Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm consolidating several older 25xx routers into a new 3725. I have four serial interfaces & 2 fastethernet (fe) interfaces in the 3725. I'm needing to route each serial interface through a separate Pix interface (I have 6 Pix fastethernet interfa...
I'm trying to get a VPN working, am able to connect to it using XP/W2k (w/o Cisco VPN client -- just Windows VPN). I can access resources from some interfaces but not others. The following is an example of the log message when I try to access a "bl...
Hello,I'm in the process of setting up our Pix 515E (ver 6.1(4)) to act as a VPN endpoint for remote users (mainly Windows OS clients). I wanted to eliminate the need to download the Cisco VPN client software (using Windows built-in VPN capabilities...
Hi all,I'm trying to setup a *simple* Windows to Pix VPN connection. Rather than have each client download the VPN Client (on a dialup connection, this could take quite a while and if I'm supposed to dial-in and fix something NOW, that wouldn't work...
Hi everyone,I'm looking for a way to stop getting the %PIX-6-106015: Deny TCP (no connection) from IP_addr/port to IP_addr/port flags flags on interface int_name. syslog messages.My users are running a client-server program that initiates a session w...
I gave up and opened a TAC case for this issue after not getting any reply. My syslog server was showing that packets from the VPN client were being denied by the Pix, but without any access list specified. It turns out that I'd omitted a couple of...
I'm not a Pix guru, but here's some places to look. Can you ping both machines (Exch1 to Exch2 and vice-versa)? When I setup our DMZ with the Pix there are several different entries that had to be configured for everything to work right. I'm using...
Oleg,Thanks for the response. We're using CS ACS 2.4 and I was trying it with TACACS. I guess I'll have to wait until we upgrade our ACS to a new version before using any authentication beyond local!Thanks,Tim C
I found the SCEP on Yahoo! Group cciesecurity and tried installing it on NT4, but it wouldn't fully load. Are there any other ways of getting the Pix to get a certificate with NT4? Moving to W2k isn't really an option at this point with our certifi...
Thank you for your response! I'm not sure that the MSCEP would work on NT4, but I'm willing to try it! I've looked on the net, but like you said, Microsoft doesn't have it on their site (there are lots of references to the Corporate Update site, bu...
