Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
First, here is a diagram of my setup:CSM w/VIP for Front-End Web Servers (acting as Authorization and Reverse Proxy)|SSL Module for termination of HTTPS traffic|Front-End Web Servers|CSM w/VIP for Back-end Web Servers|Back-end Web ServersWhat I need ...
I am having trouble getting past phase 1 with my PIX501 running 6.3(3). Below is the log from the VPN3060 concentrator (4.04a) showing an error. Unfortunately, I cannot find anything on CCO for what this error and associated flags mean.59586 02/13/20...
Is there a way to log the activity that admin accounts do on the VPN3k concentrators? I want to be able to keep a log of all changes to configuration, etc that is made on the VPN3k and who made them.A note on my setup. I have the Admin accounts authe...
I see that I can set up CS-ACS to authenticate the administration accounts for my VPN3k (ver 4.x). A couple questions if anyone knows.1. What is the behavior if no AAA servers are available? Is console access the only option, or will it revert back t...
Does anyone know of a way to determine the utilization on a line card for the Catalyst switches? We have several cards that the data sheets say are capable of 15Mpps, and we are experiencing some delays in servers connected to them. Thus we want to i...
I had a similar problem after my upgrade. I was migrating data from LMS 2.2. The problem was found to be because the SSL Certificate on my LMS 2.2 had an invalid date. Evidently, the migration utility and DCR server cannot handle it.You might check t...
Gilles,Thanks for the response. This is https traffic for the user, but from the Front-End to the Back-End it's just http. Unfortunately it's SAP so it's not a normal HTTP Back-end that can generate cookies. Currently I am only running 3.1(7). What i...
If I remember correctly, I had to re-enter the group/pwd and username/pwd pairs and it worked. For some reason after a reboot, the passwords became corrupted.
Thanks for your help. I was able to configure it. It's still annoying that the it won't fail back to the internal admins if the TACACS servers aren't available, but I'll trade that off with being able to have more than 5 admins by name.
Thanks for the reply. Another question: How is the privilege level handled? That is to say, if I set up the 'admin' account on the VPN3k to say level 12. Now if I have a user that is allowed to talk to the VPN3k in ACS and has a "Max Privilege level ...
