Search results for query: *

ok, figured it out - I forgot to add the nat 0 statement for the elser interface. Something so easy, yet I completely overlooked it!

thought I had it down pat, but still seem to be missing something when using a different subnet of addresses for my RAS clients --- Useful info - - - - - - - - - - - - - - - - - - - - - - - - - Internal network is 10.9.2.0 /23 - the custom mask allows addresses 10.9.2.1 - 10.9.3.255 to be on...

definitely sounds like split tunneling. can you post your config?

well, turns out the consultant had pfs turned on - once he turned it off, the tunnels came right up!

just curious what the industry "best practices" was in regards to using Perfect Forward Secrecy. I notice a lot of other security devices ship with it enabled by default (and I understand that the reissuing of the DH keys everytime a new tunnel is established is more secure), but was just...

Hi Alex, add PPTP inspection to the default policy-map using the default class-map. asafirewall(config)#policy-map global_policy asafirewall(config-pmap)#class inspection_default asafirewall(config-pmap-c)#inspect pptp You do not need to define a static mapping because the asa now inspects...

client asked me to setup a site to site tunnel between 3 sites (Sites A, B and C) Site A has a Cisco ASA 5510 Site B has a Cisco ASA 5505 Site C has a Juniper Netscreen 50 I was responsible for Sites A and B and another consultant took care of the Netscreen. The L2L tunnel between my 5510 and...

I've been going through the ISA Server 2004 documentation, but can't seem to find out if this is possible. What I would like to do is have an external user be able to type a url like http://crm.company.com and have that http request be directed to the ISA server. I would then like the ISA...

great. thanks Brent.

I should also note that currently none of my network switches (cheap dell switches) do vlans

my company has been tasked with colocating a couple of other company's servers for a few months. - We currently have a two separate links to the internet (microwave and cable). The microwave is our company's main line to the internet with cable used for backup. - We would like to use one...

it's been released (currently version 8.0.2) anyone deploy it and test it out yet?

Outstanding!! thank you Brent. that completely was the issue. Regards, Kevin

thanks for the link Brent, I am going to read that tonight. also, just an fyi, I cleared the security associations (and dropped the lan to lan tunnel) but the remote access issue persists. So at least that is now factored out!

also, just a quick follow up. this only started once I created the lan to lan connection. Prior to that, it was working fine. I haven't had a chance to sever the lan to lan tunnel (as it is in use) to see if I can regain access via the remote access connections.

quick info --- ASA 5510 running 7.2(2) internal interface assigned 192.168.72.1 - one lan to lan tunnel connecting to remote address of 172.17.1.x - the remote access config hands out addresses of 172.16.1.1 through 172.16.1.254 Remote Access VPNs (172.16.1.x) were working fine until I setup...

Hello all, question - is there an issue with having an exchange server use two separate ip addresses (specifically in regards to OWA)? the problem is that I can't enable forms based authentication at all. I've done it on about 10 other production servers without any issue, but on this...

My company has two separate broadband lines to different ISPs. I was originally going to use a 5505 for the backup line and a 5510 for the main line. My boss asked if there was a way to connect both lines to one device and have that device keep the two ISP networks separate. This made me think...

hello. Configured my asa using the Remote Access vpn wizard. Was working fine, but stopped working recently (may have to do with some static tunnels I created using older pix commands.) I enabled debug crypto isakmp and ipsec - When I connect using the cisco vpn client, the monitor shows that...

hello. I have isa server at the perimeter. It's external interface has a block of addresses from 66.x.x.210 through 66.x.x.215 66.x.x.210 is the first address assigned to the external interface so that this is the address used by all internal clients when they are accessing resources on the...