Running EIGRP on network. Hub router connects to remote router via EIGRP and then I have 2 static routes getting traffic to the switch behind the checkpoint firewall(Edge-1 UTM). Some switches I can access while others I cannot.
We are setting up a vpn between a cisco RV082 and a checkpoint device. From the Cisco device we have set up (as remote IP) the public IP 85.xxx.xxx.xxx but when we try to start the tunnel the VPN log (from RV082) report the error "INVALID_ID_INFORMATION" as described below.
Jun 11 11:38:41 2013 VPN Log (g2gips1) #894: sending encrypted notification INVALID_ID_INFORMATION to 85.xxx.xxx.xxx:500 Jun 11 11:38:41 2013 VPN Log (g2gips1) #894: we require peer to have ID '85.xxx.xxx.xxx', but peer declares '10.yy.yy.yyy'
The IP 10.yy.yy.yyy. reported in the log is the natted ip of the Checkpoint device.
I have 5 static public IP addresses at my disposal. A checkpoint firewall with VPN access provides remote access for mobile users. How would I go about integrating the ASA 5505 SSL VPN into this network so some mobile users could continue using the checkpoint VPN client while others could have SSL VPN remote access? Attached is a graphic of the network.
I am working on a project to migrate a single Checkpoint firewall over to a single ASA 5510, no VPN, just firewall. The checkpoint firewall has 8 physical interface so the ASA 5510 also support physical 8 interfaces so thiw will be a one-to-one swap. At the moment, I don't have an ASA 5510 to test my theory so I am going to throw it out here. The checkpoint firewall is a SPLAT running on an powerfull IBM Server with 8 CPU dual cores with 32GB of RAM and it has 1200 rules with over 120,000 objects with some of the crazy NATs but it works so we will just leave it at that. There are not that much traffics going across the firewall so there are no need to put in an ASA 5585
I use the cisco conversion tool to do the policy conversion from Checkpoint to Cisco, I get about 1.5 million lines in the configuration. A lot of it has to do with Checkpoint having no concept of interface security level while ASA does. I am sure I can optimize it to cut down the number of lines in the configuration; however, that is not my main concern at the moment. The customer goal is that at the time when cutover from Checkpoint to Cisco ASA, they want everything to be perfect, meaning that it will work like magic.
My question is that can the ASA 5510 handle 1.5 million lines of configuration? Are there any limitations on this? I know there are limitations with FWSM but since I don't have an 5510 to test.
......................Computer 3 Router 1 points to a VPNRouter 2 access to the internetComputer 3 needs to access router 1 (VPN). Both Computer 2 and 3 are in a different room than computer 1, and router 1. Computer 2 is networked via cat5e to router 2.Is is possible to have Computer 2 and 3 share the cat5e, yet access different routers?
I can telnet to switch from checkpoint firewall access port and from switch directly. I can ping/traceroute successfully to the switch. Access-lists 14 & 15 are allowing the traffic I want. The router on the other side of the FW has 2 static routes and a default static route set up.
Here is some of the config from my switch:service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
aaa authentication login default local enable line none[code].....
Not sure of checkpoint firewall config....I have run wireshark when trying to telnet and I get no syn-ack back from remote switch. Just 3 consecutive syn attempts.I have some switches I can connect to and they go right through the 3 way TCP handshake and I cannot find any differences in the configs between the successful connections and the unsuccessful connections.
I have two windows 2008 machines on vmware. I assign 10.0.0.1/8 and 10.0.0.2/8 to them. Both connected to same virtual switch. Now should these two PCs ping each other? In my case they dont ping. What i get is Repy from <ip address>: Destination host unreachable.
would like to know how a bandwidth gets distributed in switches.for example consider a scenariowhere i have a coreswitch A and coreswitch B connected between each other througha a 1Giga Fiber, now each of my core switche are connected to two edge switches through fiber links. all edge switches have giga ports. now if i connect a pc with giga link in th edge switch of coreswitch A and tansfer a file to a PC connnected to the edge switch in network B.. how much bandwidth would i get?how does the switch allocate bandwidth?
I have a qsee dvr that is hooked up to a switch that is connected to a wirless router/modemI have forwarded the correct ports that I need to according to qsee, ports 80, 9000 and 100I can access the dvr from any computer on the network via its local ip address, but when I try to access it via a computer off of the network via the real world ip address of the network, I cannot access it. I can ping the real world ip address of the network and it is successful.
I have a Modem/Router combo and am trying to plug an 8 port switch directly into it and then have wireless AP's and other hardwired devices plugged into the switch. Normally, when I plug a switch into a router it requires no set up. This one on the other hand, will not work.
ISP Cable in Smart box. 4 cat 5 cables from various rooms in house to feed cable ready TV's and one from my computer room. Can I connect all cat 5's to switch that is connected to cable modem located in Smart box and connect Wireless Router to cat 5 in the computer room and expect router to work properly?
I have a dell powerconnect 2848 switch and setting up a vlan 3 an make port 1 mngt, port 48 uplink to layer 3 switch and tag vlan 1 and 3 to port 48 with cli commands for this setup. and also to untag ports 2-10 for computers
192.168.1.1 is a Linksys WRT610N acting as a router and DHCP server for addresses .100 to .150 192.168.1.2 is TEW-639 with DHCP turned off and connected to the Lynksys via one of the LAN ports.
I then have a FosCam camera with IP 192.168.1.010, connected either wirelessly or via a wire on a LAN port to the TEW-639W.
Here is my problem: If the FosCam is connected wirelessly to the TEW-639W I am unable to see it from any device connected to the Linksys. If I connect the FosCam via a wire to a LAN port on the TEW-639W then I can see it from a device connected to the Linksys device.If a device is connected to the network via the TEW-639, I can see the FosCam whether it is hardwired or wirelessly connected to the TEW-639. What am I doing wrong?Why can I not see the wireless connections on the TEW-639 from a Linksys connected device?,The setup is that the internet comes in and is connected to the Linksys, which then via LAN cable and LAN ports on both devices is connected to the TEW-639, which is then connected to the camera.
I am migrating an a group of workstations that run a fire system from one software to another. The current workstations run the following info:123.123.123.xxx 255.255.255.0The new workstations run:100.100.100.xxx 255.255.255.0There is a central switch location using a GE-DSG-244 Layer 2+ Managed switch. There are two remote location using GE-DS-82 Managed Switches.The two networks must remain isolated, yet use the same fiber communications. The central switch connects to the two location using MM Fiber. From my research I believe I need to use the 802.1q standard to allow port trunking between the two switches.
I work in a school department and wanted to hardwire two computers in my class using a workgroup switch. I only had one data port in my class. The tech guy told me the switch could cause the entire network to crash. Is that true? I thought a switch was just a passthrough device.
I went out and bought a linksys 5 port workgroup switch. I tried to hook my internet into it and my other computers into it , THINKING, I would be able to get internet on all. No go. I can get inter net on one, as you can tell. but all others nothing. and to make matters worse i got win 2000, win xp pro, and linux that I like to get online.. I have : renewed IP's assin Ip's refresh, purge dns. rebooted. all and rebooted in diferent orders. double checked connections, tested all lines. The network is on a rj45 ethernet .
Have one switch and network.PC number one have win98 and network adapter and connected to the switch.PC number two have winXP and network adapter and connected to the switch same as win98.Network works on win98 and winxp they see each other.internet working on winxp but dont work on win98
If there is a Network product which does "Routering" and "Firewalling" functionality at the same time?If there is then what are the advantages and disadvantages against using a Router only device connected to a Hardware Firewall only device.