I there a way to do split-tunneling for vpn clients connecting to a pix with
pptp so that they don´t lose internet conectivity, the clients are using the
microsoft vpn dialar.
any examples of this would be great.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64585t=64585
I am asembling an CCIE lab at work and just found
http://www.horizondatacom.com
has any one used them, and if so what is your experince
At least the price looks good, I have assembled the folowing list and would
like some comments on it, I already have 2x1005, 2x1003, 2610, 2511-RJ
access server
Can any one recomed a good traning class for the CCIE Written Exam, most of
the CCIE traning programs I see offerd are traning for the lab, after you
have taken the written.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63494t=63494
Hi
Can anyone please tell me what the point of the following command is
static (inside,outside) 157.157.146.13 157.157.146.13 netmask
255.255.255.255 0 0
Same IP address on the inside and the outside, I have seen this used on
production networks, but can not figure out why, can anyone please
Ok,
But I am not quite sure I understand this, beacuse in this example the
address is used as an privat address on the company´s internal network, and
is not routed to the pix on the outside interface from hosts on the network,
so If this is to bypass NAT, by what IP address do the hosts on the
The thing is the the router external to the pix, does not have a route for
the 157.157.0.0 network, considering that, whill this ever work ???
Although the address is a public IP address, this company uses it as an
internal address, and It sould not be visible on the internet, also the
server
Hi all
I have a question regarding VPN,
I want to configure a 827 router, so I can VPN into it with out using the
cisco VPN client, just use the Windows 2000 Client, i.e. use PPTP
I have done this with the PIX, and there are noproblems there, I also have
setup Ipsec and 3des with the 827, but I
Can some one tell me, what AP is focused on in the Wireless LAN for Field
Engineers exam (WLANFE 9E0-581)
Is it the 350,1100 or 1200, or just all of them
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59278t=59278
--
FAQ, list
Hi all, and sorry for the OT question, but you are the most profesional goup
of network pepole i know about.
My company is thinking about buying a network sniffer package,
basicly what we need, is a network sniffer, but thene some extras would be
nice, like some kind of WAN module, to sniff
I have sees this exact problem with a lot of the pix 501 boxes, and would be
intrested to know if cisco is going to do anything about it.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58975t=58946
--
FAQ, list archives, and
Can I use a cisco AS2511 Router as a terminal server to remotely connect to
my router lab, i.e. connect cables from the async ports on the as2511 to the
console ports on all the other routers ?
I know ít´s possable with the 2511 and 2509, but need to know if the AS
type is any diffrent.
Best
If I have a pix seperating my network from the internet with an inside and
an outside interface, then I have some servers on the inside network that I
use Static to give an ip address on the outside network for host´s on the
internet to access. that´s the easy part, now the question
Is it
Well passed BCRAN tody, It was an ok test, not to hard, the only thing that
gave me any problems was, a lot of Modem / Access Server type question, as
that is somthing I have no hands on experience with.
Well onto to Routing next, then support.
Message Posted at:
can any one give me an idea about the 3des throughput of the 3002 VPN
Hardware Client ?
have looked all over cisco´s site, but can not find anything
Best regards,
Arni
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57830t=57830
I just realizied who you are, and that I am reading your book Cisco PIX
Firewalls :)
it´s a small networking world.
I think it´s a great book, and has give me a lot of information about
working with the cisco PIX.
Thanx again.
p.s. and if anyone knows of a link to www.cisco.com, that I can see
Hi
I have a VPN 3005 Concentrator, that establishes an Ipsec 3des tunnel to a
828 router, the router has uppgraded memory and 3des sofware.
the router is connectd to my via a 2mbits line, and workes fine, but when I
establish the vpn tunnel the performance drops down to something line
256Kbits,
Thanx for the info, can you or anyone point me to a page at cisco.com that
has info about the performance off these routers, I feel better if I can
point the customer at some official cisco information about the performance
of his router
Message Posted at:
I now this is somewhat off topic but, I am confident you can give me some
valid input about this,
My company is thinking about buying NetIQ´s Chariot software, any one here
have any good or bad experince with that product, and Is it as helpfull as
it seem for troubleshooting network problems.
has any one hear taken the CSVPN 9E0-121
I am thinking about taking that exam, I have some experience with the 3005
Concentrator, but none with the 3002 Hardware Clients, so I would like some
information about aproxemently how large a part of the exam the 3002 is, can
I get a way with haveing
I have a simple question, can the Catalyst 2950 switch with a EMI Software
Image Route i.e. does it become a L3 swithc when the EMI images is loaded,
like the 3550 can with the EMI Image.
Best regards,
Arni
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57499t=57499
I Have the folowing setup
VPN-Client--VPN-Concentrator---ipsec-tunnel---PIX
Connections from the networks on the inside of the pix to the concentrator
private network workes fine
connections from the VPN Client to the concentrator private network worke
fine.
But I cant connect from the
Yes you can do this with the Reverse Route Injection, I have used it, it´s
easy to setup.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57186t=44276
--
FAQ, list archives, and subscription info:
I have been trying to get an answer to this question with out luck,
the question is, If I am running an ISP and a company has a connection to
me, now someone from that company wants to use a vpn connection from the
internet to connect to his company through me, and I have a PIX to accept
his VPN
I need to get some insights into designing and installing a IP Phone
network, with CISCO switches and routers, but IP phones from another vendor,
and I am looking for some courses that can help me desing and implement the
QOS features, I was thinking about the DQOS course,
any thoughts or
It would be great if anyone could give me some insights into if it´s posible
to use the 2610 or a PIX to do what I was talking about
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54878t=54702
--
FAQ, list archives, and
I have a question regarding VPN setup,
I have some clients connect to me with 828 G.Shdsl routers, most
of the also have PIX 501 and can tunnel between them selfs
then I have a 2610 Router that routes the internet traffic from the
clients to the internet, Now they want to be able to VPN in from
Ok,thanx for the info,
would it be possible any other way, as I already have a PIX506 and a 2610
router
or is the VPN 3005 the only and best way to go
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54704t=54702
--
FAQ, list
Do I have to have the hostname of each router in each other, if I am calling
an ISP I just get a username and password, that I send the ISP router, I
dont get any hostname or password to put in my router to authenticate the
ISP router
Or do I
Message Posted at:
Ok thanx for the explanation
to get this 100% I just have one more question
If I am calling an ISP
Router 1
has in its config
dialer 0
ppp authentication chap calli
ppp chap hostname bla
ppp chap password bla1
and that works to authenticate to the ISP router, but as chap is two way, do
I
Ok I have tested this and got it to work with out the dual usernames on
bouth router, as I was talking about in the previous post
but that still leves my orginal question, and if any one can see anything
from the debug, that would be great.
Message Posted at:
The thing is that is I am calling an ISP so I have no control over the
router I am calling into, I cant use that routers hostname as a username as
I have an account there with a username that I have to use, and the problem
seems to be sending that username to the ISP router..
Message Posted
Well I have some more chap authentication issues, and if someone can give me
any pointers that would be great,
I have two routers
a 1003 who is calling an 3660 over ISDN
this is the debug from the 100300:03:54: %LINK-3-UPDOWN: Interface BRI0:1,
changed state to up
00:03:55: %DIALER-6-BIND:
It´s my understanging that when I use ppp authentication chap callin
i dont have to have the username on my router, as if I was calling into an
ISP then the ISP´s route would have to have a username on my router, and I
dont think that is the that is used.
Message Posted at:
I am having problems with a ISDN router calling into an ISP,
the CHAP authentication is not sending the correct username.
the debug i get
PPP BRI0:1: CHAP challenge from 3640
00:10:21: PPP BRI0:1: USERNAME 3640: lookup failure.
00:10:21: PPP BRI0:1: Unable to authenticate for peer.
it always
I have already tried using ppp authentication chap callin, and that does not
change anything
yes the IP unnumberd is just there for testing, as this router I am using
can not do IP address negoitedted, and NAT
but the production router will be able to.
Could that be the issue, from the debug,
I have a cisco1003 isdn router dialing into another router, in an outher
country, and it has worked perfectly, but now my telco switched the voice
and isdn calls from the fiber to a sattalite, and the the router can not
connect, are thare any timeout settings our somthing like that I can change..
I have the following problem,
I have two locations connected bya ATM from a service provide, and I get
ethernet at each end, now I would like to send Vlan tagged frames 802.1q
over the link, as I need to have two IP networks span both sites.
But when I turn tagging on, It does not work, and
I did this when we uppgrade the flash memory of the pix classic at work,
just took the old flash card and put it in an old Pentium 133 motherbord,
and some Intel NIC´s works like a charm
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48215t=48210
I have two locations one with 20 servers and 150 users, and the other close
by with 150 users, they are connect with a 100Mbits fiber connection, I am
using sperate C-class networks for these locations, but now I need to change
the IP network to eighter another C-class network or a B-class
I have two networks, that are conneted to Cat5 switches that are connected
with one 100Mbits connection, and they are set up as difrent Vlans, then I
have a router to route between them, one network has about 30 servers and
somthing like 150 clients, and the other around 100 clients, now I have
I am having problems to get a certain configuration to work with
my PIX, I use NAT for all network to a Public IP address range, then
I also use PAT for my 10.100.0.0 network so all machines comming from that
network use the public address ending with .50.
Now I need to use PAT for a client that
the nat (inside) 2 123.123.144.251 255.255.255.255 0 0 is somthing I added
to try to get the host 123.123.144.251 to PAT to the .50 address, but that´s
not working, the network connected to the inside interface is 123.123.144.0/24
the nat (inside) 2 10.100.0.0 255.255.0.0 0 0 statment is what I
Hi
I have a PIX firewall, and am using nat to let my clients access the
internet, but now I need to connect about a 100 clients, bases in an wan of
more than 50 places, all to the internet through the same ip address,
so the question is, can I have some sort of a NAT list letting all the 100
ip
I am administrating a network of about 500 computers, 30 servers, and
somthink like 70 WAN locations,
I have been thinking about the Cisco IDS system, anyone have any good
reasons to use one, have you used it, and has it detected much intrusion.
I realy need somthing to sell the ides to the
I am having problems with clients, that connect to the pix, when they are
connected, they can´t go back out to the internet through the same pix
here is a part of the configuration
ip local pool heima 192.168.15.50-192.168.15.100
vpdn group 1 accept dialin pptp
vpdn group 1 ppp
Thanx for the information, can I use this with w2k clients connecting, or do
I have to use the Cisco VPN client?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35735t=35715
--
FAQ, list archives, and subscription info:
What did you do ?, I need to do the same with a Sitch I have for testing
Best regards
Arni V.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31124t=31084
--
FAQ, list archives, and subscription info:
Thanx, but I dont have a CCO account, I used to but does not work anymore :(
any other way ?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31136t=31084
--
FAQ, list archives, and subscription info:
48 matches
Mail list logo