationcheers
