Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,In the data sheet it lists 2 contexts for a standard license on the FWSM "for testing purposes". What exactly does "for testing purposes" mean? Are these 2 contexts restricted in any way? Can I use them now in a prod environment and then upgrade t...
I have 3 routers (2 x 2811, 1 x 1841 all with hardware encryption) on 12.4(17) code. Customer was using GRE tunnels inside IPSec tunnels (using crypto maps) for the purpose of enabling dynamic routing between the sites. The DR router was moved to a n...
We have found this handy URL in the release notes, which generates a test web page with the PIX config (ie. same as wr t). I have also used the https://<ip>/capture/<name>/pcap URL to download packet captures.So I was wondering, is there a reference ...
Can anyone suggest the best upgrade method from ACS 3.1 to 4.0, with new server hardware. New server is running Windows 2003.Backup from 3.1 will not restore to 4.0 (or 3.3.3), and 3.1 will not install on Windows 2003.We would prefer not to upgrade t...
Can anyone tell me what this command does. The default for our switches is for it to be disabled, ie. "no spanning-tree optimise bpdu transmission". I have checked the documentation for the relevant switch models and can't find it in the command refe...
Hi,Thanks for your input.I have already tried the following between DR and MSt:int tunnelip address private_ip subnet_masktunnel source outside_interface_nametunnel destination peer_address tunnel protection ipsec profile blahWe get the same symptoms...
Is 1.2.3.7 your outside interface IP, or an IP used in a NAT? Try using a static NAT instead of a static PAT:static (inside,outside) 1.2.3.4 10.10.10.10
The correct answer from a security engineer would be:"Block all ports except those which you explicitly wish to permit!" (eg. allowing port 80 to your webserver)
I had thought of that but wasn't too keen on it.I messed around with CSUTIL and was able to dump and import users and groups, but not the NAS devices. In the end I decided I'd waste more time trying to export/import the NAS devices than it would take...
