You want to look at AIXes no command as this enables 'tuning' of the kernel/TCP stack parameters.
From mem I'm not sure AIX4.3 has support for FIN closure parameter manipulation, I think this came in in AIX 5.1??.
Under linux you'd find it as:
net.ipv4.tcp_fin_timeout (in sysctl.conf)
Simple really cost, performance, support and client side features:
Checkpoint cost is:
- Cost of hardware platform + support of platform
- Cost of Checkpoint firewall softwware + support of platform
- Cost of client side software (if using SecureClient) + support of platform
Sample UK pounds...
With the number of offices your talking, you may need to investigate in a 'chained' proxy topology to reduce inter-office LAN/WAN link utilisation to the core proxies.
See
http://www.microsoft.com/TechNet/archive/proxy/proxch.asp
Assuming you mean how can I configure outside IP address to ping inside IP address, you need to add echo-request to your ACL via:
access-list 100 permit icmp any any echo-request
Point of Note: ICMP is becoming a very, very dangerous protocol to allow through firewalls. It allows hackers to map...
Ooh, HSRP may also help if the two routers in Germany are in an HSRP group with the 2620 doing interface tracking. So if the ISDN circuit dies, the 1720 router becomes the active gateway.
See http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs009.htm
Lots of this rely on routing protocols, which across the Internet you just can't rely on getting the necessary visibility to.
So to cut a long story short, a quick hack would be:
- Assuming that each office has a routing protocol in use, that can detect an equipment failure i.e. PIX, 2620 in...
Key Cisco PIX points to remember:
- Connections originated from high security to low security require:
nat and global
- Connection originated from low security to high security require:
static and (conduit or accces-list). Try to use access-list as conduit is expected to be phased out.
So...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.