I have two ASA's running in active standby mode, each with an ASA SF module. I am getting errors on the SF module in the Standby because it is not receiving any traffic. I believe it is by design that the standby ASA SF module is not receiving any tr...
I have a question on an old 8.0(3) ASA. I inherited these from a previous developer and am having trouble getting into them through SSH from a remote location.Here is a rough setup for them: - I am in a remote office with 10.10.10.0 IP Subnet setup....
I have moderate skills with 5500 series ASAs, so please read what I have tried before spending the time to respond. The ASA that this is regarding is running 8.2(4), and I do not run ASDM. Also, I'm attempting to upgrade these dinosaurs to more moder...
All,I have a pair of ASA 5525 (9.3.1) running SourceFire (5.3.1). I currently have the ASA passing the traffic to the SF via sfr fail-open monitor-only. I'm doing this make sure the rules are being applied correctly. Traffic passes, to the SF, and...
on the ASA5520 i have configured 2 interface as Redundant Interface the behavior of the these interfaces one will be active and the other one remian Stand by till the active one fail or forced to change my Question is there is any way to make those R...
Hello all, I have the cxc module for asa 5515.Can anyone tell If there is a way to block specific incoming trafiic and how....I 'm trying to block the incoming traffic from team viewer in order to user cisco vpn.But we have licence team viewer in ord...
Hi,Good day I would like to ask how to block torrent traffic on asa 5510?I tried to this config. but didn't work. any idea??object-group service Blocked-UDP-Ports udpdescription All ports blocked for Bit Torrent UDPport-object range 10001 65535port-o...
Hi :-) I am new to cisco network devices and i need a little help. I would like to configure my asa to NAT SIP traffic from my PBX provider. I would like to do it very tight, so that only SIP connection from my PBX provider will be allowed to get tro...
Hey guys, have an asa question here. Was configuring an asa 5505 to limit users to only access only company resources and skype. I got skype working but the defined sites in the acl's aren't accessible. What am I doing wrong. Config file is attached
Is there a list of the port and protocol mnemonics used by Cisco somewhere? I am talking about those used in access lists, like "www" for port 80 and "smtp" for port 25, e.g.access-list XXX extended permit udp host 1.1.1.1 host 1.1.1.2 eq domainI ha...
I am cannot seem to get internet connectivity because I am experiencing the following errors. %SEC-6-IPACCESSLOGP: list INTERNET-IN denied udp 172.18.125.146(138) -> 172.18.125.191(138), 2 packets [CATCHALL]eck162-gw#traceroute 172.18000266: Mar ...
Dear all,I have this IOS ACL:permit tcp any 172.16.32.64 0.3.255.31 eq wwwthat needs to be converted to an ASA ACL. How should I configure my firewall with minimum numbers of lines within the ACL and/or object group?I don't really want to define 700+...
