Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Last night I put a new ASA5510 in place of my PIX515e. Everything went very well except for VPN connections. We are keeping the legacy VPN client for now and transforming to CLientless SSL in the future. Users can login through VPN and get the NAT...
Hello all. I have the following requirements:Internal network includes 10.1.1.x/2410.1.2.x/2410.1.3.x/2410.1.4.x/24I want to allow only the 10.1.1.x network to do ICMP ping and traceroute to the outside networks such as yahoo etc..Here is part of my...
I have attached my firewall config. I am replacing my Pix515 with a new ASA5510 and Im having some issues.First thing between the Inside to all other interfaces I know that inside can get to any lower Security interface.I am testing ping from DMZ to ...
I am trying to figure out why I would need a NAT pool for local users accessing the DMZ. Currently I am in the mist of migrating from PIX 515e to ASA 5510 and I'm reviewing my configs. I have the following line in my PIX:global (dmz) 10 10.1.4.50-1...
Hello. Users are complaining that their drives are not being mounted with a script that automatically runs as the user logs in. This makes sense since I am using EAP-Fast authentication and the computer does not have an IP address until after the us...
The NAT statements let the traffic to the internal and DMZ networks and to the Internet on PAT. THen I have route statements for the VPN network that route it too. ALl of the routing works fine. The VPN users can do a nslookup and the DNS server r...
This isnt quite the fix but here is what I found out so far. During the setup wizard I created a connection profile called SSLvpn and made changes to that profile. What I come to find out is that the system is actually strictly using the DfltGrpPol...
yea I can ping by IP to all the networks. I added the line. Split-DNS legalplans.com I think it takes a few minutes for the dns to start working to the client. I cant ping within the first minute of connecting but if I stay connected long enough it ...
