firewall-wizards@listserv.icsalabs.com
To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com
You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."
Today's Topics:
1. Re: How to rename a CMA in Provider-1 (A. Dreyer)
2. asa 5505 vpn ipsec l2l problem (Hrvoje Popovski)
----------------------------------------------------------------------
Message: 1
Date: Thu, 1 Oct 2009 10:27:38 +0200
From: "A. Dreyer" <ml10110@adreyer.com>
Subject: Re: [fw-wiz] How to rename a CMA in Provider-1
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Cc: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Message-ID: <20091001082738.GO27548@johndoe666.info>
Content-Type: text/plain; charset=us-ascii
Hi Trey,
> As my google-fu is seemingly weak today I put the question to you: is
> there a way to rename a CMA (or at least change the display name) in Check
> Point Provider-1?
Renaming the CMA is like renaming a SmartCenter Server - which usually means your CA changes, so all certificates need to be recreated.
Which version(s) are you running?
Regards,
Achim
--
Achim Dreyer
Senior Unix & Network Admin
RHCE, RHCA, CCSA, CCSE, CCSE+, CCNA
------------------------------
Message: 2
Date: Fri, 02 Oct 2009 14:09:11 +0200
From: Hrvoje Popovski <hrvoje@srce.hr>
Subject: [fw-wiz] asa 5505 vpn ipsec l2l problem
To: firewall-wizards@listserv.cybertrust.com
Message-ID: <4AC5ED67.9090807@srce.hr>
Content-Type: text/plain; charset=ISO-8859-2; format=flowed
hello eveyone,
i have asa 5505 with Base license and 7.2.4 sofware.
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 3, DMZ Restricted
Inside Hosts : 10
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
VPN Peers : 10
WebVPN Peers : 2
Dual ISPs : Disabled
VLAN Trunk Ports : 0
i'm trying to create l2l ipsec tunnel reading manual on
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/site2sit.html
and when i'm applying acl in crypto map
crypto map abcMap 1 match address acl
i'm getting this log:
Ignoring msg to mark SA with specified coordinates <abcMap, 1> dead
i don't have any debug messages (debug crypto ipsec 100)
google it but haven't found any answer.
thank you for your answers!
acl
access-list acl extended permit tcp host 192.168.11.11 host 10.1.100.13
eq 4000
access-list acl extended permit tcp host 192.168.11.11 host 10.1.110.250
eq 4000
access-list acl extended permit tcp host 192.168.11.11 eq ftp host
10.1.100.105 eq ftp
access-list acl extended permit tcp host 192.168.11.11 host 10.1.100.105
eq ftp-data
access-list acl extended permit tcp host 192.168.11.12 host 10.1.100.13
eq 4000
access-list acl extended permit tcp host 192.168.11.12 host 10.1.110.250
eq 4000
access-list acl extended permit tcp host 192.168.11.12 host 10.1.100.105
eq ftp
access-list acl extended permit tcp host 192.168.11.12 host 10.1.100.105
eq ftp-data
------------------------------
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
End of firewall-wizards Digest, Vol 42, Issue 2
***********************************************
No comments:
Post a Comment