Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I have a general question for Cisco/anybody who might have used the 'object-group-search' feature and can explain this somewhat vague performance caveat (in red): http://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/I-R/cmdre...
Hello,I have a question about the functionality of the ASA firewall in regards to TCP option handling which I've yet to find any relavant documentation or known bugs for.Consider the following scenario:ASA 5520 - 8.0(4)An HTTP client (outside) is mak...
Greetings,ASA 5505 Security+7.2(3)Situation: server behind an ASA firewall configured with embryonic connection limiting via it's primary static translation. The number for the embryonic connection limiting was set too low, at 50. I say too low becau...
CSS 115018.10.2.05We have a client with a basic layer-4 content rule, no advanced balance/sticky sessions, leastconn. Using Firebug for Firefox, I've tested a website containing several and noticed that there is a noticeable delay (roughly an added ...
I recently setup an ASA5510 with 8.0fw with the AnyConnect SSL VPN Client.Connecting to the SSL VPN works perfectly from all the XP computers that I have tested from. No problems there. However when on Vista, split-tunneling does not seem to function...
Thank you Vibhor, this looks great.Is transactional commit model, when enabled, able to compliment object-group-search? Or are they competing alternatives?I'm speaking more generally as I've got models and software across the spectrum, with max concu...
Perfect, thank you Andrew. This is exactly what I was looking for. We're planning for an upgrade to 8.2(2) however it might take a few weeks to get clearance approval. Will let you know however.Thank you to EVERYONE for your help! -Buck
Thanks KS. I actually came across that bug as well during my searches but it doesn't seem to match in this situation enough to be relevant. I am working on getting captures from the device and can provide them when and if they become available.In the...
There's been several tests conducted, including one where two hosts are next to each other on the same network segment and the options show up just fine. It's only the single network hop that the ASA introduces that changes between a successful test ...
