Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
My 40 site company is currently moving from a predominantly ‘site-to-site’ IPSec VPN solution (Hub and Spoke), to a L3VPN (MPLS) solution with our Telco carrier. I have a question that I am hoping will assist in our migration. Our provider is request...
My company is switching from a traditional site-to-site IPSec VPN to a Service Provider MPLS solution. At our main site, we will be bringing in a DS3 to connect to the SP network via ATM. We will be channelizing 20Mb for MPLS traffic and 20Mb for Int...
Can some one please tell me the best way to do 'DNS Doctoring' for internal cleints to reach an Internal DNS server without using the 'alias' command. Thanks for your assistance.Dean
Hello All,I have a PIX to PIX ipsec tunnel set up between sites and I want to route via EIGRP. I created the tunnels on the LAN routers behind the PIXes and can ping both tunnel interfaces (tunnels also show up up). I also created a static route for ...
I have a vendor who is working out of one of our offices which is behind a PIX 501. He needs to be able to VPN via an IPSec client to his office out through the PIX. Can someone please tell me what the easiest way to accomplish this is? An help is ap...
I don't see that you set a wildcard mask on your ospf network statements. According to your original post, you are trying to use a /24 subnet, but your network statements fall on classful boundries. If you want to use a /24 mask, you should change yo...
Ruben,You can accomplish this with NAT overload (commonly known as Port Address Translation or PAT.)access-list 10 permit 10.0.1.0 0.0.0.255!int fa1/0ip address 10.0.1.x 255.255.255.0ip nat inside!int fa0/1ip address 217.x.x.80 255.255.255.xip nat ou...
Did you make sure that your /30 address falls withing the appropriate range? (i.e. 192.168.1.5 255.255.255.252, as 192.168.1.4 /30 is the network address and 192.168.1.7 /30 is the broadcast). Sounds basic, but we all have miscalculated when subnetti...
