Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am using an ASA 5510 which I have configured for VPN remote access. Currently it has a local address pool assigned to users with additional options in the Group Policy to configure the DNS servers and default domain. I need to configure additional ...
Since setting up our new Cisco ASA I have noticed the following event in the ASDM logs very frequently:Deny UDP reverse path check from 10.0.x.x to 10.0.255.255 on interface outside 10.0.x.x is always an IP on the same subnet as the inside interface ...
I am the network admin at a school district and we recently installed an ASA 5520 to replace our very old PIX (6+ years old). We were not using VPN on the old box because it was not an option but not that we can we'd like to set it up for users to co...
I just installed an AIP-SSM module in our ASA 5520 firewall (protecting a school district). I successfully configured it to scan all traffic sent both directions with the following config:access-list IPS extended permit ip any any class-map ips-clas...
I actually have the same question. I'm using the AnyConnect client to connect to an ASA 5510 via SSL VPN. I can view any internal resources just fine, but whenever I try to access an Internet website I can't get through. I would really prefer to tunn...
I have the same problem. I'm using an ASA 5510 and I have setup a remote access VPN that works successfully using an internal pool. I would like to configure it to use a DHCP server (which resides on the same subnet as the ASA) but when I connect wit...
Thanks for the suggestion. I never did get the IPS working - had to put it on hold when I couldn't figure it out and never got back to it. I'm looking forward to trying this.
Thanks Fernando. I know that's what is happening but due to the high frequency of the errors I thought I may have misconfigured something. I only see that error on 10.0.x.x addresses and only on the outside interface, but I don't see how a 10.0.x.x a...
I think I figured out the problem - I did not add the exempt NAT entry to allow inside hosts to talk directly to VPN clients without NAT. I also did not create an access list for the VPN clients to allow them access to specific hosts. I set those bot...
