Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a PIX 515 running 6.3(3) code that has been in production for 3 years. Recently I received word that we were having issues with Softphone used via VPN - users complained of one-way voice. I started to investigate the issue and discovered tha...
My client has 5 AP350s, which have been installed and running for 2-3 years with no incident. Some 2 weeks ago they started getting drops from one AP in particular. We have moved a spare unit in place, replaced antennas (diversity 5.2 dbi omnis), m...
When the users do a blank search in the corporate directory not all of the users show up. However, when you specify any search parameter then the missing users will appear. For example, a blank search will show a majority (not all) of my 1xxx exten...
I have a customer that has a peculiar situation that requires a static NAT to a host on a subnet remote to the inside of the PIX. This remote host has a static route back to the PIX but it uses a DIFFERENT default route. This creates the problem: t...
I'm running scans against multiple PIX firewalls running both 6.3(3) and 6.2(2) code using NMap, Nessus, and GFI's scanner. All scanners show the expected ports open but also always show TCP 80 open as well, which is not open in the ACL nor statical...
Michael, NAT exemption (no NAT) must be configured with a similar statement to "nat (inside) 0". When you use "nat (inside) 1" you are tying the inside interface to a NAT process and linking it to your Global address (also using process 1), which in...
JL, each PIX can have multiple ISAKMP policies but there must be at least one match on both sides. By design, if there are multiple matching policies then they should agree on the "best" one which will ususally be the most secure. If they don't hav...
He can use addresses out of the local subnet so long as they are not already in use. Neil, is ICMP the only thing not working? I'm troubleshooting an issue where ICMP won't work either way but other applications work fine. Does this sound like your...
Thanks for the reply.You are right: it will pull up the first 64 entries but if the default phone sort method is by last name (as I've read a few times here in the forums) then I should easily have a mix of both 1xxx and 2xxx users. In this case the...
