Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm upgrading an old (OLD) Cisco PIX to a newer ASA unit. Of course when I migrated the config (via CLI), it didn't like some of the old NAT commands and I had to modify appropriately. I have 2 interfaces configured (inside 100 and outside 0). I h...
Hi all! Hoping one of you can shed some light before I tear out what remains of my hair (not much, but I value it!) Have a Cisco ASA running 9.2. From factory reset did a quick configuration to test since I'm used to the old school PIX units and kn...
@Marius Gunnerud Most of my testing has been with passive. I have tested active a few times as well, though not with the most recent config. I assume passive would be the least problematic as the client initiates both connections.
Thanks. In order to test if FTP inspection was causing a problem, I disabled FTP inspection (no inspect ftp on the global policy)...still FTP can't connect. Same deal...packet-tracer shows no issues (not being blocked by ACL), logging shows TCP con...
BTW - update for @MHM Cisco World and @Flavio Miranda - I now can access http etc from inside -> outside. (Still no luck with FTP). Felt like an idiot when I discovered why nothing at all was going through inside->outside (test PC on inside was mult...
Can you say more about that @Flavio Miranda ? I have the global policy set to inspect FTP (which Cisco shows in their article on setting up FTP access), but nothing else regarding FTP inspection enabled.
Ultimately the ASA (when I get the config sorted out) will have a dozen hosts on the inside interface, but all are servers that will all have static NAT configured, each with a dedicated IP for NAT. I did add the dynamic nat as that article shows jus...
