Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All,I try to play with CPPr and I came with the following to drop all packets to closed ports except RIP:class-map type port-filter match-all closed match closed-portsclass-map type port-filter match-any validPorts match port udp 520policy-map t...
Hi All,i have a 5505 running 8.4, and my ISP is giving me a /64 IPv6 Prefix. Basically, I have a subnet between my ASA and my ISP's box which is my outside, running into a private subnet (192.168.0.0), as most of ISP does.I have my ASA behind, and i'...
Hi all,I have a setup where I implemented remote VPN on my ASA. I came to a situation where I wanted to allow both IPSEC client using cisco VPN client and android phone using L2TP/IPSECWhat is happening is that I want to use PFS for IPSEC clients, bu...
Hi all, I have a problem with my hairpinning setup on ASA 8.4.1I'm using the subnet 10.0.0.0/16 for my network, and I used 10.0.1.0 for VPN.I have the same security-level permit intra-interface.Initially, I made a pool for the whole inside subnet so ...
Hi all, I try to validate the use of set ip access-group in my crypto map, but I might be missing something here, as it's not working.consider a simple network:R2[F1/0]<===>10.0.0.0/24<===>[F1/1]R1[F1/0]<===>192.168.50.0/24<===>VPNCLIENTRouter runnin...
Hi Collin,I already have RIPv2. When I have the log action, I see packets to 224.0.0.9, it's just for some reason if I do not put a log action packets looks droppped.As a workaround I can doclass-map type port-filter match-all closedmatch closed-por...
Oh I just found what I missed, my nat exemption rule was exempting vpn traffic to be natted:nat (any,outside) source static any any destination static RVPN RVPNreplaced bynat (any,outside) source static inside_dmz inside_dmz destination static RVPN R...
