Re: please help with my Cisco PIX-506E

Thanks for the reply Walter!

Can I just type those commands at the # prompt, or do I need to type a
command to be in config mode first?


Thanks again!!!


"Walter Roberson" <roberson@xxxxxxxxxxxx> wrote in message
news:49w_f.14427$gO.14124@xxxxxxxxxxx
In article <Piu_f.22646$I06.11440@xxxxxxxxxxxxxxxxxxxxx>,
Kremlar <kremlar@xxxxxxxxxxx> wrote:

Here is what I need to do:

1 - Currently there is a static (inside, outside) setup to open FTP
traffic
to our internal IP of 10.0.0.2. I need to change this so that it goes to
10.0.0.3 instead. This is what is in there currently:

static (inside,outside) tcp interface ftp 10.0.0.2 ftp netmask
255.255.255.255 0 0

How can I change this?

no static (inside,outside) tcp interface ftp 10.0.0.2 ftp netmask
255.255.255.255 0 0
static (inside,outside) tcp interface ftp 10.0.0.3 ftp netmask
255.255.255.255 0 0


2 - We currently have a bunch of users that VPN into our network through
this Cisco box. They all login with the same user name (vpnusers) and the
same password. This is fine for our use. I'm trying to figure out how
many
users we are limited to (by Cisco licenses, or anything else), and how to
increase this limit if necessary.

The PIX 506E running 6.3(2) or later code is rated to 25 -simultaneous-
remote peers. It has never been clear to me whether this includes PPTP;
I believe that it -does- include people using the Cisco VPN client.
The documentation does not make clear whether the 25 is a hard
limit, or whether it is a "suggested maximum" based upon average
performance measurements, or whether it a figure based upon average
memory usage patterns [i.e., perhaps if your configuration is relatively
simple then you might be able to handle more peers.] There is no way
to increase the limit on the PIX 506E; if you need more than 25
simultaneous, you would need to add another VPN device, or change your
506E for a higher model such as the 515E, or change your 506E for
one of the Cisco ASA5500 series, or a VPN Concentrator, or ... etc..

I'd also like to change the 'vpnusers'
password. This is what seems to represent our VPN configuration:

vpngroup vpnusers password ********

In the first command below, you can literally put in the asterisks: it
will not pay attention to the content that you put in for it, as long
as you have the right form.

no vpngroup vpnusers password ********
vpngroup vpnusers password NEWPASSWORD



.

Relevant Pages

  • Cisco router 831 PPTP VPN setup
    ... I'm trying to set up a PPTP VPN on a Cisco 831 router. ... 800-series software configuration guide from the Cisco site but it talks ...
    (comp.dcom.sys.cisco)
  • Re: Cico 800 (836) VPN to Internet NAT
    ... Even read all the Cisco documentation on VPDNs, ... I also have a VPN that is working normaly for the internal networks ... A client connected ...  >> Router and VPN Client for Public Internet on a Stick Configuration ...
    (comp.dcom.sys.cisco)
  • Re: New to IAS/RADIUS...
    ... Cisco IOS configuration for console access control through RADIUS is pretty much independent of the RADIUS server. ... I kinda sure that VPN clients will get prompted - but that may depend on the client etc. ...
    (microsoft.public.internet.radius)
  • Re: Newbie, Cisco 877, ipv6, IOS, completely stuck
    ... appears to support IPv6 (as per the Cisco website), ... The CLI (Command Line Interface) is a powerful interface, and still the choice of many. ... If you want to configure parameters you will need to enter "configuration mode". ...
    (comp.dcom.sys.cisco)
  • Re: Cisco soho-91 router
    ... access the CLI to change the configuration, because this router was previously configured for another use and I couldnt not get into the CRWS utility in a browser. ... I wanted to reset it to default, but I managed to screw up the configuration. ... privileged exec mode (enable command), ... IOS since you don't have a support contract with Cisco. ...
    (sci.electronics.repair)