I have been trying to configure 2 static nat rules to allow traffic to pass to a internal server for http and RDP serviceshere is what I currently have working:interface eth 0/0 "extranet" IP: 64.xxx.xxx.148interface eth 0/1 "intranet" IP 10.xx...
Hi,Is it possible to copy a CSM server's configuration to another CSM server installation? I only want to copy the security policies (policy objects, access rules +) configured on the old server, not the device registration and and logs.How can this ...
Experiencing intermittent 443 connection issues to ASP. I am looking for best debugging tips for TCP which output would be directed to syslog server. Any suggestions??
Hi All,For ASA, is there any standard or a need of having a in and out access-group for each inside or outside interface, or is it base on situation and requirement?Regards,Lawrence
I have a remote site customer that is in the process of replacing their ACS servers,and have several questions:1) What version should we be installing?2) Where can we get a clean binary installer (or do we have to start with 3.x or 4.0 & upgrade-if u...
I was wondering how to check IPS version in Cisco ASA 5520. I've runned show version command but cannot find anything related to IPS. Your advice in this matter would be most appreciated. Thanks
Hello,can somebody tell me in a few words what is the diffrence between CBAC and established !From my point of view is practicaly the same thing. Why should I use one and not the other ?Thank U!
Hi All,I am planning on running a Nessus vulnerability scan against our external IP address space. I wanted to know if we need to make any changes to our firewall configuration to permit an effective scan. We have exempted Nessus traffic from being i...
I am in the process of migrating a firewall rule set from a PIX to an ASA and would like to delete entries that have never been used. Is it safe to assume anything with a hitcnt=0 has not been used since last reboot (over 2 years ago..)Thanks
Hi All,we are using ASA 5510 with two WAN links. I was trying to configure IP SLA to setup link redundancy. but with this mechanism, we can't use both link at a time, since ASA doesn't support PBR. Now we want to come up with static route to pass cer...
Hi folks,
I have a Cisco ASA-5505 running 8.2(1), and I'm trying to configure it for remote access VPN
connections using L2TP over IPsec. It completes Phase 1 with no problem. Then it picks up
the correct dynamic crypto-map, but fails to negotiate...
Last night my firewall failover to secondary suddenly and I am still trying to find the root cause. Looking at the log and history, I saw the reason of failover because the "Service card in other unit has failed". Further investigating and the card...
We currently have a set of ASA5520's in resilient failover mode and wish to upgrade them to 5550's. The problem is we would like to have no downtime of the Firewalls.I have an idea of replacing the the Standby first with a 5550 and bringing on line w...
