Ivan Martinon

Member Since: Dec 01, 2004

English
Ivan Martinon commented on PERMITIR URL ESPECIFICA Y NEGAR EL RESTO ASA 5550 8.2(5) in Seguridad 4 years ago

Hola!Espero te encuetres muy bien, usar MPF es una herramineta poderosa y quizás te pueda ayudar a...

Ivan Martinon commented on Acceso a Servidor de Correo en VPN in Seguridad 4 years ago

Hola Josman,Espero tengas muy buena tarde, podrías poner la configuración de NAT que tienes en tu...

Ivan Martinon commented on Problema AP - Servidor Radius in Wireless 4 years ago

Hola Deivi,Buena tarde, tengo una pregunta para ti, este error que recibes ¿Lo recibes en el IAS,...

Ivan Martinon commented on Sincronia de NTP en un Switch 3750 que esta detras de un ASA 5540 in Seguridad 5 years ago

Hola Buenas tardes,Para poder sincronizar tu switch on un NTP externo son importantes varias...

Ivan Martinon commented on Cantidad de Traslaciones NAT en ASA in Seguridad 5 years ago

Hola Monica, buenos días!Para contestar a tu pregunta, referente a la cantidad de traducciones...

Ivan Martinon commented on Pregunte a los Expertos: Arquitectura y Operación de los Firewall Services Modules (FWSM) in Seguridad 5 years ago

Sebastian, recordemos que el comando same-security-traffic permit inter-interfaces sólo permite...

Ivan Martinon commented on Pregunte a los Expertos: Arquitectura y Operación de los Firewall Services Modules (FWSM) in Seguridad 5 years ago

Hola Fernando,Si tu pregunta tiene que ver con que haya una versión  con un procesador más potente...

Ivan Martinon commented on Pregunte a los Expertos: Arquitectura y Operación de los Firewall Services Modules (FWSM) in Seguridad 5 years ago

Federico, buenas tardes, por favor indícame si esta liga te sirve:http://www.cisco.com/en/US/docs/...

Ivan Martinon commented on Pregunte a los Expertos: Arquitectura y Operación de los Firewall Services Modules (FWSM) in Seguridad 5 years ago

Emanuel, buenas tardes, recordemos que tanto ASA como FWSM como PIX son equipos que mantienen una...

Ivan Martinon commented on ACS 5.2 Active Directory no disponible in Seguridad 5 years ago

Qué tal Javier,Buenos días, para tu problema en el cual el AD se mantuvo abajo por un tiempo...

Ivan Martinon commented on Error en los log de cisco asa in Seguridad 5 years ago

Hola Emilio buen día!A continuación te pongo la descripción del log según la documentación de Cisco...

Ivan Martinon commented on Configuracion Ldap in Seguridad 5 years ago

Juan, siendo así, entonces la estrategía sería la de Group-Policy por usuario, esto lo veo como...

Ivan Martinon commented on Configuracion Ldap in Seguridad 5 years ago

Juan,Básicamente harás lo mismo, lo que va a cambiar es la información y los atributos que usarás,...

Ivan Martinon commented on Configuracion Ldap in Seguridad 5 years ago

Juan,Buenas tardes, existen dos formas de hacer tal asociación, en versión 8.x puedes usar ldap...

Ivan Martinon commented on Configuracion Ldap in Seguridad 5 years ago

Juan,Desafortunadamente no existe aún el atributo "Framed-route" no está como soportado para...

Ivan Martinon commented on Configuracion Ldap in Seguridad 5 years ago

Hola Juan buenas tardes.Para poder darte lo que es más apropiado para resolver tu problema...

Ivan Martinon commented on NO SES POSIBLES ESTABLECER VPN FIREWALL 5500 in Seguridad 5 years ago

Hola buen día,Podrías subir la parte interesante de tu cofiguración de VPN, específicamente el...

Ivan Martinon commented on uncommon VPN U-turn configuration in VPN 5 years ago

This sounds more like a routing problem than a configuration/device problem, when using NAT your...

Ivan Martinon commented on 1841 as VPN concentrator in DMZ. Dynamic to static L2L or Remote in VPN 5 years ago

You need to try to pass any kind of traffic over this tunnel to get debugs, if you are not getting...

Ivan Martinon commented on uncommon VPN U-turn configuration in VPN 5 years ago

Riccardo,The pool was supposed to be left as it was defined, I did not asked you to define the pool...

Ivan Martinon commented on 1841 as VPN concentrator in DMZ. Dynamic to static L2L or Remote in VPN 5 years ago

About the modem's identifier type I thought that could be removed but if it can't leave it as...

Ivan Martinon commented on 867 as EasyVPN Server: Intermittent client connectivity in VPN 5 years ago

Shutting it down should remove the directly connected network, so give it a try to that.

Ivan Martinon commented on 867 as EasyVPN Server: Intermittent client connectivity in VPN 5 years ago

Any specific reason why the pool overlaps with the loopback? being a virtual interface should not...

Ivan Martinon commented on 867 as EasyVPN Server: Intermittent client connectivity in VPN 5 years ago

Christopher,Are you stating that the clients get an ip address with a range that is already used on...

Ivan Martinon commented on Hairpinning back to public IP address from VPN client in VPN 5 years ago

Hi, basically you need your clients to reach the remote public ip address via the existing site to...

Ivan Martinon commented on 1841 as VPN concentrator in DMZ. Dynamic to static L2L or Remote in VPN 5 years ago

Hi Amaury,Several things to check here, first on your 3G modem that hosts the VPN concentrator, are...

Ivan Martinon commented on L2TP VPN connection between windows-7 and ASA 5510 in VPN 5 years ago

Windows 7 such as Win Vista use a stronger level of encryption, L2TP tunnel is unable to ...

Ivan Martinon commented on AAA authentication over L2L in AAA, Identity and NAC 5 years ago

Your Radius server must have a client ip address definition, what is this ip address the public ip...

Ivan Martinon commented on uncommon VPN U-turn configuration in VPN 5 years ago

No worries, I was just pointing out that you should not use the actual ip address assigned to the...

Ivan Martinon commented on Site to Site Tunnel on Management Interface in Firewalling 5 years ago

So what happens is that traffic that is on the management interface cannot reach the network on the...

Ivan Martinon commented on Site to Site Tunnel on Management Interface in Firewalling 5 years ago

Just issueing "no management-only" should allow traffic to go through, assuming all other setting...

Ivan Martinon commented on AAA authentication over L2L in AAA, Identity and NAC 5 years ago

Carsten,How is your aaa server setup defined? is it showing something like aaa-server .... (inside...

Ivan Martinon commented on ASA Configuration Examples in Firewalling 5 years ago

For syslog, the level of information that you will send to your syslog depends of the level of...

Ivan Martinon commented on Site to Site Tunnel on Management Interface in Firewalling 5 years ago

This is expected behavior, traffic will not flow through the interface Management unless it is...

Ivan Martinon commented on multiple instances of dynamic vpn in VPN 5 years ago

The only possible way to have this would be to land each dynamic connection to a separate tunnel-...

Ivan Martinon commented on L2TP VPN connection between windows-7 and ASA 5510 in VPN 5 years ago

Mr Manish,Can you post your configuration on your ASA? remember ASA supports L2TP over IPSec as a...

Ivan Martinon commented on IKE Dead Peer Detection between Cisco ASA and Cisco PIX in VPN 5 years ago

Hi Nicholas,I think that both DPD settings must match on both ends, if these do not match then...

Ivan Martinon commented on uncommon VPN U-turn configuration in VPN 5 years ago

You might need to do some kind of ipsec on a stick just like nat on a stick see if this works:...

Ivan Martinon commented on uncommon VPN U-turn configuration in VPN 5 years ago

Please have your client connected into your router, once connected, get the following command from...

Ivan Martinon commented on uncommon VPN U-turn configuration in VPN 5 years ago

Riccardo,Assuming that what I understood is correct, what you need is for the vpn client to connect...

Ivan Martinon commented on ASA Cut through proxy configuration in AAA, Identity and NAC 5 years ago

Hi Vladimir,I think this might help you:http://www.cisco.com/en/US/partner/docs/security/asa/asa80/...

Ivan Martinon commented on VPN does not start from PIX to ASA in VPN 6 years ago

Hi Paul,What tipycally happens is that the SA gets corrupted, and it usually happens because the...

Ivan Martinon commented on VPN Client can not ping or reach anywhere... in VPN 6 years ago

ESP being filtered is quite a common issue and that is because ESP is porteless, on the other hand...

Ivan Martinon commented on VPN Client can not ping or reach anywhere... in VPN 6 years ago

Exactly, so you will need to check that the clients that are connecting have the option "...

Ivan Martinon commented on Trying to use RADIUS to control VPN and SSH access to ASA in AAA, Identity and NAC 6 years ago

Corey, Authorization exec works very diferent on ASAs as how it does on IOS, for instance on IOS...

Ivan Martinon commented on VPN Client can not ping or reach anywhere... in VPN 6 years ago

Ok, thanks, when you see this behavior, do you see packets encrypted and decrypted on the vpn...

Ivan Martinon commented on Site-to-Site with SA520 & ASA5505 in VPN 6 years ago

Salvatore,Please enable debug crypto isakmp 50 and debug crypto ipsec 50 and post them here.

Ivan Martinon commented on VPN Client can not ping or reach anywhere... in VPN 6 years ago

Understood, can you tell me what protocol is used by the subscriber network clients when they are...

Ivan Martinon commented on L2TP/IPSec windows to ASA in VPN 6 years ago

Please go ahead and enable the following command:crypto isakmp nat-traversalTry again.

Ivan Martinon commented on Cisco ASA VPN Site-to-Site WITH NAT to inside in VPN 6 years ago

The configuration has to be applied on the ASA with the 192.168.200.0 subnet on it's inside, it has...

Bio

CCIE Security 20837










Ivan Martinon's Stats

Points732
Discussion started 0
Answers marked as Correct 87
Endorsed 0
Content Rated 0