RE: Cisco Workaround
From: Douglas Gullett (dougg03_at_comcast.net)
Date: 08/02/03
- Previous message: Brad Mills: "Re: Question for all"
- Maybe in reply to: Paul Benedek: "RE: Cisco Workaround"
- Next in thread: Adam Overlin: "RE: Cisco Workaround"
- Reply: Adam Overlin: "RE: Cisco Workaround"
- Reply: David Gillett: "RE: Cisco Workaround"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Adam Overlin" <adam.overlin@content-mgmt.com>, <security-basics@securityfocus.com> Date: Sat, 2 Aug 2003 11:49:01 -0400
Adam,
If the "cheat" *** you are referring to is the Cisco Security Alert, I am
guessing that you put in their access-list. For IPSEC you need to have
Protocol Port 51 (ESP) and Protocol Port 52 (AH) open, as well as UDP Port
500 (isakmp).
Doug
-----Original Message-----
From: Adam Overlin [mailto:adam.overlin@content-mgmt.com]
Sent: Thursday, July 31, 2003 12:59 PM
To: security-basics@securityfocus.com
Subject: RE: Cisco Workaround
I just joined this list so I haven't seen the whole thread on this issue,
thus my company's particular issue may have been discussed already, but I
thought I would see if I could get some help anyway.
Background:
We have a Cisco 827 router and a PIX 506e locally. Router being in front of
the PIX. We also have a co-location facility that we are connected via a
constant VPN tunnel. There we have a PIX 515e. The two pixes are what
control the VPN/encryption.
Issue:
The pixes don't run IOS so we didn't have to worry about upgrading those.
However, the router does. So we upgraded the router to the latest version.
Everything worked ok, except, the VPN tunnel. That got knocked out. Keep
in mind that I am no Cisco expert. I did the upgrade with the help of a
*cheat* *** that Cisco sent us. All I did was copy the information. I
didn't really understand what I was actually typing into the console (we
have another network consultant that is responsible for the "understanding
part, although he didn't know why it wasn't working either). :)
So after a little messing around we reverted back to the old IOS and
everything was peachy. A couple days later they sent us another version to
upgrade with and that did the same thing. Needless to say, we are still
upgradeless.
If there are any suggestions out there, I would really appreciate it. If I
didn't give enough info, please let me know, and I will get you whatever you
need (within my power of course).
Thanks in advance,
Adam
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Brad Mills: "Re: Question for all"
- Maybe in reply to: Paul Benedek: "RE: Cisco Workaround"
- Next in thread: Adam Overlin: "RE: Cisco Workaround"
- Reply: Adam Overlin: "RE: Cisco Workaround"
- Reply: David Gillett: "RE: Cisco Workaround"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
