Search results for query: *

We've been running OWA through a 3005 for a few years, the same way you are. I was unaware of a single sign on option. Have you tried TAC? They've been quite helpful to us for the most part. Brian

Thanks, this makes sense now. Once again I appreciate the explanation as it is much more valuable than just an answer. I applied the suggested acl and everything works fine. Thanks

Thanks for the answer and especially for the explanation. I assume I would place my permit line for the SMTP 1st, then the deny line you suggested, and finally the permit ip any any line? I am also assuming this will open up the DMZ to all traffic? The reason this was confusing to me is that...

I've got a 525 with 3 interfaces and all works fine until I apply an access list (access-list dmz permit tcp host 10.10.20.10 host 192.168.1.39 eq smtp) to the dmz interface to allow a mail server to hit the inside. After I apply this access-list, dmz hosts can no longer access the outside. If...

Thanks for the reply. I forgot to mention that event viewer is not showing anything. Additionally, once the share drops, nothing allows us to reconnect until I restart the server service (or reboot). Thanks

I'm running an XP pro SP1 machine with a share that 5 people map a drive to. Since I brought the machine up yesterday this share becomes unavailable every 2 or 3 hours. I can still connect to the machine via remote desktop, and if I stop and restart the server service the share is once again...

I have a simple pix to pix vpn setup between my 515 and a 501 at my remote office. For security reasons I currently I have the tunnel locked down so that users behind the 501 can only hit server A behind my 515. This is working fine, but I am curious if there is a way to allow all users behind...

Thanks Tony. I figured it out as I was under the delusion that access list for DMZ access had to be tied to the DMZ interface. I was ignoring the access list for the web server that was tied to the outside. Thanks

I have a single WWW server in the DMZ of my pix. I have a static command tying the public address to the private address of the server, but I realized today that there is no access list allowing traffic to hit the server, I must have removed it at some point. So, I can't figure out why people...

I am curious here if anyone has installed a Verisign certificate on a Cisco 3005 concentrator. I've read vague references here and there that this can be done, but no absolute statements from Cisco. The Cisco salespeople I've talked to so far have had very little knowledge of the 3005...

This was happening to us frequently. Fixed it with this article. http://seer.support.veritas.com/docs/191158.htm We made these 2 suggested changes to the SCSI controller: Set INITIATE WIDE NEGOTIATION to off for controllers with a wide bus Set MAXIMUM SYNC TRANSFER RATE to the slowest...

We found the offending file and deleted it and the backup now completes successfully. The message was an automated system message. The KB said this: "Causes of these errors have been traced to (but not necessarily limited to): Automated system messages (undeliverable, over size limit...

http://seer.support.veritas.com/docs/231185.htm We are getting the same error on 1 file. I am going to try some of the things in the above KB article. I will let you know if I find anything out. Brian

We were having the same problem and seem to have solved it with this information http://seer.support.veritas.com/docs/191158.htm In the SCSI bios we set Initiate Wide Negotiation to off, and dropped the Maximum Sync Transfer Rate to 5. We had tried the other fixes before this with no luck...

Thanks for the reply Yizhar. You are absolutely right. Without being patched up, a IIS server exposed to the web will get hit by code red fast. In our case we monitor external PC's infected with Nimda (which can spread just like code red) trying to hit our IIS servers 1-2 times a day. I wish...

I am curious what those of you running OWA have done to make it as secure as possible. It was mentioned in the PIX firewall forum by Yizhar that OWA should not be run from inside of the network unless the users only access via VPN. This makes sense to me but unfortunately our users access OWA...

In an earlier post Yizhar wrote the following: "My suggestion is not to solve that problem, but to avoid future worse advantures by not allowing OWA to your internal Exchange server, or at least only allowing it via VPN." I am assuming this is due to the security risk? I am curious if...

Good to see someone is in the same boat. I am going to try the 2k server approach since I have some time to work with it. The problem is that Cisco doesn't have any info on how to configure CA on the 2k machine, which is understandable. And Microsoft's info on CA configuration is also sparse...

I was wondering if anyone here is using certificates to enhance IPSEC security. The decision I need to make is wether to use a 3rd party CA source like Verisign, or to use an in house 2k machine for my CA server. Any suggestions/ experiences would be appreciated. Thanks. Brian