Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
On a DMZ interface what would be an access list equivalent to the implicit outbound rule? Would it be something likeaccess-list acl_dmz1 permit ip any anyaccess-group acl_dmz1 in interface dmz1I would like to add a restriction to the interface but st...
We have a c3524 switch running IOS version 12.0(5)WC5 where the CMS does not appear to load properly. A message "cisco/dsbu/cms/main/CMS notinited" comes up after the login screen followed by a "Loading Java Applet ..." that never ends. Tried on syst...
On a PIX that has 6.3(3) I want to remove a legacy conduit statement of the formconduit permit tcp host mailserver eq smtp anyYet when ano conduit permit tcp host mailserver eq smtp anyis executed the PIX responds with "Specified access-list does not...
We need to access a PIX running 6.3(4) from a PC with VPN client 4.0.5. The PC is on a public IP so UDP encapsulation or NAT traversal would normally not be required. Unfortunately, one of the routers on the way to the PIX is blocking ESP (IP protoco...
We are doing a new installation of a PIX 506Eon a network that has the following setup:VPN Users 192.168.2.0/24on a dialup web connection | v2Wire DSL Modem 1800DMZPlus Mode | vPIX Outside Interface 100.100.100.1/32 via DHCPPIX Inside Interface 192....
Thanks for your suggestions.After installing the new CMS plug-in, the same error message keeps coming up.We can't go back to Java 1.3.1 since we run other applications that require 1.4. The CLI works fine for us but it is unfortunate that the CMS doe...
That solved the issue. I re-entered the 'name' statement and the PIX complained that the name was already assigned. Yet after that, it did allow me to remove the conduit.Thanks for your assitance.
Thanks for your suggestion.The configuration already had a "name" statement for the mailserver.It appears to remove the conduit a corresponding access-list must exist. Yet I tried something likeaccess-list acl_mail permit tcp host mailserver eq smtp ...
I checked with Cisco on this today. The response was that forced UDP encapsulation is only available with the VPN 3000 concentrator. So, on connections from the VPN client to a PIX only the automatic mode is implemented. The alternative in cases wher...
