Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
When doing site-site VPN on PIX and using the "sysopt connection permit-ipsec" command does this mean that once de-crypted all traffic will be allowed through.Every example of PIX site-site I have looked at makes no mention of any access-lists applie...
I recently upgraded the activation key on a PIX and am now getting the message: ========================== NOTICE ========================= This machine is licensed as a secondary failover unit but lacks a connection to a fully-licensed pr...
you need to add "access-group from_dns_zone in interface dns_zone"You do not need "static (inside,dns_zone) 192.168.20.10 192.168.20.10 netmask 255.255.255.255"There should be a global statement on the outside not the inside interface ! and for users...
FYI, if the "route" command statement uses the IP address from one of the PIX firewall interfaces as the gateway IP address (as you have), the PIX will ARP for the destination IP address in the packet instead of ARPing for the gateway IP address. So ...
FYI, if the "route" command statement uses the IP address from one of the PIX firewall interfaces as the gateway IP address (as you have), the PIX will ARP for the destination IP address in the packet instead of ARPing for the gateway IP address. So ...
use the "global (outside) 1 interface" command.Go here for more info...http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094ea2.shtml. Near the end of this document it explains the use of this varia...
