Hi,I am havning somw trouble in configuring NAT on intranet firewall. Below is my scenario and I would appreciate If any one can help me to resolve this issue. here is the my topology: DMZ Network - - - - - - - - - External Firewall - - - - - - ...
I'm something of a routing novice so bear with me...We have an ASA 5510 and we also have two separate address pools which have been provided by our ISP. The addresses are not contiguous. Is there a way to configure an interface on the ASA to handle...
Below is an example of the output from a “show access-list” command on the Cisco PIX/ASA.NDC-FW-01# show access-listaccess-list allow-in line 1 extended permit tcp any host <IP_1> eq www (hitcnt=186) 0x67305930access-list allow-in line 2 extended per...
I have this problem and Comcast is not a help in resolving.We just changed over to Comcast Business and after changing the outside interface to new IP and setting static route.I have access to internet and everythig appears to be good,However asdm w...
Hi,Can one say why do below error occurs at IKE phase 1 negotation:[Cisco] [IKE] ERROR: Invalid SA protocol type: 0[Cisco] [IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. [Cisco] [IKE] ERROR: Phase 1 negotiation failed d...
Every time I type in https://192.168.1.1 into my web browser, it keeps giving me a "page cannot be displayed" error and it happens on any browser. I'm running Java 6 update 7. I could get on it before when I used it to download ASDM but for whatever ...
I am looking to implement Zone-Based Firewall on some 2900 series routers (2911 and 2921.) Based on some research I've done it looks like the cisco2911-sec/k9 and cisco2921-sec/k9 bundles should be all I need. Is this correct, or is there some othe...
Over the course of the past three days, our ASA 5505 firewall has shut down twice. I looked through the Field Notices and it looks like this was a problem identified several years ago that was resolved for units built after June 1...
Dear All,If i use the following config in ASA. what will happen..?object network inside_10 host 10.10.10.10 object network outide_192 host 192.192.192.1 object network inside_10 nat static outide_192 object network outide_192 nat static inside_10...
Hi,I want to NAT exempt all traffic from inside interface with source address in "RFC1918" to any RFC1918 destination to be NAT exempted. Can I use all 3 IP ranges in one single Object and use as follows:!!object-group network RFC1918 network-object...
Hi folks,I don't know if I writting on the right forum, excuse me for that, but I'll go straight to the point.I was assigned the task to allocate the CLI commands per user basis, and by now the only options that I seem to fou...
Currently my ASA5510 has a 64MB internal flash. Does the ASA require a higher capacity flash for an IOS upgrade from 7.2(x) to 8.2(x)? The Cisco Release Notes does not state any internal flash requirement, but just wanted to double check.
Hi, all!several organizations wants to place their equipment and servers in my datacenter. They want to use the same resource - 10.3.1.5. I want to connect their servers and VPN-gates via my CISCO ASA 5510. When the organization was the only on ASA w...
Hi,I'm pretty sure the answer to this is that only one-to-one NAT will do, but in case I've missed a trick, please let me know. I have several internal devices that need to use PAT (due to limited global ip addresses) as shown below where incoming tc...
