Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Sorry if anyone notices duplication - I posted this first in the wrong place.I'm using a PIX 501 version 6.3(4). Its very lightly loaded ~1% CPU average, max 15%. After a few weeks it seems to stop working. A power-reset will fix this. The best sympt...
I'm using a PIX 501 version 6.3(4). Its very lightly loaded ~1% CPU average, max 15%. After a few weeks it seems to stop working. A power-reset will fix this. The best symptom I have been able to come up with is that about every couple of days the me...
We have a number of Cisco 2940 switches - 12.1(22)EA4. They are connected by a dot1q trunk (in e1/0) to either a 2950 or a 4506 (both VTP clients). The management adddress is VLAN 400. VLAN 1 is shut down. Periodically the 2940 will drop off the netw...
I have a PIX 501 running 6.3(3) with a 10-user license. It has 3 IP addresses on the inside. I get messages %PIX-4-407001: Deny traffic for local-host interface:10.204.136.131, license limit of 10 exceeded. This message is produced for all three insi...
I'm playing with lock and key on a 3750 IOS 12.1(19)EA1. The console works fine (and there is no AAA or ACLs on the switch) until I add the following commands:!aaa new-modelaaa authentication login TestLK group tacacs+ localaaa authorization exec def...
Apologies for the delay - I've been away.I've just graphed the inside and outside interface error counts over 5 days. It says there have been no errors of any kind.Regards
Thank you - you have given me the clue I needed.This PIX setup is a pilot, so although its a 10-user system with only 3 addresses in use, it has a full Class C subnet of addresses configured on the inside - each with a static translation to an outsid...
Thanks - I got that advice from the message interpreter. But I'm still not sure how three IP address chew up 10 licenses.Inside hosts have forwarded traffic in the last five minutes - thats three licenses? Can an inside host have multiple reserved xl...
I get similar results just using:!aaa new-modelaaa authentication login default group tacacs+ localaaa authentication login TestLK group tacacs+ localaaa authorization exec default group tacacs+ local!Anyway the problem is solved.Cheers
Thanks. That did the trick. The final configuration (in order to keep lock & key working properly) reads:!aaa new-modelaaa authentication login default group tacacs+ localaaa authentication login TestLK group tacacs+ localaaa authorization exec defau...
