Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi everyone!Weird problem on a PIX515 with 7.2.4: adding the "route inside 0.0.0.0 0.0.0.0 <gw> tunneled" fails.See below:PIX-1# sh run | inc routeroute outside 0.0.0.0 0.0.0.0 x.x.x.xroute inside InternalNets 255.0.0.0 10.255.x.1 1route inside 192.1...
Hi,Not sure if this belongs in AAA or firewalling. I apologize for the mix-up.Does anyone know if there's a user-friendly (i.e. non-LUA) way of matching a single DAP entry to the following constraint:- match specific connection profile- match one of ...
Hi!We're looking into replacing a customer's existing SSL solution with an ASA-based clientless SSL, but we're coming up against a thorny issue: the customer has different customized portals each tied to a completely separate domain name and certific...
I'm seeing some weird logging behavior on an ASA5550 active/standby pair (Internet facing, running 7.2.4). As you can see from the example below, it is logging a number of denied messages for a normal (allowed by policy) TCP session. Jul 16 2008 09:2...
Hi!Sorry for the simple question, but how can one remotely access the CLI for a failover unit in an ASA pair? If I SSH/Telnet into the address used, I get the primary unit...Thanks!
Hi, I have a separate ASA5520 pair running 8.0.4 that is working fine with that configuration.This particular scenario is another VPN headend, a single PIX515 running 7.2.x (same thing happened with 8.0.x code).
Hi Vikram,I'm doing the same thing in an ASA:route outside 0.0.0.0 0.0.0.0 y.y.y.y 1route inside 10.0.0.0 255.0.0.0 10.5.x.x 1route inside 0.0.0.0 0.0.0.0 10.5.x.x tunneledCould it be a PIX/ASA difference? Something else? Same thing happens with 8.0....
I'm struggling with *EXACTLY* the same issue. Having the connection profile in the RADIUS request would make perfect sense...The best I (and Mike, my contact at Cisco) could come up with so far is to use DAP. From an AUTHENTICATION perspective, all o...
