07-10-2012 08:16 AM - edited 03-11-2019 04:29 PM
Hi,
Would like to know if the following behaviour is normal with a new setup on an ASA having security+ installed; (or after a reset to factory defaults);
is it normal that we can't access the server on the dmz (remote desktop for example) from the inside(lan) without any access lists or nat rules defined? I thought this was out of the box behaviour.. I am using version 8.4 of the firmware.
thanks.
Solved! Go to Solution.
07-10-2012 11:01 AM
Brendan,
outbound connections should be allowed - determined by security-level of the interfaces.
I'm pretty sure we have not changed this behavior for a while.
What have you seen in logs during testing.
Marcin
07-10-2012 11:01 AM
Brendan,
outbound connections should be allowed - determined by security-level of the interfaces.
I'm pretty sure we have not changed this behavior for a while.
What have you seen in logs during testing.
Marcin
07-10-2012 07:44 PM
Guess what, the router for some reason fell back to version 8.2 of the ASA firmware when I reset it to factory defaults. I really don't understand why it fell back to that version again.
So after upgrading again to 8.4 it now allows me to get to the DMZ as you specified.
Any way to have 8.4 the new permanent firmware that will survive a factory defaults command?
07-10-2012 11:28 PM
You have both images in Flash. When you do not specify which image to load, the ASA picks the first in flash. When you set your ASA to factory default, your "boot image ..." command is gone and the newer image is not loaded any more. If you are sure that you don't want to go back to the old image, then just delete it from flash.
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide