Hello, my question may sound stupid, but please explain to me the following behavior.CISCO ASA 5505Interfaces: OUTSIDE - 194.50.90.221 255.255.255.0 / security level 0DMZ - 192.168.12.254 255.255.255.0 / security level 25INSIDE - 192.168.0.6 ...
Hi, All! I have a Cisco ASA 5505 that I have configured. The outside interface is vlan 2 and the inside interface is vlan 1. Port 0 of the ASA is configured to be in vlan 2 and is connected to the ISP provided subnet. Port 1 is connected to my...
Hi,Is it possible to use a acl of ip addresses (phishing websites/hosts list) so that I can redirect this traffic to a internal webserver? On this webserver I explain why the user must not klick on links in mails etc.Regards, Marc
Hi,I'm experimenting with policing FTP traffic from outside interface to inside ftp clients on an ASA5510. I am able to police active-ftp connections by using ACLs which monitor port 20 & 21 and then using MPF. This is easy enough. Passive-ftp is pro...
I need a software to capture my ASA syslogs.currently I am using kiwi syslog, but there is a limit to what it can do.I cannot customize what I want to search and there is no function to create reports based on the syslogs.is there any other syslog so...
Dear Experts,Just want to ask you if can i permit RDP connection to AD Server but at the same time deny all outgoing traffics from such server - if I am connected through RDP ?Example :AD : 192.168.0.100Exchange : 192.168.0.200If someone connects to...
Hello,Really need a hand to understand what the .pkg files are doing?I have download a latest signature package - IOS-S573-CLI.pkgI copied it to flash on a test router and I can access it via SDMI have setup my router and put in all the config for IP...
HiPlease please please can someone help. I have an FTP server running on my DMZ. I can access it fine from another computer on the DMZ and am trying to open it up so I can conect via the 'net. After spending hours with google I have got as far as ...
Hello,I try to setup a ASA5510, but without success.Actually, I have Cisco1800(192.168.96.1/21) from my ISP connected to a cisco 3825 (via port with IP 192.168.96.2) all is working good.Now I want to insert a asa firewall between ISP router and 3825....
Hi,I've been asked to look at an ASA that is having issues. I don't recall seeing port forwarders in flash before. Is this legit or some kind of hack?sh flash--#-- --length-- -----date/time------ path 114 14635008 May 02 2011 00:59:32 asa803...
We have a requirement for a WSUS server to receive updates which sits behind a ASA5505/ and in some cases ASA5510. I understand to enable this to happen the WSUS server needs to communicate with many DNS names and therefore there are many potential ...
We have a 5510 running 8.4(2) and ASDM 6.4(3) and I don't see the nonat statements above the translated statements after upgrading from 8.4(1) to fix an ssh issue. They are there in the CLI, and I added one more, then exited and brought it back up ne...
Hi All,I have a query regarding order of NAT processing with the following configuration (as an example):nameif ethernet1 inside security100
nameif ethernet2 dmz1 security50nat (inside) 0 0.0.0.0 0.0.0.0static (inside,dmz1) 192.168.0.0 192.168.0.0 ne...
I have an ASA5520 (8.2 version of firmware) whose physical ports are all taken. I want to add a subinterface, but I believe I have set it up incorrectly:interface GigabitEthernet0/0description Ethernet to 2800 router (internet gateway)speed 1000duple...
We have a pair of 6500s with Sup720 running 12.2(33)SXI3. Each has an ACE-20 (s/w A2(2.0)) and FWSM (s/w v3.2(15)). We have reached a limit on the number of rules we can configure on the FWSM, and have determined that we shall upgrade to 4.1(5), with...
