Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,I need advice with the following problem.I have PIX 515E with 3 interfaces inside,DMZ and outside,vers 6.3(3).Is it possible to access DMZ over inside interface with IPSec from CISCO VPN client ? IPSec makes a tunnel,the clienthas a new addres...
Hi all,I need advice with the following problem.I have PIX 515E with 3 interfaces inside,DMZ and outside,vers 6.3(3).Is it possible to access DMZ over inside interface with IPSec from CISCO VPN client ? IPSec makes a tunnel,the clienthas a new addres...
Hi all,we have PIX 515E in failover configuration.After upgrade to version 6.3.(4) I have noticed a strangething.When I use command show isakmp sa det, a failover happens.With the same command without optiondetail all works fine.I must say I did not ...
Hi all,when using normal NAT or static command,PIX works asthe ARP Proxy for inside addresses.If I use nat 0 (either identity or exemption),proxy ARP does not work and you have to use routing.In the CISCO docu-mentation is the nat 0 identity consider...
Hi everybody,I have this problem.We have an access router CISCO 3640,IOS c3640-is56i-mz.121-6 for dial-up access andCSACS access-server V 2.4.Users are using a token card authentication (Crypto Card).It works quite good.Encryption is not used.Now we ...
Hi,it can be you have not configured access-list nonat,ex. access-list nonat perm ip 10.254.14.0 255.255.255.0 10.254.14.0 255.255.255.0 and command nat (inside) 0 access-list nonatHtH Zdenek
Hi,nat with identifier 0 does not translate atall.It is mostly used for IPSec tunnel LANto LAN (but not allways).It means that allIP addresses defined with nat 0 are not translated to any interface.Therefore in your configuration can not translation ...
Hi,I would like to thank you.My client received an IP address from local pool,let us to say 192.168.30.1and wanted to connect to the server 172.20.2.2 in DMZ.I configured nat (dmz) 0 access-list test outside ,with access-list test perm ip host 172.2...
Hi,the command write net is only for saving your configuration on TFTP server,not for saving of image.The OS versions till 7.0 do not have any command forsaving of image. HTH Zdenek
