Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. cepacs

    ASA 5510 DMZ setup

    Ok, called Cisco and the engineer says my current config is fine and it should be working. I'm beginning to wonder if the problem might be on our core switch? I'm wondering if packets are reaching the server, but instead of coming back to the DMZ, it is being sent to the inside interface?
  2. cepacs

    ASA 5510 DMZ setup

    I think the NAT rules should be applied on the DMZ interface, but I still can't seem to get it to work. I do see hits on the access rule now, but can't get to the webpage page of the server. It works internally so I'm assuming it's the ASA.
  3. cepacs

    ASA 5510 DMZ setup

    Oh, okay... that makes sense! So wouldn't the NAT rules also need to be applied to the outside interface?
  4. cepacs

    ASA 5510 DMZ setup

    Here's the interface config... interface Ethernet0/2 speed 100 duplex full nameif DMZ security-level 50 ip address 10.10.90.2 255.255.254.0 Here's the access list config... access-list DMZ_access_in extended permit tcp any host xx.xx.xxx.129 eq www Here's the NAT config... static...
  5. cepacs

    ASA 5510 DMZ setup

    Can't figure it out! I've tried setting up my access rules and NAT rules to allow http traffic in to a server in the DMZ, but I can't get it to work. I found out I can ping from within the DMZ vlan to the DMZ interface on the ASA. I can also ping from the DMZ interface to any device within the...
  6. cepacs

    ASA 5510 DMZ setup

    Ok, realized that hairlessupportmonkey was right... I needed a rule to allow ICMP on the DMZ interface. After adding the rule, still couldn't ping the interface. I could, however, ping from the DMZ interface to the attached core switch. I then tried the Packet Tracer that stubnski suggested...
  7. cepacs

    ASA 5510 DMZ setup

    I cannot ping from the inside interface to the dmz. I can ping from the dmz to itself (obviously), but not from any other interface.
  8. cepacs

    ASA 5510 DMZ setup

    I have the interface setup and enabled, but can't ping the interface. I have an access rule for icmp... any/any. What am I missing?
  9. cepacs

    ASA 5510 DMZ setup

    We have an ASA 5510 running ASA version 8.2(1). I would like to add a DMZ to the device. I'm assuming I would go to Configuration/Device Setup/Interface and add Ethernet0/2 as the DMZ interface. Is this correct? Should the Security Level be 50?
  10. cepacs

    Mitel 3300... to tag, or not to tag... that is the question!

    Tagging has nothing to do with priority? Well that seems to go against what I have been told and what I have read. "There is no 802.1P without 802.1Q VLAN tagging. The VLAN tag carries VLAN information—the VLAN ID (12 bits) and prioritization (3 bits)."...
  11. cepacs

    Mitel 3300... to tag, or not to tag... that is the question!

    I believe layer 2... the 802.1p priority.
  12. cepacs

    Mitel 3300... to tag, or not to tag... that is the question!

    The only thing is, if I setup tagging on the 3300, then I can have it set the priority. Our 3Com switch automatically queues it correctly according to the priority passed to the phone by the 3300. I could set it up priority on the switch, but I'd have to create an ACL, link it to a Classifier...
  13. cepacs

    Mitel 3300... to tag, or not to tag... that is the question!

    I have a Mitel 3300 and it's tagged and I'm using priority 6. My switch recognizes the priority that the 3300 has given the voice traffic and this is how QoS is handled. My question is, do I need tagging setup on the switch port connected to the Mitel? Only the Mitel will be connected to this...
  14. cepacs

    Setting up Mitel 3300 on a 3Com 2928

    Ok, once I set the LLDP to global, then it worked! Thanks LoopyLou! The thing I find strange is, I had our Mitel person set the 3300 for tagging, but it still works even if I have the Mitel 3300 connected to a port on the switch that is untagged. Do I need to having tagging on the 3300 or...
  15. cepacs

    Setting up Mitel 3300 on a 3Com 2928

    Thanks for the response! Actually, the default vlan (data vlan) is vlan 101. The 3Com does support LLDP, but I'm not familiar with it so I'll have to look into how that needs to be setup. The switch also has the ability to set a port as a voice VLAN and you put in the OUI of the IP phones. The...
  16. cepacs

    Setting up Mitel 3300 on a 3Com 2928

    We have a 3Com Baseline Plus 2928 PoE switch (3CRBSG28PWR93) and I need to setup QoS on this switch. I have vlan 100 as the voice vlan and vlan 101 as the data vlan. On the ports that the phones (Mitel 5320 IP Phones) are plugged in, should I tag them in vlan 100 and have vlan 101 untagged...
  17. cepacs

    Cisco AnyConnect command line help needed

    Is there a way to provide IP, username and password to vpncli.exe all at once and have it connect? I want to run a program that will take a user's username and password and then connect them thru the command line. Is there any way to do this? I want to do this in VB and when I send it to the...
  18. cepacs

    Running VPN scripts

    It's not that I don't trust them joining their home PCs to the domain, they only have access to their home directory. The reason I don't want them joining to our domain is because I don't want to be trouble shooting problems with workers' home PCs. I don't want people saying to me, "ever since I...
  19. cepacs

    Running VPN scripts

    There's only a few of us using the VPN. I downloaded AnyConnect from Cisco and I have given the install file to a few employees on their flash drives. Looking at SBL, it seems that the client machine must be joined to the domain... is this the case? If so, I wouldn't want our users to be...
  20. cepacs

    Running VPN scripts

    I want to map a drive to the user's home directory on a server. I could make a VB program that they can save on their home PCs and launch after making a VPN connection, but I wish there was a way to say to them "just download and install Cisco AnyConnect" and not have to give them other things...

Part and Inventory Search

Back
Top