Good morning (afternoon or night depending on your location),
I just received my PIX 501 with 10 user license, 3DES and version 6.1(1).
A couple of questions:
The 4 port inside interface should be 10/100, but if I try to change it from
10, I get this message:
PIX501(config)# interface ethernet1 100full
ethernet1 interface can only be set to 10full.
Type help or '?' for a list of available commands.
What's up with that?
Also, I went on my Cisco 3548 and forced the port which the PIX 501 is
connected to in 100/FULL mode, and the 100 MBPS LED lit up on the inside
interface port 1 on the PIX.
BUT, when I do a show interface, it still says 10 Mbps:
interface ethernet1 "inside" is up, line protocol is up
Hardware is i82559 ethernet, address is 0008.a32b.8e7f
IP address 10.5.0.1, subnet mask 255.0.0.0
MTU 1500 bytes, BW 10000 Kbit full duplex
3305 packets input, 376387 bytes, 0 no buffer
Received 2571 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
962 packets output, 70817 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/128) software (0/2)
output queue (curr/max blocks): hardware (1/2) software (0/1)
I am confused here - are there a BIG bug in 6.1(1)?????
Next, I can telnet to the PIX after I added my workstations ip address to
the allowed telnetters, but I cannot seem to get in contact with it from my
browser so I can use the PDM.
As you can see below, I do have "http server enable" and "http 0.0.0.0
0.0.0.0 inside".
Some info:
The PIX inside interface = 10.5.0.1 / 8
My workstation = 10.10.10.10 / 8
Cisco PIX Firewall Version 6.1(1)
Cisco PIX Device Manager Version 1.1(2)
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES: Enabled
Maximum Interfaces: 2
Cut-through Proxy: Enabled
Guards: Enabled
Websense: Enabled
Inside Hosts: 10
Throughput: Limited
ISAKMP peers: 5
nameif ethernet0 outside security0
nameif ethernet1 inside security100
hostname PIX501
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
names
interface ethernet0 10baset
interface ethernet1 10full
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 10.5.0.1 255.0.0.0
ip audit info action alarm
ip audit attack action alarm
pdm logging informational 100
pdm history enable
arp timeout 14400
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00
rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
http server enable
http 0.0.0.0 0.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
no sysopt route dnat
telnet 10.10.10.10 255.255.255.255 inside
telnet timeout 5
ssh timeout 5
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
terminal width 80
I have tried with http 10.10.10.10 255.255.255.255 inside, but that didn't
make a difference.
Does anyone have a magic trick here?
Thanks in advance, and sorry if these questions might seem stupid.
Ole
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ole Drews Jensen
Systems Network Manager
CCNP, MCSE, MCP+I
RWR Enterprises, Inc.
[EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.RouterChief.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NEED A JOB ???
http://www.oledrews.com/job
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32929&t=32929
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
