Search results for query: *

Hello, I have an ASA5510. Whenever I setup a new Windows VM I add the IP to the access-list and allow access to port 3389. I also create a new static map. I'm going to build out a new ASA and I'm wondering if I have to add each IP to the access-list or if there's a way to just open port 3389...

...10 group 1 isakmp policy 10 lifetime 14400 tunnel-group 209.xxx.xxx.34 type ipsec-l2l tunnel-group 209.xxx.xxx.34 ipsec-attributes pre-shared-key * tunnel-group 168.xxx.xxx.29 type ipsec-l2l tunnel-group 168.xxx.xxx.29 ipsec-attributes pre-shared-key * tunnel-group 69.xxx.xxx.82 type...

That was it unclerico! Once again you come through for me. It's greatly appreciated.

...group 1 isakmp policy 10 lifetime 14400 tunnel-group 209.xxx.xxx.xxx type ipsec-l2l tunnel-group 209.xxx.xxx.xxx ipsec-attributes pre-shared-key * tunnel-group 168.xxx.xxx.xxx type ipsec-l2l tunnel-group 168.xxx.xxx.xxx ipsec-attributes pre-shared-key * telnet timeout 5 ssh 0.0.0.0 0.0.0.0...

thanks for the reply brian. i've made the change but still no luck.

...10 set peer 209.xx.xx.xx crypto map newmap 10 set transform-set firstset crypto map newmap interface outside isakmp enable outside isakmp key ******** address 209.xx.xx.xx netmask 255.255.255.255 no-xauth no-config-mode isakmp identity address isakmp nat-traversal 3600 isakmp policy 10...

...address-pool MYvpnpool authentication-server-group vpn default-group-policy MY-DOMAIN tunnel-group plethvpngroup ipsec-attributes pre-shared-key * telnet timeout 5 ssh 0.0.0.0 0.0.0.0 outside ssh 192.168.48.0 255.255.255.0 inside ssh timeout 10 console timeout 0 ! class-map...

I have some additional info. It doesn't look like they ran a new cable. Here's what they said: "There's no new network cable. The ip is routed to the existing network interface." Is this what you're refering to? Thanks unclerico.

yes they are unclerico

Good afternoon, I'm wondering if this is possible and if so where can I find the steps to configure it. I have an ASA 5510 configured with Eth0/0 as my outside interface (209.xxx.67.xxx). Eth0/1 is configured as my inside interface (192.168.48.1) I have Eth0/2 and Eth0/3 open. I ran out of...

Sorry, I have several other PIXs that have VPN working that do not have an acl allowing 10000. I was using them as an example. I'm trying to connect to this PIX using a Cisco VPN Client (version 5).

I also added... access-list 101 permit tcp any 10.100.10.0 255.255.255.0 ...and I'm getting the same error

Thanks for the reply North323. I have several other PIXs that work and none of them have an acl for allowing tcp 10000. So should I add: access-list 102 permit tcp any host 209.xxx.xxx.xxx eq 10000

...myvpnall wins-server 192.168.45.2 vpngroup myvpnall default-domain mydomain.com vpngroup myvpnall idle-time 1800 vpngroup myvpnall password ******** telnet timeout 5 ssh 0.0.0.0 0.0.0.0 outside ssh 192.168.45.0 255.255.255.0 inside ssh timeout 45 username myvpn password xxxxxxxxxxxxxxxxx...

Good afternoon, I have an ASA 5510 that is remote VPN enabled. Everything works fine. However, in the past month I've had to reload/reboot the device because people no longer could connect via VPN. When this happens I'm still able to ping it, SSH to it, mail flow to my Exchange Server is fine...

Hi Brian, I'm running 6.3(4) on two of them and 6.3(5) on the other two. I will see what I can find on 'hairpinning'. Thanks for the help.

Hello, I'm not sure if this is possible or not and I'm sure one or more of you could tell me if it is. I have 4 sites where each site has a PIX 515E. They are all connected via site-to-site VPN. Internally I can connect from any of our 4 offices to resources at the other location. I would...

Hi Brian, Thanks for the response. I found an article that corrected my problem. When I was setting the clock on my ASA I was just entering the time and date. After I entered the time zone and some daylight savings entry it worked fine. Rob

I am unable to connect using a Cisco VPN client to my ASA 5510. When I try to connect I get "Authentication Rejected: Clock skew greater than 300 seconds". However, the clock on my ASA and on my Active Directory domain controller (PDC time server) are the same exact time. As is the laptop I'm...

Hi Brian, I'm not sure I understand what you're saying. Thanks.