cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


1203
Views
0
Helpful
2
Replies
Highlighted
Beginner

Asa 5505 Ios 8.4

     I configured a new Asa 5505 with Ios 8.44-1-k8.bin and when I installed the Asa the client's after about 1 hour were unable to ping

or map drives to the Asa.  I got the following error, %ASA-2-106007: Deny inbound UDP from XXXX to XXXX due to DNS Query.    I added the command    same-security-traffic permit intra-interface they were then able to ping the server

and connect to the Internet, but still unable to map drives

I could see the connections from the Pc's to the server in a show conn with was tcp port 445 with Saa

I reverted back to Ios 8.25 and everything works.

Here is the configuration

Everyone's tags (5)
2 REPLIES 2

Asa 5505 Ios 8.4

Hello,

Can you try the following and let me know the result:

no nat (inside,any) source static internal_net internal_net destination static external_net external_net

nat (inside,outside) source static internal_net internal_net destination static external_net external_net

access-list Split_VPN standard permit 172.30.240.0 255.255.255.0

group-policy RemoteVPN attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value Split_VPN

Then disconnect from the VPN client and try to reconnect

Also are you sure the DNS server is  172.30.240.41?

Regards,

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Beginner

Asa 5505 Ios 8.4

I cannot try anything right now. The client is up and running on the 8.25 level with no problems.

The dns server is the correct ip.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here