Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
anyone had any success doing this?I've been following the suggested config at http://www.cisco.com/en/US/customer/products/ps6566/products_feature_guide09186a0080610dad.html#wp1058626 but not having any success.sessions terminate on my 7301 via L2TP...
HiI recently upgraded our FWSM from 2.3 to 3.1Previously if I wanted to make multiple changes to an access list I would edit it offline and then re-upload after using the "no access-list WHATEVER" command to delete the old version.However this comman...
I have some users behind my FWSM who want to be able to initiate VPN using the Cisco VPN client to external locations.UDP and TCP are allowed outbound, and the FWSM obviously handles the return traffic. So the IKE tunnel establishes OK and authentic...
I noticed a number of failed console port logins in our tacacs logs from a couple of remote routers. In both cases the usernames are gibberish - random characters in one case; access-list logs in the other.logging in to these 2 routers (both 870s)I ...
HiI posted on this a while back - I was trying to use NBAR to limit Bittorrent but the policy wasn't seeing a lot of the torrent traffic and I was still able to get very high speed downloads.Just noticed that if you run#sh ip nbar port-mapthe ports ...
sorry Joshua, can't remember if we found a solution to this and we're not now using NBAR (have adedicated UTM solution for that sort of thing). 5 years is a long time in networking.
thats the same document I referenced in my original question and its states clearly "You can choose to configure the feature using either a virtual template or a RADIUS server."If you add the policy to the virtual template it will apply to all users,...
ok - found it. its "clear configure access-list WHATEVER"not that this is particularly obvious from the configuration guide or the command reference (indeed the troubleshooting section of the conf guide specifically says to use "no access-list")
I'm using v3.1 though that fixup isn't available in v2.3 either.I do know where this particular VPN is terminating, so I can put in a more specific access list, but there is likely to be further demand for this and I'm just surprised that the FWSM c...
well there shouldn't actually be anything plugged into the console, though I have no way of checking this.#sh line con 0 Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int 0 CTY - - - - - ...
