VPN

Hi,I have an IOS firewall with two interfacef0/0(outside) with access-list 102f0/1(inside) with access-list 101Im a little bit confused where to put the access-list for the VPN POOLis it on the outside or inside interfaceandis it this way say for ins...

Hi there,We have a PIX 515E firewall with IPSEC VPN (UDP) enabled on interface outside. We noticed recently that one of our vendors which is connected to the VPN and transmitting large amounts of ICMP protocol unreachable traffic. This happened when ...

Hello, I'm in the middle of setting up a VPN concentrator to use certificates with IPsec. I am using the Microsoft CA, which seem to work fine.I encountered two problems, maybe someone else saw this as well.First of all, the concentrator 3030 with th...

Hi.Is it possible to open citrix connection via webvpn?

Hi I have two pixes in a redundancy setup running OSPF. For an unknown reason when the second pix is up and running one of the redistributed external route shows up as learning from the pix own interface rather than the adjacent router. If the inte...

Anyone seen this error before on pix running OSPF408002: ospf E1 update 192.9.0.0 255.255.0.0 [180/50] via 221.221.221.221:outside overriding conflict with 192.9.0.0 255.255.0.0 [180/51] XXXX408002: ospf E1 update 192.168.0.0 255.255.0.0 [180/50] via...

Is it true that a 831 can act as an VPN-Server with only 5 IPSEC tunnel to VPN-Clients 4.X ?

Hi Everyone,I have a question about disconnecting applications that access the Internet before enabling the VPN client. I've noticed that when connecting to a Private Network (which has outward facing firewalls and a VPN 3020 Concentrator on their si...

Looking to understand how isakmp handles keys of different lengths.ie cry isa key abcdefghijklmn add xxx.xxx.xxx.xxxand the peers can only neg DES for phase 1How does isakmp handle a key string more then 56 bits?Or if the key string is less then the ...

The customer is evaluating cisco VPN concentrator to replace the existing Microsoft VPN server. When we installed Cisco VPN clients on our PCs, our existing Microsoft VPN client failed to work for IPSec/L2TP.Even after we uninstalled the cisco VPN cl...

I am setting up a VPN for a customer with a PIX-501 firewall. I am able to successfully connect to firewall from my Windows client. However I'm not able to communicate with anything on thier network. The strange thing is thier network can see me a...

My VPN terminate on an inside IOS router (7204VXR) connected to local switched lan with a 10/100 Lan card in trunk mode.VPN trafic comes from outside accross pix inside interface (static nat and access list) mixed with inbound/outbound clear traficI ...

Dear All!I am setting up a vpn with two 831, only with pre shared key.my config looks like that:-----------------------crypto isakmp key geheim address x.x.0.2!!crypto ipsec transform-set SetEins esp-3des esp-md5-hmac crypto ipsec transform-set SICHE...

For my current installation I have 3 sites with aprox. 20 users at each site. Each site has a mix of wired and wireless users. I would like the wireless users to use VPN as one level of security. I would also like to be able to use site-to-site VPN o...

Hi,I have a scenario where I would need to set up failover using a 1720 router connecting to two different ISP'S and a Pix 501 behind it.How would the failover work, specially the configs that need to go on the pix so it knows how to get to the desti...