Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Folks,We're seeing some DNS traffic via TCP 53 (and they're not zone transfers), as opposed to the usual UDP 53, from some of our newer Win servers.If we decide to permit TCP 53 in this case, does anyone know if it will it be checked by the PIX's App...
One of the functions of our PIX 525 is to permit internet access for our users. This PIX does not have direct access to the Internet, it relays upstream to another device that does.Immediately after upgrading to 6.3(3) our syslog server began report...
Hi, We have a number of devices that only allow for one NTP provider entry. To provide fault-tolerant time to these hosts we have been using a DNS "round-robin" approach where multiple addresses resolve to one DNS entry that we configure these hosts...
Our PIX logs are loaded with deny reports regarding udp port 137 traffic coming from our Win Servers, it's making it difficult at times to spot other deny messages we need to be investigating. Disabling NetBIOS over TCP/IP on the Servers is unfortun...
You may be able to tweak that static command even further, try: static (inside,outside) tcp interface 80 172.16.2.150 80 netmask 255.255.255.255 0 0 And if that Web server is also supporting SSL add:static (inside,outside) tcp interface 443 172.16.2....
Try leaving the username field blank and entering the enable password in the password field.Perhaps you're using AAA authentication in which case my suggestion won't help. Patrick's suggestion above will handle the situation nicely.Regards,Craig
Hi Johans,Just a question on the ACLs in your example. Wouldn't you configure acl_out as follows:!-- Allow IPSec traffic terminating on the outside interface to pass thru to our inside interface. access-list acl_out permit tcp 10.10.0.0 255.255.255....
