Thanks for the info! I am using Kiwi syslogd already and agree that it is essential to have a tool to parse and report on data coming off the PIX. Do you recommend any particular texts for getting a better handle on identifying and defending against different attacks?
Thanks again!
You are absolutely right! I originally installed this PIX for a single IP and missed that mask entry when I reconfigured it. (I agree that it is not causing this problem!) [bigsmile]
Thanks!
The static IP addresses xx.xx.176.8 - xx.xx.176.12 are all public. The PIX is acting as a router and firewall so there is no router on the outside interface. The only NAT is done by the PIX.
I don't think it is client side as I have run at least one test where I was denied a connection coming...
New VPN connections are refused after two connections have been established over my PIX 506E. I am using PPTP to connect from remote clients to a WinNT VPN Server by passing through the PIX. I have checked my NT Server config and it seems to be OK. Is there something wrong with this PIX...
Thanks! We discussed your suggestion, but have decided to order additional addresses to configure the firewall to restrict vpn traffic to one destination on my clients network.
Is there any way to use PAT on a single public static IP and still allow incoming PPTP to an NT VPN server behind the PIX 506E? Client's scenario:
NT VPN Server 10.0.0.1 Private LAN 10.0.0.128-10.0.0.255
\ /
Cisco PIX 506E inside interface 10.0.0.254...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.