About andy-cole

andy-cole · 11-11-2004

I'm used to using FTP to load images onto routers, recently I notice that this appears to have stopped working.The 3 commands I use in the router are:ip ftp user <name>ip ftp password <password>no ip ftp passiveThen issue the command `copt ftp flash'...

andy-cole · 02-28-2005

Joe,Your probably using the command `sysopt connection permit-ipsec' As quoted from the PIX guide on cisco.com:`Use the sysopt connection permit-ipsec command in IPSec configurations to permit IPSec traffic to pass through the PIX Firewall without a ...

andy-cole · 02-28-2005

This sounds like standard LAN based failover, just connect each inside interface into a seperate switch.The PIX spoofs the IP and MAC address, so there are no ARP issues when it fails over.Or do you mean you want both firewalls to be active at the sa...

andy-cole · 02-28-2005

These are required, but you may also need to open up UDP 10000 to support NAT-T if the IPSec has to cross a NAT boundary along its path.You will also need to allow the VPN client pool address range access to which ever IP ranges they are to use. This...

andy-cole · 11-12-2004

The isakmp process seems to have completed ok, it reaches QM-idle. If you do `sh crypto isakmp sa' do you have an entry indicating QM_IDLE?What about posting up debug crypto ipsec and debug crypto engine, may give a clue.Also what IOS version is this...

andy-cole · 11-12-2004

This may be of help, interface Serial0 desc Internet link ip address 2.3.4.5 255.255.255.252 ip access-group 120 in ip nat outside ip inspect lan out access-list 120 permit esp host any host 2.3.4.5access-list 120 permit udp host any host 2.3.4.5 eq ...

Member Since	‎11-11-2004 03:39 AM
Date Last Visited	‎08-18-2017 03:51 AM
Posts	11
Total Helpful Votes Received	10

User Statistics

User Activity

copy ftp flash function changed?

Re: ACL counters for VPN group shows zero even if there is traff

Re: High Availability configuration with PIX

Re: VPN Client & CBAC

Re: ipsec and isakmp in 1721 cannot connect remote office

Re: ACL to restrict VPN client traffic (IOS router)