473,837 Members | 1,722 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

2 Cisco ASA 5510's, an Exchange Edge Server, a DMZ, and a minefield.

15 New Member

Before you ask why I don't just put everything on the network, let me just say I do this on another person's will.

For purposes of this question I will refer to "Internal Network" as the located on the inside interface of the internal ASA
Domain names and public Ip's changed for protection of the client.
Domain names changed to domain, public IP's represented by xxx.xxx.xxx.###

To Setup Edge/Web Services that can communicate through 2 ASA 5510's to the Internal network. Allowing me to use the Edge server on the perimeter
To be able to hit the internet from all network points.
To be able to ping internally from any location to any location but not outside_in
To be able to maintain remote access to the internal servers
To not be laughed at for not putting the servers on the inside of the external ASA (hehe)

From the DMZ to the "Internal Network" (the main challenge, not working)
SMTP (to the internal exchange server)

From the Internal Network to the DMZ (everything currently is working, but as other changes might cause this to close I will need the following)
SMTP (from the internal exchange server)

All networks should have outbound access "outside" to the world

From the Outside in to the "internal network"
3389 (Working but if you have me change something elsewhere to break it, please fix it :))

From the outside to the DMZ
(perhaps more later but for now this is it)

Current Status:
Currently I can ping into the DMZ from the Internal Network
From the DMZ I can ping to
I can see http from the internal network on the DMZ
All networks currently can browse the internet.
RDP all the way in to the Internal network, works.

I would like to point out that I will make it a point to post working configs once this is finished.
I also appreciate any help offered.

The External ASA
Expand|Select|Wrap|Line Numbers
  1. ASA Version 8.0(2) 
  2. !
  3. hostname external
  4. domain-name domain.local
  5. enable password sg5gh5uh45g6 encrypted
  6. names
  7. dns-guard
  8. !
  9. interface Ethernet0/0
  10.  nameif outside
  11.  security-level 0
  12.  ip address xxx.xxx.xxx.82 
  13. !
  14. interface Ethernet0/1
  15.  nameif inside
  16.  security-level 49
  17.  ip address 
  18. !
  19. interface Ethernet0/2
  20.  shutdown
  21.  no nameif
  22.  no security-level
  23.  no ip address
  24. !
  25. interface Ethernet0/3
  26.  nameif dmz
  27.  security-level 40
  28.  ip address 
  29. !
  30. interface Management0/0
  31.  shutdown
  32.  no nameif
  33.  no security-level
  34.  no ip address
  35.  management-only
  36. !
  37. passwd iG0FMG.8O3nPFSqf encrypted
  38. boot system disk0:/asa802-k8.bin
  39. boot config disk0:/flash
  40. ftp mode passive
  41. clock timezone CST -5
  42. dns domain-lookup outside
  43. dns domain-lookup inside
  44. dns domain-lookup dmz
  45. dns server-group Internal
  46.  name-server
  47.  name-server
  48.  domain-name domain.local
  49. dns-group Internal
  50. same-security-traffic permit inter-interface
  51. object-group protocol TCPUDP
  52.  protocol-object udp
  53.  protocol-object tcp
  54. object-group service rdp tcp
  55.  port-object eq 3389
  56. object-group service DM_INLINE_TCP_1 tcp
  57.  port-object eq 50000
  58.  port-object eq 50001
  59. object-group service DM_INLINE_TCP_2 tcp
  60.  port-object eq 50000
  61.  port-object eq 50001
  62. access-list dmz-in extended permit tcp any host eq smtp 
  63. access-list dmz-in extended permit tcp any host eq www 
  64. access-list dmz-in extended permit tcp any host eq https 
  65. access-list dmz-in extended permit icmp any any 
  66. access-list dmz-in extended permit ip any 
  67. access-list dmz_access_in extended permit ip any 
  68. access-list outside_access_in extended permit tcp any any eq 3389 
  69. access-list inside_access_in extended permit icmp any any 
  70. access-list inside_access_in extended permit ip any any 
  71. pager lines 24
  72. logging enable
  73. logging asdm informational
  74. mtu outside 1500
  75. mtu inside 1500
  76. mtu dmz 1500
  77. no failover
  78. icmp unreachable rate-limit 1 burst-size 1
  79. icmp permit any inside
  80. icmp permit any dmz
  81. asdm image disk0:/asdm-602.bin
  82. no asdm history enable
  83. arp timeout 14400
  84. global (outside) 1 interface
  85. global (inside) 2 interface
  86. global (dmz) 3 interface
  87. nat (inside) 1
  88. nat (dmz) 1
  89. static (dmz,outside) tcp interface smtp smtp netmask 
  90. static (inside,outside) tcp interface 3389 3389 netmask 
  91. static (inside,dmz) netmask 
  92. access-group outside_access_in in interface outside
  93. access-group inside_access_in in interface inside
  94. access-group dmz-in in interface dmz
  95. route outside 1
  96. timeout xlate 3:00:00
  97. timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  98. timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  99. timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  100. timeout uauth 0:05:00 absolute
  101. dynamic-access-policy-record DfltAccessPolicy
  102. aaa authorization command LOCAL 
  103. aaa authorization exec authentication-server
  104. http server enable
  105. http inside
  106. http dmz
  107. http inside
  108. no snmp-server location
  109. no snmp-server contact
  110. snmp-server enable traps snmp authentication linkup linkdown coldstart
  111. no crypto isakmp nat-traversal
  112. telnet xxx.xxx.xxx.0 outside
  113. telnet inside
  114. telnet timeout 5
  115. ssh outside
  116. ssh inside
  117. ssh timeout 5
  118. console timeout 0
  119. threat-detection basic-threat
  120. threat-detection statistics access-list
  121. !
  122. class-map inspection_default
  123.  match default-inspection-traffic
  124. !
  125. !
  126. policy-map type inspect dns migrated_dns_map_1
  127.  parameters
  128.   message-length maximum 512
  129. policy-map global_policy
  130.  class inspection_default
  131.   inspect dns migrated_dns_map_1 
  132.   inspect ftp 
  133.   inspect h323 h225 
  134.   inspect h323 ras 
  135.   inspect rsh 
  136.   inspect rtsp 
  137.   inspect esmtp 
  138.   inspect sqlnet 
  139.   inspect skinny  
  140.   inspect sunrpc 
  141.   inspect xdmcp 
  142.   inspect sip  
  143.   inspect netbios 
  144.   inspect tftp 
  145.   inspect http 
  146. !
  147. service-policy global_policy global
  148. ntp server source outside prefer
  149. username admin password sfdgfgs45g5gh45h== nt-encrypted privilege 15
  150. prompt hostname context 

The Internal ASA
Expand|Select|Wrap|Line Numbers
  1. ASA Version 8.0(2) 
  2. !
  3. hostname internal
  4. domain-name domain.local
  5. enable password f443fg5sg45g encrypted
  6. names
  7. name nlf-srv-004 description Front End Server
  8. name nlf-srv-001 description DC1
  9. name nlf-srv-002 description Exchange
  10. dns-guard
  11. !
  12. interface Ethernet0/0
  13.  nameif outside
  14.  security-level 50
  15.  ip address 
  16. !
  17. interface Ethernet0/1
  18.  nameif inside
  19.  security-level 100
  20.  ip address 
  21. !
  22. interface Ethernet0/2
  23.  shutdown
  24.  no nameif
  25.  no security-level
  26.  no ip address
  27. !
  28. interface Ethernet0/3
  29.  shutdown
  30.  no nameif
  31.  no security-level
  32.  no ip address
  33. !
  34. interface Management0/0
  35.  shutdown
  36.  no nameif
  37.  no security-level
  38.  no ip address
  39. !
  40. passwd sg45g5g45g45 encrypted
  41. boot system disk0:/asa802-k8.bin
  42. ftp mode passive
  43. clock timezone CST -6
  44. clock summer-time CDT recurring
  45. dns domain-lookup outside
  46. dns domain-lookup inside
  47. dns server-group DefaultDNS
  48.  domain-name domain.local
  49. dns server-group Internal
  50.  name-server nlf-srv-001
  51.  name-server
  52.  domain-name domain.local
  53. dns-group Internal
  54. same-security-traffic permit inter-interface
  55. object-group protocol TCPUDP
  56.  protocol-object udp
  57.  protocol-object tcp
  58. access-list out-in extended permit icmp any any 
  59. access-list out-in extended permit tcp any any eq smtp 
  60. access-list out-in extended permit tcp any any eq 3389 
  61. access-list out-in extended permit ip any any 
  62. access-list inside extended permit tcp any host nlf-srv-002 eq smtp 
  63. access-list inside extended permit ip xxx.xxx.xxx.80 
  64. access-list inside extended permit ip any any 
  65. access-list inside extended permit icmp any any 
  66. pager lines 24
  67. logging enable
  68. logging console debugging
  69. logging asdm informational
  70. mtu outside 1500
  71. mtu inside 1500
  72. no failover
  73. icmp unreachable rate-limit 1 burst-size 1
  74. icmp permit any outside
  75. icmp permit any inside
  76. asdm image disk0:/asdm-602.bin
  77. no asdm history enable
  78. arp timeout 14400
  79. global (outside) 1 interface
  80. global (inside) 2 interface
  81. nat (inside) 1
  82. static (inside,outside) tcp interface 3389 nlf-srv-001 3389 netmask 
  83. access-group out-in in interface outside
  84. access-group inside in interface inside
  85. route outside 1
  86. timeout xlate 3:00:00
  87. timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  88. timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  89. timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  90. timeout uauth 0:05:00 absolute
  91. dynamic-access-policy-record DfltAccessPolicy
  92. http server enable
  93. http inside
  94. no snmp-server location
  95. no snmp-server contact
  96. snmp-server enable traps snmp authentication linkup linkdown coldstart
  97. no crypto isakmp nat-traversal
  98. telnet outside
  99. telnet inside
  100. telnet timeout 5
  101. ssh outside
  102. ssh inside
  103. ssh timeout 5
  104. console timeout 0
  105. management-access inside
  106. dhcpd address inside
  107. dhcpd dns nlf-srv-001 interface inside
  108. dhcpd enable inside
  109. !
  110. threat-detection basic-threat
  111. threat-detection statistics access-list
  112. !
  113. class-map inspection_default
  114.  match default-inspection-traffic
  115. !
  116. !
  117. policy-map type inspect dns migrated_dns_map_1
  118.  parameters
  119.   message-length maximum 512
  120. policy-map global_policy
  121.  class inspection_default
  122.   inspect dns migrated_dns_map_1 
  123.   inspect ftp 
  124.   inspect h323 h225 
  125.   inspect h323 ras 
  126.   inspect rsh 
  127.   inspect rtsp 
  128.   inspect esmtp 
  129.   inspect sqlnet 
  130.   inspect skinny  
  131.   inspect sunrpc 
  132.   inspect xdmcp 
  133.   inspect sip  
  134.   inspect netbios 
  135.   inspect tftp 
  136.   inspect http 
  137. policy-map gloabl_policy
  138.  class inspection_default
  139. !
  140. service-policy global_policy global
  141. ntp server source outside prefer
  142. prompt hostname context 
May 12 '10
10 8894
15 New Member
No worries sicarie, as promised here is what was ultimately missing and how one can do it themselves.

We must follow basic routing rules for internal networks. So if you had multiple routes and paths they must be defined, but if we are restricting traffic on any of those interfaces we must make exceptions.

This is the external config (modified for usable data)
Expand|Select|Wrap|Line Numbers
  1. ASA Version 8.0(2) 
  2. !
  3. hostname external
  4. names
  5. dns-guard
  6. !
  7. interface Ethernet0/0
  8.  nameif outside
  9.  security-level 0
  10.  ip address xxx.xxx.xxx.82 
  11. !
  12. interface Ethernet0/1
  13.  nameif inside
  14.  security-level 49
  15.  ip address 
  16. !
  17. interface Ethernet0/2
  18.  shutdown
  19.  no nameif
  20.  no security-level
  21.  no ip address
  22. !
  23. interface Ethernet0/3
  24.  nameif dmz
  25.  security-level 40
  26.  ip address 
  27. !
  29. dns domain-lookup outside
  30. dns domain-lookup inside
  31. dns domain-lookup dmz
  32. dns server-group DefaultDNS
  33.  name-server
  34.  name-server
  35.  domain-name domain.local
  36. dns-group Internal
  37. same-security-traffic permit inter-interface
  39. access-list dmz-in extended permit tcp host host eq 135 
  40. access-list dmz-in extended permit tcp host host eq smtp 
  41. access-list dmz-in extended permit tcp host host eq 50389 
  42. access-list dmz-in extended permit udp host host eq 50636 
  43. access-list dmz-in extended permit object-group TCPUDP host host eq domain 
  44. access-list dmz-in extended permit object-group TCPUDP host host eq domain 
  45. access-list dmz-in extended permit ip host host 
  46. access-list dmz-in extended deny ip any 
  47. access-list dmz-in extended permit ip any 
  49. access-list outside_access_in extended permit tcp any any eq 3389 
  50. access-list outside_access_in extended permit tcp any any eq www 
  51. access-list outside_access_in extended permit tcp any any eq smtp 
  52. access-list outside_access_in extended permit tcp any any eq https 
  54. access-list inside_access_in extended permit tcp host host eq smtp 
  55. access-list inside_access_in extended permit tcp host eq smtp 
  56. access-list inside_access_in extended deny tcp any any eq smtp 
  57. access-list inside_access_in extended permit ip any any 
  59. access-list nat0 extended permit ip host host 
  60. access-list nat0 extended permit ip host host 
  61. access-list nat0 extended permit ip host host 
  63. global (outside) 1 interface
  64. global (inside) 2 interface
  65. global (dmz) 3 interface
  67. nat (inside) 0 access-list nat0
  68. nat (inside) 1
  69. nat (dmz) 1
  71. static (dmz,outside) tcp interface smtp smtp netmask 
  72. static (inside,outside) tcp interface 3389 3389 netmask 
  73. static (dmz,outside) tcp interface www www netmask 
  74. static (inside,outside) tcp interface https https netmask 
  75. static (dmz,inside) netmask 
  76. static (inside,dmz) netmask 
  78. access-group outside_access_in in interface outside
  79. access-group inside_access_in in interface inside
  80. access-group dmz-in in interface dmz
  82. route outside 1
  83. route inside 1
And this is the internal config (also modified for usage)
Expand|Select|Wrap|Line Numbers
  1. ASA Version 8.0(2) 
  2. !
  3. hostname internal
  4. names
  5. name srv-4 description Front End Server
  6. name srv-1 description DC1
  7. name srv-2 description Exchange
  8. name srv-3 description DC2
  10. dns-guard
  11. !
  12. interface Ethernet0/0
  13.  nameif outside
  14.  security-level 50
  15.  ip address 
  16. !
  17. interface Ethernet0/1
  18.  nameif inside
  19.  security-level 100
  20.  ip address 
  21. !
  23. dns domain-lookup outside
  24. dns domain-lookup inside
  25. dns server-group DefaultDNS
  26.  domain-name domain.local
  27. dns server-group External
  28.  name-server xxx.xxx.xxx.xxx
  29.  name-server xxx.xxx.xxx.xxx
  30. dns server-group Internal
  31.  name-server srv-1
  32.  name-server srv-3
  33.  domain-name domain.local
  34. dns-group Internal
  35. same-security-traffic permit inter-interface
  37. access-list out-in extended permit tcp any any eq 3389 
  38. access-list out-in extended permit tcp any any eq smtp 
  39. access-list out-in extended permit ip any any 
  41. access-list inside extended permit tcp host srv-2 host srv-4 eq smtp 
  42. access-list inside extended deny tcp any any eq smtp 
  43. access-list inside extended permit ip any any 
  45. access-list nat0 extended permit ip host srv-1 host srv-4 
  46. access-list nat0 extended permit ip host srv-2 host srv-4 
  47. access-list nat0 extended permit ip host srv-3 host srv-4 
  49. global (outside) 1 interface
  50. global (inside) 2 interface
  52. nat (inside) 0 access-list nat0
  53. nat (inside) 1
  55. static (inside,outside) tcp interface 3389 srv-1 3389 netmask 
  56. static (inside,outside) tcp interface https srv-2 https netmask 
  57. static (inside,outside) tcp domain domain netmask 
  58. static (outside,inside) netmask 
  60. access-group out-in in interface outside
  61. access-group inside in interface inside
  63. route outside 1
You will notice a couple of major points.
Expand|Select|Wrap|Line Numbers
  1. route inside 1
A route to the network through another security appliance must be established, otherwise our traffic won't know where to go.

Next we need to create some exceptions so it will allow that traffic to pass correctly.
Expand|Select|Wrap|Line Numbers
  1. access-list nat0 extended permit ip host host 
  2. access-list nat0 extended permit ip host host 
  3. access-list nat0 extended permit ip host host 
This allows traffic to come from these 3 servers and talk to our DMZ server

Next we need to assign that access list to an interface.
Expand|Select|Wrap|Line Numbers
  1. nat (inside) 0 access-list nat0
This is where are servers are in relation to THIS ASA.

We repeat the exceptions on the internal ASA but it does not require a route, as we have already established one by ending at the "inside interface" of the "external ASA"

Expand|Select|Wrap|Line Numbers
  1. access-list nat0 extended permit ip host srv-1 host srv-4 
  2. access-list nat0 extended permit ip host srv-2 host srv-4 
  3. access-list nat0 extended permit ip host srv-3 host srv-4 
And as before, we must associate that with an interface
Expand|Select|Wrap|Line Numbers
  1. nat (inside) 0 access-list nat0
Allowing our traffic to reach the servers.

This is secure as we have limited that connection to only occur between hosts and not entire networks.

Remember that order of precedence on access-lists determines flow.

For example
Expand|Select|Wrap|Line Numbers
  1. access-list inside extended permit tcp host srv-2 host srv-4 eq smtp 
  2. access-list inside extended deny tcp any any eq smtp 
  3. access-list inside extended permit ip any any 
Starting at the top, the first line says that SMTP traffic can go from srv-2 to srv-4. The 2nd line says to deny all smtp traffic. Since the first line takes place first that is allowed.

Lastly, you can reach the "Internal" network from all the way outside by defining static paths and restricting them by access-lists.

So now, I can RDP to my internal servers. My servers can communicate via restricted paths to the DMZ/Edge Server, and vice versa all of the mail flow that is required.

All networks can hit the internet.
This is a recommended setup by the way to prevent against infected machines from sending out email from inside your network.

I removed the ICMP as I was finished with its uses, but simply adding in the correct access-lists enables imcp traffic from location to location again.

Hopefully this will help someone.
May 27 '10 #11

Sign in to post your reply or Sign up for a free account.

Similar topics

by: John Parker | last post by:
I'm looking for anyone who is using these two products together. I'm having a difficult time finding information on this combination and Oracle and Cisco are pointing the finger at each other with neither willing to be of any real help. I've found nothing in any of the oracle database groups and a search of all the groups turns up nothing. Any pointers to resources other than Oracle or Cisco resources would be greatly appreciated. ...
by: jeffpriz | last post by:
We have some developers here that work from home a couple days a week. The network/hardware group here has installed a Cisco Security Agent program on thier laptops. Now, when they work from home they regularly get the IIS "Server Application Unavailable" message when running the application in Debug mode.. The Cisco Security Agent seems to be the culprit.. it comes back with the message that the aspnet_wp.exe has tried to call...
by: jrefactors | last post by:
I want to know the differences between SQL Server 2000 stored procedures and oracle stored procedures? Do they have different syntax? The concept should be the same that the stored procedures execute in the database server with better performance? Please advise good references for Oracle stored procedures also. thanks!!
by: alanknipmeyer | last post by:
Hi, I`m in the process of migrating a Access 2002 (Run in 2000 mode) from Windows 98 to Win2K Server. It is a shared resource via a file share on the 98 Server. Client systems are Win98 with the shared drive mounted and the application run via the shared drive. I have tried once before, but came across some file locking issues. I thought i had addressed these file locking issues, but it came apparent I hadn't when data started to get...
by: Mike | last post by:
I need to do the logical equivelent of Server.Transfer to another server whos identity is known only upon receipt of the request. (The other machine is on-site, but not addressable from the outside world, which is one of many reasons I can't do a Redirect.) I'm assuming I have to make another request, and then copy the response back to the original response. What is the most efficient way of doing this? (All servers are IIS/Asp.Net.)...
by: Harry | last post by:
Hi there, we support a school network and schools are allocated webspace. To upload updates the schools website they FTP as follow - ftp://www.etc.etc.co.uk and upload new files to replace old ones. The problem we have is that the websites are cached at the Cisco Content Engines and take upto 3days to time out and update, so when a school uploads a new page the old is still displayed this problem only occurs within the Network. Is...
by: Grigs | last post by:
Hello, I have a project that contains a WebService that works great when connecting to it on my Localhost. Once we post the files to the test web server, all of the pages that do not touch the webservice work fine. However, the ones that do touch it get the following error: The request failed with HTTP status 404: Not Found Here is the full error:
by: Toni | last post by:
I have some program in VB6 (I can make new in .NET if it is necessary). This program is working with SQL Server 2000 database from long distance (computers are in agencies and is connected to DSL and VPN connection). Every few days some of computers can not connect to sql server, but other computer works. He can not find sql server or access denied. It is down until I reinstall windows (fresh copy of windows). Than it works. I supose that...
by: Yuri Shtil | last post by:
I want the users be able to browse and select files on the server side. Is there any good free or not very expensive commercial javascript package I could use? -- Yuri.
by: hotflash | last post by:
Hi All, Below is a GOOD working script that I use to search for the record either by the MOP ID for example 1, 2, etc... (record on the database) or by Network for example when you type Cisco. What I would like to do and is having problem is to either Search by Network or All MOP IDs on the database (show all records). Let's say if folks type in ALL, it will show all of the MOP IDs (Records) in the database. Thanks advance for your...
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, weíll explore What is ONU, What Is Router, ONU & Routerís main usage, and What is the difference between ONU and Router. Letís take a closer look ! Part I. Meaning of...
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.