PIX 515 adding a second DMZ

Hello

This is the specification of our PIX:

Cisco PIX Firewall Version 6.2 (2)

Cisco PIX Device Manager Version 2.0 (2)

Updated Saturday, June 7 02 17:49 by Manu

Firewall of the hours - days.

Material: PIX - 515, 32 MB RAM, Pentium 200 MHz processor

I28F640J5 @ 0 x 300 Flash, 16 MB

BIOS Flash AT29C257 @ 0xfffd8000, 32 KB

0: ethernet0: the address is 0003.6bf6.74a2, irq 11

1: ethernet1: the address is 0003.6bf6.74a3, irq 10

2: ethernet2: the address is 00a0.c944.395b, irq 9

Features licensed:

Failover: disabled

VPN - A: enabled

VPN-3DES: enabled

Maximum Interfaces: 3

Cut - through Proxy: enabled

Guardians: enabled

URL filtering: enabled

Internal hosts: unlimited

Throughput: unlimited

Peer IKE: unlimited

Is it possible to add a second DMZ simply by adding another network card to the system? If this is not the case, what I have to do to get a second DMZ?

Kind regards

Alan

You have already 3 interfaces, and your license only allows 3 (that you run limited license). Read the line of your worm above show: maximum Interfaces: 3

You must update your Unrestricted license, then you can have up to 6 interfaces.

It will be useful.

Steve

Tags: Cisco Security

Similar Questions

PIX 515 DMZ problem

Hello

We have some difficulty in moving traffic in and out of a Cisco PIx 515 firewall. We use it with two demilitarized. The first DMZ has a mail in her Server (before end mail server) that communicates with a different mail server (back end mail server) inside, it is called DMZ1. The second DMZ (DMZ2) has some users who are expected to pass through the firewall to the outside and use the internet and must have access to the e-mail DMZ1 server. Inside users must be able to use the Internet and can access DMZ1. Here's the important part of our Setup.

What we were doing, we can correctly access from inside, inside users to access internet permit to join the DMZ1 e-mail server and the mail in DMZ1 server the inside. Our problem is that we are unable to browse the internet on the DMZ1 Messaging server if we put DMZ1 as gateway ip address on that server and the address ip of the DNS of the ISP is propely located on the same machine. Also, we could not do DMZ2 users browse the internet, although we allowed the www Protocol in the fromOut access list. One last question, can we do the DMZ2 a DHCP server on the interface on the PIX and do distribute ip addresses to users on that subnet only? Thanks for any help in advance.

6.3 (3) version PIX

interface ethernet0 car

Auto interface ethernet1

Auto interface ethernet2

Auto ethernet3 interface

!

ethernet0 nameif outside security0

nameif ethernet1 inside the security100

nameif ethernet2 dmz1 security50

nameif ethernet3 dmz2 security40

!

fixup protocol dns-length maximum 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol 2000 skinny

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69

!

names of

!

IP outside X.Y.Z.163 255.255.255.248

IP address inside 192.168.0.9 255.255.255.0

dmz1 192.168.10.1 IP address 255.255.255.0

IP address dmz2 192.168.20.1 255.255.255.0

!

fromOut list of access permit icmp any host X.Y.Z.162 source-quench

fromOut list of access permit icmp any host X.Y.Z.162 echo-reply

fromOut list of access permit icmp any unreachable host X.Y.Z.162

fromOut list of access permit icmp any host X.Y.Z.162 time limit

fromOut list access permit tcp any host X.Y.Z.162 EQ field

fromOut list access permit tcp any host X.Y.Z.162 eq telnet

fromOut list access permit tcp any host X.Y.Z.162 eq smtp

fromOut list access permit tcp any host X.Y.Z.162 eq www

!

fromDMZ1 list of access permit tcp host 192.168.10.2 192.168.0.0 255.255.255.0

fromDMZ1 list of allowed access host ip 192.168.10.2 192.168.0.0 255.255.255.0

!

fromDMZ2 list of access allowed tcp 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0

!

pager lines 24

!

Outside 1500 MTU

Within 1500 MTU

dmz1 MTU 1500

dmz2 MTU 1500

!

Global (outside) 1 X.Y.Z.164 netmask 255.255.255.248

Global (outside) 2 X.Y.Z.165 netmask 255.255.255.248

NAT (inside) 1 192.168.0.0 255.255.255.0 0 0

NAT (dmz1) 1 192.168.10.2 255.255.255.255 0 0

NAT (dmz2) 2 192.168.20.0 255.255.255.0 0 0

static (inside, dmz1) 192.168.0.0 192.168.0.0 netmask 255.255.255.0 0 0

static (dmz2, dmz1) 192.168.0.0 192.168.0.0 netmask 255.255.255.0 0 0

static (dmz1, external) X.Y.Z.162 192.168.10.2 netmask 255.255.255.255 0 0

!

Access-group fromOut in interface outside

Access-group fromDMZ1 in interface dmz1

Access-group fromDMZ2 in the dmz2 interface

Route outside 0.0.0.0 0.0.0.0 X.Y.Z.161 1

Hi jamil,.

There is a sentence on the URL I sent you, you can now activate dhcp option within the interface. Just check this...

REDA

PDM with PIX 515 does not work

I just upgraded our PIX 515 of 6.1 to 6.2. I also added support FOR and loaded the version 2.1 of the PDM. I am trying to browse the MDP, but I can't. What Miss me?

Hello

have you added the following lines to your config file and have you used HTTPS to access the pix (http is not taken in charge, only https)?

Enable http server

http A.B.C.D 255.255.255.255 inside

A.B.C.D is the ip address of the host from which you are trying to reach the pix with the pdm.

If you're still having problems after the addition of these two lines, you might have a look at this page:

http://www.Cisco.com/warp/customer/110/pdm_http404.shtml

Kind regards

Tom

Cisco Pix 515 VPN problems

Hi all

Here's my problem, I have 2 PIX 515 firewall...

I'm trying to implement a VPN site-to site between 2 of our websites...

Two of these firewalls currently run another site to site VPN so I know who works...

I can't do the second site to the site to launch the VPN... when looking on the syslogs I get refused packages...

Protected networks are:

172.16.48.0/24 and 172.16.4.0/22

If I try to ping from the Cisco (172.16.48.4) to 172.16.4.5, I get the following syslog:

2 sep 02 2008 08:59:47 106001 172.16.48.4 172.16.4.5 incoming TCP connection doesn't deny from 172.16.48.4/1231 to 172.16.4.5/135 SYN flags on the interface inside

It seems that the tunnel is trying to initiate, but something is blocking the internal traffic to penetrate through the VPN.

Don't know what that might be, the other VPN are working properly.

Any help would be great...

I enclose a copy of one of the configs...

Let me know if you need another...

no road inside 172.16.4.0 255.255.252.0 172.16.48.1 1

Remove this path should you get. Please rate if it does. Similarly, if you have a road similar to the other end, it should be deleted as well.

termination of VPN client 4.0 on pix 515

I am trying to connect the cisco 4.0 vpn client to a worm of pix 515 6.1 and receive as a result of errors that I guess are the related hashing algorithm but am not sure. Only DES is not enabled 3DES. Config output Cisco post interprets but apparently no error in config.

Journal of VPN client:

Cisco Systems VPN Client Version 4.0 (Rel)

Copyright (C) 1998-2003 Cisco Systems, Inc. All rights reserved.

Customer type: Windows, Windows NT

Running: 5.0.2195

1 10:58:34.890 25/09/03 Sev = Info/4 CM / 0 x 63100002

Start the login process

2 10:58:34.906 25/09/03 Sev = Info/4 CVPND/0xE3400001

Microsoft's IPSec Policy Agent service stopped successfully

3 10:58:34.906 25/09/03 Sev = Info/4 CM / 0 x 63100004

Establish a connection using Ethernet

4 10:58:34.906 25/09/03 Sev = Info/4 CM / 0 x 63100024

Attempt to connect with the server "x.x.x.226".

5 10:58:35.953 25/09/03 Sev = Info/6 IKE/0x6300003B

Attempts to establish a connection with x.x.x.226.

6 10:58:36.000 25/09/03 Sev = Info/4 IKE / 0 x 63000013

SEND to > ISAKMP OAK AG (SA, KE, NO, ID, VID (Xauth), VID (dpd), VID (Nat - T), VID (Frag), VID (Unity)) at x.x.x.226

7 10:58:36.000 25/09/03 Sev = Info/4 IPSEC / 0 x 63700008

IPSec driver started successfully

8 10:58:36.000 25/09/03 Sev = Info/4 IPSEC / 0 x 63700014

Remove all keys

9 10:58:41.093 25/09/03 Sev = Info/4 IKE / 0 x 63000021

Retransmit the last package!

10 10:58:41.093 25/09/03 Sev = Info/4 IKE / 0 x 63000013

SEND to > ISAKMP OAK AG (Retransmission) to x.x.x.226

11 10:58:46.093 25/09/03 Sev = Info/4 IKE / 0 x 63000021

Retransmit the last package!

12 10:58:46.093 25/09/03 Sev = Info/4 IKE / 0 x 63000013

SEND to > ISAKMP OAK AG (Retransmission) to x.x.x.226

13 10:58:51.093 25/09/03 Sev = Info/4 IKE / 0 x 63000021

Retransmit the last package!

14 10:58:51.093 25/09/03 Sev = Info/4 IKE / 0 x 63000013

SEND to > ISAKMP OAK AG (Retransmission) to x.x.x.226

15 10:58:56.093 25/09/03 Sev = Info/4 IKE / 0 x 63000017

Marking of IKE SA delete (I_Cookie = 20FC277498A5D2DC R_Cookie = 0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING

16 10:58:56.593 25/09/03 Sev = Info/4 IKE/0x6300004A

IKE negotiation to throw HIS (I_Cookie = 20FC277498A5D2DC R_Cookie = 0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING

17 10:58:56.593 25/09/03 Sev = Info/4 CM / 0 x 63100014

Could not establish the Phase 1 SA with the server 'x.x.x.226' due to the 'DEL_REASON_PEER_NOT_RESPONDING '.

18 10:58:56.593 25/09/03 Sev = Info/5 CM / 0 x 63100025

Initializing CVPNDrv

19 10:58:56.593 25/09/03 Sev = Info/4 IKE / 0 x 63000001

Signal received IKE to complete the VPN connection

20 10:58:56.625 25/09/03 Sev = critique/1 CVPND/0xE3400001

Service Microsoft's IPSec Policy Agent started successfully

21 10:58:57.093 25/09/03 Sev = Info/4 IPSEC / 0 x 63700014

Remove all keys

22 10:58:57.093 25/09/03 Sev = Info/4 IPSEC / 0 x 63700014

Remove all keys

23 10:58:57.093 25/09/03 Sev = Info/4 IPSEC / 0 x 63700014

Remove all keys

24 10:58:57.093 25/09/03 Sev = Info/4 IPSEC/0x6370000A

IPSec driver successfully stopped

Journal of Pix:

crypto_isakmp_process_block: CBC x.x.x.194, dest x.x.x.226

Peer VPN: ISAKMP: approved new addition: ip:x.x.x.194 Total VPN peer: 1

Peer VPN: ISAKMP: ip:x.x.x.194 Ref cnt is incremented to peers: 1 Total VPN EEP

RS: 1

Exchange OAK_AG

ISAKMP (0): treatment ITS payload. Message ID = 0

ISAKMP (0): audit ISAKMP transform 1 against the policy of priority 1

ISAKMP: encryption... What? 7?

ISAKMP: hash SHA

ISAKMP: default group 2

ISAKMP: preshared extended auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4 0x9b

ISAKMP: attribute 3584

ISAKMP (0): atts are not acceptable. Next payload is 3

ISAKMP (0): audit ISAKMP transform against the policy of priority 1 2

ISAKMP: encryption... What? 7?

ISAKMP: MD5 hash

ISAKMP: default group 2

ISAKMP: preshared extended auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4 0x9b

ISAKMP: attribute 3584

ISAKMP (0): atts are not acceptable. Next payload is 3

ISAKMP (0): audit ISAKMP transform 3 against the policy of priority 1

ISAKMP: encryption... What? 7?

ISAKMP: hash SHA

ISAKMP: default group 2

ISAKMP: preshared auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4 0x9b

ISAKMP: attribute 3584

ISAKMP (0): atts are not acceptable. Next payload is 3

ISAKMP (0): audit ISAKMP transform 4 against the policy of priority 1

ISAKMP: encryption... What? 7?

ISAKMP: MD5 hash

ISAKMP: default group 2

ISAKMP: preshared auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4 0x9b

ISAKMP: attribute 3584

ISAKMP (0): atts are not acceptable. Next payload is 3

ISAKMP (0): audit ISAKMP transform 5 against the policy of priority 1

ISAKMP: encryption... What? 7?

ISAKMP: hash SHA

ISAKMP: default group 2

ISAKMP: preshared extended auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4 0x9b

ISAKMP: attribute 3584

ISAKMP (0): atts are not acceptable. Next payload is 3

ISAKMP (0): audit ISAKMP transform 6 against the policy of priority 1

ISAKMP: encryption... What? 7?

ISAKMP: MD5 hash

ISAKMP: default group 2

ISAKMP: preshared extended auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4 0x9b

ISAKMP: attribute 3584

ISAKMP (0): atts are not acceptable. Next payload is 3

ISAKMP (0): audit ISAKMP transform 7 against the policy of priority 1

ISAKMP: encryption... What? 7?

ISAKMP: hash SHA

ISAKMP: default group 2

ISAKMP: preshared auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4 0x9b

ISAKMP: attribute 3584

ISAKMP (0): atts are not acceptable. Next payload is 3

ISAKMP (0): audit ISAKMP transform 8 against the policy of priority 1

ISAKMP: encryption... What? 7?

ISAKMP: MD5 hash

ISAKMP: default group 2

ISAKMP: preshared auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4 0x9b

ISAKMP: attribute 3584

ISAKMP (0): atts are not acceptable. Next payload is 3

ISAKMP (0): audit ISAKMP transform 9 against the policy of priority 1

ISAKMP: 3DES-CBC encryption

ISAKMP: hash SHA

ISAKMP: default group 2

ISAKMP: preshared extended auth

ISAKMP: type of life in seconds

ISAKMP: lifespan (IPV) 0x0 0 x 20 0xc4

crypto_isakmp_process_block: CBC x.x.x.194, dest x.x.x.226

Peer VPN: ISAKMP: ip:x.x.x.194 Ref cnt is incremented to peers: 2 Total VPN EEP

RS: 1

Peer VPN: ISAKMP: ip:x.x.x.194 Ref cnt decremented to peers: 1 Total VPN EEP

RS: 1

crypto_isakmp_process_block: CBC x.x.x.194, dest x.x.x.226

Peer VPN: ISAKMP: ip:x.x.x.194 Ref cnt is incremented to peers: 2 Total VPN EEP

RS: 1

Peer VPN: ISAKMP: ip:x.x.x.194 Ref cnt decremented to peers: 1 Total VPN EEP

RS: 1

ISAKMP (0): retransmission of phase 1...

ISAKMP (0): retransmission of phase 1...

ISAKMP (0): delete SA: src x.x.x.194 dst x.x.x.226

ISADB: Reaper checking HIS 0x80db91c8, id_conn = 0 DELETE IT!

Peer VPN: ISAKMP: ip:x.x.x.194 Ref cnt decremented to peers: 0 Total of VPN EEP

RS: 1

Peer VPN: ISAKMP: deleted peer: ip:x.x.x.194 VPN peer Total: 0

ISAKMP: Remove the peer node for x.x.x.194

Thanks for any help

Hello

Pix isakmp policy should have DES, MD5, and group 2 for the 4.x to connect Cisco VPN client, these are proposals that the client sends to the server...

http://www.Cisco.com/univercd/CC/TD/doc/product/VPN/client/rel4_0/admin_gd/vcach6.htm#1157757

This link will show you IKE proposals be configured on the PIX (VPN server)

Arthur

How to open a port and limit the range of addresses that use it on PIX 515?

I have a Pix 515 v6.3 and a new piece of software that I'm getting soon need aura 5080 open port for incoming & outgoing HTTP traffic. The server will be in my DMZ to 10.0.0.1

I would like to restrict inbound access to this port so that it can be used in 4 specific IP adderess foreign xxx.xxx.xxx.24 through xxx.xxx.xxx.27 and also, if possible, limit the outbound destination using this port to a single specific foreign IP address xxx.xxx.xxx.30.

Could you please tell me the best way to do it.

Thank you in advance for a relative novice to PIX.

PIX (config) # access list acl-outside permit tcp host xxx.xxx.xxx.24 host MyWWWPublicIP eq 5080

PIX (config) # access list acl-outside permit tcp host xxx.xxx.xxx.25 host MyWWWPublicIP eq 5080

PIX (config) # access list acl-outside permit tcp host MyWWWPublicIP eq xxx.xxx.xxx.26 host 5080

PIX (config) # access list acl-outside permit tcp host MyWWWPublicIP eq xxx.xxx.xxx.27 host 5080

PIX (config) # access - group acl-outside in interface outside

PIX (config) # access list acl - dmx permit tcp host 10.0.0.1 xxx.xxx.xxx.30 eq 5080

PIX (config) # access - group acl - dmz dmz interface

static (inside, outside) MyWWWPublicIP 10.0.0.1 netmask 255.255.255.255 0 0

See also:

PIX 500 series firewall

http://www.Cisco.com/pcgi-bin/support/browse/psp_view.pl?p=hardware:PIX & s = Software_Configuration

Configuration of the PIX Firewall with access to the Mail Server on the DMZ network

http://www.Cisco.com/en/us/products/HW/vpndevc/ps2030/products_configuration_example09186a008015efa9.shtml

sincerely

Patrick

DNS traffic blocked after PAT - PIX 515

I have PIX 515 with 3 named NIC (internal, external, dmz)

I have 2 servers (Exchange and Windows 2000 with SMTP) in the demilitarized zone.

I currently have a static command pointing to doamin for exchange Server IP address in the DMZ.

I wanted to PAT on the IP address of the e-mail domain so that the configuration will look like as follows.

The IP field will be used for the global IP

all pop3 for global ip traffic will go to Exchange

all www for the global IP traffic will go to Exchange

all smtp for global ip traffic will go to the Windows 2000-based SMTP relay (SMTP relay is configured to send the e-mail received in exchange Server)

I hosted DNS udp and tcp traffic to the servers.

before pat, the server can use DNS to resolve IP domain e-mail and send mail to the Internet.

As soon as I PAT the Internet e-mail delivery stops.

When I did an NSLOOKUP command returns an error indicating that the DNS server cannot be resloved.

The servere DNS used by these 2 servers are servers DNS of ISP.

Is there any concern when you PAT.

Thank you

Hello

I found the problem:

for now, your dmz servers can go to the internet with pop3, smtp, and www. Only for these protocols is a (static) translation to provide in the config file.

You will need to will provide you a translation for other protocols (for example, dns) also. This can be accomplished with one of the following two things:

create a nat - pair overall for the DMZ for outdoor

NAT (dmz) 1 0.0.0.0 0.0.0.0

Global (outside) 1 200.100.100.168 (already exists)

create a static translation for each of the other protocols (next to pop3, smtp, www), you want to pass from the dmz to the internet (you already did that for www, pop3 and smtp).

Kind regards

Tom

PIX 515 limited software technical spec

I couldn't find a complete tech

specifications of the restricted part of the software on the PIX-515-R-DMZ-BUN, which is this chassis seem to bear no x interfaces, y amount of RAM and Z no users inside. X = 3, Y = 32 meg, which is Z and are there restrictions more and more of this?

Rgds

Martyn Beck

The only chassis PIX that has limitations of the user is the 501 PIX which comes with a 10, 50 or unlimited user license. The 515 has not any restrictions on the number of internal users that this number is rather arbitrary. Instead, we use the throughput and simultaneous connections that are roughly 190 MB of throughput and 130 000 simultaneous connections. Also the license restricted on the 515 does not failover of any kind.

Here is a link to 515E data sheets:

http://www.Cisco.com/en/us/products/HW/vpndevc/ps2030/products_data_sheet09186a0080091b15.html

I hope this helps.

Scott

PIX 515 6.1 (1) crashes every night

We have a PIX 515 E Firewall (failover) with a simple configuration to allow web traffic only from inside. PIX with three interfaces ethernet and the DMZ is rarely used for specific needs. A www server is hosted with authentication through aaa for incoming users inside.

For the last week, PIX crashes end each evening. No traffic doesn't cross the pix and we cannot ping all devices of pix as well. There are a lot of "no buffers" counts seen in all the PIX interfaces. The CPU usage is about 21%.

Can anyone help to determine if this could be a hardware problem?

Best regards, Murali

Hi Murali,

I'm not aware of any problem with the hardware, but there could be a software bug. I suggest that you open a case with cisco tac.

or you can upgrade to 6.1.4 which has fix for most of the bugs.

Thank you

Syed

Translation problem group on PIX 515

Hi can someone help me with this?

I'm trying to configure a PIX 515 to pass messages icmp from the interface vlan dmz configured on interface (Vlan 3) PIX inside interface.

setting it up like this

interface ethernet0 100full

interface ethernet1 100full

interface ethernet2 100full

physical interface ethernet2 vlan2

logical interface ethernet2 vlan3

ethernet0 nameif outside security0

nameif ethernet1 inside the security100

nameif ethernet2 msx interieure4

nameif dmz security7 vlan3

SH nat

NAT (inside) 1 0.0.0.0 0.0.0.0 0 0

NAT (dmz) 1 0.0.0.0 0.0.0.0 0 0

NAT (msx) 1 0.0.0.0 0.0.0.0 0 0

Global HS

Global (inside) 1 interface

Global interface (dmz) 1

Global (msx) 1 interface

At this stage I am not concerened with access lists that I get the error message is as follows

155:-echo request ICMP dmz:192.168.3.1 to 10.240.2.2 ID = 512 seq = 11520 length = 40

305005: no translation not found for icmp src dmz:192.168.3.1 dst domestic group: 10.240.2.2 (type 8, code 0)

I'm not an expert when it comes to the PIX can someone help. Two other things can help shed light on the problem, there is no configuration of routing between Vlan interfaces, this could be a problem? I tried a static command and still have the same error that the order was... static (dmz, inside) 192.168.3.1 192.168.3.1

Hi David:

As you try to allow host from an interface for low security to a high security interface, you must have

static (high, low) high high

In this case, you must:

static (inside, dmz) 10.240.2.2 10.240.2.2 netmask 255.255.255.255 0 0

I assume that you already have an access list to allow the icmp message of echo applied to the DMZ interface. If it is not already there, just add an ACE to allow the icmp message to echo that you should be good to go.

Sincerely,

Binh

Accounting customer VPN on PIX 515 worm problem. 6.3

Hello everyone! Is it possible to configure PIX 515 worm. 6.3 to send logs to the RADIUS to break when a VPN Client user loggs in and outside loggs? I can't find any aaa accounting command which allows this.

Hello

Accounting of VPN was added in PIX 7.x. It is not available with 6.x

Kind regards

Vivek

Satellite P300-16 t - adding a second drive HARD-success!

I have added a second hard drive today for my Toshiba P300-16 t.

I realized that I had a Toshiba SATA drive in a USB disk device that would spare - 250 gb.

I improvised by removing the feet spread on the cover of the second cage to hard disk using a sharp knife. I put the Bank in place ensuring maximum safety. I also used a heat-resistant material (say what) to secure the drive up as readers are rarer than hen's teeth. I made sure that the reader also had room to breathe. The cover was then released and I turned on my computer and it found the new HDD, the installed drivers at home but hey presto! Another 250 GB to play with.

Now, I did it is because I call four FSA in the United Kingdom but they weren't any help by providing a cage for the second disc.
Two said they only deal with businesses and not individuals.
Others have said that they only provide power cables and batteries!
Hope that my Tosh never goes down and I must use their services...

Anyway, I don't recommend anyone do what I just - it is possible if you are a bit adventurous...

Have you used the Hotglue?

Surely, you can get the FSA HARD drive media. Unless there is a global shortage on cradles P300: p

Will, adding a second video card to the top of my total video memory or each card is discreet?

Very well. I have a desktop which is a few years old, and I need to more video memory in order to run some new games smoothly. So far, my 'helper' on my desktop HP has been useless for helping me find this basic information:

-Info on my diet

-I still have how many slots have opened

Also, will adding a second card to the top of my video RAM in all, or do I have to replace the primary card?

Thanks for any help!

Info:

Model name d4996t

Microsoft Windows Vista - Home Premium Edition (x 32)

Current vidcard NVIDIA GeForce 8800 GTS

Motherboard Info:

Motherboard
-----------------------------------------------------------------------------

System Board

Chipset Intel Q35/Q33/P35/G33 SouthbridgeIntel 82801IR (ICH9R)

Box spring

Manufacturer ASUSTeK Computer Inc. productBurbank

BIOS

Name of the vendor American Megatrends Inc. Release Date 2008-12-17 the string of BIOS Version 5.21 ROM size1.00 MB

Intel (r) Core (TM) 2 Duo CPU E6850 @ 3.00 GHz CPU:0

Specification of the Intel (r) Core (TM) 2 Duo CPU E6850 @ 3.00 GHz size 64,00 k size4.00 MB

Intel (r) Core (TM) 2 Duo CPU E6850 @ 3.00 GHz CPU:1

Specification of the Intel (r) Core (TM) 2 Duo CPU E6850 @ 3.00 GHz size 64,00 k size4.00 MB

Hello

Review the following sugggestions:

Sapphire Radeon $6850---135 after rebate, 128 GB / s---> probably the best price/performance ratio

Sapphire Radeon $6870---170 after rebate, 134 Gbit / s---> 3D ATI support

EVGA NVIDIA 560 TI DS$---240 after rebate, 134.5 Gbps

EVGA NVIDIA $560 ---160 after rebate, 128.2 Gbps

Corsair CX600 POWER block $---50 after rebate---> measure your current diet and make sure that it matches (5.9x3.4x5.5)

' HP ' how-to 'articlesshould be useful. Read the reference document which I had quoted above.

HP Envy 17 K2Z68AV: Adding a second hard drive for HP Envy 17 K2000 Series notebook PC

So, I have been looking around for more information on adding a second HDD/SDD in my model of laptop computer on the web, but can't find anything on my specific model. Many places say K-series laptops have only one hard drive Bay, and that you use a hard drive caddy optical Bay. Moreover, I found videos of very similar models being dismantled, which seem to have only room for 1 hard drive. However, I was told to support twitter HP want all 17 have 2 hard drive slots. Can I get a confirmation, just to be sure?

Hey @MrMdr,

Thank you for visiting the HP Forums! A place where you can find solutions for your problems with the help of the community!

I stumbled upon your post on the laptop and wanted to help you! I looked in your question about your Notebook HP ENVY - 17 t - k200 CTO, model #K2Z68AV and concerns with the second span. Looking to 256 GB SATA m2 (MLC) that could be used for storage only. It is a hard drive, but it fits differently than the main hard drive. Hereis a link to your manual page 2 which shows the specifications.

It shows you how to install this on page 68 of the manual.

Please let me know how it goes.

By clicking on the Thumbs Up below, you can say thank you! .

Thank you.

I had a windows 2008 r2 domain 1 DC everything worked fine, I added a second windows of DC 2012 now Kerberos does not work for RDP

I had a windows 2008 r2 domain 1 DC everything worked fine, I added a second windows of DC 2012 now Kerberos does not work for the RDP, Hyper V replication is nothing below a couple of samples of what I see I do not know where to begin finding the problem

+ System

-Supplier

[Name] Microsoft-Windows-Security-Kerberos
[Guid] {98E6CFCB-EE0A-41E0-A57B-622D4E1B30B1}
[EventSourceName] Kerberos

-EventID 3

[Qualification] 32768

Version 0

Level 2

Task 0

Opcode 0

Keywords 0 x 80000000000000

-TimeCreated

[SystemTime] 2016-01 - 03 T 01: 34:27.000000000Z

2991 EventRecordID

Correlation

-Execution

[ProcessID] 0
[ThreadID] 0

Channel system

Computer DC02.xxxxxxonline.com

Security

-EventData

LogonSession xxxxxxONLINE.COM\xxxxxx
ClientTime
1:34:27.0000 03/01/2016 Z ServerTime
Error code 0 x 19
ErrorMessage KDC_ERR_PREAUTH_REQUIRED
ExtendedError
ClientRealm
CustomerName
ServerRealm xxxxxxONLINE.COM
ServerName krbtgt/xxxxxxONLINE.COM
TargetName krbtgt / * address email is removed from the privacy *
ErrorText
E file
Line d3f
30773054A103020113A24D044B3049301FA003020112A1181B16524F434B45594F4E4C494E452E434F4D726F636B65793005A003020117301FA003020103A1181B16524F434B45594F4E4C494E452E434F4D726F636B65793009A103020102A20204003009A103020110A20204003009A10302010FA2020400

--------------------------------------------------------------------------------

Binary data:

In the words

0000: 54307730 010203A 1 044DA213 3049304B
0008: 0203A01F 18A 11201 4F52161B 59454B 43
0010: 494C4E4F 432E454E 6F724D4F 79656B 63
0018: 03A 00530 30170102 0203A01F 18A 10301
0020: 4F52161B 59454B 43 494C4E4F 432E454E
0028: 6F724D4F 79656B 63 03 HAS 10930 A2020102
0030: 30000402 0203 HAS 109 02A 21001 09300004
0038: 010203 A 1 0402A20F 00

In bytes

0000: 30 77 30 54 A1 03 02 01 0w0T¡...
0008: 13 4 04 4 B 30 49 30 A2. ¢ M.K0I0
0010: A0 03 02 01 12 A1 18 1F. ....¡.
0018: 1 16 52 4F 43 4 B 45 59 B... XXXXXX
0020: 4F 4 49 4F 4E 45 2ND 43 ONLINE. C
0028: 4 72 6F 63 6 b 65 79 OMxxxxxx 4F
0030:30 05 A0 03 02 01 17 30 0. .... 0
0038: A0 03 02 01 03 A1 18 1F. ....¡.
0040: 1 16 52 4F 43 4 B 45 59 B... XXXXXX
0048: 4F 4 49 4F 4E 45 2ND 43 ONLINE. C
0050: 4 72 6F 63 6 b 65 79 OMxxxxxx 4F
0058:30 09 03 02 01 02 A2 A1 0... ¡¢
0060: 02 04 09 03 02 A1 00 30... 0.¡..
0068:01 A2 02 04 00 30 09 10... ¢... 0.
0070: A1 03 02 01 0F A2 02 04... ¢...
0078: 00 .

+ System

-Supplier

[Name] Microsoft-Windows-Security-Kerberos
[Guid] {98E6CFCB-EE0A-41E0-A57B-622D4E1B30B1}
[EventSourceName] Kerberos

-EventID 3

[Qualification] 32768

Version 0

Level 2

Task 0

Opcode 0

Keywords 0 x 80000000000000

-TimeCreated

[SystemTime] 2016-01 - 02 T 16: 52:38.000000000Z

2943 EventRecordID

Correlation

-Execution

[ProcessID] 0
[ThreadID] 0

Channel system

Computer DC02.xxxxxxonline.com

Security

-EventData

LogonSession xxxxxxONLINE.COM\xxxxxx
ClientTime
16:52:38.0000 02/01/2016 Z ServerTime

Error code 0 x 19
ErrorMessage KDC_ERR_PREAUTH_REQUIRED
ExtendedError
ClientRealm
CustomerName
ServerRealm xxxxxxONLINE.COM
ServerName krbtgt/xxxxxxONLINE.COM
TargetName krbtgt / * address email is removed from the privacy *
ErrorText
E file
Line d3f
30773054A103020113A24D044B3049301FA003020112A1181B16524F434B45594F4E4C494E452E434F4D726F636B65793005A003020117301FA003020103A1181B16524F434B45594F4E4C494E452E434F4D726F636B65793009A103020102A20204003009A103020110A20204003009A10302010FA2020400

--------------------------------------------------------------------------------

Binary data:

In the words

0000: 54307730 010203A 1 044DA213 3049304B
0008: 0203A01F 18A 11201 4F52161B 59454B 43
0010: 494C4E4F 432E454E 6F724D4F 79656B 63
0018: 03A 00530 30170102 0203A01F 18A 10301
0020: 4F52161B 59454B 43 494C4E4F 432E454E
0028: 6F724D4F 79656B 63 03 HAS 10930 A2020102
0030: 30000402 0203 HAS 109 02A 21001 09300004
0038: 010203 A 1 0402A20F 00

In bytes

0000: 30 77 30 54 A1 03 02 01 0w0T¡...
0008: 13 4 04 4 B 30 49 30 A2. ¢ M.K0I0
0010: A0 03 02 01 12 A1 18 1F. ....¡.
0018: 1 16 52 4F 43 4 B 45 59 B... XXXXXX
0020: 4F 4 49 4F 4E 45 2ND 43 ONLINE. C
0028: 4 72 6F 63 6 b 65 79 OMxxxxxx 4F
0030:30 05 A0 03 02 01 17 30 0. .... 0
0038: A0 03 02 01 03 A1 18 1F. ....¡.
0040: 1 16 52 4F 43 4 B 45 59 B... XXXXXX
0048: 4F 4 49 4F 4E 45 2ND 43 ONLINE. C
0050: 4 72 6F 63 6 b 65 79 OMxxxxxx 4F
0058:30 09 03 02 01 02 A2 A1 0... ¡¢
0060: 02 04 09 03 02 A1 00 30... 0.¡..
0068:01 A2 02 04 00 30 09 10... ¢... 0.
0070: A1 03 02 01 0F A2 02 04... ¢...
0078: 00 .

This issue is beyond the scope of this site which is for the consumer to related issues.

To ensure that you get a proper answer, ask either on the Technet site, if it is a type of Pro problem, or MSDN if it's related to the developer

http://social.technet.Microsoft.com/forums/en-us/homes/en-us/home

http://social.msdn.Microsoft.com/Forum

PIX 515 adding a second DMZ

Similar Questions

Maybe you are looking for