Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. andrewis

    Clients cannot create a VPN from behind the PIX

    you need to allow GRE through too. access-list INSIDE_OUT permit gre any any
  2. andrewis

    Backing up an ASA

    I would imagine so, its more than likely the same as when the device is acting as a dhcp-rely across a tunnel. The request is sourced from the outside. try add a rule to your crypto access-list that specifies the outside interface IP address to the tftp server IP address using tftp and the...
  3. andrewis

    accessing another device on inside network via external ip

    You won't get a socket internally. Rather test from the outside.
  4. andrewis

    ASA

    no problem as long as the NAT ID's don't clash global (outside) <x>
  5. andrewis

    ASA

    sorry.. access-list policy_nat permit ip host <ipaddress1> any access-list policy_nat permit ip host <ipaddress2> any access-list policy_nat permit ip host <ipaddress3> any
  6. andrewis

    ASA

    access-list policy_nat permit permit ip host <ipaddress1> any access-list policy_nat permit permit ip host <ipaddress2> any access-list policy_nat permit permit ip host <ipaddress3> any global (outside) 15 <publicIP> nat (inside) 15 access-list policy_nat
  7. andrewis

    ASA 5505 Cant ping from ASA to inside host(s)

    That seems a little weird.. Are you 100% there is nothing on the host blocking ICMP? If you plug another host into different switchport on the ASA are you able to ping between the two hosts?
  8. andrewis

    vpn no established tunnel

    arrg I left an 8 off now!! access-list seamarmexico_splitTunnelAcl standard permit 192.168.2.0 255.255.255.0 3rd time lucky ;)
  9. andrewis

    vpn no established tunnel

    I left off "permit" use the following.. access-list seamarmexico_splitTunnelAcl standard permit 192.16.2.0 255.255.255.0
  10. andrewis

    vpn no established tunnel

    If you want internet access via a split-tunnel change your ACL to the following. access-list seamarmexico_splitTunnelAcl standard 192.168.2.0 255.255.255.0
  11. andrewis

    accessing another device on inside network via external ip

    The public is x.x.162.232 and the private is 10.3.0.232? i.e http://x.x.162.232 -> http://10.3.0.232 If so your config is fine, try a "clear xlate" Confused why you mention 1.1.1.10 and 10.2.0.10 in your first post?
  12. andrewis

    pix 501 dhcp server give fix to mac address

    Unfortunately a PIX is unable to do reservations.
  13. andrewis

    vpn no established tunnel

    apologies I meant your nat0 not your split-tunnel
  14. andrewis

    vpn no established tunnel

    Your address-pool on the tunnel-group is missing tunnel-group seamarmexico general-attributes address-pool poolclients Rather change your VPN address pool to a pool off your local subnet remembering to change your split-tunnel too.
  15. andrewis

    EasyVPN - NO VOIP Between Remotes

    clear cypto ipsec sa on the 5510
  16. andrewis

    EasyVPN - NO VOIP Between Remotes

    Yeah they will..
  17. andrewis

    EasyVPN - NO VOIP Between Remotes

    did you clear your SA's and let them re-establish?
  18. andrewis

    EasyVPN - NO VOIP Between Remotes

    I think take a look at your split-tunnels. Try this. access-list EasyVPN_(Tunnel-Traffic) extended permit ip object-group CCN_Networks any
  19. andrewis

    how to configure reverse dns on PIX 506e?

    Do you mean allowing reverse DNS lookups through the PIX?
  20. andrewis

    VPN ASA Trusted to Untrusted errors

    Sounds like cut-through proxy is possibly configured? Can you post your config please.

Part and Inventory Search

Back
Top