Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Device is a Cisco ASA 5520 running 9.1(4).Will be installing AnyConnect Essentials and AnyConnect for Mobile.Already have a license for AnyConnect Premium Peers (10 Users).Wondering if I can simply install the new AnyConnect Essentials license withou...
In order to allow remote client VPN users the ability to resolve device names while on the remote client VPN (both SSL and IPSec), the default domain has been set and works just fine. The issue being encountered is that we require the ability to reso...
I need to be able to use the 'inside' IP address of an ASA 5510 (v8.2) as the recognized DNS server configured in TCP/IP settings on internal workstations.I understand that the ASA cannot act as a DNS server, but can the "ip dns server" and "ip name-...
We have multiple sites connecting to an MPLS cloud. All sites are running BGP. The two main locations, site A and site B, have an Internet connection. The three branch locations, sites C, D and E, are without their own local Internet connection and a...
Looking for commands to identify any https, ssh, or telnet sessions currently active on a PIX and on an ASA. I would like to know all available information about the current connections, such as the IP address of the connected device, username used f...
PK and Jon, thanks for the attention. I believe the static (inside,inside) rule will be the best solution for this issue.We are replacing an existing firewall that is also capable of acting as a DNS server. Internal users are all configured with stat...
Thanks for the response, Jon.Port forwarding seems like an available option. The only concern I have is that the known DNS server is on the internal network, so the command would have to look more like this. static (inside,inside) udp interface 53 5...
The only reason I can think of for the UDP traffic to go unencrypted is that it no longer meets the criteria for "interesting" traffic. You mentioned that it is also not being translated, which would seem to fit that theory. I would suggest the trans...
Okay, so the layer 3 core switch has an interface VLAN85 (10.1.85.1) and an interface VLAN60 (10.1.60.1). From the core switch you can access both of your switches on both VLANs. Since the switches are directly connected to the core switch, you won't...
