Search results for query: *

Hi, I have been testing ASA 5510 8.0.4 with a Windows Server 2003 AD + LDAP as an AAA server. Users can change passwords from Cisco VPN Client, applying a Windows GPO Password Policy. It works (length, complexity, expiration). However, when a user needs to change the password, either when it...

Hi, I asked CA for assistance and sent them logs. According to CA Support, it was a Microsoft issue with VSS Writers. There are a couple of Microsoft links to work around: http://support.microsoft.com/kb/940032/ http://technet.microsoft.com/en-us/library/cc734401.aspx After reading them, I...

KRS56, Same happens to me! Only in one server of six from time to time. I haven't found any further information at CA's portal yet. I really appreciate some help! Regards, danr19

Tomcat service doesn't start with memory parameters beyond 1536 MB. The error given in the log is the following: SEVERE: Servlet.service() for servlet invoker threw exception javax.servlet.ServletException: java.lang.OutOfMemoryError: Java heap space It's a Tomcat 5.5.12 with JRE 1.5.07...

Hi, I have a Windows NT 4.0 network with one PDC and 3 BDC distributed in many Wan sites. Day by day I've been joining more Windows XP Professional workstation and they share the same domain workgroup with servers. I don't want to create a new domain for these workstations and do a trust...

Dear Parcival21, I've read about it, but I'm looking for something simpler for many reasons. I want to do L2 security at the main office and branches, most of them with a few PCs and a satelital link. Besides, 70% of the PCs have still Windows 98, so I should install them an 802.1X client...

Dear Lui3, I just wanted to limit access at port level. My idea is to stop or block any port of that switch when somebody wants to connect there an unknown or unauthorizated PC. I should do it in that way because I have remote branches with one switch, no VLAN or L3 security, so I can't deploy...

Hi, It is possible to create a Mac address access list on Cisco Switches? I have 29XX, 35XX, 2950 and 3550 models in my job. I´ve tried to do it with Port Security. It works fine but it´s a mess administrate that. I think it´s good when you don´t have to move equipment but it´s complicated when...

Dear Bigmac, I think you should write: conduit permit udp host xxx.xxx.xxx.xxx eq isakmp any conduit permit ip host xxx.xxx.xxx.xxx range 50 51 any Because IPSEC uses IP ports 50 and 51. Regards, danr19

Hi, Does anybody know any Tacacs+ free software for Windows? Thanks in advance, danr19

Hi, You can monitor the traffic with PDM (version 3.01 is pretty good) and you can get the latest events. PDM has many graphic monitors that could help you. Besides, you should capture logs to a syslog server and then analyze them.

Hi, Thanks for your advice, it has solved my problem and you has won a star. I didn't have to open UDP 500 and IP 50. I think perhaps I'm using traversal-nat. After I've read your message, I've found a thread about ACL with VPN started on September 29th (multiple access lists per VPN). It was...

Hi, Does anybody know how to configure the PIX to limit some ports to the users connected through the VPN with Cisco VPN Client? Regards, danr19

Hi, PIX has an anti-spoofing feature, try those commands: ip verify reverse-path interface outside ip verify reverse-path interface inside Best regards, danr19

Hi Leo, Which kind of device does NAT? With some broadband routers like USRobotics and Linksys it works fine, but no with other like Micronet. Cisco says: "We recommend that you grant permission for ICMP unreachable message type 3. Denying ICMP unreachable messages disables ICMP Path MTU...

Hi Paul, I've tried these commands but them don't work. I want to block FTP traffic on an AS400, but I can't block it. Here are the commands I've programmed access-list inside_outbound_nat0_acl permit ip host 192.168.100.3 192.168.202.0 255.255.255.0 access-list outside_cryptomap_dyn_60...

Hi, Have you enabled Nat traversal on the PIX? If not, try this command: "isakmp nat-traversal" You should get the latest version of VPN Client (4.0.X) Good luck, danr19

Hi yizhar Thanks for your advices. I have changed the MTU but I could not see any difference. But I have just found the solution adding the following command: "isakmp nat-traversal". The performance has improved a lot. Now I can get throughput closer the bandwith of ADSL. Another...

Hi, I have got a PIX 515e installed as main firewall and VPN access with a 2 Mpbs Internet connection. I am doing some test with VPN Client and I have found the rate over ADSL (512 Kbps download/128 Kbps upload) is quite slow. The maximum rate is almost 8 Kbytes per second. That rate does not...

Finally, CA has solved my problem about "418 error". They have sent to me a new DLL. I have replaced the old one and the brick level backup has not failed since that time. PROBLEM RESOLUTION: Follow the instructions below: 1. This fix requires ARCserveIT 6.61 to be installed. 2...