Hello,
We have recently implemented a new Cisco ASA 5512-X firewall replacing and old Cisco ASA 5505 Firewall.
We have a number of issues which we are encountering and have so far been unable to rectify. The config was copied visually across to the new firewall from the old so the majority of the config matches the old firewall. I have attached the config.
1. VOIP Phones not conencting to ntp uk.pool.ntp.org - Our VOIP network is on its own vlan inside the network. The phones were able to conenct to the ntp externally before the new firewall was inplace. I have tested numerous access rules but with no luck.
2. VPN - We have setup a site to site VPN between the new Firewall and a SonicWall. The SonicWALL is showing the following errors from our firewall
| 07/10/2013 12:38:24.192 | Info | VPN IKE | Received IKE SA delete request | 77.107.90.203, 500 | 164.40.213.246, 500 | VPN Policy: New_VPN |
6 | 07/10/2013 12:38:24.192 | Warning | VPN IKE | Received notify. NO_PROPOSAL_CHOSEN | 77.107.90.203, 500 | 164.40.213.246, 500 | |
7 | 07/10/2013 12:38:24.160 | Info | VPN IKE | IKE Initiator: Start Quick Mode (Phase 2). | 164.40.213.246, 500 | 77.107.90.203, 500 | VPN Policy: New_VPN |
3. Firewall rules for outside coming in do not allow pointing to the NAT object of a device we have to use the internal network object instead.
Any help would be much appreciated.
Many Thanks
James