Hi,I have configured 3030 concentrator for my remote access services.Currently I am using Internal group (internal database of 3030) for authenticating users.I have MS 2000 Active directory as our Corporate Network File Server.Instead of creating acc...
I have Kerebos autentication working on the concentrator. My question is is there a way to lock it down to where only a certain user in a certain group in active directory can login?. Right now any user with a Active Directory account is allowed to l...
Is it possible to PAT a group of addresses to the external ip address of a PIX and at the same time have that same outside interface as a tunnel endpoint for sending the PAT'd addresses out to the peer address of the pix?
Hey there,Here are 2 problems that have been submitted to me for which I haven't much info...First, one client,using his Mac laptop (Mac OS X)seems to have disconnection problems. Here's a extract of his log:119:07:48.779 03/24/2004 Sev=Warning/3 ...
1. need to establish lan to lan vpn tunnel between two pix firewalls2. need to allow inside vpn client go through the pix firewall to access other sites. and the firewall has only one ip address and do pat for inside clients3. "fixup protocol esp-ike...
Hi, I am trying to configure site to site VPN between VPN Consentrator and cisco 2600 router. I configured following parameter on consentrator.VPN Gateway IP address: x.x.x.xVPN Parameters:Authentication:ESP/MD5/HMAC-128 Encryption:3DES-168IKE – Pro...
Hi All,I am doing some testing on ipsec-manual. Everytime when I configure transform-set with esp-des and esp-sha-hmac, it will not work and there is "IPSEC(manual_key_stuffing): keys missing for addr 11.11.11.12/prot 51/spi 0" in debug message. But ...
Hello all,please give an advise to a beginner.Situation: There is a MPLS-based network which offers VPN service for the customers. There is a standalone AS5350 which has a connection to PSTN/ISDN network and provides a dialup service.We mant to offer...
Hi,I am configuring IPSEC for the first time. I am using the following commands to configure IPSEC "crypto ipsec transform-set pulse_ipsec esp-3des" and "crypto map test_ipsec 1 ipsec-manual""set peer 10.1.1.1""set session-key inbound esp 256 cipher ...
Cisco Systems VPN ClientThe necessary VPN sub-system is not available. You can not connect to the remote VPN server.OK3.6.6a, with WindowsXP, SP1, (all WindowsUpdate patches applied), using McAfee AV (disabled)The Cisco Systems Inc VPN Client keeps ...
Can anyone tell me why the vpn 3000 series does not support tacacs for user authen? It supports it for management authen, but not authen of the actual users that are vpn'ing into the 3000.
Home user has wireless/linksys G series router, IBM A series laptop using AOL broadband connection provided by Time Warner Cable.Am having issues with tunnel not passing data once connection is established. Has anyone seen this problem? Is there a ...
I had understood that the CRYPTO MAP MATCH ADDRESS command linked with the ACL identifies the traffic to be encrypted, however we have a new client with and exisiting operational VPN configuration that does not have the MATCH ADDRESS argument viz:cry...
When I use the 'Centralized Protection Policy' ina Cisco VPN concentrator and I push a policy to the client, does that policy stay in effect(like the always on option) , when the tunnel is disconnected, or is it (as I expect) that the policy is remov...
