Search results for query: *

Hello, we have a remote site which is connecting to a central site via PIX-to-PIX VPN (PIX version 6.3(3)). At the remote site there is a client which enstablishes a connection in the central site and this application MUST stay up forever (unless the application is shutted down from the client...

Hello, we use PIX mainly for VPN with remote offices PIXes and we are managing the remote PIXes centrally from headoffice. We are wondering if it makes sense to collect logs from the remote PIXes to our central syslog server. In taking this decision we first need to know what level of log to...

Hello, we are using PIX 6.3(3) and we use Kiwi syslog for collecting logs. We would also like to have a log analyzer to easily process PIX messages. Can anyone suggest a good product? Thanks Silvia

Hello, we have the following problem: we are using PIX 6.33 to handle many VPNs with different remote sites. All these remote sites need to access to our internal LAN 192.168.160.0, traffic comes inbound. The problem is that one of these remote sites has also 192.168.160.0 as their internal...

Hello, are there any known issues with PIX version 6.3(3) ? Is it 6.3(1) better or more stable? Thanks Silvia

Hello, we are planning to have Exchange 2003 as our internal mail server. At the moment we have an external ISP which acts as mail server as well and each user downloads mail from it. What is the best strategy? I can see different solution: 1- we put Exchange inside the PIX and we apply...

Hello, we are planning to have Exchange as our internal mail server. At the moment we have an external ISP which acts as mail server as well and each user downloads mail from it. What is the best strategy? I can see different solution: 1- we put Exchange inside the PIX and we apply static...

I have PIX 6.1 and also 6.3 for testing. On both I have three i/f: outside, inside, dmz I am using DMZ only for connecting it to a router which establishes VPN with remote partners, so there are no public IP to be published on the DMZ i/f. Traffic is flowing from inside i/f to dmz i/f to be...

Hello, we have PIX 6.3 and we would like to use it for VPN only with double IP address on the external i/f, to connect with remote sites through two ISPs. I think this should be possible with 6.3 because of VLANs, but I was wondering if it is also possible to have dinamyc routing between...

I have PIX 6.1 and I would like to let it allow an IPSEC VPN between an external cisco router and an internal cisco router. Is it possible? How do I have to configure PIX? I guess I have to add a static rule to map a public IP to the private ip of out cisco router and then I have to set some...

Hello, we have PIX 525 ver. 6.1 and we would like to connect PIX to two different ISPs, because we cannot rely on a signle one. I was wondering if it is possible to configure the external PIX i/f with two public IPs. Does anybody know it?

Hello, we need to enstablish multiple IPSEC VPN on PIX. The problem I have is related to ACLs and NAT. I guess I have to create an ACL for any VPN tunnel, but then how do I prevent NAT on those traffic? for example: If I have 2 VPN associated to ACL 110 and 120 respectively: access-list 110...

Hello, I have PIX 525 with OS 6.1. I cannot ping from PIX itself to anything outside, even if I have outgoing access-list that allows all ICMP, and inbound access-list that allows ICMP echo-reply and destination-unreachable. I always get this answer: mebfirewall(config)# ping 213.157.198.250...

Hello, I have found in a CISCO technical tip that here may be problems n performance of FTP and HTTP is the global IP range used by PIX and its outside interface itself is not registered in any DNS reverse record. This our case: our IP range is not registered. How can I see if this is causing...

Hello, I would like to remove the full IPSEC VPN settings that I have configured on PIX 525 6.1, but I don't know how to do it. Which is the right order to remove the settings? Which commands do I have to use? Thanks Silvia

Hello, we are now using CISCO PIX 525 R-BUN with a unique internet provider and we are thinking about a backup for it. PIX is mainly used for Internet, mail and some VPNs. Taking into account that we are now thinking about having a second Internet provider for redundancy and also setting up a...

Hello, I have set up an IPSEC VPN between two PIX and it works. Now I would like to filter the destination addresses where the remote host can access to andalso what kind of traffic. Is it possible? How? Thanks a lot Silvia

hello, I keep on seeing a lot of strange messages in our PIX 525 6.1: %PIX-6-106015: Deny TCP (no connection) from 209.41.103.87/80 to a.b.c.d/29297 flags ACK on interface outside %PIX-6-106015: Deny TCP (no connection) from 209.41.103.87/80 to a.b.c.d/29297 flags ACK on interface outside...

Hello, we are planning to establish a VPN with a remote LINUX IPSEC end point. Is there something special that we need to do to be compatible with them (like adding some special software module to our PIX 525 6.1) or do we just need to configure IPSEc parameters according to theirs? many...

Hello, our internal network runs on private addresses. We have a range of 4 usable public IP address to be use for NAT of outgoing traffic. We then have an internal ftp server that needs to be accessible from outside. I used the following configuration: - global (outside) 1 a.b.c.155-a.b.c.157...