We have a l2l to an asa, but it will not pass icmp even though I have it allowed between hosts. The host on the asa is on e2 with a securtiy level of 50. But telnet, etc will pass through?
Changed a tunnel termination from the Pix to a 3005. All applications work except large Excel spreadsheets that won't open when logged in to Novell. If logged in with Microsoft works fine. Any other app in that folder will open eg. Word, Jpeg's etc.
I am trying a hub & spoke vpn, but all the www traffic is out the main site. All other locations do not have a split tunnel at their sites. The access lists for nat are created but if an extended ping is started out one of the remote sites it will no...
An 827 w/ipsec/fw at each end with a pc at both locations doing ViaVideo across the Internet to each other. Both routers are doing a static nat to a public address. The only access list on the routers is for nat whith these 2 being denied right now. ...
this is what I have used and it has worked for almost 2 years.crypto isakmp keepalive 15!crypto ipsec profile GDOI-PROFILEset security-association lifetime seconds 7200set transform-set GDOI-TSET
Sorry, didn't read the full question as you are trying to get there via name. Do a packet trace in the gui and it will tell you exactly where it fails.
Right now you are only allowing the following subnets:static (Inside,DMZ1) 192.168.16.0 192.168.16.0 netmask 255.255.248.0 static (Inside,DMZ1) 192.168.100.0 192.168.100.0 netmask 255.255.255.0 static (Inside,DMZ1) 192.168.200.0 192.168.200.0 netmask...
Define which subnet you want to come in in the acl as right now all you have is 192.168.0.x 255.255.255.0 allowed for dns.Hope it helpsaccess-list dmz1 extended permit tcp 192.168.0.0 255.255.255.0 host 192.168.200.21 eq domain access-list dmz1 exten...
With an R license you will be able to see a 10/100 nic in the top slot of the Pix expansion side. Use an Intel 10/100 Pro pci nic in that slot. You should have only 3 ethernets on that Pix. If you installed the 4 port ethernet nic it will not be ackn...