Recent content by flauret

hi guys, I can confirm you that pix can do l2tp for windows client. in this link, cisco explain how to set the pix http://www.cisco.com/en/US/partner/tech/tk583/tk372/technologies_configuration_example09186a00800942ad.shtml fred

hi In fact what you ask is not nothing! here is not only question of pix but more of router aspect and public ip adress. to use the cable modem as backup this one should be able to support the T1 public ip address and the provider has to be the same. if not it will be dificult to do the...

hi all just take care to have a version higher than 6.xx. (I think 6.3.1 is ok) older one can not do "no nat" like that and you are obliged to work with static instruction. frederic

ok in my mind the cisco pix 506 is not so much expensive. also you can obtain smartnet contract support like 4h-7d-24h type support that mean in 4 hour every day and 24/24h the support can bring you a new hardware. not so much support are ready to give you this quality. for sure if you will use...

hi I think you should only doing it with outside but I f saw fine, the new msn messenger beta 7.0 can do that through http. by this way you are not obliged to open anything else from inside to outside. be sure to have antivirus up to date if you want to allow this kind of traffic. something...

hi also If you are in situation of using vpn you may have some issue due to the link mtu. working with this aspect could stop the problem. you can also work with the sysopt tcpmss instruction to tune the vpn. this already give us some results. regards, fred

hi guys just to add some stuff to these good information you can find aes with different bit style like AES-128, AES-192 and AES-256 and for sure more you add some bit to encrypt and slower it will be. AES should only be 30% faster and not 300% than 3des... l2tp is considered only in case of...

hi guy, In fact, It could be nice if you can give use more stuff like log or access liste hit count? also you route inside line seems to me nothing good. you should fix that. also di you try to compare your configuration with a sample one from cisco web site? good luck fred

hello I think you should check netiq firewal suite. may be it's not so expensive for your configuration and golld give you the result that you look for. frederic

hi for that you can use netiq with firewall suite. this software make some reporting uderstandable by anybody like the management and also show you the best talker that go through you firewall. for that you need to keep all your log with a syslog. for sure it is not at all real time. if you...

hi guy, I think like evrybody here precision could be better to help you. anyway, from where to what do you want to establish a vpn? if the goal is to do it with the same hardware like pix to pix. you should check if you're provider does not filter anything on your line. also take care to...

hi yes my team did it. and more with an activcard radius server. that's work fine and is really more secure than a fix password in the pix configuration. you can find some good sample in cisco web site but if you've got precises questions, ask . fred

hi guy actually, certificate is the best way to authenticate with vpn. the only one issue that I know with pix on version 6.xx is that you can not use certificate provided by a subordonate certificate server. at this time, if youve got a secure certificate environnement, it will be sure that...