Appreciated however is there anyway you can tie in the bandwidth on the link (as this would change is part of the etherchannel was unavailable) into the cost of the link in spanningtree terms which would then be used in calculation??
Hi
I have an access switch which connected to the core via two etherchannels (2x1GB connections each). Spanning tree is working as expected and blocking one of the etherchannels however what I would like to do is if one of the interfaces in the active etherchannel was disconnected spanning tree...
Hi There
I have a problem where I need to set the local everyone group to have modify permission on the winnt/temp directory, it lets me do it however after a while it removes the new setting and reverts back to just list permissions.
Is there something in the security policy that resets...
I've cleared the tunnels on both PIX and the same is happening. I also had a look at the counters and the no of packets encrypted/decrypted is incrementing of the tunnel to the DMZ however the no of errors remains at 0 so it seems the pings are getting through
Well that kind of worked although Im getting a strange problem. If I start a continuous ping from HQ to Luton and start a ping from Luton to the DMZ, the HQ ping works for about 2mins and the luton ping to the DMZ doesn't however after about two mins it switches over (the HQ ping doesn't get...
Hi there
Having a slight problem granting access to the DMZ for a remote office which is connected via a vpn tunnel. All clients in the Head Office can access the DMZ which is an additional interface on a 515E. The remote offices can access the inside interface at head office although not the...
Thats correct. The 506 should have no problems terminating the VPNs on theoutside interface
The remote firewall (or any device) could have two vpn tunnels created, as your firewall will only has one tunnel at anytime the remote connection would connect to this automatically, when the...
Do your VPNs terminate at the same interface your inside hosts use for the internet?
Have you checked to see which interfaces shutdown when this happens?
Hi Micheal
Your idea would work, I predict you may come into problems though keeping both configs for each connection up to date and consistent, to help this instead of erasing the full config you could have a script ready which only changes the relevant commands.
Firstly you would issue to no...
unfortunately aurura the answer isnt so simple. It depends upon which direction you want traffic to be allowed, the interface which the traffic flows, source and destination.
NAT (Network address translation) and security levels (with the PIX) also play a big part. With security levels you...
If your using a cisco pix firewall one possible problems could be smtp fixup, switch this off and then watch your queues.
no fixup protocol smtp 25
If your not using a pix forget the above!
Mmm.. Im guessing you might not get too far with your current setup unfortunately as far as i see it, if anyone can suggest otherwise then I've probably wasted some cash in the past!
The 506E pix only supports 1 outside interface and 1 inside. You would need to upgrade to a 515E (which is a bit...
Hi
Im looking at the possiblilities of load balancing using the following setup:
1 x 515 PIX firewall
1 x 2620XM Router
2 x ADSL lines (different ISPs)
Im looking to connect the ADSL Routers to the 2620 Router with the firewall between the 2620 and the inside LAN using either load balancing...
I've tried your suggestions and still having no luck, if I put an access-list on to allow only the proxy server www access it knowcks out the VPN tunnels, I've posted the config (with the obvious alterations) hoping somebody can help:
Here it is:
interface ethernet0 auto
interface ethernet1...
We have a proxy server (symantec web security 2.5) in a 192.168.1.0 network all clients are forced to use this with a group policy amending their internet settings (win 2k) to use a proxy server.
We have problems when the user logs in locally onto the computer (which doesnt apply the GP) they...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.