Search results for query: *

...172.16.0.0 255.255.255.0 no access-list 101 permit ip any any no vpngroup vpn3000 split-tunnel 101 vpngroup vpn3000 split-tunnel vpn3000Split no vpngroup vpn3000 address-pool ippool vpngroup vpn3000 address-pool vpn3000Pool global (outside) 1 interface ***************** What's ADD again?

Thanks. Now I can stop beating my head against the wall. Roland ***************** What's ADD again?

...to add the subinterface to the VLAN. On a c1700 or c1800 series I'd use this command: encapsulation dot1q 1 native And then I'd assign the IP address...but apparently that command isn't supported on the 805. So, is there any way to do this? Thanks Roland ***************** What's ADD...

That's cool! I'm still figuring out the differences between 6.3(4) and 7.x... ***************** What's ADD again?

...interface inside Keep in mind, a lot of the IM clients migrate ports if the primary one is blocked. So if this doesn't work, you'll want to find the IP address or range of addresses that AOL uses to host AIM and prevent that PC from accessing them. Roland ***************** What's ADD again?

For which the DMZ or the inside?" I'd change the network for the dmz3--especially since it's not created yet. Maybe 192.168.1.0/24 or something else routable. Roland ***************** What's ADD again?

Cisco Secure PIX Firewalls" Edited by David W. Chapman Jr. and Andy Fox. Page 106. ***************** What's ADD again?

...the PIX is using are the same. As far as manually creating messages...I don't think so. If you set the trap level to debugging, you'll see messages consistently. Also be aware that some spyware removal programs will remove key files used by Kiwi. Roland ***************** What's ADD again?

The logging buffer is 4KB in size and is non-configurable. The messages that are oldest are overwritten once the buffer is full. You can use the "clear logging" command to empty the buffer, or the "no logging buffered level " command to turn it off. Roland ***************** What's ADD again?

...255.255.255.0 Then on PIX 2 route dmz3 192.168.100.0 255.255.255.0 10.1.1.1 1 static (inside,dmz3) 192.168.0.0 192.168.0.0 netmask 255.255.255.0 Can the PIX do this ok?" You are going to have to use different subnets or you'll run into routing issues. ***************** What's ADD again?

I believe that link places a cookie on your PC, which gathers the internal IP. So it doesn't mean your firewall isn't working. It's just a clever marketing scheme. Roland ***************** What's ADD again?

Glad to help. ***************** What's ADD again?

...But debugging--level 7--sends a message about every activity on the PIX--so it generates A TON of messages, which can slow down a heavily used PIX. History sets the SNMP message level for sending syslog traps. I'd use warnings--or level 4--on all of these. ***************** What's ADD again?

Also, This FAQ is good: faq35-4302 ***************** What's ADD again?

...history warnings 'Set this at the level you want. logging host inside IPAddressOfSyslogServer 'The PIX defaults to UDP 514. With Kiwi, you can use UDP or TCP--default 1468. logging host [if_name] ip_address [protocol/port] Roland ***************** What's ADD again?

...static (inside,outside) tcp 59.43.56.7 3389 172.20.1.6 3389 netmask 255.255.255.255 500 500 Also, if you have available public IPs, you can statically map a whole address instead of using port redirection. If you want directions on that, let me know. Roland ***************** What's ADD...

...172.17.xx.54 and replace them with: access-list acl_dmz permit ip host sales_server host 172.17.xx.54 That will open all IP traffic from sales_server to 172.16.xx.54 and wihll help determine if it's because we've failed to open some needed ports. Roland ***************** What's ADD again?

...tunnel-group DefaultRAGroup general-attributes authentication-server-group (outside) none tunnel-group Z.R.C.94 type ipsec-l2l tunnel-group Z.R.C.94 ipsec-attributes pre-shared-key * class-map inspection_default match default-inspection-traffic Roland ***************** What's ADD again?

...BlahBlahGroup split-tunnel split5 vpngroup BlahBlahGroup idle-time 1800 vpngroup BlahBlahGroup max-time 14400 vpngroup BlahBlahGroup password *************** ip local pool Blahpool X.X.7.1-X.X.7.6 access-list split5 permit ip X.Y.0.0 255.255.0.0 X.X.7.0 255.255.255.0 access-list split5...

Not on the site to site--it just survived the code translation. I'll dig out the commands referencing it though and paste them so you can compare. ***************** What's ADD again?