Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
-
535 Stateful Failover
Im running a pair of 535's in a failover pairing, the main interfaces are GB-ethernet (0 and 1) but the failover interface is a standard ethernet connection - WILL THIS BE AN ISSUE FOR A STATEFUL FAILOVER ???- fliptop
- Thread
- Replies: 3
- Forum: Security, hacker detection & forensics
-
moving statements in access lists
Just a pointer - if there is reference to the access-list that you are removing anywhere else in the config - it will also be removed!!! (Found out during access-list ammending!!) i.e nat statements, cryptomap statements etc.- fliptop
- Post #4
- Forum: Security, hacker detection & forensics
-
PIX Failover
Type in the following and read the table: sh ver regards- fliptop
- Post #2
- Forum: Security, hacker detection & forensics
-
des key ?
The isakmp keystring has to be identical at both peers and can be any combination of letters (up to 128 bytes long). The keystring is 'hashed out' in the config - so nobody can decrypt it after youve applied it - but it can be over written when you deem fit.- fliptop
- Post #4
- Forum: Security, hacker detection & forensics
-
Timeout needs to be extended
Yep, thats the correct line (but inc the line above as well - timeout xlate hh:mm:ss). The timings you have stated are the default timings - they can be changed to suit your needs. You may want to try extending the TCP half-closed timings - you can use 0:0:0 to never time out a half-closed...- fliptop
- Post #2
- Forum: Security, hacker detection & forensics
