Recent content by epronto

Sure this helps. I didn't see your config, but it's known you have to disable Mailguard if you use Exchange. here is the command: no fixup protocol smtp 25 Good luck

thanks to all, it took me a while to reply to this one. I made File Sharing (MSN Messenger) and File Transfer (Windows Messenger) work fine. I need to test a few more things, but in a config where one peer is behind PIX (on the same subnet as PIX outside interface) and the other peer is inside...

I am not sure, but if you try a completely different subnet for you VPN clients - instead of using 192.168.11.0 use 10.10.10.0 It works fine for me.

Hi there, I am using PIX 506e v.6.3.3 with VPN server servicing remote VPN clients, access-list and static NAT/PAT. Does anyone know how to securely setup PIX for Windows or MSN messenger file transfer feature. Windows Messenger help recommends opening as many as possible inbound TCP ports from...

br0ck, I guess your commentary was for LloydSev since he mentioned AD authentication as the reason to use PPTP. As you can seen from my original post I have the line it works fine. thanks for your feedback.

thanks for answering my post. So what could be a viable solution for VPN client to have both LAN and Internet access (apart from accessing Remote Desktop on LAN). I am actually moving clients from Microsoft's VPN clients connecting with PPTP (PIX configured with static PAT into internal Windows...

I found the problem and it was in access-list VPNsplit permit ip any any I changed it for access-list VPNsplit permit ip 192.168.1.0 255.255.254.0 10.10.10.0 255.255.255.0 and now it works fine. On security side, though, doesn't tunnel splitting compromise security by allowing client's...

Hi there, First of all, may I thank themut for his invaluable help on smtp traffic stops. Now, the issue is with VPN client v4.6 which can't browse Internet while connected by VPN. The LAN is accessible fine. The VPN relevant setup on PIX 506e, 6.3.3 goes like this: access-list VPN permit ip...

I've just read about it at Cisco and they say the timeout default value for xlate is three hours (I had 5 minutes). It's bizzare because I never changed that setting. I changed that back to three hours. Let's hope this was the case. I'll know if the problem's gone within a week. Thanks for your...

Here it goes, and by the way, thanks for your time. User Access Verification Password: Type help or '?' for a list of available commands. pixfirewall> en Password: ******** pixfirewall# sh conn count 113 in use, 3049 most used pixfirewall# sh xlate count 108 in use, 426 most used...

User Access Verification Password: Type help or '?' for a list of available commands. pixfirewall> en Password: ******** pixfirewall# sh run : Saved : PIX Version 6.3(3) interface ethernet0 auto interface ethernet1 auto nameif ethernet0 outside security0 nameif ethernet1 inside security100...

As per logs the PIX is usually at 250-300 translations. This doesn't seem too high. I noticed though when I do telnet to my secondary smtp server right after telneting to primary smtp is either slow or can't connect at all. Doesn't it seem bizzare. Maybe PIX can't support two smtp static...

thanks, however I set it up one Saturday when nobody was in the office and on Sunday I noticed we didn't recieve e-mails. So I guess it couldn't be an excessive amount of Xlates, though I didn't check it then. In practice, is there any limitations on the amount of translations PIX506e can...

I am trying to identify what node on my network is using most of the Internet bandwidth. The network is behind PIX firewall which I monitor with Solarwinds tools. I tried Syslog but it won't let me sort it out nicely by IP or protocol. Any tips will be much appreciated.

Hi there, I have a strange problem. Here it goes: Exchange 2003 is behind PIX, static NAT is configured on PIX, no fixup protocol smtp. Sometimes (doesn't seem to be any pattern but approx. once a week) we stop recieving e-mails. My first check is to telnet smtp from the internet and of course...