Search results for query: *

Ok, called Cisco and the engineer says my current config is fine and it should be working. I'm beginning to wonder if the problem might be on our core switch? I'm wondering if packets are reaching the server, but instead of coming back to the DMZ, it is being sent to the inside interface?

I think the NAT rules should be applied on the DMZ interface, but I still can't seem to get it to work. I do see hits on the access rule now, but can't get to the webpage page of the server. It works internally so I'm assuming it's the ASA.

Oh, okay... that makes sense! So wouldn't the NAT rules also need to be applied to the outside interface?

Here's the interface config... interface Ethernet0/2 speed 100 duplex full nameif DMZ security-level 50 ip address 10.10.90.2 255.255.254.0 Here's the access list config... access-list DMZ_access_in extended permit tcp any host xx.xx.xxx.129 eq www Here's the NAT config... static...

Can't figure it out! I've tried setting up my access rules and NAT rules to allow http traffic in to a server in the DMZ, but I can't get it to work. I found out I can ping from within the DMZ vlan to the DMZ interface on the ASA. I can also ping from the DMZ interface to any device within the...

Ok, realized that hairlessupportmonkey was right... I needed a rule to allow ICMP on the DMZ interface. After adding the rule, still couldn't ping the interface. I could, however, ping from the DMZ interface to the attached core switch. I then tried the Packet Tracer that stubnski suggested...

I cannot ping from the inside interface to the dmz. I can ping from the dmz to itself (obviously), but not from any other interface.

I have the interface setup and enabled, but can't ping the interface. I have an access rule for icmp... any/any. What am I missing?

We have an ASA 5510 running ASA version 8.2(1). I would like to add a DMZ to the device. I'm assuming I would go to Configuration/Device Setup/Interface and add Ethernet0/2 as the DMZ interface. Is this correct? Should the Security Level be 50?

Tagging has nothing to do with priority? Well that seems to go against what I have been told and what I have read. "There is no 802.1P without 802.1Q VLAN tagging. The VLAN tag carries VLAN information—the VLAN ID (12 bits) and prioritization (3 bits)."...

I believe layer 2... the 802.1p priority.

The only thing is, if I setup tagging on the 3300, then I can have it set the priority. Our 3Com switch automatically queues it correctly according to the priority passed to the phone by the 3300. I could set it up priority on the switch, but I'd have to create an ACL, link it to a Classifier...

I have a Mitel 3300 and it's tagged and I'm using priority 6. My switch recognizes the priority that the 3300 has given the voice traffic and this is how QoS is handled. My question is, do I need tagging setup on the switch port connected to the Mitel? Only the Mitel will be connected to this...

Ok, once I set the LLDP to global, then it worked! Thanks LoopyLou! The thing I find strange is, I had our Mitel person set the 3300 for tagging, but it still works even if I have the Mitel 3300 connected to a port on the switch that is untagged. Do I need to having tagging on the 3300 or...

Thanks for the response! Actually, the default vlan (data vlan) is vlan 101. The 3Com does support LLDP, but I'm not familiar with it so I'll have to look into how that needs to be setup. The switch also has the ability to set a port as a voice VLAN and you put in the OUI of the IP phones. The...

We have a 3Com Baseline Plus 2928 PoE switch (3CRBSG28PWR93) and I need to setup QoS on this switch. I have vlan 100 as the voice vlan and vlan 101 as the data vlan. On the ports that the phones (Mitel 5320 IP Phones) are plugged in, should I tag them in vlan 100 and have vlan 101 untagged...

Is there a way to provide IP, username and password to vpncli.exe all at once and have it connect? I want to run a program that will take a user's username and password and then connect them thru the command line. Is there any way to do this? I want to do this in VB and when I send it to the...

It's not that I don't trust them joining their home PCs to the domain, they only have access to their home directory. The reason I don't want them joining to our domain is because I don't want to be trouble shooting problems with workers' home PCs. I don't want people saying to me, "ever since I...

There's only a few of us using the VPN. I downloaded AnyConnect from Cisco and I have given the install file to a few employees on their flash drives. Looking at SBL, it seems that the client machine must be joined to the domain... is this the case? If so, I wouldn't want our users to be...

I want to map a drive to the user's home directory on a server. I could make a VB program that they can save on their home PCs and launch after making a VPN connection, but I wish there was a way to say to them "just download and install Cisco AnyConnect" and not have to give them other things...