Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Pix 525, OS 7.2(3)I am trying to do the following:Inside FTP-server 10.1.1.1Outside NAT-address: 20.1.1.1Remote Network: 172.16.1.0/24VPN connection from remote network to outside NAT-adress that should be redirected to inside FTP-server.I am trying ...
There is a feature in version 6.x of the Pix OS that is called turbo ACL.Is there a similar function in version 7.x of the Pix? (The command "access-list ACL compile" does not exists in version 7)
The first step of our NAC implementation would be to segment our network in two VLAN´s. One production network and one consultant network.Is it possible to check the Windows XP client´s active directory domain membership and segment them only based o...
A customer has setup a VPN between a PIX 501 (6.2(2)) and a FW1NG FP3.They are using 3DES, SHA, DH Group 2.When they test the performance the throughput is only about 500Kbps. If they connect using the FW1 SecuRemote klient instead they got a through...
I have BIG problems with user disconnects over a PIX-concentrator VPN setup:Pix 501 on ADSL connection (static IP-address) (on branch office)3005 concentrator on head office.3DES both on IKE and IPSEC-levels. MD5, group1Both PIX and Concentrator uses...
The DC:s see what you allow them to see...If your access rule permit all IP-traffic between the networks you also have to disable the Ping-of-death protection:ip audit signature 2150 disableip audit signature 2151 disableThis is because the DC:s use ...
Please explain the following:"the other VPN box is 163.148.20.98 But we are trying to tunnel to 163.148.20.105"What are the crypto endpoint and what address(es) do you want to include in the tunnel?Do the other side use NAT/PAT to the .105 address? P...
This normaly happens after you get a BSOD (blue screen) on the clients after connecting the VPN-tunnel.I have not found any solution to this but newer versions of the client may work better.I use 4.8.01.0300.
