Recent content by ecowarrior

Try using something like DNS2Go. I would advise you use static on at least one side, makes things alot easier.

Hi, Cant find any reason why this happens but here goes.... VPN3005 Concentrator & SSLVPN Everything is configured and running, applications, intranets, web services ect.... but when i want to browse the local LAN the strangest thing happens. All shares on the network are availiable except...

dont use 101 in your access list try this access-list fromoutsite permit tcp any host x.x.x.x eq 3389 access-group fromoutside in interface outside

its great for technical people to use for remote sessions. if you intend to have users then i would strongly suggest using web based applications for them, as the interface for ssl vpn is still quite dated. i am sure cisco will catch up when they sort out the security first.

Windows XP and windows 2000 server have different cache password policies, thats why xp doesn't remember passwords. Microsoft look at this from a security point of view. Have you used IAS to authenticate the users on the AD domain using radius, this seems to pass the user details from the vpn...

I have a simular problem, when using the vpn 3.x client, from a PC that connects directly to the internet, they can vpn into the LAN, but when using the same method via a 1603 ISDN router that dials the internet, a connection is made but no traffic is sent through the tunnel and i lose all...

You can you any IP range you like as long as it doesnt conflict with the inside network subnet, so 192.168.5.x would be fine, the pix will route to your 192.168.x.x network. for 3des, you need to change crypto ipsec transform-set dialinvpn esp-des esp-md5-hmac to crypto ipsec transform-set...

you need split-tunnel commands to access internet while using vpn tunnel

access to lan is done by access-list please post you config

If your teleworker is setting up a domain, you could use trusting between them, this will authenticate both users on both domains, and keep AD in place

You need to add static routes using telnet because the web config editor cannot add static routes to IF4 (the vpn tunnel) using this method you can send traffic through the vpn tunnel and onto another router/device

Yes i setup a LAN-LAN Dialer Profile and managed to get a vpn connection, however not all traffic is allowed through the tunnel, the web config is the first place to setup, then you need to telnet into the router and add the static commands to the vpn interface, dont work using the web config...

There is a config simulator program that you can use, cant remember the name, search CISCO.com for it.

to change dynamic ip to static look at dns2go.com

do you have isakmp enable outside added to your config?