Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have an ASA firewall (IOS 8.2) on which I am trying to configure an additional NAT'ed interface off the management port. Frowned upon, I know, but I have removed the management-only option, and I know this can and has worked in other environments i...
I have an ASA5520 (8.2 version of firmware) whose physical ports are all taken. I want to add a subinterface, but I believe I have set it up incorrectly:interface GigabitEthernet0/0description Ethernet to 2800 router (internet gateway)speed 1000duple...
Sorry about that- somehow I missed that line in the "scrubbing." It is in the configs though- I verified it. It is most certainly a trunk port to which the firewall is conected (Cisco 4507), but I don't recall if the native VLAN is 60.I know about t...
Update: I returned to work the next day and added ICMP to the inpect policy. No ICMP packets returned. I did find something interesting- in a test to a server my buddy hosts, I attempted several RDP connections, and asked him to check his logs. HE SA...
I did forget to mention that the 227 and 246.0/23 are routable IP's. That's why I was thinking those configs aren't doing anything. I can probably cut these 3 statements out:nat (admin) 2 x.x.227.0 255.255.255.0nat (admin) 3 x.x.246.0 255.255.254.0n...
I definitely double-checked that one Jennifer. Thanks for your replies by the way. The exemption definitely does not include the scope or traffic I do want NAT'ed.
