About jealvarez

jealvarez · 09-16-2004

On a DMZ interface what would be an access list equivalent to the implicit outbound rule? Would it be something likeaccess-list acl_dmz1 permit ip any anyaccess-group acl_dmz1 in interface dmz1I would like to add a restriction to the interface but st...

jealvarez · 09-13-2004

We have a c3524 switch running IOS version 12.0(5)WC5 where the CMS does not appear to load properly. A message "cisco/dsbu/cms/main/CMS notinited" comes up after the login screen followed by a "Loading Java Applet ..." that never ends. Tried on syst...

jealvarez · 09-07-2004

On a PIX that has 6.3(3) I want to remove a legacy conduit statement of the formconduit permit tcp host mailserver eq smtp anyYet when ano conduit permit tcp host mailserver eq smtp anyis executed the PIX responds with "Specified access-list does not...

jealvarez · 08-22-2004

We need to access a PIX running 6.3(4) from a PC with VPN client 4.0.5. The PC is on a public IP so UDP encapsulation or NAT traversal would normally not be required. Unfortunately, one of the routers on the way to the PIX is blocking ESP (IP protoco...

jealvarez · 08-09-2004

We are doing a new installation of a PIX 506Eon a network that has the following setup:VPN Users 192.168.2.0/24on a dialup web connection | v2Wire DSL Modem 1800DMZPlus Mode | vPIX Outside Interface 100.100.100.1/32 via DHCPPIX Inside Interface 192....

jealvarez · 09-17-2004

Thanks for your prompt response.

jealvarez · 09-14-2004

Thanks for your suggestions.After installing the new CMS plug-in, the same error message keeps coming up.We can't go back to Java 1.3.1 since we run other applications that require 1.4. The CLI works fine for us but it is unfortunate that the CMS doe...

jealvarez · 09-09-2004

That solved the issue. I re-entered the 'name' statement and the PIX complained that the name was already assigned. Yet after that, it did allow me to remove the conduit.Thanks for your assitance.

jealvarez · 09-08-2004

Thanks for your suggestion.The configuration already had a "name" statement for the mailserver.It appears to remove the conduit a corresponding access-list must exist. Yet I tried something likeaccess-list acl_mail permit tcp host mailserver eq smtp ...

jealvarez · 08-23-2004

I checked with Cisco on this today. The response was that forced UDP encapsulation is only available with the VPN 3000 concentrator. So, on connections from the VPN client to a PIX only the automatic mode is implemented. The alternative in cases wher...

Member Since	‎08-14-2002 10:31 AM
Date Last Visited	‎06-02-2018 02:25 PM
Posts	26

User Statistics

User Activity

ACL Equivalent of PIX Implicit Outbound Rule

Problem loading c3500XL CMS

Can't remove conduit statement

Force UDP Encapsulation for VPN Client without NAT

No traffic from VPN Client to PIX on DSL link

Re: ACL Equivalent of PIX Implicit Outbound Rule

Re: Problem loading c3500XL CMS

Re: Can't remove conduit statement

Re: Can't remove conduit statement

Re: Force UDP Encapsulation for VPN Client without NAT