Cisco VPN :: Routing In PIX515E Version 6.35
Dec 26, 2011
I have a routing problem here with routing in PIX515E version 6.35. I have some Client PCs located in the DMZ interface of the PIX515E, they connect to PIX using Cisco VPN Client (IPSEC VPN), after that these PCs can be routed to access Servers (static route) located behind Internal interfaces of PIX. I have some Servers located remotely having Internet Access, the gateway router remotely connect to PIX Outside Interface (Internet) using IPSEC VPN then routed to inside Interface (static route).
View 9 Replies
ADVERTISEMENT
Sep 4, 2011
We have got an issue with an IPSec tunnel between Cisco PIX515E and Juniper firewall, the last one is managed by ISP. The tunnel is set up over the Internet.
There are a number of subnets running via this tunnel. The issue is that sometimes the connectivity between some of the subnet halts. So the users (and nagios) would report they can not access the service over the tunnel, while I would access the PIX over the tunnel by telnet just fine (from another side), then issue 'clear ipsec sa', and the connectivity would be restored. This happens randomly, one or few times a day.
View 6 Replies
View Related
Sep 14, 2009
McAffee scan of acs 1113 appliance running the 4.2 build 124 patch 12 version reports that a medium vulnerability exists because the system has SSH version 1. Any way to specify only version 2 or turn off SSH?
View 9 Replies
View Related
Jun 24, 2012
I have a Cisco PIX515E-R and I will like to set up a VPN tunnel together with a Netgear ADSL router. I want to access a network at work from my computer at home.
View 14 Replies
View Related
Mar 27, 2013
I have a PIX 515E UR which I would like to activate the VPN-3DES-AES license. I did find a link to register the license, but after following the link and logging into my old CCO account i found that as I didn't have access to anything, so couldn't complete the procedure.Is there any way that I can get the license activated? I bought the unit from a Cisco partner quite some time ago, but never needed the 3DES license. Now I do.
View 3 Replies
View Related
Jun 25, 2006
i have managed to create a community of cisco devices however although i can add the pix to the community it does not show up in the topology? HTTPS is enable. I can also access the pix via ASDM.
View 2 Replies
View Related
Jun 27, 2012
I need configuring a newly reinstated PIX515E with IOS 6.3 to test the configuration of a load balancer.I would like to setup with two Inside interfaces (or simply two interfaces) for testing. I just need it to pass traffic (basically HTTP and HTTPS) between these two interfaces without using NAT.The older IOS is causing me some problems. I don't have an outside interface configured for Internet access,but trying to connect via IP address does't work either. I may be able to configure a second DNS server for the 192.168.12.X network for testing purposes if needed. I even tried to set the default route to the Interface of the production ASA's inside interface (3.1), but that did not work either.
View 6 Replies
View Related
Feb 12, 2012
I just added a PIX515E to my lab (since this is a lab, if I need to change IP address, that is not a problem)....I thought I configured it right, but I am not able to ping any of my other routers/PCs.I have EIGRP on the other three routers, but not sure if I configured it right on the PIX.The diagram below shows my current network topology....(right now the PIX is connected vai Ethernet 1 to the switch, not the router itself) [code]
View 13 Replies
View Related
Aug 28, 2011
I just bought a used PIX515e. It is running version 8.0(3) and ASDM 6.1.5 Because I do not know the history of the unit, how can I tell if the image used came from cisco and not some download site? I guess I should've thought about this before buying it but hindsight is...you know. Worse case is that the person who had it before me dl the software that was infected with a backdoor or something else. I don't have a service contract so I'm kinda stuck.
Can I download the image from the firewall flash and compare a MD5SUM?
View 12 Replies
View Related
Feb 12, 2011
i have PIX515E firewall but i need to know through CLI how can i see the usernames for my VPN clients?
SH vpnclient? or sh ?
View 3 Replies
View Related
Feb 16, 2012
We are planning to upgrade the PIX515e (128 MB, 16 MB flash) adaptive software from 7.2(4) to 8.0.3(ED). In our environment the two PIXes are working in active-standby mode and experiencing high memory utilization.
1) What are the bug fixes(like memory leak fix) and new configuration options in the 8.0.3(ED)?
2) Is there any issues to upgrade 7.2 to 8.0.3(ED)?
3) Is the upgrade to new version software fix the memory utilization issue?
View 1 Replies
View Related
Sep 8, 2012
why the ethernet 3,4,5 is not licensed here ?
View 3 Replies
View Related
Mar 17, 2012
i wounder why i'm getting such log message whenever i'm trying to reach my remote site: No translation group found for tcp src outside XXXX dst dmz ZZZZ, i have a Cisco PIX515E firewall and that message is captured there, the traffic is going through a VPN tunnel (the VPN are up on both ends)
View 2 Replies
View Related
Jun 28, 2012
We have two PIX515E ( 6.3), one is Primary( Active) and second one is Standby. after configuration of Secondary Firewall as Standby. getting problem.
1. Configuration part everything is fine
2.we have done failover text also .
Aster Some time , we are not able see Standby Firewall its going down .
View 2 Replies
View Related
Nov 28, 2011
Quick question. I have a site - site tunnel that is up and running between a Pix 515E and a 3050 appliance.Tunnel is up and running but on the pix side I dont see traffic from a couple of subnets behind the inside interface.On the vpnallow access list there are no hits So I setup a capture on the inside interface to see if the packets is making it to the inside interface and nothing. There is some traffic making it thru the tunnel that would have to hit the inside int first and even that doesnt showup in the capture.
View 1 Replies
View Related
Sep 15, 2011
I have a PIX515E. I need to create a vpn to my clients office. PIX is alerady having two VPN, among two one is a dynamic VPN to a dynamic IP of netgear router.
It has two gateway(public IP). Configuration in MH2001 is pretty simple. and i have completed it.I have also completed configuration in PIX using ASDM. But the VPN is not up till now.
[code]...
View 1 Replies
View Related
May 20, 2012
I am trying to veiw my PIX515e via the ASDM, but I am unable to...Can you review my config and make sure I have everything setup the way it is supposed to?
PIX Version 8.0(4)32
!
hostname pixfirewall
domain-name jkkcc.com
enable password DQucN59Njn0OjpJL encrypted
passwd DQucN59Njn0OjpJL encrypted(code)
View 1 Replies
View Related
May 20, 2012
I am trying to veiw my PIX515e via the ASDM, but I am unable to...Can you review my config and make sure I have everything setup the way it is supposed to?
PIX Version 8.0(4)32
!
hostname pixfirewall
[Code].....
View 3 Replies
View Related
Oct 2, 2012
I am using Cisco 2911 & IOS version is 15.1. My problem is that after some days (e.g. 15-20 days), the routing table suddenly stops updating & then I have to enter the default route again to make it up. I am using Track 1 to track default route here. After primary link goes down, the Track is also going down but after coming the primary link up, the track is not coming up. So, I have to add the default route again to make it up.
View 2 Replies
View Related
Jan 13, 2013
The infrastructure has PIX515E as the Firewall and few Web Servers and Database Servers inside. Is it possible to retreieve information regarding the bandwidth available at the outside interface of PIX (Internet link utilization ) utilized by each of the nodes seperately? I could use SNMP to get the overall data transfer at the Outside interface of PIX but isit possible to get utilization details of individual nodes ? Is Netflow an option ?
View 10 Replies
View Related
Sep 27, 2012
i just installed a pix515e ( ios ver 6.2) in my network. and the vpn users can connect to it from the internet successfully but they aren't able to connect to any of the internal resources. some other informaion: i configured nating between the internal network (10.0.0.0/24) and the internet and another static nat policy between an internal resource through another public ip address on outside interface. but right now i need to let the vpn clients to connect to my internal resources.
View 5 Replies
View Related
Jul 18, 2011
I am in the process of migrating my config from my PIX running 8.0(4) to my ASA5520 running 8.2(1). I have converted the config so that it is ready for the ASA. I noticed the "boot system flash:" and "asdm image flash:" command references the old PIX files. Do I need to update these or will they be updated when the ASA reboots with the new config?
View 2 Replies
View Related
Dec 17, 2011
I just configure VPN for end users in PIX515e with IOS 8 and get stuck with "Tunnel Rejected: User (msveden) not member of group (VPN-shared), group-lock check failed.". tell me how I add user to my VPN group?
View 1 Replies
View Related
Jan 16, 2012
Can we use ACS 4.1 version recovery disc on 4.2 verison to recover the forgotten password.
View 1 Replies
View Related
Mar 11, 2013
which version of prime infrastructure supports wlc5508 version 7.4
View 2 Replies
View Related
Apr 3, 2012
provide me with the important links which can show me how to do the software upgrade for my ASA 5520 ver 7.0(1) to ver 8.4 ? as well as the ASDM
View 10 Replies
View Related
May 10, 2011
i am using Cisco ASA 5510 with ASA Version 8.0(4) and memory 256MB. me to Upgrade it to 8.3
View 6 Replies
View Related
Apr 7, 2013
Is there a way I can check the version of each device on two Cisco 6509 if they are Virtually connected (VSS)? When I enter the command show version, it only shows one result, unlike show module, you have an option to choose which switch by entering 1 or 2.
View 3 Replies
View Related
Nov 13, 2007
im trying to find out what is the latest ios version for 3500xl switch for upgrade it .
View 4 Replies
View Related
Apr 23, 2013
On the downloads page there's a 9.0.2.ED listed as the 'latest' but then if I expand the '9' below it I get to 9.1.1.ED. Which one is the actual latest? is there any way to tell the one that is not an 'interim' version I think 9.1.1 is also listed under interim?
View 4 Replies
View Related
Apr 25, 2012
I purchased several Cisco 2811 with Advanced IP Services - they are version 12.2.X
The product number looked like this
CISCO2811-HSEC/K9 2811 Bundle w/AIM-VPN/SSL-2,Adv IP Serv,10 SSL lic,128F/512D
I need to upgrade the IOS to version 15.1 - Do I require a license ? What happens if I install it without a License ? Am I entitled to a free license as I am not changing the software type (ADV IP Serv) ?
View 2 Replies
View Related
Sep 26, 2012
what should it be the minimum IOS version that I require on my WS-C6509-E equipments to support "logging origin-id" command?
Cisco documentation says that this command was introduced in 12.2(15)T, and integrated into 12.2(33)SXH.
BUT my Cisco switches have 12.2(33)SXH5 IOS version......and they do not support "logging origin-id".
(config)#logging ? Hostname or A.B.C.D IP address of the logging host buffered Set buffered logging parameters buginf Enable buginf logging for debugging cns-events Set CNS Event logging level console Set console logging parameters count Count every log message and timestamp last occurance esm Set ESM filter restrictions event Global interface events exception Limit(code)
View 2 Replies
View Related
May 7, 2012
I have this 4900M running version 12.2(54)SG1. I the log I get this 3 lines:
May 8 08:32:15: %C4K_SWITCHINGENGINEMAN-4-TCAMINTERRUPT: (Suppressed 429 times)flCam0 aPErr interrupt. errAddr: 0xC48 dPErr: 1 mPErr: 0 valid: 1
May 8 08:32:24: %C4K_L3HWFORWARDING-4-FLTCAMPARITYERROR: (Suppressed 866 times)FL Tcam Perr with no FwdEntry Hw index: 3144 Hw entry: Sw entry:
May 8 08:32:45: %C4K_SWITCHINGENGINEMAN-4-TCAMINTERRUPT: (Suppressed 432 times)flCam0 aPErr interrupt. errAddr: 0xC48 dPErr: 1 mPErr: 0 valid: 1
They seems to be coming on regular basis, repeating every minute. I've tried Google and the most relevant info I can find is this {URL}. But it says "Upgrade software to IOS version 12.2(52)SG or later OR 12.2(50)SG4 or later. ". I'm already running 12.2(54), so why does this 3 line repeatedly show up in the log every minute.
View 2 Replies
View Related
