Recent content by zausner

Call them.... I spent 3 days poking around trying not to get involved with their sales people and I just broke down and called. Their website is truly useless.

As per HP, 7.0 now supports duplicate IP addresses. I have spent the last hour searching their site and another hour trying to get any details on how they are doing this. Basically, I have several clients who have networks that are using IP address ranges that overlap or duplicate others...

I would have to agree with NetEng631. Things are going to be a bit different with ScreenOS 5.0 and it's deep packet inspection, however for now as far into the header as the Netscreen will look is to see that it's a TCP port 80 packet, compare it to it's policy and send it on it's way if it's a...

I realize I'm posting this in a Cisco PIX forum, however here's my two cents.... I've got 11 years of Cisco IOS (99% routers) experiance. I've been working on PIX's for about a year now. I also have years of firewall experiance with other vendors (Checkpoint, Sonicwall, Netscreen, Nokia). If...

Well I thank everyone for their suggestions, Cisco finally figured it out (5 engineers and 7 days later!). As it turns out the vpnpool address can't be in the same network or subnet as the "inside" network... even though this contradicts the TAC website.... See the Cisco response...

Thanks for the responses!!! In the debug crypto isa sa the byte counts don't increment, but it shows the SA as active and the correct remote IP. As for the NAT-T.... that was my first thought as well, however I stuck a laptop on a "raw" internet connection with no NAT devices in...

I apologize if this is a stupid question however I have run out of ideas to try. I have a customer with a 525 using Cisco VPN software for remote, client vpn's. We're using split tunnel ACL's. There are currently 5 different vpngroups setup for various different companies and employees to...