|
Posted by Mousemen on November 27, 2006, 12:50 am
If you were Registered and logged in, you could reply and use other advanced thread options
tell I had to change the bandwidth on the trust interface from 0 to
something.I matched the untrust and trust with 1024 and it works.I was able
to ping but unable to move traffic thru the web browser, Now I have to get
help on the vpn setup.I dont know if this is possible but I would like to
setup a group and then just add users as I need or take away.I am
essentially trying to learn this and a cisco pix501 to be able to set them
up and have multiple sites connected together.
>>Its down as I took it of the network temporarily until I can get someone
>>to
>>help me with it. I just pulled up the settings from that to see if I
>>messed
>>up the trust ip's/. Not sure if I got the manage ip, trust ip and gateway
>>correct. When its connected to the cable modem it will pull an ip from
>>that.I'll hook up my laptop to it and it will get an ip.I can use the
>>webgui
>>to get to the management screens buts as far as it will let me get. Can't
>>get out to the internet with it. Do I need to setup the bandwidth useage
>>(how if so?) or any other policies. I have had it reset to default. I
>>connected the terminal cable to it to only pull the settings on the trust
>>side incase someone notices something there.
>
> Okay, there wasn't enough config/status posted in your first message
> to determine if something was right or wrong or what the problem was,
> other than you were showing the interface as down.
>
> Otherwise, the bit you posted looked okay.
>
> First steps to troubleshoot your problem.
>
> Make sure you can ping outwards from the firewall and get to your
> next-hop gateway.
>
> Make sure that you have a default static route installed.
>
> Make sure that you have a policy from Trust->Untrust allowing All-All-Any.
> (not every network wants this policy, but it is a default policy, and
> lets outbound traffic get out).
>
> If you are doing NAT (IIRC, you were), make sure the default any
> outbound policy has the NAT flag checked.
>
>
> You do NOT need to worry about bandwidth setup, or logging or usage at
> this point. Your basic setup is to put the IPs on the interfaces,
> setup the default route, and check on your policies. The policies and
> interfaces are what you need to worry about starting out.
>
>
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map