Recent content by vince62s

well I found without a good explanation. I had a cross cable betwwen the 2 routers, no error. I put a switch between the 2 router and now the speed is much higher..... go figure. the bad one on this is that now I have some errors ( 1 per thousand ) I will go with it but very strange.

auto nego => half duplex => give errors. I switched back to full duplex. I added cef. However I still have the same issue. could it be a nat issue ? this is driving me nut.

what bothers me is that if it was a "cpu / routing (like cef)" issue then it would be a problem in both ways. here the pb is just downstream.

nope. no error at all. The only strange thing is if I put Fa0/0 in auto nego it gets half duplex automatically, then no error. If I force it in full-duplex, no error either. looks like it comes from something else.

no error at all any clue?

Config looks simple: My ISP provides a router that I cannot control (a BINTEC) with a WAN (serial) 2 Mbps and a LAN interface. If I test the bandwidth with a PC behind the Bintec, I have 2Mbps both ways -everything fine so far. I connected a Cisco with two FaEth on the Bintec LAN. I run a...

12.0(7)T on the router 6.2 on the PIX

Thanks, I will try. However my router is a 2621 router. does it make a difference? Also I did not enable fastswitching, I think. I will try, it does not hurt. do I have to change also the hash method too ? (line : isakmp policy 21 hash md5)

I replicated this http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094498.shtml except that my PIX is 6.2 it works fine each time I clear crypto sa, but at expiration of ipsec lifetime, it renegociates, looks fine but then loses tunnel. debuging...

same pb as in the thread thread35-658905 keepalive is not solving the pb. PIX is 6.2 on 515 any idea?

I do have this already: access-list client permit icmp any any access-list client permit tcp any any access-list client permit udp any any access-group client in interface inside access-group client in interface DMZ and I can ping easily from a 10.0.5.X (dmz)address to a 10.0.1.Y (inside)...

I have a similar pb with IP phones on other subnet of a PIX even when I "NAT 0" the two subnets. did you fix yours ?

here is the config CCM4.1 is on subnet1 of PIX (int1) Phones1 on subnet1 work perfectly calling Phones1 on subnet1 Phones2 on subnet2 of PIX (int2) int2 more secure than int1 Nat on INT1 but specifically "NAT 0" for ACL subnet2, so technically there should not be any nat if Phones2 call...

I got a question related to this post. Let say you need to have both isolated users and non-isolated users on the same site. Obviously, there is a workaround using two IP adresses, two FTP sites, one inisolated mode, the other non isolated. However, is it possible to have this configuration...

Actually I did not want to install Active Directory since I dont know too much about it. But you are telling me I dont have any choice to install FRS, right ? For the licensing stuff, it's a little weird. 40 people will be able to authenticate on the domain through the DC but only 5 CAL, just...