I-BLOG

One of the basic questions that every administrator have is about configuring static NAT for the services they provide for their customers (mail/web/application/VoIP etc). I have myself answered this question a lot of times in Experts-Exchange. So here is the standard configuration; Cisco Router : ip nat inside source static <protocol> <InternalIP> ... Continue Reading

One of the basic questions that every administrator have is about configuring static NAT for the services they provide for their customers (mail/web/application/VoIP etc). I have myself answered this question a lot of times in Experts-Exchange. So here is the standard configuration; Cisco PIX Firewall : static (inside,outside) <PublicIP> <Private IP> netmask ... Continue Reading

No comments :-) ... Continue Reading

One of the recent post in EE that came up was a user wanted to have a scenario where-in he has multiple subnets in his network and he wants to do unique patting for all those networks when they exit for internet access. Say for example if my SubnetA has an ... Continue Reading

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00801e419a.shtml Above includes the various p2p blocking using PIX firewall, one of the hottest and greediest on your networks :-(  ... Continue Reading

I guess one of the nice utility often forgotten that comes with Cisco VPN Client is SetMTU. It is installed with the client and you can find it at; StartMenu->Programs->Cisco VPN Client->SetMTU So it is a peaceful life and don't have go through the GUid in registry finding out which adaptor you ... Continue Reading

Everyday I learn something and one such thing is this; Think of a scenario where you have to build site-to-site VPN between 2 PIXs. Adding interest to this is, the outside interfaces of both the pixes are connected to each other directly like this; Internal-----PIX1--Outside----------Outside--PIX2-----Internal With all configuration options as mentioned at ... Continue Reading

Ever noticed this fact ? When a trace route is done from a network which is protected by PIX firewall, the pix interface doesn't appear in the hop list ? Consider this network; 10.1.1.1--------(10.1.1.2)Router(100.100.100.100)----(100.100.100.101)(PIX)(200.200.200.200)-----InternetIP Trace route will list; 10.1.1.2 100.100.100.101 InternetIP The PIX interfaces will not be listed in it, either the trace route in 'inbound' or ... Continue Reading

The name is kinda funny, we'll see what it is all about. Often times, a network hosting the webserver on the internal network is protected by a Cisco PIX firewall. So anybody accessing the site from the Internet would just access it as http://www.domain.com, and since it is registered with ... Continue Reading

Setting up a VPN session between remote user and Cisco PIX firewall is fairly easy because of numerous documents out there at Cisco site. Uniquely enough, there might be a situation where you want a particular VPN client to be given a static ip all the time ? How do ... Continue Reading