Search results for query: *

PIX 515 is 6.3(2) The IP addresses of the clients would not be consistent. I have another PIX that has been successfully configured for software VPN with a dynamic crypto map, but it seems that if I configure the original PIX the same way it breaks all the static crypto maps. Thanks <<Witty...

bump Anyone? <<Witty Signature>>

Hello all - I have a PIX 515 that has many site-to-site tunnels configured and functional. Now I need to add software VPN client functionality to this PIX. I tried once a while back, but whatever I did ended up breaking the hardware VPNs so I took that out real quick. I will post what I hope...

AARRGGHH I hate typos. Thanks it alwayshelpt to have a second set of eyes look at it! <<Witty Signature>>

Hello all PIX 501 6.3(4) Cisco VPN Client 5.0.05.0290 Connects quickly but can't ping anything and no traffic passes at all. Topology: Corporate network is 192.168.51.0 VPN Pool is 192.168.253.0 Please see attached config Thanks for looking! PIX Version 6.3(4) interface ethernet0 auto...

Hey Brian! Thanks for your help with my last problem by the way. I know they use addresses all over the available range, but I'm pretty sure they don't actually need 16.7 million hosts. Unfortunately we didn't build their network, so my guess is that someone decided to use 10.x address space...

Hi there. My client has a 10.0.0.0 /8 (255.0.0.0) network. They need to connect a VPN to another network with a 10.130.0.0 /24 (255.255.255.0). My side is running a PIX 515 and the other side is running a PIX as well, but I don't know the model, other than it's slightly newer. I know we have...

OK we figured out the SMTP problem, finally have a chance to finish the thread. SMTP authentication will not allow special characters in the password. At least it doesn't allow the asterisk... That was the problem there. Thanks again <<Witty Signature>>

Well I got the thing working for the most part. I used Brian's config recommendation and successfully opened the ports to the server. I realized that when used this way, the static command truly forwards the port to the specified internal IP address, and the ACL is what allows them in from the...

Brian - Thanks again for giving me a hand. If I define the ports with the static command, what good does the ACL do? Example 3389, RDP. If I enter this, as you suggest: static (inside,outside) tcp interface 3389 192.168.111.250 3389 netmask 255.255.255.255 and do it for every port I need open...

I only want the ports to go to the server at 192.168.111.250. I was referring to the static mapping command. When I had it set that way earlier, the server was the only machine that could get to the internet. <<Witty Signature>>

Thanks for your reply Brian. What about the rest of the stations? Does the PIX allow the other stations out since it defines a one-to-one NAT between the specified private and only public IP address? That is why I removed the static (inside,outside) line in the first place, but I wasn't using...

Hey all I have worked with the PIXes for quite a while, but never quite like this. I have a PIX 506 and have a single public IP address assigned by PPPOE. The DSL Modem is in Bridge mode and the PIX is connecting to the internet like it's supposed to. This setup is similar to the situation in...

This is the first time I have attempted to set up a Remote Access VPN. I have done the Site-to-Site many times, and didn't think they would be very different. Boy was I wrong. Anyhow, the Client starts getting connected but gets the infamous "Connection terminated locally by the Client. Reason...

Hello all - Need to do some testing on a DSL connection that has a Sonicwall TZ 170 Standard, with Firmware SonicOS Standard 2.2.0.1. We need to compare pings over the VPN versus pings to the WAN port, but I don't see how to set it up for that. The Linksyses (Linksyi) has a helpful little...

I got it! I have one port set up on the network to the PIX, and the rest of the ports in a VLAN on the inside. Thanks for the sounding board KiscoKid. Nick <<Witty Signature>>

That sounds great. I do want this to be the default gateway (192.168.3.254) for the 192.168.3.0 network. Do I need to specify the ip address on an interface, or the vlan1, where all the ports reside? <<Witty Signature>>

KiscoKid - Thanks for the reply. My network is only the 192.168.3.0, but I have to ensure traffic gets to other networks via other routers/modems. Example: 192.168.51.0 via 192.168.3.101 192.9.100.0 via 192.168.3.102 172.16.31.0 via 192.168.3.1 A couple of these are Cisco...

The simple question: Can my 3560 act as the default gateway and provide static routes even though I have no VLANs? Currently I have a Linksys acting as the default gateway for the clients. Drawing: Internet--PIX WAN|PIX LAN--Linksys WAN|Linksys LAN The Linksys and PIX are configured with a...

Zelandakh - Thanks for the info. We had previously looked into the Aelita Recovery Manager from Quest, but at US $8.00 per mailbox, decided it was cost prohibitive. The proposed backup of store files and copying to secondary server still works though, right? <<Witty Signature>>