Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Recent content by wirelesspeap

  1. wirelesspeap

    Process taking 100% of CPU, even after reboot

    First of all, you need at least IPSO 3.9 or higher to run NGx R60, and as far as I know, IP330 does NOT support IPSO 3.9 or higher. Secondly, the processor on the IP330 is an AMD low end processor. After installing ipso and NGxR60, you will 100% CPU utilization, even in distributed mode. I am...
  2. wirelesspeap

    what happened to lynx?

    lynx is gone in 4.x. You have to use stupid "clish" now. stupid nokia
  3. wirelesspeap

    changing ip address from CLI

    1) As stoo said, you should be using lynx if you have Nokia 2) You should be using "sysconfig" if you have SPLAT. 3) If you really know what you're doing, you can use "dbset" to change IP address. to go even further, you can even edit the /config/active file to accomplish what you want...
  4. wirelesspeap

    Help blocking real player streaming please

    Yes, but only if you use version 7.x
  5. wirelesspeap

    Can not telnet to server in the DMZ

    do this: static (inside,dmz) 192.168.64.0 192.168.64.0 netmask 255.255.255.0 access-list dmz_access_in permit icmp any any log access-list dmz_access_in permit tcp 192.168.66.0 255.255.255.0 any log access-group dmz_access_in in interface dmz After that, you can telnet from inside to dmz
  6. wirelesspeap

    Where is the config wrong?

    access-list outside permit icmp any any log access-list outside permit ip any any log access-group outside in interface outside that will work.
  7. wirelesspeap

    Pix 501 tunnel to Monowall issue

    I've never dealt with Pix501 so I am not sure if pfs is supported. I only dealt with 506, 506E, 515, 515E and higher model and I know pfs is supported because I've done it many times.
  8. wirelesspeap

    Pix 501 tunnel to Monowall issue

    you need this statement: isakmp identity address crypto map monovpnmap 10 set pfs group1 that will enable psf on phase II to match with the other side.
  9. wirelesspeap

    Pix 501 tunnel to Monowall issue

    you need this statement: crypto map monovpnmap 10 set pfs group1 that will enable psf on phase II to match with the other side.
  10. wirelesspeap

    Cisco Pix 501 opening udp 500 ip 50

    access-list outside permit udp any any eq 500 access-list outside permit esp any any access-group outside in interface outside
  11. wirelesspeap

    VPN Client booting users! Reason 433! URGENT

    do this and it will work: isakmp keepalive 20 that will force the vpn connection to stay active. let me know if it works for you.
  12. wirelesspeap

    block list of Websites

    you don't. Use "yahoo.com." and it will block everything to "yahoo.com". Use "yahoo.com.uk." and it will block everything to yahoo.com.uk.
  13. wirelesspeap

    block list of Websites

    you can use the following: source = your network destination = yahoo.com, msn.com (create objects with domain) Service = Any Action = Drop Just make sure you have DNS Server entries on the Nokia Enforcement module (i.e. when you do nslookup from the nokia for www.yahoo.com, it can resolve to...
  14. wirelesspeap

    Cisco VPn client

    hi, do this: isakmp nat 10 You need to tell the pix 501 that the client may be behind a firewall. That way, pix will use nat-T and it will work. Try it and let us know. wirelesspeap CCIE security
  15. wirelesspeap

    SPLAT with ospf and VPN

    Hi There, What you are trying to do is perfectly achievable. That being said, I think you need NGx to do that. What you are trying to do is "according to cisco" OSPF via GRE and tunnel everything via IPSec. I know how to do that with Cisco but I don't know how do that with Checkpoint...
See more

Part and Inventory Search

Back
Top