Cisco Firewall :: Possibility To Configure Symmetric / Consistent NAT On PIX 515
Apr 15, 2007
I got a weird problem with a PIX 515 (7.2(2).18.I'm natting SIP behind the Firewall [code] Incoming and outgoing SIP-calls are working perfectly. See old conversation [code] Unfortunately, "forwarding-all" function (with a SIP-incoming call to an external number [through the same SIP-Proxy]) is sending the SIP-signal (ringing) but no RTP-flow.
On the PIX the "SIP inspect" is activated.Is there a possibility to configure a symmetric / consistent NAT on the PIX to allow the RTP-stream to be built up?
View 2 Replies
ADVERTISEMENT
Apr 4, 2012
I have a Cisco 857 router which i used for Internet connection with RJ11 connectior (ADSL0 POTS) but now the ISP has changed the internet link with PPOE type and the ONT connection is RJ45 , Is there a possibility to configure one os the Fast Ethernet ports as WAN port for internet.
View 2 Replies
View Related
Nov 23, 2011
We got a replacement ASA 5580 from Cisco. We were not aware of PAK, Is there any other possible to generate Activation key? Can we generate PAK or Activation Key using SO (service order) number?
View 1 Replies
View Related
May 8, 2013
I have probem with symmetric load balancig, in case when both ends of ether channel are on the sam switch (we are using VLAN translation).We need to create L2 port channel with both ends on same switch (Cisco WS-C4500X-24X-ES), for example:Po1 – Gi0/1, Gi0/3 (one end of port channel )Po2 – Gi0/2, Gi0/4 (other end of port channel)On ports in Po2 we will configure VLAN mapping.My question is what is the best ether-channel load-balancing scheme with wich we can accomplish full symmetry in both directions? For example, if traffic in one direction goes through Gi0/1 (member of Po1), in other direction also must go through Gi0/1. This is required because we need to connect four appliances for DPI (they are full L2 transparent) and traffic through each appliance need to be symmetric.
I can set-up src-ip, dst-ip, src-dst-ip etc. load balancing, but, actually I need src-ip on Po1 and dst-ip on Po2. Is there any way to set up different load balancing mechanism for different ether channel on same switch (4500X).
View 4 Replies
View Related
Sep 4, 2012
It has always been the case with my laptop and another usb N adapter I bought a while back but this time when i upgraded my PC and got a DWA-552 adapter and the problem occurs again I was forced to try and debug it.PingPlotter had a constant ping check on my router's network address every second, every few minutes and sometimes seconds apart there would be 100+ ping spikes which always correlate with troublesome lag spikes in-game. And that's with Roaming Policy set to very low. Once set to normal it got much worse with 500+ ping spikes, and just to cement the correlation I set the policy to very high and 1000+ ping spikes happened.Could it be that DIR655 incorrectly reports to the adapter that it is about to drop the connection forcing a roam that results in nothing but a latency hiccup? I am not well versed in wireless mechanics. These ping spikes are often accompanied with packet loss.My DIR655 has several G cards connected to it (which work fine btw, my 552 seems to work fine in G mode too though I haven't tested it extensively yet - may be forced to since dir655 appears to be bugged with N mode) and several N cards that aren't used for gaming so this issue has never been a problem before.
View 3 Replies
View Related
Mar 3, 2013
I have a Inspiron N5010 and I am having issues getting a consistent network connection. This is occurring over Wireless and Ethernet. I have tried new drivers for both the wireless and the LAN devices. We have tried this over a direct wall jack(known good) and a VOIP phone(also known good jack). We are having issues with SSL and IPSEC VPN as well but im not certain they are completely related as they VPN is at his home and the network issues are at the office.
View 1 Replies
View Related
Jan 25, 2012
My wireless router only supplies half the house with consistent Internet access. What's the easiest way to ensure connectivity throughout the house?
View 1 Replies
View Related
Feb 1, 2011
I´m looking to a project where we want to start using Autonomous AP with possibility to change to controller based on near future.
Will Cisco Aironet 1040 Series Access Points allow us to change from IOS to CAPWAP when needed? I read some posts about the oposite process (CAPWAP to IOS) so I think it´s possible on both way. Can some one confirm this to me?
View 5 Replies
View Related
Oct 8, 2012
Recently we upgraded a switch with an image from the repository in LMS. After the installation of the image it seemed corrupt.
My question now is : Can we do a MD5 checksum on all the images in the local repository to verify that all images are ok to use?
View 2 Replies
View Related
Mar 2, 2012
i have IO digital cable and internet and they offer free WiFi which i do not use my modem is wired to my pc but over the last few weeks my connection has been sluggish now is it possible for one of my neighbors to be using my internet?
View 2 Replies
View Related
Dec 28, 2012
I heard my brothers' conversation in our house. One was asking another, if he is downloading things. The other one replied, saying no, he didn't. And then the one that was asking said, he knew he was lying. He can detect and monitor that person's IP address to know enough if the other person is downloading or not.
View 6 Replies
View Related
May 21, 2013
I want to join the AIR-AP1121G-E-K9 LAP to an 2504 WLC with software release 7.4.x .In the compatibility matrix i saw that it's just possible if the WLC has the software version of 7.0.x.So my questions are:
1. Why it's needable to upgrade the WLC from 7.0.x to 7.4.x?
2. Is there any possibility to join the AP1121G to an 2504 WLC with 7.4.x version?
3. What's the difference between the releases 7.0.x and 7.4.x
View 4 Replies
View Related
Mar 8, 2012
I was wondering how would it be possible for a person to gain access to computer through my router? Or is that even possible? Just a quick rundown, the past few weeks, 2 of my email accounts have been compromised, one was email i had for years, the other was a new random email that i rarely use. In the same week, both these accounts were "hacked" the passwords were changed and i can't get access to them. Same goes for my fb account also compromised. These emails aren't linked to the fb acct neither. I know you might think yeah, i might have clicked on one of these phishing links, but i assure you haven't, i have never entered any of my information on random sites or anything like that. Actually i only really frequent 5 or 6 sites on this certain laptop and i have never downloaded anything on it but songs from iTunes.
I've scanned my computer numerous times, and even went as far as to factory reset it, so i don't know how high the possibility of me having a key logger is.So i guess i'm asking, how would a person be able to have gained access to computer w/o having it in their physical possession? Can i be getting hacked through my wifi connection? What information of mine would someone have to have in order to access my computer and monitor my web activity?
View 3 Replies
View Related
Oct 12, 2011
I got question about Cisco SF300-24P- is it possible to have management vlan in other vlan than in default vlan?I have default vlan 10 and voice vlan 20, I need to reach switch through voice vlan so I need to set up, interface vlan 20 with ip address. I ask these, because in gui, under Management Interface, IPv4 interface,under Management VLAN, I can only choose vlan 10, which is my default vlan, I dont have option to set ,up, in this case, vlan 20 as management vlan.
View 2 Replies
View Related
Mar 24, 2013
I have a switch from SG 500 Series the works as Layer 3 Routing Switch with the Firmeware 1.2.7.76. I have create some diferent VLAN´s and have defined one ACL for each VLAN. Now i try to do a binding from the ACl to a VLAN but i have only the option to bind the ACL to a phys. Interface or a LAG.is the a possibility to bind the ACL to a virtual interface like in other Cisco serieses and how it works ? the Backround is i have connectetd 2 Hyper-V Server where the Guests are in different VLAN´s and the server is connectetd with a 10Gb Trunk to the Switch now the switch routed the different VLAN´s and i must have some restrictions between the VLAN´s.
View 2 Replies
View Related
Sep 17, 2012
Is it possible to implement LLQ(QoS) on ethernet modules in the Cat 6500? For this feature, I can only find documentation about ES+ modules or SPA/SIP modules! (according to the feature navigator LLQ is supporten on the concerning HW and SW image)
View 2 Replies
View Related
May 15, 2013
F7D4402nt play 600. i updated to windows 8 and the supplied software will not work. The software was very easy for a setup. Now i must do the things the hard way. a completely manual setup. it is a bit of a chore.
View 1 Replies
View Related
Nov 28, 2012
I have a Dell XPS L502x (Core i7, 6 GB RAM, 2GB NVIDIA graphic card, 750 GB HDD)My laptop does not have HSPA mini card
Is there a possibility to add a HSPA mini card
View 2 Replies
View Related
Apr 15, 2013
Region : UnitedKingdom
Model : TL-MR3220
Hardware Version : V1
Firmware Version :
ISP :
I will soon be moving to somewhere without DSL service. I was wondering if it is possible to connect my iphone 4 to the usb of the mr3220 and use the iphone's 3g data allowence?
View 1 Replies
View Related
Jan 7, 2013
I'm looking at the possibility of purchasing a few 3750 to build a switch stack to replace my current core and access switches. I'd like for the stack to support server, SAN, and user traffic, as well as provide simple switch management, redundancy, and failover. I've also been looking at the 4500, 6500, and Nexus series switches (although the Nexus switches maybe a bit too much for my network).
My current environment consists of 3560's as the core/distribution/access switches, a mixture of Hyper-V and VMWare environments (although we're slowly migrating to Hyper-V), an HP SAN (P4500), and about 100 users. Any issues going with the 3750's or have an alternative, more efficient solution?
View 8 Replies
View Related
Nov 20, 2012
Normally when we do HSRP with vPC on N7K the device will be Active/Standby in control plane but it will be Active/Active in data plane. In this case any traffic reach to standby device it can forward traffic directly to uplink which is not my desire. My goal is all traffic should pass through active (control plane) device in every case unless active device totally dead. So Is it possible for Nexus 7000 to be HSRP Active/Standby in Data Plane ?
View 4 Replies
View Related
Nov 4, 2012
This is my first time to use the Cisco ASA 5500 family. I have a request from a user to create an access rule, to allow all LAN traffic to Destination IP address 165.241.29.17, 165.241.31.254 with Destination TCP port 5060,5061,5070 and UDP port 50000-52399.
View 9 Replies
View Related
Aug 12, 2012
We heard that ASA ver 8.4 has PBR. Do we have some guidelines on how to configure PBR for ASA and can it do routing based on URL?
View 2 Replies
View Related
Nov 23, 2011
How to configure ASA failover for 8.4.
View 1 Replies
View Related
Sep 11, 2011
I'm having a problem configuring an ASA 5510. A previous employee started the config and left abruptly. He established a VPN Tunnel between two of our sites and that's working without an issue. The problem is, the network behind the 5510 at the remote location cannot access the internet.
ASA Version 8.2(1)
!
hostname PH-Firewall
domain-name pleasehelpme.com
enable password HXrQty4kqW8s8yeE encrypted
passwd ucA.qrYJWD9UyIFz encrypted
names
[code]....
View 12 Replies
View Related
Dec 20, 2011
I have a asa 5505 Sec plus with 3vlan, inside, outside and dmz.
On the outside i have 5 ip's for my use, and in the dmz i have a webserver that need to communicate with one sql server on the inside.
The "sql" also needs to be accessible from outside and thus has a static nat with a dynamic nat so it replies from same ip as on nat ie 72.72.72.5 webserver is natted with 72.72.72.6
sql inside ip is 192.168.1.2, gw 192.168.1.1
webserver ip is 192.168.2.100 gw 192.168.2.1
sec lvl on inside is 100 and on dmz 50
with a dynamic policy running inside-net/24 to dmz-network/24 translagt to dmz 192.168.2.2 i can get it to ping 1 way from inside to dmz, but not the other way around...
All i need is to open 1 port ie 6677 both ways for this communication to work.
I'm not very familiar with the CLI and do most stuf in GUI (know i should learn CLI, but time doesnt let me)...
on access rules i have just added everything from any to any using , ip, icmp, tcp and udp just to be sure... :-)
View 47 Replies
View Related
Mar 3, 2013
I am confiuging a DMZ on my ASA 5510 but I have run out of physical ports, since I have dual Wan ports configured. I plan to implement a DMZ using subinterfaces. I have 2 questions:
1) Do I need to configure a Vlan to complete this task?
2) Do I need to re-configure the other interfaces for subinterfaces and/or vlans as well?
View 4 Replies
View Related
Nov 15, 2012
Do you know how to configure PAT on Cisco ASA 5545x?
View 2 Replies
View Related
Mar 10, 2011
We have Cisco ASA 5520 firewall. ASA Version - 8.0(4). ASDM Version - 6.1(3). Firewall Mode - Routed.
We want to configure QoS for some subnets and enable policing such that they cannot use more than 1mb of bandwidth. I think we cannot create more than 1 policy for it. In that case i created a policy with QoS enabled and configured the Input and Output policing with Commited Rate of 1024000 bits/second. But it does not seem to work.
how can i create such policy in the ASA to limit certain subnets to 1mb bandwidth ?
View 1 Replies
View Related
Jul 25, 2011
I'm trying to configure an asa 5510 8.2(1)?I have a range of pub ips 3*.108.234.145-150
>>> E0/0 3*.108.234.146 outside public
>>> E0/1 192.168.1.1 inside
>>> E0/2 192.168.3.1 dmz
would like to map dmz host 192.168.3.107 to external 3*.108.234.147 on port 5000 and 50001 LOCAL LAN should also be able to get to dmz host ports.i've tried a few configs and also following this example:
[URL]
without any luck, here is my config, also posted the out put of show arp which is able to see and ping the host on dmz, also the output of show access-list which shows hits to it.
prophase-pix(config-if)# show running-config
: Saved
:
ASA Version 8.2(1)
!
hostname prophase-pix
enable password encrypted
[code]....
View 2 Replies
View Related
Mar 18, 2012
i'm trying to configure an ASA with two ISP to be reached from internet for vpn access, the objective is that the user can use any of the Public address attached to ASA to connect to the company. Is this possible? i'm facing some problems because i can not use two different default routes (same AD) pointing to two different interfaces, this is the message that i receive "ERROR: Cannot add route entry, possible conflict with existing routes" and when i change the AD of one of the default routes i just can reach one ISP.
View 1 Replies
View Related
Aug 30, 2012
I'm using windows XP Pro , in a local Lan, internet connection through a DHCP, and System software on IP 192.168.0.254. I'm the Admin of my PC, I just want to use the Internet and the System program. I want to block any user from accessing my PC or viewing my Processes by other programs like (Ideal Admin.). How to configure the AVG Firewall to do that ??
View 11 Replies
View Related
Feb 11, 2013
Configuring Cisco 1841 router and firewall.My provider has put their equipment and given me 2 subnets with public ip address. I am used to getting just one Subnet and connecting my firewall straight to the hand off. But in this case I am a bit confused. I assume I will need to put a router and configure it with before I connect my firewall. [code] I also have a firewall that I would like to be on the subnet 2 at 200.xxx.97.130 and have my private network 192.168.xxx.xxx behind it.
View 2 Replies
View Related
