Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
In an ASA active/standby pair setup that I have, an upstream router seems to be getting ARP requests from both the active and standby ASA. Is that normal? I thought only the active unit would do all the ARP requests and ARP tables get replicated to t...
Hi, I am used the older 8.0.X ASA software, so here's another confusion I have with the new 9.1x code. I unfortunately don't have an ASA 9.1x handy to try out these commands.1. Here below is two different ways of creating the same service object as I...
I have a question on how the NAT0 (nat bypass) statements would look like for an ASA 9.1x code. I am now running 8.0.2. Here is how the relevant parts of the config looks like: (certain information have been modified)interface GigabitEthernet0/0no n...
Hi,I have a few questions on the new 5500-X series ASAs.1. We are planning on using two of these in an active/standby HA pair. Now to manage these, I understand I will need the Prime Security Manager (PRSM). Is this management utility only available ...
thanks. So when I assign an IP to the management interface to manage the CX, do I have to specify an IP for the standby ASA's management interface as well? I have the ASAs in an active/standby config now.Also, how is the CX module's status evaluated ...
Okay great. Thanks yet again.I am normally not in the habit of using the management interfaces of the ASA. But if I understand this right, for managing CX (via ssh, https) I can only use the management interface IP and not any other interface IP, cor...
okay, I finally have the ASA X and have set it up using just the CLI and ASDM without even touching the CX module. All's well But now, I want to check out the CX module, a few questions in that regard:1. How do I begin accessing the CX module initial...
thanks very much for explanation and actually testing it out!I also have a similar question regarding the network object group.Which of these (option-A or option-B) would be a better way of doing it in the 9.1x code? And like in the case the service ...
