Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I wanted to double check my NAT configuration. I am trying to direct incoming remote desktop connections through an SR 520 router into a server on the inside of the network at 192.168.6.10. That should be a pretty simple NAT statement but I am n...
Hi,I have a lan to lan scenario. The central office has an ASA5505 and the remote office has an SR520. The VPN connection is functional. My problem is about once a month or maybe more often (seems random) the remote office will lose connection to ...
Hi,I have an SR 520 router located at my remote site with public IP xx.8.140.226, and private IP 192.168.3.1.The central office is at public IP xx.60.101.154, and has a 10.1.1.0 scheme. I have a site to site VPN tunnel between the central and remote...
Hi,I am trying to set up a site to site VPN from a remote office to a central HQ. In the central HQ, the IP is xx.60.101.154. In the remote office the IP is xx.8.140.226. I want the remote office to have an IP scheme of 192.168.3.0. The VPN would...
Hi,I have a remote site at IP address xx.8.140.226 currently using a Linksys to VPN to an ASA 5505 (at IP xx.60.101.154), in a lan to lan connection. I wanted to replace the Linksys at the remote site (xx.8.140.226)with a Cisco Secure Router 520. I...
Hi that's great. Thanks so much for the help. I'm going to take it over to the CEO's office this week so that gives me some confidence. Thanks again for taking your time to help me out.
Hi, thanks for the information. i really appreciate it. I attached my whole configuration. Let me know if you see anything else that could cause me trouble. Again, I really appreciate any help.
Hi,Thanks for the excellent information. I will probably change it back up to 3DES this weekend or even tonight. So aggressive is a security risk? It sounded so great when I read the description. Well I will turn that off too. It doesn't matter ...
Hi,Right now I have no PFS on either end. Over the weekend I changed it to DES instead of 3DES. I also turned it to aggressive mode. I also found a way to change the rekey time up from 3600 seconds. I thought 3600 seconds was the max rekey interv...
Anyone have any idea if I apply "match default-inspection-traffic" to class map "allow-ping-in", will I be able to operate on clients behind this firewall, as in use VNC on them, access a database I have over there?
