Re: [fw-wiz] firewall-wizards Digest, Vol 7, Issue 16

I have had the same happen in my home lab. Are they running into power save/hibernate mode?

-- firewall-wizards-request@xxxxxxxxxxxxxxxxxxxxx wrote:
Send firewall-wizards mailing list submissions to

To subscribe or unsubscribe via the World Wide Web, visit
or, via email, send a message with subject or body 'help' to

You can reach the person managing the list at

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."

Today's Topics:

1. VPN question (Henderson, Bernadette)
2. ASA 5520 SNMP sub-interface counters (Neale Banks)


Message: 1
Date: Mon, 20 Nov 2006 16:00:09 -0500
From: "Henderson, Bernadette" <bernadette.henderson@xxxxxxxxxxx>
Subject: [fw-wiz] VPN question
To: firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
Content-Type: text/plain; charset="us-ascii"

I have a home grown network in my office for clients to use.(Outside of
my work network) The problem is that the amount of persons using it is
growing every time they come to my office for work for about a month
straight then leave for 6 months. All of them want to connect back to
their home office using the microsoft built in vpn client. They also now
use a Pix firewall which I have no knowledge of but they do have a
consultant who runs it for them. There are about ten users.

The dilemma I have is that about every 18 hours they all getting booted
out of their vpn and say they cant get onto the internet. It lasts about
5 to ten minutes and about the time I get on the road to come in to see
whats wrong, they are back up and running again. They are working night
and day weekends too...

In my office I have a T1 going to a cisco router, to a linksys router
for nat and then to and hp switch then piped over to the port in the
room to netgear switchboxes at the conference room tables.
My network guys say the T1 is fine etc etc.. I cant really see much of
anything from the linksys. What should I be looking for to uncover what
is booting them out and back up again so quickly? I called their tech
guy to look at the firewall log and am waiting for feedback.

Thanks in advance


This e-mail is from Dechert LLP, a law firm, and may contain information that is confidential or privileged. If you are not the intended recipient, do not read, copy or distribute the e-mail or any attachments. Instead, please notify the sender and delete the e-mail and any attachments. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...


Message: 2
Date: Thu, 23 Nov 2006 17:48:02 +1100 (EST)
From: Neale Banks <neale@xxxxxxxxxxxxxxxx>
Subject: [fw-wiz] ASA 5520 SNMP sub-interface counters
To: Firewall Wizards <firewall-wizards@xxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: TEXT/PLAIN; charset=US-ASCII


With a Cisco ASA 5520 running ASA software version 7.0(2), SNMP interface
counters for 802.1Q sub-interfaces appear to return the values for the
physical interface.

Anyone know if this is a known bug/limitation/whatver?

Alternatively, any workarounds?



firewall-wizards mailing list

End of firewall-wizards Digest, Vol 7, Issue 16
firewall-wizards mailing list

Relevant Pages

  • Re: XP Pro cannot accept VPN, Remote Desktop connections
    ... or "VPN Pass Through". ... > - We have a Linksys router, forwarding to an XP Pro server. ... > - Our network does not have a static IP address. ... > - connect to the server via Remote Desktop ...
  • ACL and Firewall
    ... I will be running a cisco router and ASA at the edge of my network. ... ACL to allow a VPN passthrough? ...
  • ASA 5505 as hardware vpn client to PIX 501 or ASA 5505 with network extension mode activated
    ... local network with Cisco VPN software client. ... ASA 5505 UL bundle to do the job. ... new ASA at the remote site and connect to the PIX 501 with easy vpn. ...
  • Need something easy.
    ... A windows network with a windows 2003 server ... A Linksys router that does allow passing of VPN protocols (but is not ...
  • Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
    ... This set of steps is redundant in many places, and it's also enormously expensive, since you're using no less than three different expensive bits of networking hardware (AP, PIX, VPN Concentrator), in addition to a bunch of x86 server hardware, windows server licenses, and at least one ISA license. ... Your computers necessarily don't have full access to your network infrastructure when they aren't logged on, so GPOs, software updates, etc can't be applied at the times you want them to be applied. ... Turning on, enabling, and implementing every possible security setting and device you think of is not defence in depth, and will probably only have two effects - your users won't use your wireless network, and you'll burn so much cash you won't have any left to spend on *useful* security measures. ...