Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello.I'm looking for information on the command "monitor session servicemodule" to no avail. We have a customer with a 6500, a FWSM and a NAM who uses WCCP to redirect HTTP traffic to a Content Engine. Without the previous command in the 6500, WCCP ...
Hello. We know about the ipsec:inacl attribute for configuring split-tunneling for a VPN group, but AFAWK you must define the ACL in the local configuration of the router. Is it possible to define the ACL in the RADIUS server instead? How? By the way...
Hello.We know about the ipsec:inacl attribute for configuring split-tunneling for a VPN group, but AFAWK you must define the ACL in the local configuration of the router. Is it possible to define the ACL in the RADIUS server instead? How? By the way,...
Thanks for your answer, but I don't see how to use this for the problem we are trying to solve.As I understand it, the Filter-Id option specifies an ACL in the router's local config, but this is what we are trying to avoid.We would like to define per...
I think that it is not possible to do what you want. For lan-to-lan tunnels, you should use NAT, not PAT, as the other end may initiate the IPsec negotiation (in fact, most of the configuration examples I have seen tell you to disable NAT). To which ...
The mask is not the problem here. With 255.255.255.255, you are allowing to access PDM to that IP address only.Have you put the 'http server enable' command in your config?Regards.
The shun command was designed to allow external IDS to stop attacks at the fw, so they never end in the configuration. You need to use access-list.BTW, it would be much easier to maintain a list of forbidden addresses if you had a 6.2 or later versio...
Where have you read that about tftp support?The PIX never has had a tftp server. You must use a tftp, http or https server for updating the OS or the PDM. The last two methods are only available in latest versions.Regards.
