About zroth

zroth · 07-14-2005

Hi all,I need advice with the following problem.I have PIX 515E with 3 interfaces inside,DMZ and outside,vers 6.3(3).Is it possible to access DMZ over inside interface with IPSec from CISCO VPN client ? IPSec makes a tunnel,the clienthas a new addres...

zroth · 07-14-2005

Hi all,I need advice with the following problem.I have PIX 515E with 3 interfaces inside,DMZ and outside,vers 6.3(3).Is it possible to access DMZ over inside interface with IPSec from CISCO VPN client ? IPSec makes a tunnel,the clienthas a new addres...

zroth · 10-21-2004

Hi all,we have PIX 515E in failover configuration.After upgrade to version 6.3.(4) I have noticed a strangething.When I use command show isakmp sa det, a failover happens.With the same command without optiondetail all works fine.I must say I did not ...

zroth · 08-19-2004

Hi all,when using normal NAT or static command,PIX works asthe ARP Proxy for inside addresses.If I use nat 0 (either identity or exemption),proxy ARP does not work and you have to use routing.In the CISCO docu-mentation is the nat 0 identity consider...

zroth · 11-26-2003

Hi everybody,I have this problem.We have an access router CISCO 3640,IOS c3640-is56i-mz.121-6 for dial-up access andCSACS access-server V 2.4.Users are using a token card authentication (Crypto Card).It works quite good.Encryption is not used.Now we ...

zroth · 06-25-2007

Sorry fot the mistake,access-list shall be access-list nonat perm ip 192.168.14.0 255.255.255.0 10.254.14.0 255.255.255.0

zroth · 06-25-2007

Hi,it can be you have not configured access-list nonat,ex. access-list nonat perm ip 10.254.14.0 255.255.255.0 10.254.14.0 255.255.255.0 and command nat (inside) 0 access-list nonatHtH Zdenek

zroth · 05-30-2007

Hi,nat with identifier 0 does not translate atall.It is mostly used for IPSec tunnel LANto LAN (but not allways).It means that allIP addresses defined with nat 0 are not translated to any interface.Therefore in your configuration can not translation ...

zroth · 07-15-2005

Hi,I would like to thank you.My client received an IP address from local pool,let us to say 192.168.30.1and wanted to connect to the server 172.20.2.2 in DMZ.I configured nat (dmz) 0 access-list test outside ,with access-list test perm ip host 172.2...

zroth · 05-25-2005

Hi,the command write net is only for saving your configuration on TFTP server,not for saving of image.The OS versions till 7.0 do not have any command forsaving of image. HTH Zdenek

Member Since	‎10-12-2001 02:43 AM
Date Last Visited	‎08-18-2017 03:50 AM
Posts	49
Total Helpful Votes Received	11

User Statistics

User Activity

IPSec access over PIX inside interface

IPSec access over PIX inside interface

failover after command show isakmp sa det

PIX ARPing

Problem with token card authentication

Re: ASA 7.2 remote access VPN

Re: ASA 7.2 remote access VPN

Re: Help....Mixed up with NAT Translations

Re: IPSec access over PIX inside interface

Re: Copy flash tftp on PIX 6.3(3)